RÃ©sultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
ExÃ©cutÃ© par User (administrateur) sur PC-LENOVO-STÃPH (LENOVO ChiefRiver Platform) (29-08-2023 19:32:34)
ExÃ©cutÃ© depuis C:\Users\User\Desktop\FRST64.exe
Profils chargÃ©s: User
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: FranÃ§ais (France)
Navigateur par dÃ©faut: FF
Mode d'amorÃ§age: Normal

==================== Processus (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le processus sera arrÃªtÃ©. Le fichier ne sera pas dÃ©placÃ©.)

(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Open-Shell) [Fichier non signÃ©] C:\Program Files\Open-Shell\StartMenu.exe
(Proton Technologies AG -> ) C:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.exe
(services.exe ->) (Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (IntelÂ® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (Proton Technologies AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.1.0\ProtonVPNService.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TomTom International BV -> TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Impossible d'accÃ©der au processus -> csrss.exe
Impossible d'accÃ©der au processus -> csrss.exe
Impossible d'accÃ©der au processus -> dasHost.exe
Impossible d'accÃ©der au processus -> dllhost.exe
Impossible d'accÃ©der au processus -> dwm.exe
Impossible d'accÃ©der au processus -> fontdrvhost.exe
Impossible d'accÃ©der au processus -> fontdrvhost.exe
Impossible d'accÃ©der au processus -> WmiPrvSE.exe
Impossible d'accÃ©der au processus -> WUDFHost.exe

==================== Registre (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, l'Ã©lÃ©ment de Registre sera restaurÃ© Ã  la valeur par dÃ©faut ou supprimÃ©. Le fichier ne sera pas dÃ©placÃ©.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [366720 2012-06-26] (AlcorMicro, Corp. -> Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-06-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Open-Shell Start Menu] => C:\Program Files\Open-Shell\StartMenu.exe [226816 2022-05-12] (Open-Shell) [Fichier non signÃ©]
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508256 2020-08-12] (Dolby Laboratories, Inc. -> Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (IntelÂ® Services Manager -> Intel Corporation)
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [] => [X]
HKU\S-1-5-21-2571112955-4239876419-1220594018-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [12277144 2023-08-03] (Proton Technologies AG -> ProtonVPN)
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\WINDOWS\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\Lenovo\Bluetooth Software\BtwCP.dll [2012-07-30] (Broadcom Corporation -> Broadcom Corporation.)

==================== TÃ¢ches planifiÃ©es (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

Task: {C47B3952-D67F-4038-86B2-DA7C38A8834C} - System32\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {B520E0C3-2FF7-4888-AA5B-1A636470C2D6} - System32\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001 => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-25] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {136AF4ED-480D-46A8-B768-C444145B85AB} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2571112955-4239876419-1220594018-1001 => "C:\Users\User\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe"  (Pas de fichier)
Task: {00F5F5FE-4D3B-4260-BBC1-5973E62793F6} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe  UpdateStatus (Pas de fichier)
Task: {8E46A010-CC59-4100-B7D0-C4B3C857597D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe  /show (Pas de fichier)
Task: {101F76CF-E02F-4AE8-88FD-1BF7F9443C8F} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe"  -diag HWScan (Pas de fichier)
Task: {32D3AD1C-BE49-477C-B77B-F912139648DB} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe  -diag HWScan (Pas de fichier)
Task: {4ABB74D7-506D-4167-A20E-5ADFD6C9A3F2} - System32\Tasks\Lenovo\LSC\RebootCountTask => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe"  -rebootcount (Pas de fichier)
Task: {660A8F2D-92BE-423C-978A-F8B46BFD852A} - System32\Tasks\Lenovo\LSC\Time72Task => "C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe"  -canupdate (Pas de fichier)
Task: {8C0EA934-3553-4B9B-B494-1AD839647B55} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616800 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {D563AA83-68F0-4BF8-8539-3A30A1382031} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26616800 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {23C33F68-C094-4D05-BA25-262C3ADED4B9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124264 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {FBABD41C-9640-4882-958D-D8EB3FC4E832} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124264 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {EE5F6402-16FA-4D04-A779-99F695A76263} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [896408 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9DCF59E-6B97-4C0C-8641-B8261089C8CA} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {A3DF0BD7-5AEC-4F4F-8F2C-778AD6816398} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe [71680 2021-01-15] (Microsoft Windows -> Microsoft Corporation) -> C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {069E56F4-AF16-4353-B941-2A73ED765400} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {094CD275-5C71-4753-B57E-5566CA859498} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {DB21EF32-6BA9-4118-BBC1-BC4FF48961E5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {8B6759EE-1C08-4B8F-955C-774AB5A6544E} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {0F6DBBD1-1FA5-490B-A482-1F43FCC689E6} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {7EB051F8-8EBE-45B9-92D0-23F26503DA6D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {32196F3C-E890-4AB0-8957-99EAB1FD83A1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71CB3E27-974E-4FE9-8B29-C9709D48B54D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BFF868F8-66C7-4B35-A6F3-3005A96E8D6F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe  join (Pas de fichier)
Task: {76DA94C1-978B-4A68-9AAF-79C949324411} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [687008 2023-08-17] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {DD1707CC-F96D-4236-A9AA-64FEC836A862} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {FB1460CC-8BF0-4947-977C-EE4C001D0B76} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 ] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {FED2C404-8325-4430-9A7F-FF2D333CE2B5} - System32\Tasks\TVT\TVSUUpdateTask => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"  /CM -search R -action INSTALL -includerebootpackages 1,3,4,5 -noicon -noreboot -nolicense -defaultupdate -schtask (Pas de fichier)
Task: {EDDA08E2-A324-49AE-82C8-B7DBC1AE43CF} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => "C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe"  PendingTask (Pas de fichier)

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier tÃ¢che (.job) sera dÃ©placÃ©. Le fichier exÃ©cutÃ© par la tÃ¢che ne sera pas dÃ©placÃ©.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2571112955-4239876419-1220594018-1001.job => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2571112955-4239876419-1220594018-1001.job => C:\Users\User\AppData\Local\GoToMeeting\19950\g2mupload.exe

==================== Internet (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, s'il s'agit d'un Ã©lÃ©ment du Registre, il sera supprimÃ© ou restaurÃ© Ã  la valeur par dÃ©faut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{07e5b248-3456-42d9-b3f1-1681055429eb}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{cdd9aa6a-c17f-4a9e-b56f-63ed7ea59cec}: [DhcpNameServer] 192.168.0.254

Edge: 
=======
DownloadDir: C:\Users\User\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-06]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-08-01]
Edge Extension: (Edge relevant text changes) - C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-07-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: sdcf5m94.default-1449679278495-1622248414203
FF DefaultProfile: bjcbl64y.default
FF ProfilePath: C:\Users\User\AppData\Roaming\TomTom\HOME\Profiles\2xvvmal5.default [2019-07-16]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2019-07-16] [] [non signÃ©]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 [2023-08-29]
FF Homepage: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 ->  hxxps://www.google.fr/
FF Session Restore: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> est activÃ©.
FF Notifications: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> hxxps://www.gametwist.com; hxxps://odysee.com; hxxps://www.piecesauto.fr; hxxps://twitter.com
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: jid1-MnnxcxisBPnSXQ@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203 -> Enabled: uBlock0@raymondhill.net
FF Extension: (Bookmark search plus 2) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\bookmarksearchplus2@aafn.org.xpi [2023-05-12]
FF Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\firefox@online-convert.com.xpi [2021-05-29]
FF Extension: (I don't care about cookies) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2023-08-12]
FF Extension: (Privacy Badger) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-06-28]
FF Extension: (AdBlock â le meilleur bloqueur de pubs) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2023-03-06]
FF Extension: (uBlock Origin) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\uBlock0@raymondhill.net.xpi [2023-07-26]
FF Extension: (Reverse Image Search) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{0da2e603-21ba-4422-8049-b6d9e013ed84}.xpi [2023-02-22]
FF Extension: (Tab Suspender) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{29780561-0607-49f3-aba9-fb8806d2f22d}.xpi [2021-05-29]
FF Extension: (Privacy Pass) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{48748554-4c01-49e8-94af-79662bf34d50}.xpi [2023-02-16]
FF Extension: (New Tab Homepage) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2021-05-29]
FF Extension: (Flash and Video Download) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2021-05-29]
FF Extension: (Video DownloadHelper) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2023-08-25]
FF Extension: (Auto Tab Discard) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{c2c003ee-bd69-42a2-b0e9-6f34222cb046}.xpi [2022-12-20]
FF Extension: (Adblock Plus - bloqueur de publicitÃ©s gratuit) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sdcf5m94.default-1449679278495-1622248414203\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2023-06-21]
FF ProfilePath: C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default [2023-02-03]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF NewTab: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> hxxps://www.google.com/
FF Session Restore: Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default -> est activÃ©.
FF Extension: (FranÃ§ais (FR) Language Pack) - C:\Users\User\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\bjcbl64y.default\Extensions\langpack-fr@palemoon.org.xpi [2022-06-15] [] [non signÃ©]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-13] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11851232 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [82216 2020-07-03] (Mixbyte Inc -> Freemake)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-08-29] (Malwarebytes Inc. -> Malwarebytes)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.1.0\ProtonVPNService.exe [472168 2023-08-03] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.1.0\ProtonVPN.WireGuardService.exe [471656 2023-08-03] (Proton Technologies AG -> ProtonVPN)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-10] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [136760 2019-05-07] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-08-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-02-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.1.0\Resources\ProtonVPN.CalloutDriver.sys [34176 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2016-12-06] (AnchorFree Inc -> Anchorfree Inc.)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2020-12-30] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24064 2019-12-07] (Microsoft Corporation) [Fichier non signÃ©]
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [648872 2015-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-10] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2023-07-15] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-04-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)

==================== NetSvcs (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)


==================== Un mois (crÃ©Ã©s) (Avec liste blanche) =========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2023-08-29 18:58 - 2023-08-29 19:31 - 000042964 _____ C:\Users\User\Desktop\Addition.txt
2023-08-29 18:43 - 2023-08-29 19:37 - 000025653 _____ C:\Users\User\Desktop\FRST.txt
2023-08-29 18:40 - 2023-08-29 19:35 - 000000000 ____D C:\FRST
2023-08-29 18:32 - 2023-08-29 18:32 - 000386380 _____ C:\Users\User\Desktop\ZHPDiag.html
2023-08-29 18:32 - 2023-08-29 18:32 - 000312737 _____ C:\Users\User\Desktop\ZHPDiag.txt
2023-08-29 16:59 - 2023-08-29 16:59 - 002382336 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2023-08-29 16:40 - 2023-08-29 16:40 - 003511456 _____ (Nicolas Coolman) C:\Users\User\Desktop\ZHPSuite.exe
2023-08-29 16:40 - 2023-08-29 16:40 - 000000000 ____D C:\Users\User\AppData\Local\ZHP
2023-08-29 15:01 - 2023-08-29 15:02 - 000000000 ____D C:\Users\User\AppData\Local\Malwarebytes
2023-08-29 15:00 - 2023-08-29 15:00 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-17 14:37 - 2023-08-18 15:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-08-09 15:24 - 2023-08-09 15:24 - 000000000 ___HD C:\$WinREAgent

==================== Un mois (modifiÃ©s) ==================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2023-08-29 19:32 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-29 19:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-29 18:32 - 2018-05-01 01:55 - 000000000 ____D C:\Users\User\AppData\Roaming\ZHP
2023-08-29 17:06 - 2018-06-20 01:47 - 000000000 ____D C:\Users\User\Documents\DÃ©sinfection
2023-08-29 16:34 - 2021-06-05 00:47 - 000000000 ____D C:\Users\User\AppData\Local\OpenShell
2023-08-29 15:00 - 2023-02-05 19:13 - 000222272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2023-08-29 15:00 - 2023-02-05 19:13 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-29 14:59 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-29 14:54 - 2017-10-22 17:01 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-29 14:20 - 2022-02-10 11:08 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-29 14:14 - 2020-08-12 23:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-29 14:14 - 2020-08-12 23:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-29 14:13 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-08-29 03:54 - 2020-08-12 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-28 21:23 - 2021-12-13 14:19 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-08-28 21:23 - 2020-08-12 23:45 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2571112955-4239876419-1220594018-1001
2023-08-28 21:23 - 2020-08-12 23:09 - 000002475 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-27 02:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-27 02:46 - 2020-06-22 02:40 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-27 02:46 - 2020-06-22 02:40 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-18 15:14 - 2015-10-23 16:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-18 10:36 - 2015-10-23 16:34 - 000001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-16 12:09 - 2023-07-08 22:17 - 000000992 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2023-08-16 12:09 - 2023-07-08 22:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2023-08-13 13:56 - 2017-02-04 04:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-11 12:43 - 2020-08-12 23:28 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-11 12:43 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-11 12:43 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-11 12:35 - 2021-06-10 04:46 - 000466872 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-11 00:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-10 17:34 - 2018-05-29 21:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-09 18:50 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-09 18:08 - 2020-08-12 23:10 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 01:30 - 2015-10-24 04:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 01:17 - 2015-10-24 04:06 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Fichiers Ã  la racine de certains dossiers ========

2015-10-19 11:31 - 2015-10-19 11:36 - 000000070 _____ () C:\Program Files\smaple.txt
2019-10-02 17:17 - 2020-12-29 08:55 - 000002210 _____ () C:\Users\User\AppData\Roaming\downloads.json

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas Ã  la vÃ©rification.)

==================== Fin de FRST.txt ========================