Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Exécuté par famil (administrateur) sur DESKTOP-RUSBT00 (03-04-2021 16:20:35)
Exécuté depuis C:\Users\famil\Desktop
Profils chargés: famil
Platform: Windows 10 Home Single Language Version 1903 18362.959 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files (x86)\Wondershare\MobileTrans (Français)\ElevationService.exe
(CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd) C:\Program Files (x86)\MaskVPN\mask_svc.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Leosoft EOOD -> ) C:\Program Files (x86)\Eye Saver\Eye Saver.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mega Limited -> Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM-x32\...\Run: [PSUAMain] => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
HKLM\...\Policies\Explorer: [AllowOnlineTips] 0
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [Eye Saver] => C:\Program Files (x86)\Eye Saver\Eye Saver.exe [2628600 2019-12-01] (Leosoft EOOD -> )
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [90952568 2020-10-29] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1099141874-690757217-4216510690-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1146096 2021-03-17] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKLM\...\Print\Monitors\UDC: C:\Windows\system32\udcpm.dll [44784 2017-12-28] (fCoder SIA -> fCoder Group, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\89.1.22.71\Installer\chrmstp.exe [2021-04-02] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Application Manager.lnk [2019-12-18]
ShortcutTarget: Avid Application Manager.lnk -> C:\Windows\Installer\{99E377DB-D2D0-44A5-8533-AA8BE1381644}\NewShortcut1_E1E0FF1FC1474601A40EFEF248F11D43.exe (Flexera Software LLC) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAndroidAppHelper.lnk [2020-09-23]
ShortcutTarget: MTWSAndroidAppHelper.lnk -> C:\Program Files (x86)\Wondershare\MobileTrans (Français)\WSAndroidAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MTWSAppHelper.lnk [2020-09-23]
ShortcutTarget: MTWSAppHelper.lnk -> C:\Program Files (x86)\Wondershare\MobileTrans (Français)\WSAppHelper.exe (Wondershare Technology Co.,Ltd -> Microsoft)
Startup: C:\Users\famil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-03-21]
ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {1077FCB7-8831-4309-AF37-8CF0A009EF58} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {257E9DFA-30B8-4037-A4D0-B9A5412900B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {25B36F77-4879-4230-AD06-1606801A9D93} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {2EC7E9D3-1939-4AFB-BFC2-08FC42474BD1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-20] (Google LLC -> Google LLC)
Task: {3F77029B-3126-4487-9E0E-2A6F46D52B31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN7643D2W0 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {4BE31ECD-5EAC-42EB-846F-038DB1F2ED2C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [348256 2021-01-22] (HP Inc. -> HP Inc.)
Task: {530373DD-611F-43CC-BDCE-6DE8CB5367BF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {53344B35-7DA3-4BF9-88FC-ACC19A4F023B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135800 2021-03-11] (HP Inc. -> HP Inc.)
Task: {58B2FBAF-EBCE-49A7-8D0D-7DF54C797BF3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd)
Task: {643FF669-ED53-46A3-906E-B7559D871DDB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5260176 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {663E9C56-30AA-42EA-87B9-7FF2F63FDCFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {66D93D2A-FBAC-4D7A-86D8-1BEE0545E96D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E39600C-6BF7-45E6-B23B-8314482B748C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-20] (Google LLC -> Google LLC)
Task: {752BB998-0384-4E25-826D-1CA5275DC946} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {75E73856-F7C1-48BA-93B6-DB842F5AE770} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5260176 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {7A3C1014-EBED-4308-8854-9C8FBC3DC044} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.)
Task: {7ADBA967-ED46-49E4-A41D-98B7A7D08C9B} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {82A1134D-01A2-4222-B061-C3C0DF642940} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {A53D78A3-493E-4115-AA42-81AFD791C0B6} - pas de chemin du fichier
Task: {A7F09BC7-93D1-481A-8CD2-7CB5C3ADF704} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1099141874-690757217-4216510690-1001 => C:\ProgramData\MEGAsync\MEGAupdater.exe [1818360 2021-01-28] (Mega Limited -> Mega Limited)
Task: {C19E812D-C1EF-45CC-8DCB-249FD4A2AFE2} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {C26D716A-2876-4772-BE9E-4D74B6895970} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8DE37E9-0EA5-4DA0-878E-936F5BA44B0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {D78FB535-00FD-4803-AC4E-58FA33C1F13C} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4732110-6D47-4860-92E3-B8EDB2B8F1AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyEnable: [S-1-5-21-1099141874-690757217-4216510690-500] => Proxy est activé.
ProxyServer: [S-1-5-21-1099141874-690757217-4216510690-500] => 127.0.0.1:8080
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{af0bf45c-5c32-47cd-a837-7ca52203d3ba}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e7c5f21f-41c9-452d-8495-680c7fbd6d85}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{fbe587d7-f8f5-4711-8976-861544b98ed7}: [DhcpNameServer] 192.168.42.129

Edge:
=======
DownloadDir: C:\Users\famil\Downloads

FireFox:
========
FF DefaultProfile: na0y3daa.default
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\s2tf91fj.App [2021-03-23]
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\na0y3daa.default [2020-08-12]
FF ProfilePath: C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release [2021-04-03]
FF DownloadDir: F:
FF Homepage: Mozilla\Firefox\Profiles\nbc6k892.default-release -> hxxps://www.google.fr
FF Extension: (Ant Video downloader) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\anttoolbar@ant.com.xpi [2021-02-06]
FF Extension: (To Google Translate) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-11]
FF Extension: (App for Spotify™) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\jid1-h4Ke2h5q31uuK7@jetpack.xpi [2020-08-28]
FF Extension: (I don't care about cookies) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2021-03-09]
FF Extension: (Spotify Launch) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\SpotifyLaunch@9holotpk.xpi [2020-03-20]
FF Extension: (Google Translator for Firefox) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\translator@zoli.bod.xpi [2020-02-22]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-03-29]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-03-22]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-28]
FF Extension: (YouTube-Mp3.my) - C:\Users\famil\AppData\Roaming\Mozilla\Firefox\Profiles\nbc6k892.default-release\Extensions\{d15ee6c5-5946-4b44-be62-dd5e66342179}.xpi [2020-08-28]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-24] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\famil\AppData\Local\Google\Chrome\User Data\Default [2021-03-25]

Brave:
=======
BRA Profile: C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-26]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-03-25]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-26]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-03-26]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-03-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-03-26]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\famil\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-25]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-03-25] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [65776 2021-03-17] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 ElevationService; C:\Program Files (x86)\Wondershare\MobileTrans (Français)\ElevationService.exe [913408 2020-07-13] () [Fichier non signé]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 MaskVPNService; C:\Program Files (x86)\MaskVPN\mask_svc.exe [7493560 2020-08-06] (Global Media (Thailand) Co., Ltd -> Global Media (Thailand) Co., Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
S3 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 wuauserv; C:\Windows\system32\svchost.exe [53744 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 wuauserv; C:\Windows\SysWOW64\svchost.exe [45448 2019-03-19] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 NanoServiceMain; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe" [X]
S3 Panda VPN Service; "C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe" [X]
S2 pselamsvc; "C:\Program Files (x86)\Panda Security\Panda Security Protection\pselamsvc.exe" [X]
S2 PSUAService; "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 aftap0901; C:\Windows\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [30208 2019-08-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2019-08-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2019-08-12] (Microsoft Windows Hardware Compatibility Publisher -> LG Electronics Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2019-12-22] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [199128 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-03-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-03-25] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [155360 2021-04-03] (Malwarebytes Inc -> Malwarebytes)
R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [111384 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSDNS; C:\Windows\system32\DRIVERS\NNSDNS.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211736 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [125720 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [132888 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [95472 2018-07-16] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [149784 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [95000 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [135448 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [346392 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [290584 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [123160 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [295192 2019-05-30] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [132376 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [198424 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
S0 psinelam; C:\Windows\System32\DRIVERS\psinelam.sys [21952 2019-01-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [160536 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [215320 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [147224 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [159512 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [129304 2019-06-12] (Panda Security S.L. -> Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
S3 qcusbnet; C:\Windows\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2018-08-29] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49560 2021-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [420072 2021-03-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-17] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-03 16:20 - 2021-04-03 16:21 - 000025743 _____ C:\Users\famil\Desktop\FRST.txt
2021-04-03 16:20 - 2021-04-03 16:20 - 000000000 ____D C:\FRST
2021-04-03 16:20 - 2021-04-03 16:09 - 002298368 _____ (Farbar) C:\Users\famil\Desktop\FRST64.exe
2021-04-03 14:51 - 2021-04-03 14:51 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-04-03 14:51 - 2021-04-03 14:51 - 000155360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-04-03 14:51 - 2021-04-03 14:51 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-04-03 13:41 - 2021-04-03 13:41 - 000000000 ____D C:\Users\famil\AppData\Local\VS Revo Group
2021-04-03 13:41 - 2021-04-03 13:41 - 000000000 ____D C:\ProgramData\VS Revo Group
2021-04-03 13:41 - 2021-04-03 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2021-04-03 13:41 - 2021-04-03 13:41 - 000000000 ____D C:\Program Files\VS Revo Group
2021-04-03 13:41 - 2020-10-14 04:07 - 000038400 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2021-03-25 20:23 - 2021-03-25 20:23 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-03-25 20:23 - 2021-03-25 20:23 - 000220616 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-03-25 20:23 - 2021-03-25 20:23 - 000002045 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-25 20:22 - 2021-03-25 20:22 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-03-25 20:22 - 2021-03-25 20:22 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-03-25 20:22 - 2021-03-25 20:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-25 20:22 - 2021-03-25 20:22 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-25 20:16 - 2021-03-25 20:17 - 000000000 ____D C:\AdwCleaner
2021-03-25 19:59 - 2021-03-25 19:59 - 002084016 _____ (Malwarebytes) C:\Users\famil\Desktop\3.MBSetup.exe
2021-03-25 19:58 - 2021-03-25 19:58 - 008534696 _____ (Malwarebytes) C:\Users\famil\Desktop\2.adwcleaner_8.2.exe
2021-03-25 07:26 - 2021-04-02 20:39 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-03-25 07:26 - 2021-03-25 07:26 - 000000000 ____D C:\Users\famil\AppData\Local\BraveSoftware
2021-03-25 07:25 - 2021-03-25 07:25 - 000003608 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2021-03-25 07:25 - 2021-03-25 07:25 - 000003484 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2021-03-25 07:25 - 2021-03-25 07:25 - 000000000 ____D C:\Program Files\BraveSoftware
2021-03-25 07:25 - 2021-03-25 07:25 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-03-24 00:10 - 2021-03-24 00:10 - 000002468 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2021-03-24 00:10 - 2021-03-24 00:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2021-03-23 23:00 - 2021-03-23 23:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-03-23 21:15 - 2021-04-03 08:25 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-21 21:42 - 2021-03-21 21:42 - 000003656 _____ C:\Windows\system32\Tasks\CreateExplorerShellUnelevatedTask
2021-03-21 21:42 - 2021-03-21 21:42 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2021-03-21 21:42 - 2021-03-21 21:42 - 000000000 ____D C:\Users\famil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2021-03-21 21:42 - 2021-03-21 21:42 - 000000000 ____D C:\Users\famil\AppData\Local\Mega Limited
2021-03-21 21:42 - 2021-03-21 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync
2021-03-21 21:42 - 2021-03-21 21:42 - 000000000 ____D C:\ProgramData\MEGAsync
2021-03-21 21:34 - 2021-03-24 00:10 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-03-21 21:34 - 2021-03-24 00:10 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-03-21 21:34 - 2021-03-24 00:10 - 000002426 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-03-21 21:34 - 2021-03-24 00:10 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-03-21 21:34 - 2021-03-24 00:10 - 000002419 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-03-21 21:34 - 2021-03-24 00:10 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-03-21 21:33 - 2021-03-21 21:33 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2021-03-21 21:30 - 2021-03-24 00:12 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-21 21:30 - 2021-03-21 21:30 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-03-19 21:10 - 2021-03-19 22:25 - 000000000 ____D C:\Users\Administrateur\AppData\Roaming\vlc
2021-03-17 08:56 - 2021-04-03 16:20 - 000000000 ____D C:\Users\famil\AppData\Local\CyberGhost
2021-03-17 08:56 - 2021-03-21 16:14 - 000001079 _____ C:\Users\famil\Desktop\CyberGhost 8.lnk
2021-03-17 08:56 - 2021-03-17 09:13 - 000000000 ____D C:\Program Files\CyberGhost 8
2021-03-17 08:56 - 2021-03-17 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8
2021-03-13 09:01 - 2021-03-13 09:11 - 000000128 _____ C:\Users\famil\AppData\Roaming\PUTTY.RND

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-03 16:20 - 2019-12-18 10:06 - 000000000 ____D C:\Users\famil\AppData\LocalLow\Mozilla
2021-04-03 16:20 - 2019-12-18 10:06 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-03 16:19 - 2020-01-26 19:08 - 000000000 ____D C:\Users\famil\AppData\Roaming\vlc
2021-04-03 16:06 - 2019-12-18 09:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-04-03 15:34 - 2021-02-21 09:47 - 000000000 ____D C:\Users\famil\AppData\Roaming\FileZilla
2021-04-03 15:34 - 2020-08-16 15:52 - 000000128 _____ C:\Users\famil\AppData\Local\PUTTY.RND
2021-04-03 14:55 - 2019-12-18 09:42 - 001771410 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-03 14:55 - 2019-03-19 14:00 - 000791936 _____ C:\Windows\system32\perfh00C.dat
2021-04-03 14:55 - 2019-03-19 14:00 - 000150004 _____ C:\Windows\system32\perfc00C.dat
2021-04-03 14:55 - 2019-03-19 06:50 - 000000000 ____D C:\Windows\INF
2021-04-03 14:51 - 2019-12-18 09:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-03 14:49 - 2019-12-18 10:14 - 000000000 ____D C:\ProgramData\Panda Security
2021-04-03 13:29 - 2020-08-18 22:40 - 000000290 __RSH C:\ProgramData\ntuser.pol
2021-04-03 13:23 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-03 13:23 - 2019-03-19 06:37 - 000524288 _____ C:\Windows\system32\config\BBI
2021-04-03 10:47 - 2020-08-10 08:42 - 000001462 _____ C:\Users\Administrateur\Desktop\Microsoft Edge.lnk
2021-04-03 08:25 - 2019-12-18 10:06 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-02 06:39 - 2020-08-20 12:43 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-01 21:11 - 2019-12-18 10:42 - 000000000 ____D C:\Users\famil\AppData\Roaming\MoneyManagerEx
2021-03-31 20:49 - 2019-03-19 06:52 - 000000000 ____D C:\Windows\AppReadiness
2021-03-25 20:22 - 2019-03-19 06:52 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-03-25 20:21 - 2020-10-23 15:46 - 000000000 ____D C:\Users\famil\Desktop\nettoyage
2021-03-25 20:15 - 2020-10-25 08:14 - 000008808 _____ C:\Users\famil\Desktop\ZHPCleaner (R).html
2021-03-25 20:15 - 2020-10-25 08:14 - 000002613 _____ C:\Users\famil\Desktop\ZHPCleaner (R).txt
2021-03-25 20:15 - 2020-08-10 11:24 - 000000000 ____D C:\Users\famil\AppData\Roaming\ZHP
2021-03-25 20:13 - 2020-10-25 08:08 - 000008624 _____ C:\Users\famil\Desktop\ZHPCleaner (S).html
2021-03-25 20:13 - 2020-10-25 08:08 - 000002496 _____ C:\Users\famil\Desktop\ZHPCleaner (S).txt
2021-03-25 20:02 - 2020-10-25 07:52 - 000000887 _____ C:\Users\famil\Desktop\ZHPCleaner.lnk
2021-03-25 07:26 - 2019-12-23 09:36 - 000000000 ___RD C:\Users\famil\Desktop\système
2021-03-24 00:12 - 2019-03-19 06:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-23 23:00 - 2019-12-18 10:06 - 000001017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-21 20:02 - 2021-02-23 10:42 - 000000000 ____D C:\Users\famil\AppData\Local\CrashDumps
2021-03-21 19:09 - 2019-12-18 09:59 - 000000000 ____D C:\Users\famil\AppData\Local\Packages
2021-03-21 12:17 - 2021-02-28 09:10 - 000000000 ____D C:\Users\famil\Desktop\Nouveau dossier
2021-03-18 19:44 - 2020-08-28 18:58 - 000000000 ____D C:\Users\Mattéo\AppData\LocalLow\Mozilla
2021-03-17 13:52 - 2019-12-18 09:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-03-17 08:58 - 2019-12-18 13:02 - 000000000 ____D C:\ProgramData\Package Cache

==================== Fichiers à la racine de certains dossiers ========

2019-12-18 13:03 - 2019-12-18 13:03 - 001566214 _____ () C:\Users\famil\AppData\Roaming\AvidApplicationManager_Install.log
2021-03-13 09:01 - 2021-03-13 09:11 - 000000128 _____ () C:\Users\famil\AppData\Roaming\PUTTY.RND
2020-08-17 07:30 - 2020-09-03 22:56 - 000000128 _____ () C:\Users\famil\AppData\Roaming\winscp.rnd
2020-08-16 15:52 - 2021-04-03 15:34 - 000000128 _____ () C:\Users\famil\AppData\Local\PUTTY.RND

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================