Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2020
Exécuté par Lenovo (administrateur) sur LENOVO-PC (LENOVO 7827AB2) (09-12-2020 11:05:24)
Exécuté depuis C:\Users\Lenovo\Desktop
Profils chargés: Lenovo
Platform: Windows 10 Pro Version 1909 18363.1198 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Ericsson AB -> Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Ricoh co.,Ltd.) [Fichier non signé] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SmartAudio] => c:\program files\conexant\saii\saiicpl.exe [307768 2009-11-15] (Conexant Systems, Inc. -> )
HKLM\...\Run: [LENOVO.TPKNRRES] => c:\program files\lenovo\communications utility\tpknrres.exe [60920 2013-05-29] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [picon] => c:\program files (x86)\common files\intel\privacy icon\piconstartup.exe [111640 2010-02-04] (Intel Corporation -> )
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AcWin7Hlpr] => c:\program files (x86)\lenovo\access connections\actbenabler.exe
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [5128552 2020-09-13] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7631800 2020-11-26] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-4089050159-2748266293-4026137074-1000\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\WINDOWS\system32\hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\WINDOWS\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2013-03-05] (AuthenTec, Inc. -> Authentec Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2013-03-05] (AuthenTec, Inc. -> Authentec Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2013-07-26]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest -> Avanquest Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2020-11-20]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{A0BA1483-96CE-4CAF-AC65-E098EDA9AB24}\app_icon.exe () [Fichier non signé]
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\necesStart.bat [2018-03-27] () [Fichier non signé]
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2020-03-19] () [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0EAFA3DD-670D-4029-B243-E778480988FF} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {1C76757B-917F-4BB7-B365-D9A451B71924} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {21F6D51F-3255-48C9-9603-122E01AA5834} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33A4F982-C554-4962-A722-45C36B3AEDE3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3EEB0C20-8696-4936-819B-4FDC2967CAFF} - pas de chemin du fichier
Task: {4292E1C8-845C-46A6-BD44-C49072A77D0D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {4AB7DDA5-B4EE-4A9A-84A0-AD92454A4B30} - pas de chemin du fichier
Task: {4BF274D3-D077-4BEA-94C1-A7EC1C4B7A56} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {4CA5127F-67C0-473F-8F88-520B44FF3D0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {51DBFC53-6AF8-406A-9FE8-D980A6980FF5} - pas de chemin du fichier
Task: {54BBBA66-1C72-49FB-A03F-69BB93638312} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5710EED6-9D86-4998-8F50-F5EF08F287B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5CA70D65-6C75-4BEE-8C94-D36C74A5FCFD} - pas de chemin du fichier
Task: {6060E3FA-EE2F-4D14-927F-68AFE023163B} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {65A0FC82-C7BC-402A-A4BF-AB9A01749A1C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {65AFF623-7A33-4F2C-8F58-5E78B7A3C956} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {736000EB-A964-4DD1-A54E-C2A23C6B1C8C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> )
Task: {833CF503-4987-4329-96C9-7C5F08F12692} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8CE0BF34-CB58-45B4-A8E1-67B7C91FAE4E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {927923B1-BF4B-4AA6-B5F9-2B47E2F9E08E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-01] (LENOVO -> Lenovo)
Task: {95FA0DE7-4DEF-47B9-8C9B-80C79C578377} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {99833646-E5C4-41C3-A65A-B4502423EFED} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9D3FEA22-9D88-4E99-9DF2-F96476AE72B7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F4D2825-36E8-42DB-ABD7-15FFF87C5A99} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A17F4127-05CA-4F59-A141-113F53138047} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {A61C9FB7-A608-4749-B0EF-E0EA94641C2F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A943E658-8926-46B2-9C2F-505DFFD69B55} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4089050159-2748266293-4026137074-1000 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [86824 2019-12-18] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B2C9771A-52F1-4275-8C59-8346C015A964} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BBB7C06D-32DE-4F96-9386-2A0656AE44C1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> )
Task: {C7AA7DFA-2D3B-4363-9868-1F247EB2DDEF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7DE5968-0F35-4F86-B608-571B53ACBB2E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {C9E27EF9-E76A-4395-AEEC-0603DE4E4996} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-23] (Google LLC -> Google LLC)
Task: {CBA8A0AD-D475-4C27-8CDC-C7A54D194396} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {CE0C9A59-0909-4C11-B7C7-9B7A555B77D9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFA50B75-8CAC-4060-AFDA-73F88B4348FD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D0673723-53B9-4F0F-B4E9-920E4A6817C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D08DF91F-4A91-404D-B9C9-BFC4EABE8D76} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D13E6CF6-480A-44B0-B02E-972ABDD94857} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {D3D14C64-ED18-451B-9B58-2FA2E7872623} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-11-16] (Avast Software s.r.o. -> Avast Software)
Task: {D51E2D3B-FB83-4E4F-A334-BB9666F11CDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5714C28-A9BD-4FA1-8ECC-813315D45365} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D59E624A-2E0B-4AFD-AD84-673AA83A189D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7AE98CF-E6A2-49F6-838A-6827932DB335} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7DA1672-A57A-461E-B814-4EBEE84DFC10} - System32\Tasks\Opera scheduled Autoupdate 1546860893 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [1439832 2018-12-06] (Opera Software AS -> Opera Software)
Task: {DDE52342-D872-42A6-A035-092E3AB685B0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E56D61EF-A7AC-4531-87F0-240A401B6339} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-23] (Google LLC -> Google LLC)
Task: {E86FD924-62C6-4FDE-B707-15A4DA2FD65B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EABAFE4B-F97A-441F-8583-F25CD104E45E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Lenovo Active Protection System.job => C:\Windows\system32\TpShUI.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{070EC115-18AD-4F33-B7AE-DB656D667FED}: [DhcpNameServer] 10.10.5.1
Tcpip\..\Interfaces\{0BB7A4A2-B114-4264-8CDC-61289815AFE5}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{6864E809-D06A-4172-9FD8-A0E6B11CCA45}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70507465-8CBC-4E34-98C0-217BBAE7035E}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{7D8F8DF7-1EBA-4B1E-A27E-3B9A896FC19E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{869779C9-9BE3-46F8-B2E1-E67B9CD1E5E4}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{8DFBD3A7-98BA-4628-9DD3-411A71E5680B}: [DhcpNameServer] 10.10.5.1
Tcpip\..\Interfaces\{BB37980F-D399-4FC6-AD9C-EC7FA56C0B1D}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{F436A23E-E683-48ED-BEA4-A9F55B9C1998}: [DhcpNameServer] 10.10.5.1
Edge:
======
DownloadDir: C:\Users\Lenovo\Desktop
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-30]
Edge Extension: (Outlook) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-11-23]
Edge Extension: (Word) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-11-23]
Edge Extension: (Excel) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-11-23]
Edge Extension: (PowerPoint) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-11-23]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 2wtxl7p8.default-1491060272892-1544166202880
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\2wtxl7p8.default-1491060272892-1544166202880 [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 [2020-12-09]
FF Homepage: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2020-11-16 05:39:49&bName=
FF Session Restore: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> hxxps://mail.google.com; hxxps://www.gametwist.com; hxxps://www.dealabs.com
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\@windscribeff.xpi [2020-12-07]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\firefox@ghostery.com.xpi [2020-12-08]
FF Extension: (Tab Suspender) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\tabsuspender@michalewiczpiotr.xpi [2020-11-16]
FF Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\uBlock0@raymondhill.net.xpi [2020-11-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-12-07]
FF Extension: (Boomerang for Gmail) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2020-11-19] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-17]
FF SearchPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\searchplugins\My Bing Search.xml [2020-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-12-06]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D111620-N0640A915F698E57&form=CONBDF&conlogo=CT3335818
CHR DefaultSearchKeyword: Default -> bing®
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D111620-N0630A915F698E57&form=CONMHP&conlogo=CT3335818
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-23]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-23]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-23]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-23]
CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-23]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-23]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-23]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8967416 2020-11-26] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1701224 2020-09-08] (O&O Software GmbH -> O&O Software GmbH)
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (Qualcomm Inc -> QUALCOMM, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB -> Ericsson AB)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-11-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [164832 2013-05-21] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [164832 2013-05-21] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-14] (Microsoft Corporation) [Fichier non signé]
S3 ecnssndis; C:\WINDOWS\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB -> Ericsson AB)
S3 ecnssndisfltr; C:\WINDOWS\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB -> Ericsson AB)
S3 l36wgps; C:\WINDOWS\System32\drivers\l36wgps64.sys [101416 2011-07-01] (Ericsson AB -> Ericsson AB)
S3 Mbm3CBus; C:\WINDOWS\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
S3 Mbm3DevMt; C:\WINDOWS\System32\drivers\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation -> MCCI Corporation)
S3 qcfilterlno2k; C:\WINDOWS\System32\drivers\qcfilterlno2k.sys [6400 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbserlno2k; C:\WINDOWS\System32\drivers\qcusbserlno2k.sys [231040 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmpx64.sys [67072 2009-09-03] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimspci; C:\WINDOWS\System32\drivers\rimspe64.sys [61952 2009-10-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimsptsk; C:\WINDOWS\System32\drivers\rimspx64.sys [54784 2009-09-03] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rismxdp; C:\WINDOWS\System32\drivers\rixdpx64.sys [57856 2009-09-03] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rixdpcie; C:\WINDOWS\System32\drivers\rixdpe64.sys [55808 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (AuthenTec, Inc. -> Authentec Inc.)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [87168 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap640$T; C:\WINDOWS\System32\drivers\tap640$T.sys [49920 2020-02-19] (Ghostery, Inc. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
S3 WinRing0_1_2_0; \??\C:\Users\Lenovo\Desktop\WinRing0x64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Exécuté par Lenovo (administrateur) sur LENOVO-PC (LENOVO 7827AB2) (09-12-2020 11:05:24)
Exécuté depuis C:\Users\Lenovo\Desktop
Profils chargés: Lenovo
Platform: Windows 10 Pro Version 1909 18363.1198 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AuthenTec, Inc. -> Authentec Inc.) C:\Program Files\ThinkVantage Fingerprint Software\upeksvr.exe
(Ericsson AB -> Ericsson AB) C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe
(Fortemedia Inc -> ) C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Lenovo -> ) C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(LENOVO -> Lenovo Group Limited) C:\Program Files\Lenovo\ZOOM\TpScrex.exe
(LENOVO -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(LENOVO(JAPAN)LTD. -> Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlk.exe
(Lenovo(Japan)Ltd. -> Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <13>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Lenovo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2011.6-0\NisSrv.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH -> O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Qualcomm Inc -> QUALCOMM, Inc.) C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Ricoh co.,Ltd.) [Fichier non signé] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated -> Synaptics) C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SmartAudio] => c:\program files\conexant\saii\saiicpl.exe [307768 2009-11-15] (Conexant Systems, Inc. -> )
HKLM\...\Run: [LENOVO.TPKNRRES] => c:\program files\lenovo\communications utility\tpknrres.exe [60920 2013-05-29] (LENOVO(JAPAN)LTD. -> Lenovo Group Limited)
HKLM\...\Run: [picon] => c:\program files (x86)\common files\intel\privacy icon\piconstartup.exe [111640 2010-02-04] (Intel Corporation -> )
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AcWin7Hlpr] => c:\program files (x86)\lenovo\access connections\actbenabler.exe
HKLM\...\Run: [SynLenovoHelper] => C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe [146600 2015-07-28] (Synaptics Incorporated -> Synaptics)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3951280 2016-01-07] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [5128552 2020-09-13] (O&O Software GmbH -> O&O Software GmbH)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [7631800 2020-11-26] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [111928 2013-05-03] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318112 2017-11-15] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-4089050159-2748266293-4026137074-1000\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\WINDOWS\system32\hpinkstsC211LM.dll [333496 2013-01-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\WINDOWS\system32\HPDiscoPMC211.dll [763912 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{18CBEEAA-6708-41A1-9379-D08915333CF2}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2013-03-05] (AuthenTec, Inc. -> Authentec Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\ThinkPad\Bluetooth Software\\BtwCP.dll [2013-05-14] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] ->
HKLM\Software\...\Authentication\Credential Provider Filters: [{AE583D93-8D1B-424F-9858-5623FB7824EE}] -> C:\Program Files\ThinkVantage Fingerprint Software\provider.dll [2013-03-05] (AuthenTec, Inc. -> Authentec Inc.)
Lsa: [Notification Packages] scecli C:\Program Files\ThinkVantage Fingerprint Software\psqlpwd.dll C:\Program Files\ThinkPad\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk [2013-07-26]
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files (x86)\Digital Line Detect\DLG.exe (Avanquest -> Avanquest Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2020-11-20]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{A0BA1483-96CE-4CAF-AC65-E098EDA9AB24}\app_icon.exe () [Fichier non signé]
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\necesStart.bat [2018-03-27] () [Fichier non signé]
Startup: C:\Users\Lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZenMate.bat [2020-03-19] () [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0EAFA3DD-670D-4029-B243-E778480988FF} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {1C76757B-917F-4BB7-B365-D9A451B71924} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {21F6D51F-3255-48C9-9603-122E01AA5834} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {33A4F982-C554-4962-A722-45C36B3AEDE3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3EEB0C20-8696-4936-819B-4FDC2967CAFF} - pas de chemin du fichier
Task: {4292E1C8-845C-46A6-BD44-C49072A77D0D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {4AB7DDA5-B4EE-4A9A-84A0-AD92454A4B30} - pas de chemin du fichier
Task: {4BF274D3-D077-4BEA-94C1-A7EC1C4B7A56} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {4CA5127F-67C0-473F-8F88-520B44FF3D0D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {51DBFC53-6AF8-406A-9FE8-D980A6980FF5} - pas de chemin du fichier
Task: {54BBBA66-1C72-49FB-A03F-69BB93638312} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5710EED6-9D86-4998-8F50-F5EF08F287B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5CA70D65-6C75-4BEE-8C94-D36C74A5FCFD} - pas de chemin du fichier
Task: {6060E3FA-EE2F-4D14-927F-68AFE023163B} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {65A0FC82-C7BC-402A-A4BF-AB9A01749A1C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {65AFF623-7A33-4F2C-8F58-5E78B7A3C956} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {736000EB-A964-4DD1-A54E-C2A23C6B1C8C} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> )
Task: {833CF503-4987-4329-96C9-7C5F08F12692} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8CE0BF34-CB58-45B4-A8E1-67B7C91FAE4E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {927923B1-BF4B-4AA6-B5F9-2B47E2F9E08E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-01] (LENOVO -> Lenovo)
Task: {95FA0DE7-4DEF-47B9-8C9B-80C79C578377} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {99833646-E5C4-41C3-A65A-B4502423EFED} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {9D3FEA22-9D88-4E99-9DF2-F96476AE72B7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9F4D2825-36E8-42DB-ABD7-15FFF87C5A99} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A17F4127-05CA-4F59-A141-113F53138047} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {A61C9FB7-A608-4749-B0EF-E0EA94641C2F} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {A943E658-8926-46B2-9C2F-505DFFD69B55} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-4089050159-2748266293-4026137074-1000 => C:\Users\Lenovo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [86824 2019-12-18] (Lenovo (Beijing) Limited -> Lenovo Group Limited)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B2C9771A-52F1-4275-8C59-8346C015A964} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BBB7C06D-32DE-4F96-9386-2A0656AE44C1} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> )
Task: {C7AA7DFA-2D3B-4363-9868-1F247EB2DDEF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {C7DE5968-0F35-4F86-B608-571B53ACBB2E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {C9E27EF9-E76A-4395-AEEC-0603DE4E4996} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-23] (Google LLC -> Google LLC)
Task: {CBA8A0AD-D475-4C27-8CDC-C7A54D194396} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {CE0C9A59-0909-4C11-B7C7-9B7A555B77D9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CFA50B75-8CAC-4060-AFDA-73F88B4348FD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D0673723-53B9-4F0F-B4E9-920E4A6817C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D08DF91F-4A91-404D-B9C9-BFC4EABE8D76} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {D13E6CF6-480A-44B0-B02E-972ABDD94857} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {D3D14C64-ED18-451B-9B58-2FA2E7872623} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-11-16] (Avast Software s.r.o. -> Avast Software)
Task: {D51E2D3B-FB83-4E4F-A334-BB9666F11CDF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5714C28-A9BD-4FA1-8ECC-813315D45365} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D59E624A-2E0B-4AFD-AD84-673AA83A189D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D7AE98CF-E6A2-49F6-838A-6827932DB335} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {D7DA1672-A57A-461E-B814-4EBEE84DFC10} - System32\Tasks\Opera scheduled Autoupdate 1546860893 => C:\Users\Lenovo\AppData\Local\Programs\Opera\launcher.exe [1439832 2018-12-06] (Opera Software AS -> Opera Software)
Task: {DDE52342-D872-42A6-A035-092E3AB685B0} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E56D61EF-A7AC-4531-87F0-240A401B6339} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-11-23] (Google LLC -> Google LLC)
Task: {E86FD924-62C6-4FDE-B707-15A4DA2FD65B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MpCmdRun.exe [545704 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {EABAFE4B-F97A-441F-8583-F25CD104E45E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\Lenovo Active Protection System.job => C:\Windows\system32\TpShUI.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{070EC115-18AD-4F33-B7AE-DB656D667FED}: [DhcpNameServer] 10.10.5.1
Tcpip\..\Interfaces\{0BB7A4A2-B114-4264-8CDC-61289815AFE5}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{6864E809-D06A-4172-9FD8-A0E6B11CCA45}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70507465-8CBC-4E34-98C0-217BBAE7035E}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{7D8F8DF7-1EBA-4B1E-A27E-3B9A896FC19E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{869779C9-9BE3-46F8-B2E1-E67B9CD1E5E4}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{8DFBD3A7-98BA-4628-9DD3-411A71E5680B}: [DhcpNameServer] 10.10.5.1
Tcpip\..\Interfaces\{BB37980F-D399-4FC6-AD9C-EC7FA56C0B1D}: [DhcpNameServer] 10.10.21.1
Tcpip\..\Interfaces\{F436A23E-E683-48ED-BEA4-A9F55B9C1998}: [DhcpNameServer] 10.10.5.1
Edge:
======
DownloadDir: C:\Users\Lenovo\Desktop
Edge DefaultProfile: Default
Edge Profile: C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default [2020-11-30]
Edge Extension: (Outlook) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-11-23]
Edge Extension: (Word) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-11-23]
Edge Extension: (Excel) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-11-23]
Edge Extension: (PowerPoint) - C:\Users\Lenovo\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-11-23]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 2wtxl7p8.default-1491060272892-1544166202880
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\2wtxl7p8.default-1491060272892-1544166202880 [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 [2020-12-09]
FF Homepage: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT170603&iDate=2020-11-16 05:39:49&bName=
FF Session Restore: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595 -> hxxps://mail.google.com; hxxps://www.gametwist.com; hxxps://www.dealabs.com
FF Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\@windscribeff.xpi [2020-12-07]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\firefox@ghostery.com.xpi [2020-12-08]
FF Extension: (Tab Suspender) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\tabsuspender@michalewiczpiotr.xpi [2020-11-16]
FF Extension: (uBlock Origin) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\uBlock0@raymondhill.net.xpi [2020-11-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-12-07]
FF Extension: (Boomerang for Gmail) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\{65e41d20-f092-41b7-bb83-c6e8a9ab0f57}.xpi [2020-11-19] [UpdateUrl:hxxps://www.boomeranggmail.com/firefox/updates.json]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-17]
FF SearchPlugin: C:\Users\Lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\zphdvdqd.default-release-1605548582595\searchplugins\My Bing Search.xml [2020-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default [2020-12-06]
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D111620-N0640A915F698E57&form=CONBDF&conlogo=CT3335818
CHR DefaultSearchKeyword: Default -> bing®
CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D111620-N0630A915F698E57&form=CONMHP&conlogo=CT3335818
CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
CHR Extension: (Slides) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-23]
CHR Extension: (Docs) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-23]
CHR Extension: (Google Drive) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-23]
CHR Extension: (YouTube) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-23]
CHR Extension: (Sheets) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-23]
CHR Extension: (Gmail) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-23]
CHR Extension: (Chrome Media Router) - C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-23]
CHR Profile: C:\Users\Lenovo\AppData\Local\Google\Chrome\User Data\System Profile [2020-11-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [8967416 2020-11-26] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1701224 2020-09-08] (O&O Software GmbH -> O&O Software GmbH)
R2 QDLService2kLenovo; C:\Program Files (x86)\QUALCOMM\QDLService2k\QDLService2kLenovo.exe [1688384 2011-05-23] (Qualcomm Inc -> QUALCOMM, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6153048 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMCoreService; C:\Program Files (x86)\Mobile Broadband drivers\WMCore\mini_WMCore.exe [648744 2011-08-12] (Ericsson AB -> Ericsson AB)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-11-25] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R3 AMPPAL; C:\WINDOWS\System32\drivers\AMPPAL.sys [164832 2013-05-21] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 AMPPALP; C:\WINDOWS\system32\DRIVERS\amppal.sys [164832 2013-05-21] (Intel Corporation-Mobile Wireless Group -> Windows (R) Win 7 DDK provider)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-14] (Microsoft Corporation) [Fichier non signé]
S3 ecnssndis; C:\WINDOWS\System32\Drivers\wwuss64.sys [26664 2011-06-13] (Ericsson AB -> Ericsson AB)
S3 ecnssndisfltr; C:\WINDOWS\System32\Drivers\wwussf64.sys [30248 2011-06-13] (Ericsson AB -> Ericsson AB)
S3 l36wgps; C:\WINDOWS\System32\drivers\l36wgps64.sys [101416 2011-07-01] (Ericsson AB -> Ericsson AB)
S3 Mbm3CBus; C:\WINDOWS\System32\drivers\Mbm3CBus.sys [419400 2011-04-29] (MCCI Corporation -> MCCI Corporation)
S3 Mbm3DevMt; C:\WINDOWS\System32\drivers\Mbm3DevMt.sys [430664 2011-04-29] (MCCI Corporation -> MCCI Corporation)
S3 qcfilterlno2k; C:\WINDOWS\System32\drivers\qcfilterlno2k.sys [6400 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbserlno2k; C:\WINDOWS\System32\drivers\qcusbserlno2k.sys [231040 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R2 rimmptsk; C:\WINDOWS\System32\drivers\rimmpx64.sys [67072 2009-09-03] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimspci; C:\WINDOWS\System32\drivers\rimspe64.sys [61952 2009-10-26] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rimsptsk; C:\WINDOWS\System32\drivers\rimspx64.sys [54784 2009-09-03] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rismxdp; C:\WINDOWS\System32\drivers\rixdpx64.sys [57856 2009-09-03] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 rixdpcie; C:\WINDOWS\System32\drivers\rixdpe64.sys [55808 2009-09-28] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
R2 smihlp; C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys [13128 2011-05-30] (AuthenTec, Inc. -> Authentec Inc.)
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64912 2017-05-18] (Samsung Electronics Co., Ltd. -> QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [87168 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [165504 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [43648 2017-01-16] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 tap640$T; C:\WINDOWS\System32\drivers\tap640$T.sys [49920 2020-02-19] (Ghostery, Inc. -> The OpenVPN Project)
S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [54896 2018-07-06] (Windscribe Limited -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-12-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [429296 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-04] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
S3 WinRing0_1_2_0; \??\C:\Users\Lenovo\Desktop\WinRing0x64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)