Posté le 21 novembre
Télécharger | Reposter | Largeur fixe

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-11-2023 02
Exécuté par GB (administrateur) sur DESKTOP-AMODNS9 (Dell Inc. Dell System XPS L502X) (21-11-2023 10:02:42)
Exécuté depuis D:\bureau\FRST64.exe
Profils chargés: GB
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.3086 (X64) Langue: Français (France)
Navigateur par défaut: Brave
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe <2>
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Program Files (x86)\BraveSoftware\Update\1.3.361.141\BraveCrashHandler64.exe
(C:\Program Files\Google\Drive File Stream\84.0.2.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\84.0.2.0\crashpad_handler.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Users\GB\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\GB\AppData\Local\Wondershare\Wondershare NativePush\WsToastNotification.exe
(explorer.exe ->) (AntGROUP) [Fichier non signé] C:\Program Files (x86)\Ant Download Manager\AntDM.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(explorer.exe ->) (Privado Networks AG -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\84.0.2.0\GoogleDriveFS.exe <7>
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(services.exe ->) ("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe
(services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(services.exe ->) (MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (Privado Networks AG -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Service.exe
(services.exe ->) (Privado Networks AG -> Privado Networks AG) C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Wireguard.Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (voidtools -> voidtools) C:\Program Files\Everything\Everything.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> Wondershare) C:\Users\GB\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe
(svchost.exe ->) () [Fichier non signé] C:\Users\GB\AppData\Roaming\Logistic\System.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <2>
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.401.912.0.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [ctfmon] => C:\Windows\System32\ctfmon.exe [11264 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2020-09-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2020-09-16] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM\...\Run: [BraveVpnWireguardService] => C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10797080 2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM-x32\...\Run: [adm_tray.exe] => C:\Program Files (x86)\Acronis\DriveMonitor\adm_tray.exe [470240 2011-02-24] (Acronis, Inc -> )
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.2.0\GoogleDriveFS.exe [58442528 2023-11-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.2.0\GoogleDriveFS.exe [58442528 2023-11-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [AntDM] => C:\Program Files (x86)\Ant Download Manager\AntDM.exe [5300224 2023-04-12] (AntGROUP) [Fichier non signé]
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.2.0\GoogleDriveFS.exe [58442528 2023-11-21] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [PrivadoVPN] => C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.exe [5504864 2023-11-08] (Privado Networks AG -> Privado Networks AG)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\Run: [MicrosoftEdgeAutoLaunch_FA9A8B9B95AF6AC163FDC89F3FE38723] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3896768 2023-11-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\...\RunOnce: [Application Restart #0] => C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe [2746392 2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.)
HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [153600 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\84.0.2.0\GoogleDriveFS.exe [58442528 2023-11-21] (Google LLC -> Google, Inc.)
HKLM\...\Windows x64\Print Processors\hpcpp250: C:\Windows\System32\spool\prtprocs\x64\hpcpp250.dll [850024 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\Windows\system32\HPMPW082.DLL [127592 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\Windows\system32\hpmlm225.dll [315496 2020-08-20] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2152704 2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\Installer\chrmstp.exe [2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.)
AppInit_DLLs: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinitx.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinitx.dll [209128 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinit.dll => C:\WINDOWS\system32\DriverStore\FileRepository\nvdmi.inf_amd64_b79991c48f5211ac\nvinit.dll [182592 2018-03-25] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation)
Startup: C:\Users\GB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2022-03-07]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {834FC925-6390-4326-B375-508F3350C83A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {B3457B7E-CEEC-47F4-BF8A-303A3492C3E9} - System32\Tasks\ASUS Live Update1 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" localtask.bid (Pas de fichier)
Task: {F7535B39-7F09-4F0B-AA21-DB573395E147} - System32\Tasks\ASUS Live Update2 => "C:\Program Files\Google\Chrome\Application\chrome.exe" localtask.bid (Pas de fichier)
Task: {557941AB-C4D9-4062-9DBB-E031189E6FBC} - System32\Tasks\ASUS USB Charger Plus => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -> --user-data-dir=DIR --mute-audio hxxps://gamerksk.blogspot.com/
Task: {AF5A193F-20C6-4D7F-B3E1-BA474B23F959} - System32\Tasks\BlueStacksHelper => "C:\Program Files\Google\Chrome\Application\chrome.exe" -> --user-data-dir=DIR --mute-audio hxxps://gamerksk.blogspot.com/
Task: {005CE692-B522-4443-B239-A77A96B64227} - System32\Tasks\BlustacksHelper => C:\Users\GB\AppData\Roaming\Logistic\System.exe [356352 2023-06-24] () [Fichier non signé] <==== ATTENTION
Task: {80EC9030-AB1A-4647-9B6B-10A8F4DA95AF} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{10A18972-6A0F-48C9-B755-0E71BEF6E732} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {BE4062F7-3AEB-494B-8496-3746B901E164} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{451A49EF-C16A-4EE8-BF50-E62EA04BEE11} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {772D470E-0C3E-4FC2-9EDA-074273BE5AAB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5308576 2023-06-16] (Microsoft Windows -> Microsoft Corporation)
Task: {F96A114B-6093-484D-967F-DECFD7220F75} - System32\Tasks\GoogleUpdateTaskMachineCore{3691DE51-FCE1-4CCE-A079-F48A93433A3D} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-05] (Google LLC -> Google LLC)
Task: {21FBB3F5-D4F5-4CFC-9102-8E531FF2F553} - System32\Tasks\GoogleUpdateTaskMachineUA{42390537-EB41-47C9-BFA5-42117CC5A76C} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-12-05] (Google LLC -> Google LLC)
Task: {88C5E077-4804-4069-ABA0-25400032B7E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {8A4FC5A7-19E6-4658-90A9-1F21EFE82FD4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27033280 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F44EA2E5-6743-4642-80BA-BCE017E3139E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {10CAEE7E-8B6B-4531-943D-66B9188DDB39} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218160 2023-11-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {A5259019-EB32-4C7B-80E9-4555FB094953} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [492032 2023-05-10] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy Bypass -WindowStyle Hidden -File C:\WINDOWS\mid.ps1
Task: {B5540D1C-47BA-4D33-9005-D6EAE391E709} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {0158582A-E12A-422F-B64B-45EE34BB6643} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F94276AF-A1E5-4540-B2B0-118F09C1C124} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {637F0DCB-0B62-4741-BFB8-EA0FA398633C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {77049E73-2112-4253-9171-A47F3AB0E5FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MpCmdRun.exe [1604680 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F56F1A44-7B0D-4AE6-B51F-6AD240C30AEB} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {EE2077AF-8B8F-4CB6-BDDE-05F1B8FE54A1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-3823513517-4018291188-4233142150-1001 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier)
Task: {4F3D6BD5-0018-40D6-90CD-D06FB546543F} - System32\Tasks\ViGEmBusUpdater => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [492032 2023-05-10] (Microsoft Windows -> Microsoft Corporation) -> -ExecutionPolicy ByPass -WindowStyle Hidden C:\Users\GB\AppData\Roaming\Webgard\cor.ps1

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\..\Interfaces\{066b0569-5102-4582-b723-aef8a7bf2e5b}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{066b0569-5102-4582-b723-aef8a7bf2e5b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{25723e20-59ec-4997-b93e-7caa8ef7a820}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{2caaf14e-7dbb-48ed-a358-f39444f6a9dc}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{9378331d-a0df-4f35-a546-b2f4cfc2e246}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{a97c2990-2925-4631-9a9c-90ea30c69290}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{bf8dd08a-68d4-4899-bfc0-f71d637d7592}: [NameServer] 198.18.0.1,198.18.0.2

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\GB\AppData\Local\Microsoft\Edge\User Data\Default [2023-11-20]
Edge Notifications: Default -> hxxps://slickperfect.com; hxxps://webslick24.com
Edge Extension: (Google Docs hors connexion) - C:\Users\GB\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\GB\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-11-07]

FireFox:
========
FF DefaultProfile: 3kn31g63.default
FF ProfilePath: C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default [2023-05-05]
FF Extension: (Dictionnaire français) - C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2021-05-02]
FF Extension: (Français Language Pack) - C:\Users\GB\AppData\Roaming\Mozilla\Firefox\Profiles\3kn31g63.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2023-05-02]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-11-05] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3823513517-4018291188-4233142150-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-07-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR Profile: C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default [2023-04-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-04-14]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\GB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR HKU\S-1-5-21-3823513517-4018291188-4233142150-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR Profile: C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable [2023-10-23]
OPR DefaultSuggestURL: Opera Stable -> hxxps://suggest.yandex.ru/suggest-ya.cgi?v=4&part={searchTerms}&l10n={language}
OPR Extension: (Rich Hints Agent) - C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-03-31]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\GB\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-26]

Brave:
=======
BRA Profile: C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-11-21]
BRA Extension: (Google Traduction) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-03-24]
BRA Extension: (Onglets verticaux pour Google Chrome ™) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\acnamgmgmbamffefgplhkplaanebgkac [2022-08-16]
BRA Extension: (Free Download Manager) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2023-04-22]
BRA Extension: (Privacy Pass) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajhmfdgkijocedmfjonnpjfojldioehi [2023-09-09]
BRA Extension: (CookiesBlock - cookie pop-ups) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ajkknbgennjgacpfbhdobipfhhikbldg [2022-06-25]
BRA Extension: (Girl with a Lantern) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bhmcheeokigdlgjepckedmelfolakjmh [2022-04-14]
BRA Extension: (Sidewise Tree Style Tabs) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\biiammgklaefagjclmnlialkmaemifgo [2021-03-14]
BRA Extension: (Download with Ant Download Manager) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\dalgiebmfcjackkbjfbfmlnflbdfbekj [2021-03-17]
BRA Extension: (Téléchargeur de musique gratuit ) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eaoehmpaiecpkjibbjjgmmpkeibcgomb [2023-11-21]
BRA Extension: (AutoplayStopper) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ejddcgojdblidajhngkogefpkknnebdh [2023-09-16]
BRA Extension: (Convertio) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2022-05-09]
BRA Extension: (Helium Backup) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\gpglbgbpeobllokpmeagpoagjbfknanl [2020-12-05]
BRA Extension: (LastPass: Free Password Manager) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2023-10-13]
BRA Extension: (Téléchargeur de vidéo - télécharger la vidéo) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihackilhcefdlfoehlhlamloflhofcme [2023-06-16]
BRA Extension: (Bloqueur vidéo) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kkgpdmegkhdheglikjleejknplhdpbck [2022-10-28]
BRA Extension: (The Flash Video Downloader) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmieilamoollaknppoffbmdgdcolcafa [2021-10-02]
BRA Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-21]
BRA Extension: (Téléchargeur vidéo - téléchargez n'importe quelle vidéo gratuitement) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mdkiofbiinbmlblcfhfjgmclhdfikkpm [2023-09-08]
BRA Extension: (PDF Exporter for leboncoin.fr) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\mifkoblilhehppoemadbhopbbijpifcj [2023-09-16]
BRA Extension: (My IP address) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\monhkdcehmbdgkhgpccaccbbcgcfpjkd [2022-08-07]
BRA Extension: (Smallpdf - Éditez et convertissez des PDF) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2023-11-21]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2023-11-17]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-11-21]
BRA Extension: (Brave NTP background images) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-09-20]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-11-21]
BRA Extension: (Brave Ads Resources) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\bgifagoclclhhoflocdefiklgodpihog [2023-11-19]
BRA Extension: (Wallet Data Files Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-11-21]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2023-11-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-02]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-12-02]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-11-19]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-11-17]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-11-21]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-13]
BRA Extension: (Brave NTP sponsored images) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-11-21]
BRA Extension: (Brave Ad Block Updater (Easylist-Cookie List - Filter Obtrusive Cookie Notices)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\lfgnenkkneohplacnfabidofpgcdpofm [2022-12-02]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-11-17]
BRA Extension: (Crypto Wallets) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\odbfpeeihdkbihmopkbjmoonfanlbfcl [2020-12-05]
BRA Extension: (PDF Viewer) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\oemmndcbldboiebfnladdacbdfmadadm [2020-12-05]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\GB\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-27]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [881760 2011-02-12] (Acronis, Inc -> Acronis)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2022-02-25] (Apple Inc. -> Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\7.2.3\ABService.exe [1102328 2023-04-19] (AOMEI International Network Limited -> AOMEI International Network Limited)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-12-05] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\brave_vpn_helper.exe [2762264 2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.)
S3 BraveVpnWireguardService; C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\BraveVpnWireguardService\brave_vpn_wireguard_service.exe [10797080 2023-11-15] (Brave Software, Inc. -> Brave Software, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12882616 2023-11-11] (Microsoft Corporation -> Microsoft Corporation)
S3 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [284720 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3563568 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [490032 2020-08-08] (Dell Technologies Inc. -> Dell Technologies Inc.)
S3 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [37056 2020-07-29] (Dell Inc -> )
R2 DellFFDPWmiService; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4959176 2022-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [24808 2022-11-29] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{45A42443-AEB8-485D-8F10-0AE879EBD840} [21312 2021-10-06] (Microsoft Windows -> Microsoft Corporation)
S3 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [206304 2020-10-01] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 Everything; C:\Program Files\Everything\Everything.exe [2261832 2020-11-27] (voidtools -> voidtools)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9266352 2023-07-08] (Malwarebytes Inc. -> Malwarebytes)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [731968 2022-12-15] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [225088 2022-12-15] (MiniTool Software Limited -> )
R2 NativePushService; C:\Users\GB\AppData\Local\Wondershare\Wondershare NativePush\WsNativePushService.exe [755600 2022-09-17] (Wondershare Technology Group Co.,Ltd -> Wondershare)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-01] (HP Inc.) [Fichier non signé]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-01] (HP Inc.) [Fichier non signé]
R2 PrivadoVPN.Service; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Service.exe [76128 2023-11-08] (Privado Networks AG -> Privado Networks AG)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [336208 2023-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31704 2020-09-01] (Dell Inc. -> Dell Inc.)
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-02] (Miroslav Topolar -> Mister Group)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\NisSrv.exe [3121120 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe [133704 2023-11-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WireGuardTunnel$PrivadoVPN; C:\Program Files (x86)\PrivadoVPN\PrivadoVPN.Wireguard.Service.exe [34144 2023-11-08] (Privado Networks AG -> Privado Networks AG)
S3 BraveElevationService; "C:\Program Files\BraveSoftware\Brave-Browser\Application\119.1.60.118\elevation_service.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [172928 2023-07-12] (AOMEI International Network Limited -> )
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2023-07-12] (AOMEI International Network Limited -> )
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [433168 2021-04-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
S3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-08-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2022-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2022-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S2 ElbyCDIO; C:\Windows\SysWOW64\Drivers\ElbyCDIO.sys [5992 2000-11-30] (Elaborate Bytes) [Fichier non signé]
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-05-20] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2020-12-08] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [24656 2022-05-19] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-10-31] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HPEWSFXBULK; C:\WINDOWS\system32\drivers\hpfx64bulk.sys [29096 2020-08-21] (Hewlett-Packard Company -> Hewlett Packard)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-05-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MpKsl4b7d12bc; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A2AD2E05-20F6-4B4E-9B2D-BEBAC8822858}\MpKslDrv.sys [263560 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsld547f2de; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A2AD2E05-20F6-4B4E-9B2D-BEBAC8822858}\MpKslDrv.sys [263560 2023-11-20] (Microsoft Windows -> Microsoft Corporation)
R3 ovpn-dco; C:\WINDOWS\System32\drivers\ovpn-dco.sys [90568 2023-05-15] (WDKTestCert lev,132435948852968539 -> OpenVPN, Inc)
R3 PrivadoVPNSplitTunneling; C:\WINDOWS\system32\DRIVERS\PrivadoVPNSplitTunneling.sys [32984 2023-09-12] (Privado Networks LLC -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-02-02] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55744 2023-11-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [578856 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105768 2023-11-07] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-12-22] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-09-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-11-21 10:01 - 2023-11-21 10:06 - 000000000 ____D C:\FRST
2023-11-20 16:46 - 2023-11-20 17:02 - 001370724 _____ C:\WINDOWS\Minidump\112023-53140-01.dmp
2023-11-19 10:16 - 2023-11-19 10:16 - 000000466 __RSH C:\ProgramData\ntuser.pol
2023-11-19 10:15 - 2023-11-19 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivadoVPN
2023-11-17 19:06 - 2023-11-17 19:19 - 001816572 _____ C:\WINDOWS\Minidump\111723-41937-01.dmp
2023-11-17 11:52 - 2023-11-17 12:05 - 002491844 _____ C:\WINDOWS\Minidump\111723-39046-01.dmp
2023-11-14 16:51 - 2023-11-14 17:01 - 002075644 _____ C:\WINDOWS\Minidump\111423-50046-01.dmp
2023-11-13 11:28 - 2023-11-13 11:49 - 001534380 _____ C:\WINDOWS\Minidump\111323-39734-01.dmp
2023-11-12 19:33 - 2023-11-12 19:33 - 000000000 ____H C:\Users\GB\AppData\Local\BIT7D0C.tmp
2023-11-12 19:33 - 2023-11-12 19:33 - 000000000 _____ C:\Users\GB\AppData\Local\{9EB392CB-0ACE-485F-A81B-D5B9A1D94511}
2023-11-12 19:33 - 2023-11-12 19:33 - 000000000 _____ C:\Users\GB\AppData\Local\{92802146-E4D6-45D6-8CF7-33B96DCAE91A}
2023-11-09 16:24 - 2023-11-09 16:24 - 000000000 _____ C:\Users\GB\AppData\Local\{10538046-DD12-4684-B775-27B027653A05}
2023-11-05 09:53 - 2016-04-07 20:29 - 001917528 _____ (Mister Group ) C:\Users\GB\Downloads\SystemExplorerSetup_1.exe
2023-10-26 08:38 - 2023-10-18 15:58 - 060386128 _____ (Mozilla) C:\Users\GB\Downloads\Thunderbird Setup 115.3.3.exe

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-11-21 09:50 - 2022-03-06 23:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-11-21 09:50 - 2020-12-05 15:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-11-21 09:46 - 2020-12-05 15:04 - 000000000 ___SD C:\Users\GB\AppData\Roaming\Microsoft\Credentials
2023-11-21 09:45 - 2021-09-10 18:07 - 000002173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-11-21 09:38 - 2020-12-07 19:43 - 000000000 ____D C:\ProgramData\PrivadoVPN
2023-11-21 09:35 - 2023-07-12 18:22 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-11-21 09:35 - 2023-07-12 18:22 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-11-21 09:35 - 2020-12-12 14:22 - 000000000 ____D C:\ProgramData\NVIDIA
2023-11-21 09:35 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-11-21 09:34 - 2022-03-07 08:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-11-21 09:34 - 2021-12-20 19:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-11-21 09:34 - 2020-09-27 06:33 - 000008192 ___SH C:\DumpStack.log.tmp
2023-11-20 18:07 - 2022-03-06 23:37 - 000000000 ____D C:\Users\GB
2023-11-20 18:07 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-11-20 18:05 - 2020-12-05 16:28 - 000000000 ____D C:\Users\GB\AppData\Local\Everything
2023-11-20 18:05 - 2020-12-05 15:18 - 000000000 ____D C:\Users\GB\AppData\Roaming\Everything
2023-11-20 17:55 - 2022-09-12 08:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-11-20 17:54 - 2020-12-07 19:58 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2023-11-20 17:26 - 2020-12-06 19:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-11-20 17:15 - 2021-01-31 16:33 - 000000000 ____D C:\Users\GB\AppData\Roaming\vlc
2023-11-20 17:04 - 2022-05-07 14:05 - 000000000 ____D C:\WINDOWS\Minidump
2023-11-20 16:46 - 2023-06-24 15:38 - 802024008 _____ C:\WINDOWS\MEMORY.DMP
2023-11-20 16:46 - 2022-03-07 08:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-11-19 10:17 - 2020-12-07 19:43 - 000000000 ____D C:\ProgramData\Package Cache
2023-11-19 10:15 - 2023-10-20 09:28 - 000000000 ____D C:\Program Files (x86)\PrivadoVPN
2023-11-18 05:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-11-18 05:20 - 2020-09-27 08:36 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-11-18 05:20 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-11-17 15:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-11-16 16:46 - 2020-12-08 15:50 - 000000000 ____D C:\Users\GB\AppData\Roaming\Microsoft\Excel
2023-11-16 16:46 - 2020-12-06 19:16 - 000000000 ____D C:\Users\GB\AppData\Roaming\Microsoft\Word
2023-11-16 11:23 - 2020-12-27 00:45 - 000000000 ____D C:\Users\GB\AppData\Roaming\dvdcss
2023-11-15 20:44 - 2020-12-05 17:32 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2023-11-15 18:40 - 2020-12-26 10:42 - 000000000 ____D C:\Users\GB\AppData\Local\QuickPar
2023-11-14 18:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-11-14 11:35 - 2022-07-21 11:27 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-11-14 11:33 - 2022-10-14 11:13 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-11-14 11:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-11-14 10:45 - 2022-08-30 15:23 - 000003992 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{42390537-EB41-47C9-BFA5-42117CC5A76C}
2023-11-14 10:45 - 2022-08-30 15:23 - 000003868 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{3691DE51-FCE1-4CCE-A079-F48A93433A3D}
2023-11-11 19:57 - 2022-03-07 08:22 - 001681370 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-11-11 19:57 - 2019-12-07 15:50 - 000756416 _____ C:\WINDOWS\system32\perfh00C.dat
2023-11-11 19:57 - 2019-12-07 15:50 - 000142186 _____ C:\WINDOWS\system32\perfc00C.dat
2023-11-11 19:57 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-11-07 18:50 - 2020-12-07 19:03 - 000000000 ____D C:\Users\GB\Downloads\Newshosting
2023-11-07 18:17 - 2023-01-11 18:04 - 000000000 ____D C:\Users\GB\Compressed
2023-11-07 17:58 - 2020-09-27 08:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-11-04 20:27 - 2020-12-06 19:16 - 000000000 ____D C:\Users\GB\AppData\Roaming\Microsoft\Office
2023-11-04 13:18 - 2021-02-22 11:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-11-03 18:31 - 2020-12-07 20:01 - 000000000 ____D C:\Users\GB\AppData\LocalLow\Mozilla
2023-10-31 16:10 - 2022-06-26 17:11 - 000003688 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-31 16:10 - 2022-06-26 17:11 - 000003594 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d831f3291cfd8e

==================== Fichiers à la racine de certains dossiers ========

2021-01-08 02:29 - 2021-01-08 02:29 - 019470392 _____ (TeamViewer) C:\Users\GB\TeamViewerQS.exe
2021-08-09 13:01 - 2021-08-09 13:01 - 000000171 _____ () C:\Users\GB\AppData\Roaming\822f02e4-9e9a-4077-a765-71edfca16ad0
2020-12-27 01:08 - 2020-12-27 01:08 - 000007859 _____ () C:\Users\GB\AppData\Roaming\pcouffin.cat
2020-12-27 01:08 - 2020-12-27 01:08 - 000001167 _____ () C:\Users\GB\AppData\Roaming\pcouffin.inf
2020-12-27 01:08 - 2020-12-27 01:08 - 000082816 _____ (VSO Software) C:\Users\GB\AppData\Roaming\pcouffin.sys
2021-03-05 14:03 - 2021-03-05 14:03 - 000156725 _____ () C:\Users\GB\AppData\Roaming\Windows Service.vbs
2023-11-12 19:33 - 2023-11-12 19:33 - 000000000 ____H () C:\Users\GB\AppData\Local\BIT7D0C.tmp
2021-06-07 13:09 - 2022-05-12 20:10 - 000008704 _____ () C:\Users\GB\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-12-10 10:21 - 2021-12-10 10:21 - 000000017 _____ () C:\Users\GB\AppData\Local\resmon.resmoncfg
2023-11-09 16:24 - 2023-11-09 16:24 - 000000000 _____ () C:\Users\GB\AppData\Local\{10538046-DD12-4684-B775-27B027653A05}
2022-11-24 13:53 - 2022-11-24 13:53 - 000000000 _____ () C:\Users\GB\AppData\Local\{23CC8C3D-A496-4C82-B4C4-DC251EF75FA8}
2023-02-12 10:20 - 2023-02-12 10:20 - 000000000 _____ () C:\Users\GB\AppData\Local\{37E3FF66-1F48-43D0-AAFD-E9199937B8B8}
2023-08-18 18:05 - 2023-08-18 18:05 - 000000000 _____ () C:\Users\GB\AppData\Local\{647C563D-EABB-4BCB-9FDF-3FF565EB6093}
2023-11-12 19:33 - 2023-11-12 19:33 - 000000000 _____ () C:\Users\GB\AppData\Local\{92802146-E4D6-45D6-8CF7-33B96DCAE91A}
2023-11-12 19:33 - 2023-11-12 19:33 - 000000000 _____ () C:\Users\GB\AppData\Local\{9EB392CB-0ACE-485F-A81B-D5B9A1D94511}
2023-08-18 18:05 - 2023-08-18 18:05 - 000000000 _____ () C:\Users\GB\AppData\Local\{9FD83813-4067-4948-94A6-3AB9BD61E73F}
2022-06-21 08:25 - 2022-06-21 08:25 - 000000000 _____ () C:\Users\GB\AppData\Local\{C48EA334-4519-416D-A66A-ADB0861153DD}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================

x
Éditer le texte

Merci d'entrer le mot de passe que vous avez indiqué à la création du texte.

x
Télécharger le texte

Merci de choisir le format du fichier à télécharger.