Posté le 12 novembre
Télécharger | Reposter | Largeur fixe

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Exécuté par sallab (administrateur) sur DESKTOP-SFJREFL (ASUSTeK COMPUTER INC. X555LAB) (11-11-2023 16:51:26)
Exécuté depuis C:\Users\sallab\Downloads\FRST64.exe
Profils chargés: sallab
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3570 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe ->) (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Google\Update\Install\{ECAE9844-922E-4D3D-9DA9-29052E53F06A}\119.0.6045.124_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{ECAE9844-922E-4D3D-9DA9-29052E53F06A}\CR_69C16.tmp\setup.exe <2>
(C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0148DF3B-0751-401B-BD3B-424F50CA5BF8}\MicrosoftEdge_X64_119.0.2151.58_119.0.2151.44.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0148DF3B-0751-401B-BD3B-424F50CA5BF8}\EDGEMITMP_BD961.tmp\setup.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3634_none_7df7259c7c9ebb58\TiWorker.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <13>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{ECAE9844-922E-4D3D-9DA9-29052E53F06A}\119.0.6045.124_chrome_installer.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\Install\{0148DF3B-0751-401B-BD3B-424F50CA5BF8}\MicrosoftEdge_X64_119.0.2151.58_119.0.2151.44.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\ElevationService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGiftBoxDesktop.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
(services.exe ->) (wondershare) [Fichier non signé] C:\Program Files (x86)\Wondershare\drfone\WsidService.exe
(services.exe ->) (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3634_none_7df7259c7c9ebb58\TiWorker.exe <2>
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(svchost.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.15.587\ASUSWSLoader.exe [63968 2017-04-25] (ASUS Cloud Corporation -> ASUS Cloud Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2017-04-19] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11561184 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2020-09-08] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\sallab\AppData\Local\Microsoft\Teams\Update.exe [2453704 2021-06-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-05] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2589712 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\Run: [MicrosoftEdgeAutoLaunch_9BAEF2F0D77075BEC38646D438BA39BF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3891768 2023-11-02] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe -os-restarted --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb (l'élément de données a 86 caractères en plus). [608672 2023-10-02] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-21-1684120116-1028836215-45182466-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe -os-restarted --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb (l'élément de données a 86 caractères en plus). [608672 2023-10-02] (Mozilla Corporation -> Mozilla Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\83.0.2.0\GoogleDriveFS.exe [57620256 2023-11-05] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON Stylus DX5000 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBVE.DLL [124928 2006-04-05] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP C911 Status Monitor: C:\WINDOWS\system32\hpinkstsC911LM.dll [333344 2013-04-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-02-11] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\118.0.5993.120\Installer\chrmstp.exe [2023-11-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAndroidAppHelper.lnk [2021-06-25]
ShortcutTarget: WSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WSAppHelper.lnk [2021-06-25]
ShortcutTarget: WSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\drfone\Addins\SocialApps\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\Users\sallab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Officejet 2620 series.lnk [2017-04-06]
ShortcutAndArgument: Alertes de surveillance de l'encre - HP Officejet 2620 series.lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Officejet 2620 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN48I4G0WN0600;CONNECTION=USB;MONITOR=1;

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0CFD6F76-E2E3-4885-9EFF-DF8B4FCEFB5E} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18400 2017-04-11] (ASUSTeK Computer Inc. -> AsusTek)
Task: {6AA13671-657F-496F-A8A2-D9956D1064E1} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [62536 2015-06-09] (ASUSTeK Computer Inc. -> ASUS)
Task: {CB558A8A-5BC1-4C27-8270-1A2ACCDA9C40} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19782224 2015-05-25] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1618080 2015-05-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé]
Task: {DDD89553-B64F-4D27-BA05-8F24FD76442A} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {05C7C685-ED28-42EA-9DFD-73359AF78493} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [122168 2015-03-10] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {0AB54111-D2DA-4D22-A153-DA18FA7E6B16} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5329808 2023-11-05] (Microsoft Windows -> Microsoft Corporation)
Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [505200 2015-05-29] (Dropbox, Inc -> )
Task: {DAED3A8C-C5CC-4966-906B-54C94DE123B6} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C9F4BA24-68E2-4281-A003-E5E647C1A31C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {4ED9463A-5FC8-495C-A637-78D2A96B4C98} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-30] (Google Inc -> Google Inc.)
Task: {6164458D-AFD4-41B8-A788-3BD7FE0208BE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-07-30] (Google Inc -> Google Inc.)
Task: {EBBE0FBF-7FF4-41C2-8950-C0B8BBF03084} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {47956CB3-BC2A-4157-BA0B-6E9D41C41782} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe /send (Pas de fichier)
Task: {5A768B48-0984-4DE4-9A07-7811A6606DF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /u (Pas de fichier)
Task: {E43E2EA2-C7C0-4066-BB1C-4FF9DB3E3D56} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
Task: {5D913510-B0D9-459A-B8B3-207418FEDC37} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {7918E92D-31E3-4E69-AB45-677A3FAF5BEC} - System32\Tasks\Hewlett-Packard\HP Web Products Detection => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPWPD.exe /Register (Pas de fichier)
Task: {158C04EC-D3BA-4BB6-A7FD-85C393ADF8BB} - System32\Tasks\Hewlett-Packard\HPDeviceCheck => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPDeviceCheck.exe /Register (Pas de fichier)
Task: {D6BD121A-D112-4347-AA6F-156150AA8660} - System32\Tasks\HPPSDrTelemetryWatch => C:\Program Files (x86)\HP\Diagnostics\TelemetryWatch\PSDrTelemetryWatch.exe (Pas de fichier)
Task: {09330369-129D-40E8-8745-43389BA8B156} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {601C799C-33E8-4717-B81A-079D8C5F3487} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {36CED77F-73D6-4B89-A0D7-A84D6980E961} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305088 2023-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {ECF36D6A-FF93-456E-B0A4-1CD499EAE3C0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [305088 2023-11-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {80BDC938-B5ED-4218-B53C-3A0CC5EE6D7C} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169656 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0F2A287-793F-45D6-9119-0BB02175E6E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B41EB3CA-1654-453E-A27A-761BB2497225} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6D540810-59E0-4AB5-9B84-2D6FEAFAB757} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {01224CD0-F103-4933-8B42-2FEDA44CC3D6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7805CCC0-F7D9-4E0E-8723-37EBD9FB1776} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [608672 2023-10-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {3B1B6828-81C6-494D-9D1C-1CE06DA0320C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677792 2023-10-02] (Mozilla Corporation -> Mozilla Foundation)
Task: {63C4E43A-03A4-40BA-A97C-7DCC520459C0} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {B6EF5D0B-1802-4D42-9B45-578E22996CFC} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1684120116-1028836215-45182466-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130848 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {28F8649C-2651-473C-AD54-9A05B4C1C1F6} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411856 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {85859684-E68D-4223-B87D-8E20090A0889} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16174352 2015-11-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {38D9B93A-4391-4FC3-B391-17F971312188} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{169f64f9-2fcf-44d2-bd98-3fe9e62ebb6f}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{54f47447-3a9c-49bb-933d-181bc1f03e5a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{675471d4-8cad-404e-bdce-5a1bbc518817}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7c3b6eb3-394f-47e6-9d01-4ed09fd3fd4c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{b6c67a31-773d-4f73-a486-ce9d11889e6b}: [DhcpNameServer] 192.168.42.129

Edge:
=======
DownloadDir: C:\Users\sallab\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-11]
Edge HomePage: Default -> hxxps://www.google.fr/
Edge Extension: (Google Docs hors connexion) - C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-14]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-11-05]
Edge Extension: (Edge relevant text changes) - C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge Extension: (Ultimate Video Adblocker) - C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pljbcopohmfjdmmaibjlddledlpjkgbh [2023-01-08]
Edge Profile: C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2023-09-14]
Edge DownloadDir: Profile 1 -> G:\
Edge HomePage: Profile 1 -> hxxps://www.google.fr/
Edge StartupUrls: Profile 1 -> "hxxps://www.google.com/","hxxp://fr.4yendex.com/?utm_source=sdks&utm_medium=fr01&utm_campaign=1809b83562c0938da240a0e320a9efce","hxxps://www.google.com/"
Edge Session Restore: Profile 1 -> est activé.
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-14]
Edge Extension: (Edge relevant text changes) - C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-14]
Edge Profile: C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Profile 2 [2022-07-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\sallab\AppData\Local\Microsoft\Edge\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-07-02]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: vqfkkseb.default
FF ProfilePath: C:\Users\sallab\AppData\Roaming\Mozilla\Firefox\Profiles\vqfkkseb.default [2021-03-04]
FF ProfilePath: C:\Users\sallab\AppData\Roaming\Mozilla\Firefox\Profiles\1pujlwsv.default-release-1656786134906 [2023-10-04]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\sallab\AppData\Roaming\Mozilla\Firefox\Profiles\1pujlwsv.default-release-1656786134906\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-08-10]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-09-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-10-30] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default [2023-11-11]
CHR DownloadDir: G:\
CHR Notifications: Default -> hxxps://web.telegram.org
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxp://fr.4yendex.com/?utm_source=sdks&utm_medium=fr01&utm_campaign=1809b83562c0938da240a0e320a9efce","hxxps://www.google.com/"
CHR Session Restore: Default -> est activé.
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2023-10-30]
CHR Extension: (Suite ChatGPT - Résumez tout!) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbgecfllfhmmnknmamkejadjmnmpfjmp [2023-10-30]
CHR Extension: (Telegram) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2021-05-27]
CHR Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-06-22]
CHR Extension: (Sider: Barre ChatGPT + Vision & GPT-4) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\difoiogjjojoaoomphldepapgpbgkhkb [2023-11-11]
CHR Extension: (Telegram for Chrome) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\djjkifoefibfoodilnhkmbhmadbgacni [2021-05-27]
CHR Extension: (Web Apps by 123apps) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplndkoilcedkdjicmbeoahnckdcnle [2021-11-06]
CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2023-11-11]
CHR Extension: (Rechercher GPT pour Chrome) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmncmpginchogfdnjfeopdopoiegjjjp [2023-06-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-02]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-11-11]
CHR Extension: (Search Everywhere with Google Bard) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnadleianomnjcoeplifgbkiejchjmah [2023-10-02]
CHR Extension: (AI Email Response Generator - superReply) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpenfopogkamibjfobmdbdclpefokejk [2023-11-11]
CHR Extension: (ChatGPT for Gmail) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaclcidolgjnpblhdalmildokfdmidlj [2023-05-13]
CHR Extension: (Fusionneur Audio) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2021-05-27]
CHR Extension: (Moteur de recherche mettant en vedette ChatGPT) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\khdnaopfklkdcloiinccnaflffmfcioa [2023-09-22]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-09-04]
CHR Extension: (Video DownloadHelper) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2023-09-04]
CHR Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2023-11-11]
CHR Extension: (MaxAI.me: Utilisez ChatGPT AI n'importe où en ligne) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhnlakgilnojmhinhkckjpncpbhabphi [2023-11-11]
CHR Extension: (Résumé ChatGPT pour Chrome - OpenAI) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikcekmbahpbehdpakenaknkkedeonhf [2023-11-11]
CHR Extension: (ChatGPT pour Chrome - recherche GPT) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ninecedhhpccjifamhafbdelibdjibgd [2023-11-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-26]
CHR Extension: (Monica - Votre assistant en intelligence artificielle GPT-4) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpnmcalabcbjgholdjcjblkibolbppb [2023-11-11]
CHR Extension: (ChatGPT Writer - Write mail, messages with AI) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnenlnelpdomajfejgapbdpmjkfpjkp [2023-11-11]
CHR Profile: C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-08-28]
CHR Profile: C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-04-23]
CHR HomePage: Profile 1 -> hxxps://www.google.fr/
CHR StartupUrls: Profile 1 -> "hxxps://www.google.com/","hxxp://fr.4yendex.com/?utm_source=sdks&utm_medium=fr01&utm_campaign=1809b83562c0938da240a0e320a9efce","hxxps://www.google.com/"
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2022-10-12]
CHR Extension: (Telegram) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\clhhggbfdinjmjhajaheehoeibfljjno [2022-06-06]
CHR Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-04-23]
CHR Extension: (Telegram for Chrome) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djjkifoefibfoodilnhkmbhmadbgacni [2022-06-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-23]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-10-12]
CHR Extension: (Fusionneur Audio) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihiafjkopgiakbmihgoieodihjcblfbk [2022-06-06]
CHR Extension: (Video DownloadHelper) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2023-04-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sallab\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-06]
CHR Profile: C:\Users\sallab\AppData\Local\Google\Chrome\User Data\System Profile [2022-08-28]
CHR HKU\S-1-5-21-1684120116-1028836215-45182466-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ASUSGiftBoxDekstop; C:\Program Files (x86)\ASUS\ASUS GIFTBOX Desktop\ASUSGIFTBOXDesktop.exe [315704 2015-07-20] (ASUSTeK Computer Inc. -> ASUS)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12876472 2023-11-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2023-10-31] (Dropbox, Inc -> Dropbox, Inc.)
S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> )
R2 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [1051136 2021-03-01] (wondershare) [Fichier non signé]
R2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Backup\ElevationService.exe [913408 2021-01-20] () [Fichier non signé]
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\FileSyncHelper.exe [3505696 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-14] (HP Inc. -> HP Inc.)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S3 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.209.1008.0002\OneDriveUpdaterService.exe [3842064 2023-10-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2016-02-27] (SolidWorks) [Fichier non signé]
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262312 2021-03-12] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 Browser; %SystemRoot%\System32\browser.dll [X]
R2 ZoomCptService; "C:\Program Files (x86)\Common Files\Zoom\Support\CptService.exe" -user_path "C:\Users\sallab\AppData\Roaming\Zoom"

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [101872 2017-04-11] (ASUSTeK Computer Inc. -> ASUS Corporation)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [280064 2023-03-23] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2018-07-27] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-11-11 16:51 - 2023-11-11 17:04 - 000041213 _____ C:\Users\sallab\Downloads\FRST.txt
2023-11-11 16:48 - 2023-11-11 17:01 - 000000000 ____D C:\FRST
2023-11-11 16:47 - 2023-11-11 16:48 - 002383872 _____ (Farbar) C:\Users\sallab\Downloads\FRST64.exe
2023-11-11 14:45 - 2023-11-11 14:45 - 000000000 ___HD C:\$SysReset
2023-11-06 07:05 - 2023-11-06 07:05 - 000000000 ___HD C:\$WinREAgent
2023-11-05 23:26 - 2023-11-05 23:26 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-11-05 20:31 - 2023-11-05 20:40 - 829785694 _____ C:\Users\sallab\Documents\&#128308;SUIVEZ NGALU DU SAMEDI 4 NOVEMBRE 2023 AVEC HAMET LY.mp4
2023-11-05 19:52 - 2023-11-05 19:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-10-31 12:19 - 2023-10-31 12:19 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2023-10-19 08:25 - 2023-10-19 08:25 - 000000000 ____D C:\Users\sallab\AppData\Local\Backup

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-11-11 16:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-11 16:40 - 2020-11-18 23:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-11 16:29 - 2023-03-23 19:36 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-11 16:29 - 2016-01-14 18:29 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-11 16:05 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-11 16:00 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-11 15:30 - 2023-10-04 15:07 - 000000000 ____D C:\Program Files (x86)\NirSoft
2023-11-11 15:20 - 2017-10-22 20:51 - 000000000 ____D C:\Users\sallab\AppData\Local\Packages
2023-11-11 15:11 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-11 15:11 - 2018-12-29 09:54 - 000000000 ____D C:\Users\sallab\AppData\Local\CrashDumps
2023-11-11 14:41 - 2021-01-15 21:55 - 000000165 _____ C:\Users\sallab\AppData\Roaming\sp_data.sys
2023-11-11 14:20 - 2020-11-19 00:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-11 14:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-11 14:14 - 2023-10-04 16:43 - 000000000 ____D C:\ProgramData\Windows Master Setup
2023-11-11 14:11 - 2017-07-21 13:32 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2023-11-11 13:52 - 2016-01-07 21:16 - 000000000 __SHD C:\Users\sallab\IntelGraphicsProfiles
2023-11-11 13:51 - 2021-03-06 18:38 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-11-11 13:40 - 2023-03-23 20:24 - 001568510 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-11 13:40 - 2019-12-07 15:49 - 000694094 _____ C:\WINDOWS\system32\perfh00C.dat
2023-11-11 13:40 - 2019-12-07 15:49 - 000127970 _____ C:\WINDOWS\system32\perfc00C.dat
2023-11-11 13:35 - 2020-11-19 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-11 13:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-11-11 13:34 - 2020-05-29 15:57 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-11 13:33 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-11-06 06:45 - 2020-11-19 00:31 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-06 06:45 - 2020-11-19 00:31 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-11-06 00:11 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-11-06 00:05 - 2020-11-18 23:28 - 000499416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-11-06 00:02 - 2022-07-02 21:01 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-11-05 23:55 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-11-05 23:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-11-05 23:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-11-05 23:53 - 2019-12-07 15:49 - 000000000 ____D C:\WINDOWS\system32\fr
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-11-05 23:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-11-05 23:51 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-05 23:51 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\IME
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-05 23:51 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-05 23:51 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-11-05 23:33 - 2023-06-04 13:38 - 000002172 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-05 23:33 - 2023-04-10 12:33 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-11-05 23:33 - 2023-03-23 20:43 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1684120116-1028836215-45182466-1001
2023-11-05 23:29 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-11-05 23:28 - 2019-12-07 15:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-11-05 23:28 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-11-05 23:01 - 2022-07-02 19:35 - 000000000 ____D C:\Program Files\Microsoft Office
2023-11-05 22:33 - 2015-08-18 06:29 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-11-05 21:56 - 2020-11-19 00:31 - 003014144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-11-05 20:41 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-05 20:14 - 2017-09-12 18:37 - 000002046 _____ C:\Users\sallab\Desktop\Google Drive.lnk
2023-11-05 20:13 - 2021-09-11 10:28 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-11-05 20:13 - 2021-09-11 10:28 - 000002010 _____ C:\Users\Default\Desktop\Google Slides.lnk
2023-11-05 20:13 - 2021-09-11 10:28 - 000002010 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2023-11-05 20:13 - 2021-09-11 10:28 - 000001998 _____ C:\Users\Default\Desktop\Google Docs.lnk
2023-10-30 15:55 - 2020-11-19 00:31 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-30 15:55 - 2020-11-19 00:31 - 000003564 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-19 08:58 - 2019-05-30 17:04 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2023-10-19 08:46 - 2016-01-14 18:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-19 08:28 - 2016-01-14 18:52 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Fichiers à la racine de certains dossiers ========

2021-02-24 14:45 - 2017-05-26 16:33 - 000000144 _____ () C:\Users\sallab\desactiver-UAC.reg
2021-01-15 21:55 - 2023-11-11 14:41 - 000000165 _____ () C:\Users\sallab\AppData\Roaming\sp_data.sys
2020-11-09 11:57 - 2023-04-01 11:22 - 000000128 _____ () C:\Users\sallab\AppData\Roaming\winscp.rnd
2021-01-22 22:57 - 2021-01-22 22:57 - 000007605 _____ () C:\Users\sallab\AppData\Local\Resmon.ResmonCfg

==================== FLock ==============================

2021-03-02 21:06 C:\Users\sallab\AppData\Local\ZHP

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.