Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-04-2022 01
Exécuté par gregory (administrateur) sur LAPTOP-2AE64TP8 (LENOVO 80LM) (19-04-2022 17:22:05)
Exécuté depuis C:\Users\gregory\Desktop
Profils chargés: gregory
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\Vpn.exe <3>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nitro PDF Software -> ) C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(services.exe ->) (Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(services.exe ->) (Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2852684532-2492962048-194019044-1001\...\Run: [MicrosoftEdgeAutoLaunch_14EED633C98365CEDE9DE3B6CED09492] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\x64\hpcpp108.DLL [331776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Fichier non signé]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon9.dll [29704 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{75A22DF0-B81D-46ed-B119-CD30507BD615}] -> C:\WINDOWS\system32\SampleHardwareEventCredentialProvider.dll [2015-08-25] (LENOVO -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2022-04-18]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {059C953E-2E16-4569-8F9B-5532C41F92F4} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {0A2FB7FE-25B5-456A-A693-B50DF76DC3AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {10802865-71BE-4534-8205-4C7AA910E0D6} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1264752 2022-04-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {10E058E5-DFE5-41C2-B9DB-8D76209D27A1} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {12927899-CE8B-4BFC-998D-7D302D035A51} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (Pas de fichier)
Task: {1C03CD46-E0E2-419A-9BDE-E364E63E047C} - \Lenovo\ImController\TimeBasedEvents\fb84ea0d-0b25-44fb-8eab-4f7704bc3b3f -> Pas de fichier <==== ATTENTION
Task: {1D5AF8DB-D4C5-4DF6-ADAC-87193AC8536E} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION
Task: {2158E73D-7A73-434A-A60E-A7F8149072C9} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {26E2B4FD-B1A9-414F-88FA-382D85547009} - \Lenovo\ImController\TimeBasedEvents\7f27515d-6685-4b50-bc65-ade7f2dd85e3 -> Pas de fichier <==== ATTENTION
Task: {31DADE57-783F-40A3-9B68-FE2AC6A8CBDC} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe -update (Pas de fichier)
Task: {34983788-0B92-48F5-A43A-86700AC46301} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {44E39D5B-3499-44FE-936C-C70A22785E51} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {475774BE-C557-4C1B-BFFE-E42F6E7844AD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {5432D807-0DB8-4B32-BB97-56A42AD5C316} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {57723785-6C59-4ABF-95F9-D782FAD44E5C} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe (Pas de fichier)
Task: {5E3D9405-A423-42DD-AE4A-2F838E3E79E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {79B7EFA9-1A66-4747-8799-0BA76E6A0B49} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [4690032 2022-04-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid 95407e2e-2759-46bf-9872-71f0361c63aa
Task: {7CE5B92F-A36A-4C59-8A4E-AE5C2AA30F04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8294DF1F-11DB-4C53-8187-9E3C3BABBC49} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C214104-B165-4BFE-AA18-8C3515DF718C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {93D66BF5-F80A-4014-86F3-E39F82E2C4F8} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe /nobrowser (Pas de fichier)
Task: {993171FD-2632-455D-9EE0-11E6291C2985} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD3749C1-FF5E-4A46-A712-4F98B3558CE7} - \Lenovo\ImController\TimeBasedEvents\7caf6bd1-391d-459e-992d-f30e52b13998 -> Pas de fichier <==== ATTENTION
Task: {BBDFB5E6-E08C-4C8F-9A83-BB06646621CB} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [6659384 2022-03-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {C3F6A60F-E794-450F-832D-21B8C7BE8D1A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C725E3DB-C69F-4468-93C2-E89A8ACAA976} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan (Pas de fichier)
Task: {C730F6D0-4365-4640-A440-38E92B2C68A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {C930DE22-A286-4FA1-9897-EC0BA397C2FB} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {CDBC0AA9-CA47-40BC-A0D9-FA6114DB0F7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFF658AF-7159-42D7-9AC6-A975E6B1D45E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard)
Task: {D99AAF0F-6F65-4623-A375-BA05CB6FC4B7} - \Lenovo\ImController\TimeBasedEvents\3d410d8a-75d6-42d3-8fb2-f500611eba8b -> Pas de fichier <==== ATTENTION
Task: {DAD69389-6056-4EAE-9A13-C1AB55841006} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DEF3727F-343F-41BB-BF52-A51979E27C54} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {E314606E-2B24-4448-9317-FD419045C867} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus (Pas de fichier)
Task: {E6D10079-BD31-43B7-B887-0338BBB37E77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F106B930-4738-49DD-944B-A906991B1EF5} - \Lenovo\ImController\TimeBasedEvents\aed9c3e5-4f57-4bcf-be02-c6c66906e2d7 -> Pas de fichier <==== ATTENTION
Task: {F5E4379A-FD5B-4FBC-A731-569CBF8B48C7} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FCBD6187-7FBE-49B1-BCD7-8AC1CF42F7F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{02d0092b-1386-4836-8112-50b6b46a4566}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{0eceaa49-801c-4620-9781-ce7f11744213}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-19]
Edge HomePage: Default -> hxxp://www.google.com
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14]
Edge Extension: (Connective signing extension) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2021-12-01]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF Software -> Nitro PDF)
FF Plugin HKU\S-1-5-21-2852684532-2492962048-194019044-1001: connective.be/BrowserPlugin -> C:\Users\gregory\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default [2022-04-19]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-13]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-18]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-18]
CHR Extension: (Skype) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-04-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-19]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-18]
CHR Extension: (Slides) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-24]
CHR Extension: (Docs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-24]
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-24]
CHR Extension: (YouTube) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-24]
CHR Extension: (Adobe Acrobat) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-19]
CHR Extension: (Sheets) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-24]
CHR Extension: (Skype) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-10-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-24]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-24]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-19]
CHR HKLM\...\Chrome\Extension: [oahnbekpplfncpdnahmjddbnidmpdkcn]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Fichier non signé]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Fichier non signé]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [230096 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-18] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] (Nitro PDF Software -> )
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2014-08-01] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [9694320 2022-04-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2022-02-15] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2018-06-10] (IVT CORPORATION -> IVT Corporation.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-18] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl0052d4ee; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7D99C720-9E1B-4490-A5D9-BC091675B1F6}\MpKslDrv.sys [139536 2022-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [338368 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-18] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-19 17:22 - 2022-04-19 17:24 - 000029061 _____ C:\Users\gregory\Desktop\FRST.txt
2022-04-19 17:20 - 2022-04-19 17:20 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64 (1).exe
2022-04-19 17:20 - 2022-04-19 17:20 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64 (1).exe
2022-04-18 21:21 - 2022-04-18 21:21 - 000333239 _____ C:\Users\gregory\Desktop\ZHPDiag.txt
2022-04-18 20:55 - 2022-04-18 20:55 - 000001991 _____ C:\Users\Public\Desktop\AVG Secure VPN.lnk
2022-04-18 20:46 - 2022-04-18 20:46 - 000078391 _____ C:\Users\gregory\Downloads\bpost-label - 2022-04-18T184649364.pdf
2022-04-18 18:42 - 2022-04-18 18:42 - 000013867 _____ C:\Users\gregory\Desktop\ZHPCleaner (R).html
2022-04-18 18:42 - 2022-04-18 18:42 - 000005802 _____ C:\Users\gregory\Desktop\ZHPCleaner (R).txt
2022-04-18 18:36 - 2022-04-18 18:36 - 000013872 _____ C:\Users\gregory\Desktop\ZHPCleaner (S).html
2022-04-18 18:11 - 2022-04-18 18:10 - 003295944 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPCleaner.exe
2022-04-18 18:10 - 2022-04-18 18:10 - 003295944 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPCleaner.exe
2022-04-18 14:06 - 2022-04-18 14:06 - 000000874 _____ C:\Users\gregory\Desktop\ZHPSuite.lnk
2022-04-18 14:01 - 2022-04-18 14:01 - 000008843 _____ C:\Users\gregory\Desktop\malwarebytes analyse.txt
2022-04-18 13:29 - 2022-04-18 13:29 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-18 13:29 - 2022-04-18 13:29 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-04-18 13:28 - 2022-04-18 13:26 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-18 13:25 - 2022-04-18 13:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-18 13:07 - 2022-04-18 13:23 - 000002766 _____ C:\Users\gregory\Desktop\AdwCleaner[C03].txt
2022-04-18 12:59 - 2022-04-18 12:59 - 008551608 _____ (Malwarebytes) C:\Users\gregory\Desktop\adwcleaner.exe
2022-04-18 12:25 - 2022-04-18 12:53 - 000057979 _____ C:\Users\gregory\Desktop\ZHPFix.txt
2022-04-18 12:04 - 2022-04-18 12:04 - 002443448 _____ (Malwarebytes) C:\Users\gregory\Downloads\MBSetup (1).exe
2022-04-18 11:27 - 2022-04-18 11:23 - 002443448 _____ (Malwarebytes) C:\Users\gregory\Desktop\MBSetup.exe
2022-04-18 11:23 - 2022-04-18 11:23 - 002443448 _____ (Malwarebytes) C:\Users\gregory\Downloads\MBSetup.exe
2022-04-18 11:22 - 2022-04-18 11:22 - 008540344 _____ (Malwarebytes) C:\Users\gregory\Downloads\adwcleaner_8.3.1.exe
2022-04-17 23:56 - 2022-04-19 17:23 - 000000000 ____D C:\FRST
2022-04-17 23:39 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64.exe
2022-04-17 23:36 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64.exe
2022-04-17 23:23 - 2022-04-18 21:21 - 000000000 ____D C:\Users\gregory\AppData\Roaming\ZHP
2022-04-17 23:23 - 2022-04-18 18:12 - 000000000 ____D C:\Users\gregory\AppData\Local\ZHP
2022-04-17 23:20 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPSuite.exe
2022-04-17 23:16 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPSuite.exe
2022-04-17 20:49 - 2022-04-17 20:49 - 000000000 ___HD C:\$WinREAgent
2022-03-31 22:47 - 2022-03-31 22:47 - 004243999 _____ C:\Users\gregory\Downloads\mini excavator manual.pdf
2022-03-29 20:48 - 2022-03-29 20:48 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes (1).pdf
2022-03-28 20:44 - 2022-03-28 20:44 - 000016336 _____ C:\Users\gregory\Downloads\file (43).pdf
2022-03-28 19:17 - 2022-03-28 19:18 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes.pdf
2022-03-28 19:09 - 2022-03-28 22:49 - 000000648 _____ C:\Users\gregory\advanced_ip_scanner_MAC.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Comments.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Aliases.bin
2022-03-28 19:09 - 2022-03-28 19:09 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170944590.pdf
2022-03-28 19:07 - 2022-03-28 19:07 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170745138.pdf
2022-03-28 17:51 - 2022-03-28 17:51 - 000001057 _____ C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\Program Files (x86)\Advanced IP Scanner
2022-03-28 17:50 - 2022-03-28 17:50 - 020385120 _____ (Famatech Corp. ) C:\Users\gregory\Downloads\Advanced_IP_Scanner_2.5.3850.exe
2022-03-28 17:37 - 2022-03-28 17:37 - 000000000 ____D C:\Users\gregory\AppData\Local\D3DSCache
2022-03-27 21:29 - 2022-03-27 21:29 - 000136317 _____ C:\Users\gregory\Downloads\GCF0C_FR_ComfyFlex_gas.pdf
2022-03-26 20:53 - 2022-03-26 20:53 - 000874172 _____ C:\Users\gregory\Downloads\Excavator_40178_Conditions-particulieres_FR.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Downloads\Topographie-de-la-douleur.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Desktop\Topographie-de-la-douleur.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-19 17:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-19 17:19 - 2016-03-11 06:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-19 17:08 - 2016-03-11 06:34 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-19 17:06 - 2020-10-26 01:14 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{73CC9617-0FDB-4378-87B1-87E74F36F536}
2022-04-19 17:03 - 2016-03-12 13:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-19 17:02 - 2016-03-11 04:10 - 000000000 __SHD C:\Users\gregory\IntelGraphicsProfiles
2022-04-18 21:14 - 2016-03-18 20:24 - 000000000 ____D C:\Users\gregory\AppData\Roaming\Nitro PDF
2022-04-18 21:02 - 2021-12-12 21:18 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-04-18 21:02 - 2020-10-26 01:14 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-04-18 21:02 - 2020-10-26 00:47 - 000002430 _____ C:\Users\gregory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-18 21:01 - 2020-10-26 00:59 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-18 21:01 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-04-18 21:01 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-04-18 21:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-18 20:55 - 2022-02-15 21:41 - 000003974 _____ C:\WINDOWS\system32\Tasks\AVG Secure VPN Update
2022-04-18 20:55 - 2022-02-15 21:41 - 000000000 ____D C:\ProgramData\AVG
2022-04-18 20:54 - 2020-10-26 01:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-18 20:53 - 2020-10-26 00:38 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-18 20:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-18 20:52 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-04-18 19:38 - 2020-10-26 00:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-18 18:37 - 2021-06-30 20:07 - 000000000 ____D C:\Users\gregory\Desktop\Photo logo
2022-04-18 14:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-18 14:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-18 13:57 - 2016-07-03 12:55 - 000000000 ____D C:\Users\gregory\Downloads\File Scavenger 3.2
2022-04-18 13:28 - 2020-02-24 22:10 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-18 13:28 - 2018-01-19 21:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-18 13:25 - 2020-02-24 22:08 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-18 13:24 - 2022-02-15 21:41 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-04-18 13:21 - 2021-11-30 20:25 - 000000000 ____D C:\Users\gregory\AppData\Roaming\discord
2022-04-18 13:19 - 2021-11-30 20:24 - 000000000 ____D C:\Users\gregory\AppData\Local\Discord
2022-04-18 13:15 - 2016-03-11 04:11 - 000000000 ____D C:\Users\gregory\AppData\Local\Lenovo
2022-04-18 13:06 - 2020-10-26 01:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-04-18 11:26 - 2020-10-26 01:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-18 11:24 - 2021-12-13 20:47 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-17 23:41 - 2020-10-07 20:27 - 000000000 ____D C:\Users\gregory\Desktop\creche
2022-04-17 23:39 - 2020-11-23 21:37 - 000000000 ____D C:\Users\gregory\Desktop\aqua
2022-04-17 23:17 - 2021-03-17 21:08 - 000000000 ____D C:\Users\gregory\Desktop\h2o
2022-04-17 23:14 - 2021-04-03 22:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-17 21:30 - 2020-06-11 20:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-17 20:24 - 2020-10-26 20:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ab22389ed921
2022-04-17 20:24 - 2020-10-26 01:14 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-29 21:55 - 2022-02-08 22:31 - 000000000 ____D C:\Users\gregory\Desktop\ikea
2022-03-28 22:49 - 2022-02-06 22:13 - 000000026 _____ C:\Users\gregory\Desktop\ip chaudiere.txt
2022-03-28 19:09 - 2020-10-26 00:47 - 000000000 ____D C:\Users\gregory
==================== Fichiers à la racine de certains dossiers ========
2019-03-28 20:26 - 2019-03-28 20:26 - 007505920 _____ () C:\Program Files (x86)\GUTEADC.tmp
2018-09-14 22:33 - 2021-07-17 23:05 - 000000033 _____ () C:\Users\gregory\AppData\Roaming\AdobeWLCMCache.dat
2017-03-01 21:58 - 2018-11-20 20:35 - 000000600 _____ () C:\Users\gregory\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par gregory (administrateur) sur LAPTOP-2AE64TP8 (LENOVO 80LM) (19-04-2022 17:22:05)
Exécuté depuis C:\Users\gregory\Desktop
Profils chargés: gregory
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <4>
(C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe
(explorer.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\Vpn.exe <3>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxEM.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Secure VPN\VpnSvc.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_b9b9c39e4e2b88eb\igfxCUIService.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Malwarebytes Corporation -> Malwarebytes) C:\ProgramData\MB3Install\MBAMIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Nitro PDF Software -> ) C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe
(services.exe ->) (Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(services.exe ->) (Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-08-03] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18388928 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505728 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-12-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2852684532-2492962048-194019044-1001\...\Run: [MicrosoftEdgeAutoLaunch_14EED633C98365CEDE9DE3B6CED09492] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3540408 2022-04-15] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp108: C:\Windows\System32\spool\prtprocs\x64\hpcpp108.DLL [331776 2011-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Standard TCP/IP Port: C:\WINDOWS\system32\HpTcpMon.dll [331264 2009-09-16] (Hewlett Packard) [Fichier non signé]
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\WINDOWS\system32\nitrolocalmon9.dll [29704 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\100.0.4896.88\Installer\chrmstp.exe [2022-04-18] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{75A22DF0-B81D-46ed-B119-CD30507BD615}] -> C:\WINDOWS\system32\SampleHardwareEventCredentialProvider.dll [2015-08-25] (LENOVO -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVG Secure VPN.lnk [2022-04-18]
ShortcutTarget: AVG Secure VPN.lnk -> C:\Program Files\AVG\Secure VPN\Vpn.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {059C953E-2E16-4569-8F9B-5532C41F92F4} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {0A2FB7FE-25B5-456A-A693-B50DF76DC3AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {10802865-71BE-4534-8205-4C7AA910E0D6} - System32\Tasks\AVG Secure VPN Update => C:\Program Files\AVG\Secure VPN\VpnUpdate.exe [1264752 2022-04-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {10E058E5-DFE5-41C2-B9DB-8D76209D27A1} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {12927899-CE8B-4BFC-998D-7D302D035A51} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show (Pas de fichier)
Task: {1C03CD46-E0E2-419A-9BDE-E364E63E047C} - \Lenovo\ImController\TimeBasedEvents\fb84ea0d-0b25-44fb-8eab-4f7704bc3b3f -> Pas de fichier <==== ATTENTION
Task: {1D5AF8DB-D4C5-4DF6-ADAC-87193AC8536E} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION
Task: {2158E73D-7A73-434A-A60E-A7F8149072C9} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {26E2B4FD-B1A9-414F-88FA-382D85547009} - \Lenovo\ImController\TimeBasedEvents\7f27515d-6685-4b50-bc65-ade7f2dd85e3 -> Pas de fichier <==== ATTENTION
Task: {31DADE57-783F-40A3-9B68-FE2AC6A8CBDC} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe -update (Pas de fichier)
Task: {34983788-0B92-48F5-A43A-86700AC46301} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {44E39D5B-3499-44FE-936C-C70A22785E51} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {475774BE-C557-4C1B-BFFE-E42F6E7844AD} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {5432D807-0DB8-4B32-BB97-56A42AD5C316} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-12] (Google Inc -> Google Inc.)
Task: {57723785-6C59-4ABF-95F9-D782FAD44E5C} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe (Pas de fichier)
Task: {5E3D9405-A423-42DD-AE4A-2F838E3E79E0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {79B7EFA9-1A66-4747-8799-0BA76E6A0B49} - System32\Tasks\AVG\AVG Secure VPN Bug Report => C:\Program Files\AVG\Secure VPN\AvBugReport.exe [4690032 2022-04-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 12 --programpath "C:\Program Files\AVG\Secure VPN" --configpath "C:\ProgramData\AVG\Secure VPN" --path "C:\ProgramData\AVG\Secure VPN\log" --path "C:\ProgramData\AVG\Icarus\Logs" --logpath "C:\ProgramData\AVG\Secure VPN\log" --guid 95407e2e-2759-46bf-9872-71f0361c63aa
Task: {7CE5B92F-A36A-4C59-8A4E-AE5C2AA30F04} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8294DF1F-11DB-4C53-8187-9E3C3BABBC49} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {8C214104-B165-4BFE-AA18-8C3515DF718C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22866856 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {93D66BF5-F80A-4014-86F3-E39F82E2C4F8} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe /nobrowser (Pas de fichier)
Task: {993171FD-2632-455D-9EE0-11E6291C2985} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111520 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD3749C1-FF5E-4A46-A712-4F98B3558CE7} - \Lenovo\ImController\TimeBasedEvents\7caf6bd1-391d-459e-992d-f30e52b13998 -> Pas de fichier <==== ATTENTION
Task: {BBDFB5E6-E08C-4C8F-9A83-BB06646621CB} - System32\Tasks\AVG\AVG Secure VPN Update => C:\Program Files\Common Files\AVG\Icarus\avg-vpn\icarus.exe [6659384 2022-03-29] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {C3F6A60F-E794-450F-832D-21B8C7BE8D1A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {C725E3DB-C69F-4468-93C2-E89A8ACAA976} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan (Pas de fichier)
Task: {C730F6D0-4365-4640-A440-38E92B2C68A7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {C930DE22-A286-4FA1-9897-EC0BA397C2FB} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {CDBC0AA9-CA47-40BC-A0D9-FA6114DB0F7C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CFF658AF-7159-42D7-9AC6-A975E6B1D45E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [42808 2010-09-22] (Hewlett-Packard Company -> Hewlett Packard)
Task: {D99AAF0F-6F65-4623-A375-BA05CB6FC4B7} - \Lenovo\ImController\TimeBasedEvents\3d410d8a-75d6-42d3-8fb2-f500611eba8b -> Pas de fichier <==== ATTENTION
Task: {DAD69389-6056-4EAE-9A13-C1AB55841006} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DEF3727F-343F-41BB-BF52-A51979E27C54} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [145480 2021-09-09] (Lenovo -> Lenovo Group Ltd.)
Task: {E314606E-2B24-4448-9317-FD419045C867} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.UpdateStatusService.exe UpdateStatus (Pas de fichier)
Task: {E6D10079-BD31-43B7-B887-0338BBB37E77} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6513608 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F106B930-4738-49DD-944B-A906991B1EF5} - \Lenovo\ImController\TimeBasedEvents\aed9c3e5-4f57-4bcf-be02-c6c66906e2d7 -> Pas de fichier <==== ATTENTION
Task: {F5E4379A-FD5B-4FBC-A731-569CBF8B48C7} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {FCBD6187-7FBE-49B1-BCD7-8AC1CF42F7F7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{02d0092b-1386-4836-8112-50b6b46a4566}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Tcpip\..\Interfaces\{0eceaa49-801c-4620-9781-ce7f11744213}: [DhcpNameServer] 109.88.203.3 62.197.111.140
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-19]
Edge HomePage: Default -> hxxp://www.google.com
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2022-01-14]
Edge Extension: (Connective signing extension) - C:\Users\gregory\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kclpjmhngbacampgcdojmiedamjbgjjm [2021-12-01]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\dtplugin\npDeployJava1.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.281.2 -> C:\Program Files (x86)\Java\jre1.8.0_281\bin\plugin2\npjp2.dll [2021-05-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll [2014-08-01] (Nitro PDF Software -> Nitro PDF)
FF Plugin HKU\S-1-5-21-2852684532-2492962048-194019044-1001: connective.be/BrowserPlugin -> C:\Users\gregory\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2021-07-05] (Connective n.v.) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default [2022-04-19]
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-01-13]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2022-03-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-18]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-18]
CHR Extension: (Skype) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-04-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-22]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-19]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-04-18]
CHR Extension: (Slides) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-10-24]
CHR Extension: (Docs) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-10-24]
CHR Extension: (Google Drive) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-24]
CHR Extension: (YouTube) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-10-24]
CHR Extension: (Adobe Acrobat) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-11-19]
CHR Extension: (Sheets) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-10-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-24]
CHR Extension: (Skype) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-10-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-10-24]
CHR Extension: (Gmail) - C:\Users\gregory\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-10-24]
CHR Profile: C:\Users\gregory\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-19]
CHR HKLM\...\Chrome\Extension: [oahnbekpplfncpdnahmjddbnidmpdkcn]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11666384 2022-04-17] (Microsoft Corporation -> Microsoft Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [Fichier non signé]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [Fichier non signé]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 MBAMIService; C:\ProgramData\MB3Install\MBAMIService.exe [230096 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-18] (Malwarebytes Inc -> Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software -> Nitro PDF Software)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] (Nitro PDF Software -> )
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [69640 2014-08-01] (Nitro PDF Software -> Nalpeiron Ltd.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé]
R2 SecureVPN; C:\Program Files\AVG\Secure VPN\VpnSvc.exe [9694320 2022-04-18] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-18] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 avgTap; C:\WINDOWS\System32\drivers\avgTap.sys [54888 2022-02-15] (AVG Technologies CZ, s.r.o. -> The OpenVPN Project)
S3 Btcsrusb; C:\WINDOWS\System32\Drivers\btcusb.sys [53488 2018-06-10] (IVT CORPORATION -> IVT Corporation.)
S3 GemCCID; C:\WINDOWS\System32\drivers\GemCCID.sys [130944 2014-11-10] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-02-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-18] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl0052d4ee; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7D99C720-9E1B-4490-A5D9-BC091675B1F6}\MpKslDrv.sys [139536 2022-04-19] (Microsoft Windows -> Microsoft Corporation)
R3 RSP2STOR; C:\WINDOWS\System32\drivers\RtsP2Stor.sys [338368 2018-06-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-18] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-19 17:22 - 2022-04-19 17:24 - 000029061 _____ C:\Users\gregory\Desktop\FRST.txt
2022-04-19 17:20 - 2022-04-19 17:20 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64 (1).exe
2022-04-19 17:20 - 2022-04-19 17:20 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64 (1).exe
2022-04-18 21:21 - 2022-04-18 21:21 - 000333239 _____ C:\Users\gregory\Desktop\ZHPDiag.txt
2022-04-18 20:55 - 2022-04-18 20:55 - 000001991 _____ C:\Users\Public\Desktop\AVG Secure VPN.lnk
2022-04-18 20:46 - 2022-04-18 20:46 - 000078391 _____ C:\Users\gregory\Downloads\bpost-label - 2022-04-18T184649364.pdf
2022-04-18 18:42 - 2022-04-18 18:42 - 000013867 _____ C:\Users\gregory\Desktop\ZHPCleaner (R).html
2022-04-18 18:42 - 2022-04-18 18:42 - 000005802 _____ C:\Users\gregory\Desktop\ZHPCleaner (R).txt
2022-04-18 18:36 - 2022-04-18 18:36 - 000013872 _____ C:\Users\gregory\Desktop\ZHPCleaner (S).html
2022-04-18 18:11 - 2022-04-18 18:10 - 003295944 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPCleaner.exe
2022-04-18 18:10 - 2022-04-18 18:10 - 003295944 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPCleaner.exe
2022-04-18 14:06 - 2022-04-18 14:06 - 000000874 _____ C:\Users\gregory\Desktop\ZHPSuite.lnk
2022-04-18 14:01 - 2022-04-18 14:01 - 000008843 _____ C:\Users\gregory\Desktop\malwarebytes analyse.txt
2022-04-18 13:29 - 2022-04-18 13:29 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-04-18 13:29 - 2022-04-18 13:29 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-04-18 13:28 - 2022-04-18 13:26 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-18 13:25 - 2022-04-18 13:25 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-18 13:07 - 2022-04-18 13:23 - 000002766 _____ C:\Users\gregory\Desktop\AdwCleaner[C03].txt
2022-04-18 12:59 - 2022-04-18 12:59 - 008551608 _____ (Malwarebytes) C:\Users\gregory\Desktop\adwcleaner.exe
2022-04-18 12:25 - 2022-04-18 12:53 - 000057979 _____ C:\Users\gregory\Desktop\ZHPFix.txt
2022-04-18 12:04 - 2022-04-18 12:04 - 002443448 _____ (Malwarebytes) C:\Users\gregory\Downloads\MBSetup (1).exe
2022-04-18 11:27 - 2022-04-18 11:23 - 002443448 _____ (Malwarebytes) C:\Users\gregory\Desktop\MBSetup.exe
2022-04-18 11:23 - 2022-04-18 11:23 - 002443448 _____ (Malwarebytes) C:\Users\gregory\Downloads\MBSetup.exe
2022-04-18 11:22 - 2022-04-18 11:22 - 008540344 _____ (Malwarebytes) C:\Users\gregory\Downloads\adwcleaner_8.3.1.exe
2022-04-17 23:56 - 2022-04-19 17:23 - 000000000 ____D C:\FRST
2022-04-17 23:39 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Desktop\FRST64.exe
2022-04-17 23:36 - 2022-04-17 23:38 - 002366464 _____ (Farbar) C:\Users\gregory\Downloads\FRST64.exe
2022-04-17 23:23 - 2022-04-18 21:21 - 000000000 ____D C:\Users\gregory\AppData\Roaming\ZHP
2022-04-17 23:23 - 2022-04-18 18:12 - 000000000 ____D C:\Users\gregory\AppData\Local\ZHP
2022-04-17 23:20 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Desktop\ZHPSuite.exe
2022-04-17 23:16 - 2022-04-17 23:19 - 003482312 _____ (Nicolas Coolman) C:\Users\gregory\Downloads\ZHPSuite.exe
2022-04-17 20:49 - 2022-04-17 20:49 - 000000000 ___HD C:\$WinREAgent
2022-03-31 22:47 - 2022-03-31 22:47 - 004243999 _____ C:\Users\gregory\Downloads\mini excavator manual.pdf
2022-03-29 20:48 - 2022-03-29 20:48 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes (1).pdf
2022-03-28 20:44 - 2022-03-28 20:44 - 000016336 _____ C:\Users\gregory\Downloads\file (43).pdf
2022-03-28 19:17 - 2022-03-28 19:18 - 001123061 _____ C:\Users\gregory\Downloads\FR_DX27Z_DX35Z_Preliminary_Brochure_D4601120_02-2022_LowRes.pdf
2022-03-28 19:09 - 2022-03-28 22:49 - 000000648 _____ C:\Users\gregory\advanced_ip_scanner_MAC.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Comments.bin
2022-03-28 19:09 - 2022-03-28 22:49 - 000000015 _____ C:\Users\gregory\advanced_ip_scanner_Aliases.bin
2022-03-28 19:09 - 2022-03-28 19:09 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170944590.pdf
2022-03-28 19:07 - 2022-03-28 19:07 - 000105516 _____ C:\Users\gregory\Downloads\bpost-label - 2022-03-28T170745138.pdf
2022-03-28 17:51 - 2022-03-28 17:51 - 000001057 _____ C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2022-03-28 17:51 - 2022-03-28 17:51 - 000000000 ____D C:\Program Files (x86)\Advanced IP Scanner
2022-03-28 17:50 - 2022-03-28 17:50 - 020385120 _____ (Famatech Corp. ) C:\Users\gregory\Downloads\Advanced_IP_Scanner_2.5.3850.exe
2022-03-28 17:37 - 2022-03-28 17:37 - 000000000 ____D C:\Users\gregory\AppData\Local\D3DSCache
2022-03-27 21:29 - 2022-03-27 21:29 - 000136317 _____ C:\Users\gregory\Downloads\GCF0C_FR_ComfyFlex_gas.pdf
2022-03-26 20:53 - 2022-03-26 20:53 - 000874172 _____ C:\Users\gregory\Downloads\Excavator_40178_Conditions-particulieres_FR.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Downloads\Topographie-de-la-douleur.pdf
2022-03-25 21:54 - 2022-03-25 21:54 - 000252561 _____ C:\Users\gregory\Desktop\Topographie-de-la-douleur.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-19 17:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-19 17:19 - 2016-03-11 06:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-19 17:08 - 2016-03-11 06:34 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-19 17:06 - 2020-10-26 01:14 - 000004180 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{73CC9617-0FDB-4378-87B1-87E74F36F536}
2022-04-19 17:03 - 2016-03-12 13:14 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-19 17:02 - 2016-03-11 04:10 - 000000000 __SHD C:\Users\gregory\IntelGraphicsProfiles
2022-04-18 21:14 - 2016-03-18 20:24 - 000000000 ____D C:\Users\gregory\AppData\Roaming\Nitro PDF
2022-04-18 21:02 - 2021-12-12 21:18 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-04-18 21:02 - 2020-10-26 01:14 - 000003382 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2852684532-2492962048-194019044-1001
2022-04-18 21:02 - 2020-10-26 00:47 - 000002430 _____ C:\Users\gregory\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-18 21:01 - 2020-10-26 00:59 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-18 21:01 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-04-18 21:01 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-04-18 21:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-18 20:55 - 2022-02-15 21:41 - 000003974 _____ C:\WINDOWS\system32\Tasks\AVG Secure VPN Update
2022-04-18 20:55 - 2022-02-15 21:41 - 000000000 ____D C:\ProgramData\AVG
2022-04-18 20:54 - 2020-10-26 01:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-18 20:53 - 2020-10-26 00:38 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-18 20:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-04-18 20:52 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-04-18 19:38 - 2020-10-26 00:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-18 18:37 - 2021-06-30 20:07 - 000000000 ____D C:\Users\gregory\Desktop\Photo logo
2022-04-18 14:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-18 14:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-18 13:57 - 2016-07-03 12:55 - 000000000 ____D C:\Users\gregory\Downloads\File Scavenger 3.2
2022-04-18 13:28 - 2020-02-24 22:10 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-18 13:28 - 2018-01-19 21:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-18 13:25 - 2020-02-24 22:08 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-18 13:24 - 2022-02-15 21:41 - 000036120 _____ (Avast Software) C:\WINDOWS\system32\icarus_rvrt.exe
2022-04-18 13:21 - 2021-11-30 20:25 - 000000000 ____D C:\Users\gregory\AppData\Roaming\discord
2022-04-18 13:19 - 2021-11-30 20:24 - 000000000 ____D C:\Users\gregory\AppData\Local\Discord
2022-04-18 13:15 - 2016-03-11 04:11 - 000000000 ____D C:\Users\gregory\AppData\Local\Lenovo
2022-04-18 13:06 - 2020-10-26 01:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Lenovo
2022-04-18 11:26 - 2020-10-26 01:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-04-18 11:24 - 2021-12-13 20:47 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-04-17 23:41 - 2020-10-07 20:27 - 000000000 ____D C:\Users\gregory\Desktop\creche
2022-04-17 23:39 - 2020-11-23 21:37 - 000000000 ____D C:\Users\gregory\Desktop\aqua
2022-04-17 23:17 - 2021-03-17 21:08 - 000000000 ____D C:\Users\gregory\Desktop\h2o
2022-04-17 23:14 - 2021-04-03 22:26 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-17 21:30 - 2020-06-11 20:18 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-17 20:24 - 2020-10-26 20:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6ab22389ed921
2022-04-17 20:24 - 2020-10-26 01:14 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-29 21:55 - 2022-02-08 22:31 - 000000000 ____D C:\Users\gregory\Desktop\ikea
2022-03-28 22:49 - 2022-02-06 22:13 - 000000026 _____ C:\Users\gregory\Desktop\ip chaudiere.txt
2022-03-28 19:09 - 2020-10-26 00:47 - 000000000 ____D C:\Users\gregory
==================== Fichiers à la racine de certains dossiers ========
2019-03-28 20:26 - 2019-03-28 20:26 - 007505920 _____ () C:\Program Files (x86)\GUTEADC.tmp
2018-09-14 22:33 - 2021-07-17 23:05 - 000000033 _____ () C:\Users\gregory\AppData\Roaming\AdobeWLCMCache.dat
2017-03-01 21:58 - 2018-11-20 20:35 - 000000600 _____ () C:\Users\gregory\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================