Publicité
Publicité
Commentaire : Bonjour, fichier FRST
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Exécuté par OBAME (administrateur) sur OBAME-ORDI (Micro-Star International Co., Ltd. GL62 7RD) (18-04-2021 08:49:58)
Exécuté depuis C:\Users\OBAME\Desktop
Profils chargés: OBAME
Platform: Windows 10 Pro Version 20H2 19042.630 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(@ByELDI -> @ByELDI) [Fichier non signé] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplmv.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Mega Limited -> Mega Limited) C:\Users\OBAME\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Opera Software AS -> Opera Software) C:\Users\OBAME\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(PC SOFT INFORMATIQUE SAS -> PC SOFT) C:\ProgramData\PC SOFT\AutomaticUpdate\AutomaticUpdate.exe
(PC SOFT) [Fichier non signé] C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\manta64.exe
(PC SOFT) [Fichier non signé] C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\mantamanager64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe
(ultracopier.first-world.info) [Fichier non signé] C:\Program Files\Ultracopier\ultracopier.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235920 2020-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [PCSOFT-Automatic Update] => C:\ProgramData\PC SOFT\AutomaticUpdate\AutomaticUpdate.exe [3350144 2021-03-22] (PC SOFT INFORMATIQUE SAS -> PC SOFT)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5484392 2021-03-03] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [ultracopier] => C:\Program Files\Ultracopier\ultracopier.exe [1504768 2016-01-02] (ultracopier.first-world.info) [Fichier non signé]
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-07-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [Opera Browser Assistant] => C:\Users\OBAME\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\OBAME\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-12-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\MountPoints2: {5a3a6b00-d657-11ea-87b1-30e37aef2152} - "D:\setup.EXE" /AUTORUN
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\MountPoints2: {a08dfba6-d3ab-11e9-877a-30e37aef2152} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\MountPoints2: {a56af5d5-3276-11eb-87ed-30e37aef2152} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk [2020-11-25]
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation) [Fichier non signé]
Startup: C:\Users\OBAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-07-03]
ShortcutTarget: MEGAsync.lnk -> C:\Users\OBAME\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {187CE5CA-0012-40BB-A765-BC51E65E745F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {35C7557F-1616-45E2-9067-8A94ABBF4182} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8339442F-67B3-4E8B-8027-426FB90DA6FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
Task: {9308F59C-1000-4485-B278-ED87B22DB880} - System32\Tasks\InstallShield® Update Service Scheduler => C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe [394368 2017-10-07] (Flexera Software LLC -> InstallShield®) [Fichier non signé]
Task: {97A49820-0BA0-451A-8795-28F8301E1FC9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {BCBB2E9F-D387-449B-9DCD-7E7680504167} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [Fichier non signé]
Task: {CAAA74B9-AFDA-4F67-B80B-175B025B1C5A} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\AutoPico Daily Restart" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\InstallShield® Update Service Scheduler" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Optimize Thumbnail Cache Files" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {DDD99143-0821-42D9-86DC-8B00BD84BC94} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {E9CF31CA-D248-44F8-9E7C-D0061BB7D414} - System32\Tasks\Optimize Thumbnail Cache Files => wscript.exe //nologo //E:jscript //B "C:\ProgramData\InstallShield\Update\isuspm.ini" <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy est activé.
ProxyEnable: [HKLM-x32] => Proxy est activé.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 160.119.161.33 160.119.160.33
Tcpip\..\Interfaces\{082ae77e-5e99-4e57-b3a5-dbe6a813a495}: [DhcpNameServer] 160.119.161.33 160.119.160.33
Tcpip\..\Interfaces\{c679d9a7-b7a7-46d4-b4b7-a8105d7221d9}: [DhcpNameServer] 160.119.161.33 160.119.160.33
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
DnsPolicyConfig: [DNS_RESILIENCY_fe3cr.delivery.mp.microsoft.com] => GenericDNSServers=162.159.36.2
DnsPolicyConfig: [DNS_RESILIENCY_slscr.update.microsoft.com] => GenericDNSServers=162.159.36.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-18]
Edge Extension: (Safe Torrent Scanner) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-24]
Edge Extension: (Avast Online Security) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-03-13]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-02-26]
Edge Extension: (WhatFont) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2020-12-04]
Edge Extension: (IDM Integration Module) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-03-15]
Edge Extension: (Open With Internet Download Manager) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjblohlmcbdochcgagjghbceifennddc [2020-12-04]
Edge Extension: (HowToSimplified) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2020-12-04]
Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-04-18]
Edge Extension: (AdGuard AdBlocker) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2021-04-18]
Edge Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2020-12-04]
Edge HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-03-05]
Edge HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05]
FireFox:
========
FF HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\OBAME\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\OBAME\AppData\Roaming\IDM\idmmzcc5 [2018-12-10] [] [non signé]
FF HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default [2021-04-18]
CHR Notifications: Default -> hxxp://leszizettes.com; hxxp://www.leszizettes.com; hxxp://www.spl-gabon.com
CHR Extension: (Slides) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-20]
CHR Extension: (Safe Torrent Scanner) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-26]
CHR Extension: (Docs) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-20]
CHR Extension: (Google Drive) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (AdGuard AdBlocker) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2021-04-09]
CHR Extension: (YouTube) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-20]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-02]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-16]
CHR Extension: (Open With Internet Download Manager) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\epgilldoipfbdlneomlmegekaoonchcj [2020-05-28]
CHR Extension: (Sheets) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-16]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-16]
CHR Extension: (Avast Online Security) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-18]
CHR Extension: (WhatFont) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2019-08-20]
CHR Extension: (Smiletags) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\joiapjkjgbcljoopaenlplkfapolkdhp [2020-10-07]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-26]
CHR Extension: (HowToSimplified) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2020-06-27]
CHR Extension: (IDM Integration Module) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-17]
CHR HKLM\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05]
CHR HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05]
Opera:
=======
OPR Profile: C:\Users\OBAME\AppData\Roaming\Opera Software\Opera Stable [2021-04-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\OBAME\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-18]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 Apache2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20539 2007-01-09] (Apache Software Foundation) [Fichier non signé]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1302184 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4581568 2020-08-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [5730312 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 Hyper File Server : OBAME-ORDI; C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\Manta64.exe [258560 2020-11-17] (PC SOFT) [Fichier non signé]
R2 MantaManager; C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\MantaManager64.exe [314368 2020-11-17] (PC SOFT) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [Fichier non signé]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.39\bin\httpd.exe [29696 2019-03-28] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.3.14\bin\mysqld.exe [15813032 2019-04-01] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.26\bin\mysqld.exe [39644480 2019-04-13] (Oracle America, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107624 2019-03-05] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aksdf; C:\WINDOWS\system32\drivers\aksdf.sys [389560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [510800 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [69560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [68536 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [313784 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R3 BTWDPAN; C:\WINDOWS\System32\drivers\btwdpan.sys [84008 2020-11-18] (Broadcom Corporation -> Broadcom Corporation.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-08-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-08-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [85424 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\System32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
R3 NewTek_AudioPortClass; C:\WINDOWS\System32\drivers\NewTek_AudioPortClass.sys [33336 2020-05-07] (Microsoft Windows Hardware Compatibility Publisher -> NewTek)
R3 NewTek_WDM_KS; C:\WINDOWS\System32\drivers\NewTek_WDM_KS.sys [27832 2020-05-07] (Microsoft Windows Hardware Compatibility Publisher -> NewTek)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-18 08:49 - 2021-04-18 08:52 - 000034954 _____ C:\Users\OBAME\Desktop\FRST.txt
2021-04-18 08:49 - 2021-04-18 08:51 - 000000000 ____D C:\FRST
2021-04-18 08:48 - 2021-04-18 08:48 - 002298368 _____ (Farbar) C:\Users\OBAME\Desktop\FRST64.exe
2021-04-18 08:46 - 2021-04-18 08:43 - 002010624 _____ (Farbar) C:\Users\OBAME\Desktop\FRST.exe
2021-04-18 08:27 - 2021-04-18 08:27 - 000000000 ____D C:\Users\OBAME\Desktop\desactiver-recherche-bing-windows-10-5e3ad6a946e4b
2021-04-18 08:27 - 2021-04-18 08:25 - 000000367 _____ C:\Users\OBAME\Desktop\desactiver-recherche-bing-windows-10-5e3ad6a946e4b.zip
2021-04-13 12:10 - 2021-04-13 12:12 - 000004673 _____ C:\Users\OBAME\Documents\Table Requête Indicateurs de suivi.xlsx
2021-04-12 18:59 - 2021-04-12 18:59 - 000005365 _____ C:\Users\OBAME\Documents\Table TdB Reporting Processus PDO1.xlsx
2021-04-12 18:59 - 2021-04-12 18:59 - 000000165 ____H C:\Users\OBAME\Documents\~$Table TdB Reporting Processus PDO1.xlsx
2021-04-12 18:46 - 2021-04-12 18:46 - 000546502 _____ C:\Users\OBAME\Documents\test_graphe.bmp
2021-04-12 18:45 - 2021-04-12 18:45 - 000101149 _____ C:\Users\OBAME\Documents\test_graphe.pdf
2021-04-12 08:58 - 2021-04-12 08:58 - 000079356 _____ C:\Users\OBAME\Documents\Planning_ProjetV3.pdf
2021-04-01 03:35 - 2021-04-18 08:09 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-01 03:35 - 2021-04-01 03:35 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-01 03:35 - 2021-04-01 03:34 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-26 20:07 - 2021-03-26 20:07 - 000016152 _____ C:\Users\OBAME\Documents\EXTRAIT DE COMPTE 210228144647.pdf
2021-03-26 20:05 - 2021-03-26 20:05 - 000162213 _____ C:\Users\OBAME\Documents\20210306_4207718548_420771833401_O.PDF
2021-03-24 19:43 - 2021-03-24 19:43 - 000188644 _____ C:\Users\OBAME\Documents\Sample_Bank_Information_Letter.pdf
2021-03-24 19:37 - 2021-03-24 19:37 - 000054149 _____ C:\Users\OBAME\Documents\RIB OBAME SIMON STEVEEN.pdf
2021-03-24 19:28 - 2021-03-24 19:28 - 000240201 _____ C:\Users\OBAME\Documents\2021_Mandela_Washington_Fellowship_Participant_Release_Form_1_.pdf
2021-03-24 00:47 - 2021-04-18 08:37 - 000003622 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-24 00:47 - 2021-04-18 08:37 - 000003398 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-24 00:39 - 2021-03-24 00:50 - 001778252 _____ C:\WINDOWS\Minidump\032421-95437-01.dmp
2021-03-24 00:39 - 2021-03-24 00:50 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-23 21:54 - 2021-03-23 21:54 - 000074758 _____ C:\Users\OBAME\Documents\Fellowship Biographies and Photos-Review.pdf
2021-03-22 14:43 - 2021-03-22 14:43 - 011321472 _____ (Tim Kosse) C:\Users\OBAME\Downloads\FileZilla_3.52.2_win64-setup.exe
2021-03-21 18:25 - 2021-03-21 18:24 - 000011991 _____ C:\Users\OBAME\Documents\devis.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-18 08:37 - 2021-03-18 11:18 - 000003052 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache Files
2021-04-18 08:37 - 2021-03-18 11:18 - 000002600 _____ C:\WINDOWS\system32\Tasks\InstallShield® Update Service Scheduler
2021-04-18 08:37 - 2021-03-18 11:18 - 000002598 _____ C:\WINDOWS\system32\Tasks\AutoPico Daily Restart
2021-04-18 08:37 - 2020-11-20 02:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-18 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-18 08:16 - 2019-06-19 14:23 - 000000000 ____D C:\ProgramData\Autodesk
2021-04-18 08:16 - 2018-05-20 00:47 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-18 08:15 - 2020-09-27 08:36 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-18 08:15 - 2020-09-27 08:36 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-18 08:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-18 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-18 08:14 - 2018-05-20 09:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-18 08:12 - 2018-05-21 08:33 - 000000000 ____D C:\Users\OBAME\AppData\Local\CrashDumps
2021-04-18 08:08 - 2018-05-19 23:29 - 000000000 __SHD C:\Users\OBAME\IntelGraphicsProfiles
2021-04-18 08:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-18 08:07 - 2018-05-19 23:55 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-18 08:06 - 2020-09-27 06:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-16 16:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-04-16 16:30 - 2020-09-27 08:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-16 16:30 - 2018-07-01 20:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-16 16:29 - 2020-09-27 06:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-16 16:28 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-04-16 16:28 - 2018-10-19 15:45 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\DMCache
2021-04-16 09:41 - 2020-09-29 20:00 - 000000000 ___RD C:\Users\OBAME\Google Drive
2021-04-16 09:37 - 2020-11-20 01:48 - 000000000 ____D C:\Users\OBAME
2021-04-14 15:39 - 2021-01-22 10:02 - 000000000 ____D C:\totalcmd
2021-04-13 20:07 - 2018-05-19 15:39 - 000000000 ____D C:\Users\OBAME\AppData\Local\Packages
2021-04-13 07:10 - 2018-05-20 09:42 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\vlc
2021-04-09 11:02 - 2020-11-20 02:05 - 001044040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-09 11:02 - 2019-12-07 15:50 - 001047452 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-09 11:02 - 2019-12-07 15:50 - 000225458 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-09 10:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-01 19:15 - 2018-09-17 14:11 - 000000000 ____D C:\Users\OBAME\Documents\BIS Entreprise
2021-04-01 18:35 - 2021-01-22 10:02 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\GHISLER
2021-04-01 03:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-01 03:35 - 2019-01-09 14:42 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-01 03:35 - 2019-01-09 14:42 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-01 03:35 - 2018-06-13 02:59 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-01 03:34 - 2020-10-18 00:49 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-01 03:34 - 2020-04-15 15:36 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-04-01 03:34 - 2019-01-15 07:58 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-01 03:34 - 2018-10-13 00:03 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-30 15:16 - 2018-07-05 14:23 - 000001456 _____ C:\Users\OBAME\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2021-03-28 15:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-28 02:30 - 2020-09-29 19:56 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-03-28 02:30 - 2020-09-29 19:56 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-03-28 02:30 - 2020-09-29 19:56 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-03-28 02:30 - 2020-09-29 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-03-25 19:36 - 2020-11-20 01:48 - 000000000 ____D C:\Users\Administrateur.OBAME-ORDI
2021-03-25 19:36 - 2020-11-20 01:48 - 000000000 ____D C:\Users\6795
2021-03-25 08:55 - 2020-05-08 10:22 - 000000000 ____D C:\Users\OBAME\Documents\Zoom
2021-03-24 05:01 - 2020-11-20 01:48 - 000000000 ____D C:\Users\DefaultAppPool
2021-03-24 00:47 - 2021-01-23 14:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-03-24 00:39 - 2020-09-27 06:33 - 005957696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-24 00:38 - 2018-10-19 15:45 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2021-03-22 14:43 - 2018-10-23 14:00 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\FileZilla
2021-03-20 03:54 - 2018-10-19 15:45 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\IDM
==================== Fichiers à la racine de certains dossiers ========
2018-09-20 13:24 - 2018-09-26 09:18 - 000000132 _____ () C:\Users\OBAME\AppData\Roaming\Préfs Format PNG Adobe CS6
2018-07-05 14:23 - 2021-03-30 15:16 - 000001456 _____ () C:\Users\OBAME\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2020-02-23 08:44 - 2020-02-23 08:44 - 000000000 _____ () C:\Users\OBAME\AppData\Local\oobelibMkey.log
2018-05-21 15:08 - 2018-05-21 15:08 - 000000017 _____ () C:\Users\OBAME\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par OBAME (administrateur) sur OBAME-ORDI (Micro-Star International Co., Ltd. GL62 7RD) (18-04-2021 08:49:58)
Exécuté depuis C:\Users\OBAME\Desktop
Profils chargés: OBAME
Platform: Windows 10 Pro Version 20H2 19042.630 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(@ByELDI -> @ByELDI) [Fichier non signé] C:\Program Files\KMSpico\Service_KMS.exe
(Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_2.0.1.8_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(Adobe Systems Incorporated) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Apache Software Foundation) [Fichier non signé] C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <3>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe
(Gemalto, Inc. -> SafeNet, Inc.) C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplmv.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\IntelCpHDCPSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_19a9e16f19a33b74\IntelCpHeciSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Mega Limited -> Mega Limited) C:\Users\OBAME\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <11>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2102.8653.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Opera Software AS -> Opera Software) C:\Users\OBAME\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(PC SOFT INFORMATIQUE SAS -> PC SOFT) C:\ProgramData\PC SOFT\AutomaticUpdate\AutomaticUpdate.exe
(PC SOFT) [Fichier non signé] C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\manta64.exe
(PC SOFT) [Fichier non signé] C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\mantamanager64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe
(ultracopier.first-world.info) [Fichier non signé] C:\Program Files\Ultracopier\ultracopier.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [117472 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235920 2020-11-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [PCSOFT-Automatic Update] => C:\ProgramData\PC SOFT\AutomaticUpdate\AutomaticUpdate.exe [3350144 2021-03-22] (PC SOFT INFORMATIQUE SAS -> PC SOFT)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [668376 2021-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5484392 2021-03-03] (Tonec Inc. -> Tonec Inc.)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [ultracopier] => C:\Program Files\Ultracopier\ultracopier.exe [1504768 2016-01-02] (ultracopier.first-world.info) [Fichier non signé]
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [677512 2020-07-25] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [50041472 2021-03-12] (Google LLC -> )
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [Opera Browser Assistant] => C:\Users\OBAME\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\OBAME\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-12-24] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\MountPoints2: {5a3a6b00-d657-11ea-87b1-30e37aef2152} - "D:\setup.EXE" /AUTORUN
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\MountPoints2: {a08dfba6-d3ab-11e9-877a-30e37aef2152} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\MountPoints2: {a56af5d5-3276-11eb-87ed-30e37aef2152} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Apache Servers.lnk [2020-11-25]
ShortcutTarget: Monitor Apache Servers.lnk -> C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\ApacheMonitor.exe (Apache Software Foundation) [Fichier non signé]
Startup: C:\Users\OBAME\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2018-07-03]
ShortcutTarget: MEGAsync.lnk -> C:\Users\OBAME\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {187CE5CA-0012-40BB-A765-BC51E65E745F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {35C7557F-1616-45E2-9067-8A94ABBF4182} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248760 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {8339442F-67B3-4E8B-8027-426FB90DA6FC} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4686560 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
Task: {9308F59C-1000-4485-B278-ED87B22DB880} - System32\Tasks\InstallShield® Update Service Scheduler => C:\Program Files (x86)\Common Files\InstallShield\Update\ISUSPM.exe [394368 2017-10-07] (Flexera Software LLC -> InstallShield®) [Fichier non signé]
Task: {97A49820-0BA0-451A-8795-28F8301E1FC9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software)
Task: {BCBB2E9F-D387-449B-9DCD-7E7680504167} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [Fichier non signé]
Task: {CAAA74B9-AFDA-4F67-B80B-175B025B1C5A} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\Windows\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\AutoPico Daily Restart" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\InstallShield® Update Service Scheduler" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\Optimize Thumbnail Cache Files" /ENABLE
Task: {CC0194AD-D751-449F-879C-609570A11B5A} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {DDD99143-0821-42D9-86DC-8B00BD84BC94} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\Windows\system32\gpupdate.exe [30720 2020-10-09] (Microsoft Windows -> Microsoft Corporation)
Task: {E9CF31CA-D248-44F8-9E7C-D0061BB7D414} - System32\Tasks\Optimize Thumbnail Cache Files => wscript.exe //nologo //E:jscript //B "C:\ProgramData\InstallShield\Update\isuspm.ini" <==== ATTENTION
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
ProxyEnable: [HKLM] => Proxy est activé.
ProxyEnable: [HKLM-x32] => Proxy est activé.
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 160.119.161.33 160.119.160.33
Tcpip\..\Interfaces\{082ae77e-5e99-4e57-b3a5-dbe6a813a495}: [DhcpNameServer] 160.119.161.33 160.119.160.33
Tcpip\..\Interfaces\{c679d9a7-b7a7-46d4-b4b7-a8105d7221d9}: [DhcpNameServer] 160.119.161.33 160.119.160.33
ManualProxies: 1http=127.0.0.1:8080;https=127.0.0.1:8080
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
DnsPolicyConfig: [DNS_RESILIENCY_fe3cr.delivery.mp.microsoft.com] => GenericDNSServers=162.159.36.2
DnsPolicyConfig: [DNS_RESILIENCY_slscr.update.microsoft.com] => GenericDNSServers=162.159.36.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-18]
Edge Extension: (Safe Torrent Scanner) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-24]
Edge Extension: (Avast Online Security) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdgpikaaheckgdijjmepmdjjkbceakif [2021-03-13]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-02-26]
Edge Extension: (WhatFont) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2020-12-04]
Edge Extension: (IDM Integration Module) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\llbjbkhnmlidjebalopleeepgdfgcpec [2021-03-15]
Edge Extension: (Open With Internet Download Manager) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mjblohlmcbdochcgagjghbceifennddc [2020-12-04]
Edge Extension: (HowToSimplified) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2020-12-04]
Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2021-04-18]
Edge Extension: (AdGuard AdBlocker) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pdffkfellgipmhklpdmokmckkkfcopbh [2021-04-18]
Edge Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\OBAME\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\phhhmbgggfifgikoihlakngnngdehhfe [2020-12-04]
Edge HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [llbjbkhnmlidjebalopleeepgdfgcpec] - C:\Program Files (x86)\Internet Download Manager\IDMEdgeExt.crx [2021-03-05]
Edge HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05]
FireFox:
========
FF HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\OBAME\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\OBAME\AppData\Roaming\IDM\idmmzcc5 [2018-12-10] [] [non signé]
FF HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2020-07-17] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default [2021-04-18]
CHR Notifications: Default -> hxxp://leszizettes.com; hxxp://www.leszizettes.com; hxxp://www.spl-gabon.com
CHR Extension: (Slides) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-20]
CHR Extension: (Safe Torrent Scanner) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-01-26]
CHR Extension: (Docs) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-20]
CHR Extension: (Google Drive) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-24]
CHR Extension: (AdGuard AdBlocker) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2021-04-09]
CHR Extension: (YouTube) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-20]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-02]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-16]
CHR Extension: (Open With Internet Download Manager) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\epgilldoipfbdlneomlmegekaoonchcj [2020-05-28]
CHR Extension: (Sheets) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-16]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-16]
CHR Extension: (Avast Online Security) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-18]
CHR Extension: (WhatFont) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2019-08-20]
CHR Extension: (Smiletags) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\joiapjkjgbcljoopaenlplkfapolkdhp [2020-10-07]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-26]
CHR Extension: (HowToSimplified) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgkbcihahpocjmclehpjejmgjmijcib [2020-06-27]
CHR Extension: (IDM Integration Module) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2021-03-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-24]
CHR Extension: (Chrome Media Router) - C:\Users\OBAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-17]
CHR HKLM\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05]
CHR HKU\S-1-5-21-1347827056-2095076897-1593757921-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [joiapjkjgbcljoopaenlplkfapolkdhp]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-05]
Opera:
=======
OPR Profile: C:\Users\OBAME\AppData\Roaming\Opera Software\Opera Stable [2021-04-18]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\OBAME\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2020-11-18]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1050920 2021-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [844856 2020-06-20] (Adobe Inc. -> Adobe Inc.)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S2 Apache2; C:\Program Files (x86)\Apache Software Foundation\Apache2.2\bin\httpd.exe [20539 2007-01-09] (Apache Software Foundation) [Fichier non signé]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7888408 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [623216 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [1302184 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [353504 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56920 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788368 2021-03-29] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4581568 2020-08-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 hasplms; C:\Program Files (x86)\Common Files\Aladdin Shared\HASP\hasplms.exe [5730312 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 Hyper File Server : OBAME-ORDI; C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\Manta64.exe [258560 2020-11-17] (PC SOFT) [Fichier non signé]
R2 MantaManager; C:\Program Files\PC SOFT\Serveur HFSQL OBAME-ORDI\MantaManager64.exe [314368 2020-11-17] (PC SOFT) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5101992 2020-11-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI -> @ByELDI) [Fichier non signé]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 uSHAREitSvc; C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe [33224 2017-09-11] (SHAREit Technologies Co.Ltd -> SHAREit Technologies Co.Ltd)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [694016 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 wampapache64; c:\wamp64\bin\apache\apache2.4.39\bin\httpd.exe [29696 2019-03-28] (Apache Software Foundation) [Fichier non signé]
S3 wampmariadb64; c:\wamp64\bin\mariadb\mariadb10.3.14\bin\mysqld.exe [15813032 2019-04-01] (MariaDB Corporation Ab -> )
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.26\bin\mysqld.exe [39644480 2019-04-13] (Oracle America, Inc. -> )
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107624 2019-03-05] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 aksdf; C:\WINDOWS\system32\drivers\aksdf.sys [389560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
R2 aksfridge; C:\WINDOWS\system32\drivers\aksfridge.sys [510800 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [69560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [68536 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [313784 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208552 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [365520 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250328 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99288 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-15] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41304 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [177872 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [524416 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107808 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83368 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850120 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466696 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
S2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [216376 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-04-01] (Avast Software s.r.o. -> AVAST Software)
R3 BTWDPAN; C:\WINDOWS\System32\drivers\btwdpan.sys [84008 2020-11-18] (Broadcom Corporation -> Broadcom Corporation.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2020-08-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2020-08-04] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [36280 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [85424 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\System32\drivers\EUEDKEPM.sys [33712 2020-02-23] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1970104 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
R3 NewTek_AudioPortClass; C:\WINDOWS\System32\drivers\NewTek_AudioPortClass.sys [33336 2020-05-07] (Microsoft Windows Hardware Compatibility Publisher -> NewTek)
R3 NewTek_WDM_KS; C:\WINDOWS\System32\drivers\NewTek_WDM_KS.sys [27832 2020-05-07] (Microsoft Windows Hardware Compatibility Publisher -> NewTek)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [248464 2019-09-03] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-18 08:49 - 2021-04-18 08:52 - 000034954 _____ C:\Users\OBAME\Desktop\FRST.txt
2021-04-18 08:49 - 2021-04-18 08:51 - 000000000 ____D C:\FRST
2021-04-18 08:48 - 2021-04-18 08:48 - 002298368 _____ (Farbar) C:\Users\OBAME\Desktop\FRST64.exe
2021-04-18 08:46 - 2021-04-18 08:43 - 002010624 _____ (Farbar) C:\Users\OBAME\Desktop\FRST.exe
2021-04-18 08:27 - 2021-04-18 08:27 - 000000000 ____D C:\Users\OBAME\Desktop\desactiver-recherche-bing-windows-10-5e3ad6a946e4b
2021-04-18 08:27 - 2021-04-18 08:25 - 000000367 _____ C:\Users\OBAME\Desktop\desactiver-recherche-bing-windows-10-5e3ad6a946e4b.zip
2021-04-13 12:10 - 2021-04-13 12:12 - 000004673 _____ C:\Users\OBAME\Documents\Table Requête Indicateurs de suivi.xlsx
2021-04-12 18:59 - 2021-04-12 18:59 - 000005365 _____ C:\Users\OBAME\Documents\Table TdB Reporting Processus PDO1.xlsx
2021-04-12 18:59 - 2021-04-12 18:59 - 000000165 ____H C:\Users\OBAME\Documents\~$Table TdB Reporting Processus PDO1.xlsx
2021-04-12 18:46 - 2021-04-12 18:46 - 000546502 _____ C:\Users\OBAME\Documents\test_graphe.bmp
2021-04-12 18:45 - 2021-04-12 18:45 - 000101149 _____ C:\Users\OBAME\Documents\test_graphe.pdf
2021-04-12 08:58 - 2021-04-12 08:58 - 000079356 _____ C:\Users\OBAME\Documents\Planning_ProjetV3.pdf
2021-04-01 03:35 - 2021-04-18 08:09 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-04-01 03:35 - 2021-04-01 03:35 - 000216376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-04-01 03:35 - 2021-04-01 03:34 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-03-26 20:07 - 2021-03-26 20:07 - 000016152 _____ C:\Users\OBAME\Documents\EXTRAIT DE COMPTE 210228144647.pdf
2021-03-26 20:05 - 2021-03-26 20:05 - 000162213 _____ C:\Users\OBAME\Documents\20210306_4207718548_420771833401_O.PDF
2021-03-24 19:43 - 2021-03-24 19:43 - 000188644 _____ C:\Users\OBAME\Documents\Sample_Bank_Information_Letter.pdf
2021-03-24 19:37 - 2021-03-24 19:37 - 000054149 _____ C:\Users\OBAME\Documents\RIB OBAME SIMON STEVEEN.pdf
2021-03-24 19:28 - 2021-03-24 19:28 - 000240201 _____ C:\Users\OBAME\Documents\2021_Mandela_Washington_Fellowship_Participant_Release_Form_1_.pdf
2021-03-24 00:47 - 2021-04-18 08:37 - 000003622 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-03-24 00:47 - 2021-04-18 08:37 - 000003398 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-03-24 00:39 - 2021-03-24 00:50 - 001778252 _____ C:\WINDOWS\Minidump\032421-95437-01.dmp
2021-03-24 00:39 - 2021-03-24 00:50 - 000000000 ____D C:\WINDOWS\Minidump
2021-03-23 21:54 - 2021-03-23 21:54 - 000074758 _____ C:\Users\OBAME\Documents\Fellowship Biographies and Photos-Review.pdf
2021-03-22 14:43 - 2021-03-22 14:43 - 011321472 _____ (Tim Kosse) C:\Users\OBAME\Downloads\FileZilla_3.52.2_win64-setup.exe
2021-03-21 18:25 - 2021-03-21 18:24 - 000011991 _____ C:\Users\OBAME\Documents\devis.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-18 08:37 - 2021-03-18 11:18 - 000003052 _____ C:\WINDOWS\system32\Tasks\Optimize Thumbnail Cache Files
2021-04-18 08:37 - 2021-03-18 11:18 - 000002600 _____ C:\WINDOWS\system32\Tasks\InstallShield® Update Service Scheduler
2021-04-18 08:37 - 2021-03-18 11:18 - 000002598 _____ C:\WINDOWS\system32\Tasks\AutoPico Daily Restart
2021-04-18 08:37 - 2020-11-20 02:45 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-04-18 08:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-04-18 08:16 - 2019-06-19 14:23 - 000000000 ____D C:\ProgramData\Autodesk
2021-04-18 08:16 - 2018-05-20 00:47 - 000000000 ____D C:\ProgramData\AVAST Software
2021-04-18 08:15 - 2020-09-27 08:36 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-18 08:15 - 2020-09-27 08:36 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-18 08:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-18 08:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-18 08:14 - 2018-05-20 09:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-18 08:12 - 2018-05-21 08:33 - 000000000 ____D C:\Users\OBAME\AppData\Local\CrashDumps
2021-04-18 08:08 - 2018-05-19 23:29 - 000000000 __SHD C:\Users\OBAME\IntelGraphicsProfiles
2021-04-18 08:07 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-18 08:07 - 2018-05-19 23:55 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-18 08:06 - 2020-09-27 06:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-16 16:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-04-16 16:30 - 2020-09-27 08:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-16 16:30 - 2018-07-01 20:59 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-04-16 16:29 - 2020-09-27 06:33 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-16 16:28 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-04-16 16:28 - 2018-10-19 15:45 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\DMCache
2021-04-16 09:41 - 2020-09-29 20:00 - 000000000 ___RD C:\Users\OBAME\Google Drive
2021-04-16 09:37 - 2020-11-20 01:48 - 000000000 ____D C:\Users\OBAME
2021-04-14 15:39 - 2021-01-22 10:02 - 000000000 ____D C:\totalcmd
2021-04-13 20:07 - 2018-05-19 15:39 - 000000000 ____D C:\Users\OBAME\AppData\Local\Packages
2021-04-13 07:10 - 2018-05-20 09:42 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\vlc
2021-04-09 11:02 - 2020-11-20 02:05 - 001044040 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-09 11:02 - 2019-12-07 15:50 - 001047452 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-09 11:02 - 2019-12-07 15:50 - 000225458 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-09 10:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-01 19:15 - 2018-09-17 14:11 - 000000000 ____D C:\Users\OBAME\Documents\BIS Entreprise
2021-04-01 18:35 - 2021-01-22 10:02 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\GHISLER
2021-04-01 03:35 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-01 03:35 - 2019-01-09 14:42 - 000250328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-04-01 03:35 - 2019-01-09 14:42 - 000099288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-04-01 03:35 - 2018-06-13 02:59 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-04-01 03:34 - 2020-10-18 00:49 - 000177872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-04-01 03:34 - 2020-04-15 15:36 - 000524416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-04-01 03:34 - 2019-01-15 07:58 - 000365520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-04-01 03:34 - 2018-10-13 00:03 - 000041304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000850120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000466696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000208552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000107808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-04-01 03:34 - 2018-06-13 02:59 - 000083368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-03-30 15:16 - 2018-07-05 14:23 - 000001456 _____ C:\Users\OBAME\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2021-03-28 15:31 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-03-28 02:30 - 2020-09-29 19:56 - 000002073 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-03-28 02:30 - 2020-09-29 19:56 - 000002071 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-03-28 02:30 - 2020-09-29 19:56 - 000002061 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-03-28 02:30 - 2020-09-29 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-03-25 19:36 - 2020-11-20 01:48 - 000000000 ____D C:\Users\Administrateur.OBAME-ORDI
2021-03-25 19:36 - 2020-11-20 01:48 - 000000000 ____D C:\Users\6795
2021-03-25 08:55 - 2020-05-08 10:22 - 000000000 ____D C:\Users\OBAME\Documents\Zoom
2021-03-24 05:01 - 2020-11-20 01:48 - 000000000 ____D C:\Users\DefaultAppPool
2021-03-24 00:47 - 2021-01-23 14:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-03-24 00:39 - 2020-09-27 06:33 - 005957696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-03-24 00:38 - 2018-10-19 15:45 - 000000000 ____D C:\Program Files (x86)\Internet Download Manager
2021-03-22 14:43 - 2018-10-23 14:00 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\FileZilla
2021-03-20 03:54 - 2018-10-19 15:45 - 000000000 ____D C:\Users\OBAME\AppData\Roaming\IDM
==================== Fichiers à la racine de certains dossiers ========
2018-09-20 13:24 - 2018-09-26 09:18 - 000000132 _____ () C:\Users\OBAME\AppData\Roaming\Préfs Format PNG Adobe CS6
2018-07-05 14:23 - 2021-03-30 15:16 - 000001456 _____ () C:\Users\OBAME\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2020-02-23 08:44 - 2020-02-23 08:44 - 000000000 _____ () C:\Users\OBAME\AppData\Local\oobelibMkey.log
2018-05-21 15:08 - 2018-05-21 15:08 - 000000017 _____ () C:\Users\OBAME\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================