Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2023 Exécuté par Michel (administrateur) sur MONPC (Hewlett-Packard 110-215ef) (03-06-2023 08:29:39) Exécuté depuis C:\Users\Michel\Desktop\FRST64.exe Profils chargés: Michel Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.2965 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (explorer.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13> (explorer.exe ->) (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\Michel\AppData\Local\Microsoft\OneDrive\23.101.0514.0001\Microsoft.SharePoint.exe (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe (services.exe ->) () [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe (services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (Softex Inc.) [Fichier non signé] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe (services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2320.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [154680 2013-09-05] (Softex Incorporated -> Hewlett-Packard) HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-21-2429626781-2298431417-3748343311-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.) HKU\S-1-5-21-2429626781-2298431417-3748343311-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [40454048 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-2429626781-2298431417-3748343311-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Michel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2429626781-2298431417-3748343311-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Michel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier) HKU\S-1-5-21-2429626781-2298431417-3748343311-1001\...\RunOnce: [Uninstall 23.096.0507.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Michel\AppData\Local\Microsoft\OneDrive\23.096.0507.0001" (Pas de fichier) HKLM\...\Windows x64\Print Processors\Canon MG3500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBV.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: C:\WINDOWS\system32\CNMLMBV.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series XPS: C:\WINDOWS\system32\CNMXLMBV.DLL [394240 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [404992 2013-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) HKLM\Software\...\AppCompatFlags\Custom\wmplayer.exe: [{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb] -> Windows Media Player 64-bit Plug-in Fix HKLM\Software\...\AppCompatFlags\InstalledSDB\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{00a8ce68-cb2e-4652-aecd-c05c0d9d53a7}.sdb [2011-12-11] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\114.0.5735.90\Installer\chrmstp.exe [2023-06-02] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-09-05] (Softex Inc..) [Fichier non signé] HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2013-09-05] (Softex Inc..) [Fichier non signé] ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {06AF8A13-209B-42A8-BDB9-B5E6F438ADB1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {06B63CDC-D83D-4F17-A86C-E3C645A05F0D} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {075A0E7E-93F4-48E1-B985-7D178B9C9322} - System32\Tasks\{EA30FECB-B465-4EF7-B671-97B9738ECD8E} => c:\program files (x86)\google\chrome\application\chrome.exe [3231512 2023-05-27] (Google LLC -> Google LLC) -> hxxp://ui.skype.com/ui/0/6.22.0.107/fr/abandoninstall?page=tsMain Task: {09C6B9CD-6494-4E7C-BC99-BAA22102BBD8} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "929a8a9b-4bdd-49fd-9ca7-b4eeb5737eaa" --version "6.12.10490" --silent Task: {0B2759F4-7C93-4562-97A1-749B5CA3C272} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier) Task: {25C9AE58-7885-4795-B552-BE9349F7F2CF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (Pas de fichier) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe join (Pas de fichier) Task: {3E5FB240-7E8A-457C-B5D3-7AE0AFFEEFD9} - System32\Tasks\{B3AE94A6-8751-4EFF-80A6-509329D2C57E} => c:\program files (x86)\google\chrome\application\chrome.exe [3231512 2023-05-27] (Google LLC -> Google LLC) -> hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.14.0.104&LastError=404 Task: {44C82B96-EE64-4DD5-A008-76BB474AD072} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {45B8016F-9B97-4800-94B8-3DAFAE661893} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier) Task: {4757992D-24F0-43F4-8E4F-4FF1D9F6691C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (Pas de fichier) Task: {48C655E2-5437-4EF6-9A34-7A8C4312917B} - System32\Tasks\{0AE4E7C2-E4F4-48D9-A686-2FDF2E502C08} => c:\program files\internet explorer\iexplore.exe [834512 2022-03-11] (Microsoft Corporation -> Microsoft Corporation) -> hxxp://ui.skype.com/ui/0/7.8.0.102/fr/abandoninstall?page=tsPlugin Task: {49DE5A9E-26B0-4D17-A557-96B919BE562A} - System32\Tasks\CCleanerSkipUAC - Michel => C:\Program Files\CCleaner\CCleaner.exe [34264480 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {56AC2D31-5824-4015-9A3F-0406DC451295} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier) Task: {5E0F3CE5-148E-4E28-BCE9-87D30F83A1DF} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier) Task: {687FF551-1698-4833-9EDD-9E40BC61C1F9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {7A94870C-CAB9-4652-8ABF-A56FB76AE4CA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {8FD29476-43A3-45AA-9FB1-81E64BBEE435} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5254336 2023-05-12] (Microsoft Windows -> Microsoft Corporation) Task: {9E63822F-CAB0-4C15-8C9C-518F92DEC4E6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Pas de fichier) Task: {B0E1843A-5768-4186-A1F7-35E1A1B213AE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {BDF68598-6A3B-419A-83A0-F107310188F2} - System32\Tasks\{4F933184-4CA4-4306-991C-08C0CB8C6906} => C:\WINDOWS\system32\pcalua.exe [53760 2023-04-14] (Microsoft Windows -> Microsoft Corporation) -> -a C:\Users\Michel\Documents\Setup_FreeConverter.exe -d C:\Users\Michel\Documents Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {E0772AE8-88D2-4F6E-9A5C-1AB8556A6FF2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {E771EB4C-5765-46D9-8E19-FD508310A358} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{d04a074c-0393-420e-9ff5-49ada0f2808c}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{faa6612f-40fb-4836-a8cd-e73f937aea28}: [DhcpNameServer] 192.168.50.1 Edge: ======= DownloadDir: C:\Users\Michel\Downloads Edge Notifications: HKU\S-1-5-21-2429626781-2298431417-3748343311-1001 -> hxxps://www.wondershare.net; hxxps://www.cnetfrance.fr Edge DefaultProfile: Default Edge Profile: C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default [2023-06-03] Edge HomePage: Default -> hxxp://www.google.com/ Edge StartupUrls: Default -> "hxxp://www.google.com/" Edge Extension: (Blur.live Ultimate) - C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bfkfcpaiggoahgkdmakiaeiogebpcdbk [2023-05-13] Edge Extension: (Avast Online Security & Privacy) - C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2022-11-22] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-05-24] Edge Extension: (Edge relevant text changes) - C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-05-13] Edge Extension: (uBlock Origin) - C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-05-13] Edge Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\Michel\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2022-09-16] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-05-04] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default [2023-06-03] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-06-01] CHR Profile: C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-06-01] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc. -> Apple Inc.) R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-09-05] () [Fichier non signé] S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1063840 2023-05-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [398792 2019-02-28] (Canon Inc. -> ) S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9246536 2023-05-21] (Malwarebytes Inc. -> Malwarebytes) R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé] R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-09-05] (Softex Inc.) [Fichier non signé] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16468792 2022-11-24] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\NisSrv.exe [3216064 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2304.8-0\MsMpEng.exe [133544 2023-05-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.233\WsAppService.exe [493792 2017-11-07] (Wondershare Technology Co.,Ltd -> Wondershare) R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare) S2 PandaAgent; "C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project) S3 aswWintun; C:\WINDOWS\System32\drivers\aswWintun.sys [37104 2022-05-30] (Avast Software s.r.o. -> WireGuard LLC) R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2020-07-07] (IObit Information Technology -> IObit) S3 IMFEFSFileControl; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\IMFEFSFileControl.sys [40824 2020-07-07] (IObit Information Technology -> IObit) S3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2020-07-07] (IObit Information Technology -> IObit) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198584 2023-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77752 2023-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-06-02] (Malwarebytes Inc. -> Malwarebytes) S3 vmulti; C:\WINDOWS\System32\drivers\vmulti.sys [19600 2023-03-04] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49616 2023-05-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [498944 2023-05-03] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-05-03] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-06-03 08:29 - 2023-06-03 08:31 - 000025934 _____ C:\Users\Michel\Desktop\FRST.txt 2023-06-03 08:27 - 2023-06-03 08:27 - 000003362 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2429626781-2298431417-3748343311-1001 2023-06-03 08:27 - 2023-06-03 08:27 - 000002467 _____ C:\Users\Michel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2023-06-02 15:59 - 2023-06-02 15:59 - 006969656 _____ (VS Revo Group ) C:\Users\Michel\Downloads\revosetup.exe 2023-06-02 15:51 - 2023-06-02 15:51 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2023-06-01 10:42 - 2023-06-02 15:31 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-06-01 10:42 - 2023-06-01 10:42 - 000003476 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-06-01 04:49 - 2023-06-01 04:52 - 002383360 _____ (Farbar) C:\Users\Michel\Desktop\FRST64.exe 2023-06-01 04:32 - 2023-06-03 08:31 - 000000000 ____D C:\FRST 2023-05-30 16:13 - 2023-05-30 16:13 - 000000000 ___SD C:\Users\Michel\Documents\Mes sources de données 2023-05-19 09:18 - 2023-05-19 09:18 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-05-19 05:42 - 2023-05-29 05:42 - 000000000 ____D C:\Users\Michel\Documents\EN DORDOGNE 2023-05-13 07:25 - 2023-06-03 08:25 - 000000000 ____D C:\Users\Michel\AppData\Local\Malwarebytes 2023-05-12 16:34 - 2023-05-12 16:34 - 000000000 ___HD C:\$WinREAgent 2023-05-11 06:59 - 2023-05-11 06:59 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2023-05-11 06:59 - 2023-05-11 06:59 - 000002082 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2023-05-11 06:59 - 2023-05-11 06:59 - 000002070 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-06-03 08:30 - 2022-12-07 18:15 - 000000000 ____D C:\Program Files\TeamViewer 2023-06-03 08:27 - 2021-12-14 07:07 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2429626781-2298431417-3748343311-1001 2023-06-03 08:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-06-03 08:25 - 2023-01-01 10:37 - 000000000 ____D C:\Program Files\CCleaner 2023-06-03 08:25 - 2014-06-23 11:55 - 000000000 ____D C:\Program Files (x86)\Google 2023-06-03 08:24 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-06-03 08:22 - 2014-11-06 17:48 - 000000000 __SHD C:\Users\Michel\IntelGraphicsProfiles 2023-06-02 15:51 - 2022-12-06 20:02 - 000000000 ____D C:\Users\Michel\AppData\LocalLow\IGDump 2023-06-02 15:50 - 2020-10-07 07:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-06-02 15:50 - 2020-10-07 07:01 - 000008192 ___SH C:\DumpStack.log.tmp 2023-06-02 15:50 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2023-06-02 15:01 - 2022-12-07 16:37 - 000000000 ___RD C:\Users\Michel\Documents\A BANQUE 2023-06-02 14:55 - 2020-10-07 07:25 - 000004160 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{A333FFCD-B8AE-4EE5-950C-8D9C1C344831} 2023-06-02 14:55 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-06-02 06:23 - 2014-06-24 07:14 - 000000000 ____D C:\Users\Michel\AppData\Roaming\Microsoft\Excel 2023-06-02 05:16 - 2021-12-18 09:05 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-06-01 17:31 - 2022-12-07 16:37 - 000000000 ___RD C:\Users\Michel\Documents\A COMPTEURS chauffage eau chaude et froide EDF 2023-06-01 14:38 - 2022-12-08 04:54 - 000001596 _____ C:\Users\Michel\Desktop\adwcleaner.exe.lnk 2023-06-01 10:52 - 2020-01-03 06:45 - 000000000 ___RD C:\Users\Michel\Documents\COURRIERS FACTURES CONTRATS 2023-06-01 10:36 - 2014-06-29 18:19 - 000000000 ____D C:\Users\Michel\AppData\LocalLow\Temp 2023-06-01 06:00 - 2022-12-11 10:32 - 000000000 ____D C:\AdwCleaner 2023-06-01 05:50 - 2023-04-25 03:32 - 000000000 ____D C:\Users\Michel\Documents\1 Deces Monique 2023-06-01 04:26 - 2020-01-03 06:45 - 000000000 ___RD C:\Users\Michel\Documents\FOURTOUTet adresses 2023-06-01 04:22 - 2018-03-05 12:56 - 000000000 ____D C:\ProgramData\CanonIJPLM 2023-05-31 12:01 - 2021-06-17 07:16 - 000002788 _____ C:\Users\Michel\Desktop\ViaMichelin.lnk 2023-05-29 05:21 - 2020-07-06 09:24 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-05-25 04:14 - 2020-05-26 05:40 - 000000000 ____D C:\Users\Michel\AppData\Local\CrashDumps 2023-05-23 16:29 - 2017-02-24 07:00 - 000000000 ____D C:\Users\Michel\AppData\Roaming\vlc 2023-05-21 06:20 - 2020-10-07 07:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-05-19 04:46 - 2020-10-07 07:25 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2023-05-19 04:46 - 2020-10-07 07:25 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2023-05-16 06:41 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2023-05-15 06:47 - 2014-06-24 07:18 - 000000000 ____D C:\Users\Michel\AppData\Roaming\Microsoft\Word 2023-05-13 10:32 - 2014-06-24 07:14 - 000000000 ____D C:\Users\Michel\AppData\Roaming\Microsoft\Office 2023-05-13 07:09 - 2020-10-07 07:25 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2023-05-13 07:09 - 2020-10-07 07:25 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2023-05-13 06:28 - 2020-08-14 10:08 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-05-13 06:22 - 2020-10-07 07:18 - 001923902 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-05-13 06:22 - 2019-12-07 16:49 - 000831776 _____ C:\WINDOWS\system32\perfh00C.dat 2023-05-13 06:22 - 2019-12-07 16:49 - 000167542 _____ C:\WINDOWS\system32\perfc00C.dat 2023-05-12 17:44 - 2020-10-07 07:01 - 000512296 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-05-12 17:42 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2023-05-12 17:42 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\fr 2023-05-12 17:42 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-05-12 17:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2023-05-12 17:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-05-12 17:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-05-12 17:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2023-05-12 17:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-05-12 17:42 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-05-12 17:04 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-05-12 16:55 - 2020-10-07 07:05 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2023-05-12 06:46 - 2014-06-24 14:28 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-05-12 06:41 - 2014-06-24 14:28 - 159583304 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-05-10 10:53 - 2018-04-19 07:31 - 000000000 ____D C:\Users\Michel\AppData\Local\PlaceholderTileLogoFolder 2023-05-10 10:53 - 2018-01-29 13:43 - 000000000 ____D C:\Users\Michel\AppData\Local\Packages 2023-05-09 06:23 - 2022-10-16 06:32 - 000000000 ___RD C:\Users\Michel\Documents\FIN DE VIE 2023-05-07 10:13 - 2020-01-03 06:47 - 000000000 ___RD C:\Users\Michel\Documents\SANTE Michel ==================== Fichiers à la racine de certains dossiers ======== 2017-04-30 05:44 - 2017-04-30 05:44 - 007649280 _____ () C:\Program Files (x86)\GUT534F.tmp 2016-09-27 05:53 - 2016-09-27 06:05 - 000000115 _____ () C:\Users\Michel\AppData\Roaming\LogFile.txt 2019-12-01 07:53 - 2019-12-01 08:06 - 000393487 _____ () C:\Users\Michel\AppData\Roaming\VideoPad.dmp 2019-10-28 16:54 - 2019-11-27 14:39 - 000000716 ____H () C:\Users\Michel\AppData\Roaming\{5147E757-89BD-661D-15ED-6D0B8D8C1DDB} 2018-05-02 09:06 - 2018-05-14 05:58 - 000004096 ____H () C:\Users\Michel\AppData\Local\keyfile3.drm 2017-06-12 10:10 - 2017-06-12 10:10 - 000000017 _____ () C:\Users\Michel\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================