Publicité
Publicité
Commentaire : Voici le 1er dossier après élimination de Cool
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2022
Exécuté par xavie (administrateur) sur XAVIER (20-06-2022 07:25:45)
Exécuté depuis C:\Users\xavie\Downloads
Profils chargés: xavie
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1766 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(American Greetings, Inc. -> Webshots.com) C:\Program Files (x86)\Webshots\Webshots.scr
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFile\WiFileTransfer.exe
(C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\ASUSRelayWS.exe
(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WD Desktop App\kdd.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\laclient\laclient.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\59.0.3.0\crashpad_handler.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Molotov -> Molotov) C:\Users\xavie\AppData\Local\Programs\molotov\Molotov.exe <6>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <3>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(explorer.exe ->) (Threefold Photos, Inc. -> Webshots) C:\Users\xavie\AppData\Local\Programs\webshots\Webshots.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <18>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\EZCast Lite\EZCastLiteService.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.77\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-04-02] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFile\WiFileTransfer.exe [1391408 2017-09-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5085848 2021-12-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49976 2014-08-01] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.) [Fichier non signé]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81379600 2022-03-11] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [24720 2020-05-10] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [730992 2018-10-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [Webshots] => C:\Users\xavie\AppData\Local\Programs\webshots\Webshots.exe [139627200 2022-02-18] (Threefold Photos, Inc. -> Webshots)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [Google Update] => C:\Users\xavie\AppData\Local\Google\Update\1.3.36.132\GoogleUpdateCore.exe [227512 2022-04-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [MicrosoftEdgeAutoLaunch_B678DB9773B25F51EE6C2027CF0E36FE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595168 2022-06-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\xavie\AppData\Local\Programs\webshots\saver\WEBSHO~1.SCR [139609088 2022-02-18] (Webshots) [Fichier non signé]
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\Canon iP4900 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAW.DLL [30208 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon iX6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC0.DLL [30208 2013-08-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4900 series: C:\Windows\system32\CNMLMAW.DLL [385536 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iX6800 series: C:\Windows\system32\CNMLMC0.DLL [391168 2013-08-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-10] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-10-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-05-13]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk [2021-07-27]
ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-000000000002}\SC_Acrobat.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2022-03-30]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\xavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk [2022-03-30]
ShortcutTarget: Webshots.lnk -> C:\Program Files (x86)\Webshots\Launcher.exe (American Greetings, Inc. -> Webshots.com)
BootExecute: autocheck autochk autopartntautopartnt*
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {033E33B9-3E2D-480A-AF8C-048DC05F7FD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-06-10] (Google Inc -> Google LLC)
Task: {1976B008-CB36-40BC-8DE7-33DFC4955F2B} - System32\Tasks\WD Device Agent Task xavie => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [723728 2022-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {24C658A2-FA1E-4A77-8356-ED4A838372C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-774505180-2724163677-2308238838-1001Core => C:\Users\xavie\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-09-21] (Google LLC -> Google LLC)
Task: {302066A9-F8A4-4A9A-855E-755ADA01C702} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {39562492-121E-4E54-95C2-23ADA3E12963} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {56D66D86-E7C6-43B4-8E13-EF925E8247C4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {5B0882DE-E38A-4FAF-8A50-02A415DB17EA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {60D5273C-FD3B-4DE3-85D8-197E646F6DB8} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2019-05-22] (ASUSTeK Computer Inc. -> TODO:)
Task: {668E7733-73D6-45BF-A773-EA80B9928810} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-774505180-2724163677-2308238838-1001UA => C:\Users\xavie\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-09-21] (Google LLC -> Google LLC)
Task: {7A456E30-4FD0-48CC-BCF4-592CCD937A01} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1509424 2019-06-14] (ASUSTeK Computer Inc. -> )
Task: {802E6A78-D065-476B-A024-1F20804A863C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304072 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {80853281-3593-45E3-AE5B-008178EAB3B0} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2110000 2019-04-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {80A4FE67-5702-42B4-9A74-1D4EA12AFA93} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8308CF55-A2E4-414D-88B2-5738748C1F5C} - System32\Tasks\CCleanerSkipUAC - xavie => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8E2AD6BF-F354-4BA4-8835-989B73979909} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-06-10] (Google Inc -> Google LLC)
Task: {A4E95E95-5F6B-4A09-A14B-738CCE321841} - System32\Tasks\WD Discovery Service Task xavie => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [78608 2022-03-11] (Western Digital Technologies, Inc. -> )
Task: {C5046E6B-F5EC-4653-AE38-E47265EE8821} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C637D14B-2FC9-496D-A6F2-D4D3112E62CD} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {D5860439-92C3-4442-8095-FB6E2CCE2C64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304072 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D596050D-2A32-49EE-980A-AE4D224CC703} - System32\Tasks\ASUS\ASUS File Transfer Server Launcher => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe [1898480 2017-09-19] (ASUSTeK Computer Inc. -> TODO:)
Task: {DFAE0159-8EEE-4A27-A39A-D551323B1022} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1467752 2019-06-21] (ASUSTeK Computer Inc. -> )
Task: {F4FA0814-906A-445A-BBDA-78A592526BB4} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {F67CE105-E67D-405F-A5E0-BC2ABB46EAEB} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {FDA92AF3-4CB1-4266-A6D1-D958AC71ED0E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d3d6bc91-4f3c-4ec9-b9a5-bc651fa27aa1}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\xavie\Downloads
Edge Notifications: HKU\S-1-5-21-774505180-2724163677-2308238838-1001 -> hxxps://www.1formatik.com; hxxps://www.facebook.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-20]
Edge Extension: (Outlook) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-11-04]
Edge Extension: (Dashlane - Gestionnaire de mots de passe) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gehmmocbbkpblljhkekmfhjpfbkclbph [2022-06-17]
Edge Extension: (Word) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-11-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-17]
Edge Extension: (Excel) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-11-04]
Edge Extension: (PowerPoint) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-11-04]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: u3sppxu6.default
FF ProfilePath: C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\u3sppxu6.default [2021-09-16]
FF ProfilePath: C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764 [2022-06-20]
FF Session Restore: Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764 -> est activé.
FF Extension: (HTML5 Video Everywhere) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\h5vew@tik.tn.xpi [2021-09-20]
FF Extension: (uBlock Origin) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\uBlock0@raymondhill.net.xpi [2022-06-14]
FF Extension: (Space in the Rocks II) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{06842023-0900-463f-a020-f61534ab0f28}.xpi [2021-09-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-06-09]
FF Extension: (Вълни) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{2d247782-ee7b-4ffa-b083-45bec9cf9a37}.xpi [2021-09-20]
FF Extension: (Logitech SetPoint) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2021-09-20]
FF Extension: (A Color Within Another Color) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{9e420261-1c2f-4eb7-a9f0-dc7292f17459}.xpi [2021-12-01]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-06-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2022-03-09] [non signé]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll [2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-774505180-2724163677-2308238838-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\xavie\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-774505180-2724163677-2308238838-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\xavie\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-06-20]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default [2022-06-20]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.com","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Weather Avenue) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\baampgkagbmhnlhleemfbpecfjpakffj [2020-07-19]
CHR Extension: (Adblock pour Youtube™) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-05-18]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2020-07-19]
CHR Extension: (Proper Menubar for Google Chrome) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\egclcjdpndeoioimlbbbmdhcaopnedkp [2021-09-27]
CHR Extension: (ExpressVPN : proxy VPN pour une connexion sécurisée) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-11-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-10]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-774505180-2724163677-2308238838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-06-18]
BRA Extension: (Application Launcher for Drive (by Google)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-10-23]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-10-23]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-07-08]
BRA Extension: (Brave NTP sponsored images) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\ejhkplcmfikggnbclnmlknehecbgkpoc [2020-10-23]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2020-10-23]
BRA Extension: (Brave User Model Installer) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2020-10-02]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-10-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-10-02]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10426224 2021-12-23] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2021-07-27] (Adobe Systems) [Fichier non signé]
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6382320 2022-03-12] (Acronis International GmbH -> )
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3848888 2022-05-13] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.77\AsusFanControlService.exe [2061872 2019-05-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988384 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730288 2018-10-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [151616 2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-04-02] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-04-02] (ESET, spol. s r.o. -> ESET)
R2 EZCastLiteService; C:\Program Files (x86)\EZCast Lite\EZCastLiteService.exe [259072 2020-10-30] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-17] (Malwarebytes Inc. -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2021-12-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-03-25] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1928184 2021-12-23] (Acronis International GmbH -> )
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7393448 2021-12-23] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13274600 2022-04-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [25728 2019-06-14] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2020-06-10] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2020-06-10] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [183888 2022-04-02] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107944 2022-04-02] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\Windows\System32\DRIVERS\edevmonm.sys [108512 2022-04-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [226264 2022-04-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [111624 2022-04-02] (ESET, spol. s r.o. -> ESET)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [701064 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [390592 2022-03-12] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [182832 2020-06-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2019-03-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-04-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tib; C:\Windows\system32\DRIVERS\tib.sys [883256 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [171968 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [693768 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [330176 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2022-03-12] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\Windows\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\Windows\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-20 07:25 - 2022-06-20 07:25 - 000000000 ____D C:\Users\xavie\Downloads\FRST-OlderVersion
2022-06-18 19:23 - 2022-06-18 19:23 - 000001829 _____ C:\Users\xavie\Desktop\Réalisé complet au 11.12.20 2021.xlsx - Raccourci.lnk
2022-06-18 19:22 - 2022-06-18 19:24 - 000001137 _____ C:\Users\xavie\Desktop\Réalisé complet au 1.1.2022.xlsx - Raccourci (2).lnk
2022-06-18 16:26 - 2022-06-18 16:26 - 000002514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-18 16:26 - 2022-06-18 16:26 - 000002352 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-18 11:59 - 2022-06-18 12:03 - 000065544 _____ C:\Users\xavie\Downloads\Addition.txt
2022-06-18 11:58 - 2022-06-20 07:26 - 000045139 _____ C:\Users\xavie\Downloads\FRST.txt
2022-06-18 11:44 - 2022-06-20 07:26 - 000000000 ____D C:\FRST
2022-06-18 11:44 - 2022-06-20 07:25 - 002369024 _____ (Farbar) C:\Users\xavie\Downloads\FRST64.exe
2022-06-18 11:23 - 2022-06-18 11:23 - 000001039 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-06-18 11:23 - 2022-06-18 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-06-18 11:23 - 2022-06-18 11:23 - 000000000 ____D C:\Program Files\VS Revo Group
2022-06-18 11:22 - 2022-06-18 11:22 - 007513880 _____ (VS Revo Group ) C:\Users\xavie\Downloads\revosetup.exe
2022-06-17 07:57 - 2022-06-17 07:57 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000479744 _____ C:\Windows\system32\AssignedAccessCsp.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000232288 _____ C:\Windows\system32\containerdevicemanagement.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000104448 _____ C:\Windows\system32\nettraceex.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000011787 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-06-17 07:51 - 2022-06-17 07:51 - 000000000 ___HD C:\$WinREAgent
2022-06-16 14:57 - 2022-06-16 14:57 - 000001823 _____ C:\Users\Public\Desktop\Vuze.lnk
2022-06-16 14:57 - 2022-06-16 14:57 - 000001823 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2022-06-16 14:57 - 2022-06-16 14:57 - 000000000 ____D C:\Users\xavie\.swt
2022-06-16 14:56 - 2022-06-17 07:45 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Azureus
2022-06-16 14:56 - 2022-06-16 14:56 - 000091808 _____ (Azureus Software, Inc.) C:\Users\xavie\Downloads\VuzeBittorrentClientInstaller.exe
2022-06-11 07:00 - 2022-06-11 07:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-06-10 18:57 - 2022-06-12 06:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-03 18:09 - 2022-06-05 07:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-05-25 23:23 - 2022-05-25 23:23 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-05-25 23:23 - 2022-05-25 23:23 - 000002201 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-05-25 09:26 - 2022-05-25 09:26 - 000975300 _____ C:\Users\xavie\Documents\IMG_20220525_0001.pdf
2022-05-25 09:25 - 2022-05-25 09:26 - 000000000 ___HD C:\ProgramData\CanonIJScan
2022-05-25 09:25 - 2022-05-25 09:25 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Canon
2022-05-25 09:10 - 2022-05-25 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2022-05-25 09:10 - 2022-05-25 09:10 - 000000000 ____D C:\Program Files (x86)\Canon
2022-05-25 09:09 - 2022-05-25 09:09 - 000000000 ___HD C:\ProgramData\CanonIJFAX
2022-05-25 09:09 - 2014-08-18 08:59 - 000092928 _____ C:\Windows\SysWOW64\CNC1787D.TBL
2022-05-25 09:09 - 2014-07-08 11:09 - 000353792 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_CKL.dll
2022-05-25 09:09 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2022-05-25 09:05 - 2022-05-25 09:05 - 000000000 ___HD C:\Program Files\CanonBJ
2022-05-25 09:05 - 2015-01-29 18:41 - 000312832 _____ (CANON INC.) C:\Windows\system32\CNC_CKC.dll
2022-05-25 09:05 - 2015-01-29 18:41 - 000123392 _____ (CANON INC.) C:\Windows\system32\CNC_CKI.dll
2022-05-25 09:05 - 2014-09-22 06:00 - 000303104 _____ (CANON INC.) C:\Windows\system32\CNCALCK.DLL
2022-05-25 09:05 - 2014-09-10 05:00 - 000406528 _____ (CANON INC.) C:\Windows\system32\CNMLMCK.DLL
2022-05-25 09:05 - 2014-08-18 08:59 - 000092928 _____ C:\Windows\system32\CNC1787D.TBL
2022-05-25 09:05 - 2014-07-08 11:10 - 000387584 _____ (CANON INC.) C:\Windows\system32\CNC_CKL.dll
2022-05-25 09:05 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2022-05-25 09:04 - 2022-05-25 09:04 - 033869440 _____ C:\Users\xavie\Downloads\mp68-win-mx490-1_02-ea33_3.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-20 07:26 - 2021-06-26 08:24 - 000000000 ____D C:\Users\xavie\Documents\Webshots
2022-06-20 07:23 - 2020-07-31 12:15 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Molotov
2022-06-20 07:21 - 2020-06-10 19:04 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-20 07:21 - 2020-06-10 14:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-06-20 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-20 07:09 - 2020-06-10 19:14 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Webshots
2022-06-20 06:52 - 2022-05-11 12:30 - 000787844 _____ C:\Windows\system32\perfh00C.dat
2022-06-20 06:52 - 2022-05-11 12:30 - 000148780 _____ C:\Windows\system32\perfc00C.dat
2022-06-20 06:52 - 2020-06-10 15:04 - 001761484 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-20 06:52 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-06-20 06:47 - 2022-02-09 08:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-20 06:47 - 2020-06-10 16:02 - 000000000 ____D C:\ProgramData\Mozilla
2022-06-20 06:47 - 2019-01-09 10:44 - 000000000 ____D C:\Program Files\CCleaner
2022-06-20 06:46 - 2021-12-24 17:21 - 000000000 ____D C:\Users\xavie\.wdc
2022-06-20 06:46 - 2020-06-10 16:02 - 000000000 ____D C:\Users\xavie\AppData\LocalLow\Mozilla
2022-06-20 06:45 - 2022-04-11 15:05 - 000000000 ____D C:\Program Files\Microsoft Office
2022-06-20 06:45 - 2021-12-24 17:22 - 000000000 ____D C:\Users\xavie\AppData\Roaming\WD Discovery
2022-06-20 06:45 - 2021-04-25 10:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-20 06:45 - 2020-06-10 19:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-06-20 06:45 - 2020-06-10 15:38 - 000000000 ____D C:\ProgramData\ASUS
2022-06-20 06:45 - 2020-06-10 15:28 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-20 06:45 - 2020-06-10 14:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-20 06:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-06-18 19:18 - 2020-06-10 15:32 - 000000000 ____D C:\Users\xavie\AppData\Local\Packages
2022-06-18 19:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-18 19:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-06-18 18:27 - 2021-12-28 14:57 - 000004097 _____ C:\Users\xavie\Desktop\CCleaner.lnk
2022-06-18 17:23 - 2022-04-02 13:43 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-06-18 17:22 - 2020-12-16 11:26 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-06-18 16:15 - 2020-06-10 15:28 - 000000000 ____D C:\Users\xavie
2022-06-18 11:41 - 2022-04-13 17:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-06-18 11:21 - 2020-06-10 15:33 - 000000000 ___RD C:\Users\xavie\OneDrive
2022-06-18 07:03 - 2021-07-28 20:00 - 000012466 _____ C:\Users\xavie\Documents\poids xavier.xlsx
2022-06-17 21:56 - 2021-05-22 09:09 - 000002327 _____ C:\Users\xavie\Desktop\Webshots.lnk
2022-06-17 16:57 - 2019-12-07 16:51 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-06-17 16:10 - 2022-05-03 06:57 - 000462104 _____ C:\Windows\system32\FNTCACHE.DAT
2022-06-17 16:08 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-06-17 16:08 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-06-17 16:08 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2022-06-17 07:59 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-06-17 07:57 - 2020-06-10 15:01 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-06-17 07:51 - 2020-06-13 08:31 - 000000000 ____D C:\Windows\system32\MRT
2022-06-17 07:49 - 2020-06-13 08:31 - 145918784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-06-16 14:57 - 2014-08-31 19:12 - 000000000 ____D C:\Program Files\Vuze
2022-06-15 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2022-06-12 06:20 - 2020-06-10 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-11 07:13 - 2020-11-04 09:24 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-11 07:13 - 2020-11-04 09:24 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-06-11 07:00 - 2020-06-10 16:02 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-10 06:23 - 2022-01-13 09:04 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-06-10 06:23 - 2021-09-11 17:41 - 000001859 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-06-10 06:23 - 2021-09-11 17:41 - 000001859 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-06-10 06:23 - 2021-09-11 17:41 - 000001847 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-06-10 06:23 - 2020-12-25 12:04 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-10 06:23 - 2020-12-25 12:04 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-07 09:33 - 2020-06-10 17:55 - 000000000 ____D C:\Users\xavie\Documents\EX231W-UserManual-all
2022-06-01 10:12 - 2022-04-11 15:31 - 000002364 _____ C:\Users\xavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-06-01 07:19 - 2020-06-10 15:32 - 000000000 ____D C:\ProgramData\Packages
2022-05-31 07:20 - 2020-06-26 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-05-25 23:23 - 2020-08-11 08:20 - 000000000 ____D C:\Program Files\Google
2022-05-25 09:09 - 2019-12-07 11:14 - 000000000 __RSD C:\Windows\Media
==================== Fichiers à la racine de certains dossiers ========
2022-03-30 09:33 - 2022-03-30 09:33 - 001533613 _____ (Igor Pavlov) C:\ProgramData\7z2107-x64.exe
2021-08-21 11:55 - 2021-08-21 11:55 - 104015384 _____ (Facebook, Inc.) C:\ProgramData\Messenger.97.11.116.exe
2021-08-21 12:26 - 2021-08-21 12:26 - 129598664 _____ (WhatsApp) C:\ProgramData\WhatsAppSetup.exe
2022-01-06 08:26 - 2022-01-06 08:26 - 001016632 _____ (WinZip Computing) C:\ProgramData\winzip26-downwz.exe
2022-03-30 09:10 - 2022-03-30 09:10 - 001016648 _____ (WinZip Computing) C:\ProgramData\winzip26.exe
2021-07-27 12:03 - 2021-07-27 12:03 - 000004454 _____ () C:\Users\xavie\AppData\Roaming\Microsoft\PowerPoint - Raccourci.lnk
2021-07-27 12:18 - 2021-07-27 12:18 - 000004411 _____ () C:\Users\xavie\AppData\Roaming\Microsoft\Publisher - Raccourci.lnk
2021-04-21 11:08 - 2021-04-21 11:08 - 000001013 _____ () C:\Users\xavie\AppData\Local\key-73f76fa0-64e4-4e48-aa45-aaf279660b16.xml
2020-07-20 18:25 - 2020-07-20 18:25 - 000001015 _____ () C:\Users\xavie\AppData\Local\key-e0a18ee1-398e-4fdc-bfb8-7fc12d8864b5.xml
2022-05-19 09:51 - 2022-05-19 09:51 - 000000886 _____ () C:\Users\xavie\AppData\Local\recently-used.xbel
2020-07-24 10:10 - 2020-07-24 10:10 - 000000017 _____ () C:\Users\xavie\AppData\Local\resmon.resmoncfg
2021-12-29 17:02 - 2021-12-29 17:02 - 000000056 _____ () C:\Users\xavie\AppData\Local\X-Plane 11 Preferences.prf
2021-05-24 07:47 - 2021-12-29 20:14 - 000000037 _____ () C:\Users\xavie\AppData\Local\X-Plane Installer.prf
2021-05-23 15:32 - 2021-12-29 17:05 - 000000075 _____ () C:\Users\xavie\AppData\Local\X-Plane_drm_11.prf
2021-05-23 15:33 - 2021-12-29 17:06 - 000000032 _____ () C:\Users\xavie\AppData\Local\x-plane_install_11.txt
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par xavie (administrateur) sur XAVIER (20-06-2022 07:25:45)
Exécuté depuis C:\Users\xavie\Downloads
Profils chargés: xavie
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1766 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe
(Adobe Systems Inc.) [Fichier non signé] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe
(American Greetings, Inc. -> Webshots.com) C:\Program Files (x86)\Webshots\Webshots.scr
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFile\WiFileTransfer.exe
(C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
(C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\ASUSRelayWS.exe
(C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(C:\Program Files\ESET\ESET Security\ekrn.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\WD Desktop App\kdd.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(C:\ProgramData\LogiShrd\LogiOptions\Software\Current\LogiOptionsMgr.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\LogiShrd\LogiOptions\Software\Current\laclient\laclient.exe
(C:\Windows\SysWOW64\cmd.exe ->) (Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(explorer.exe ->) (Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\59.0.3.0\crashpad_handler.exe <4>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Molotov -> Molotov) C:\Users\xavie\AppData\Local\Programs\molotov\Molotov.exe <6>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <3>
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <5>
(explorer.exe ->) (Threefold Photos, Inc. -> Webshots) C:\Users\xavie\AppData\Local\Programs\webshots\Webshots.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <18>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) () [Fichier non signé] C:\Program Files (x86)\EZCast Lite\EZCastLiteService.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
(services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.77\AsusFanControlService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe
(services.exe ->) (ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(services.exe ->) (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(svchost.exe ->) (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe <4>
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [827200 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [168064 2022-04-02] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2109064 2019-11-27] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\WiFile\WiFileTransfer.exe [1391408 2017-09-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5085848 2021-12-23] (Acronis International GmbH -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49976 2014-08-01] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => C:\Program Files (x86)\Nuance\NaturallySpeaking13\Ereg\Ereg.exe [325960 2014-05-30] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 7.0] => C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe [483328 2004-12-14] (Adobe Systems Inc.) [Fichier non signé]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706344 2021-09-27] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81379600 2022-03-11] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [24720 2020-05-10] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [730992 2018-10-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [Webshots] => C:\Users\xavie\AppData\Local\Programs\webshots\Webshots.exe [139627200 2022-02-18] (Threefold Photos, Inc. -> Webshots)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [116060024 2022-05-17] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [Google Update] => C:\Users\xavie\AppData\Local\Google\Update\1.3.36.132\GoogleUpdateCore.exe [227512 2022-04-20] (Google LLC -> Google LLC)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [36836592 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\...\Run: [MicrosoftEdgeAutoLaunch_B678DB9773B25F51EE6C2027CF0E36FE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595168 2022-06-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-774505180-2724163677-2308238838-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\xavie\AppData\Local\Programs\webshots\saver\WEBSHO~1.SCR [139609088 2022-02-18] (Webshots) [Fichier non signé]
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\59.0.3.0\GoogleDriveFS.exe [55420816 2022-06-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Windows x64\Print Processors\Canon iP4900 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAW.DLL [30208 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon iX6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC0.DLL [30208 2013-08-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\Windows\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iP4900 series: C:\Windows\system32\CNMLMAW.DLL [385536 2011-05-23] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor iX6800 series: C:\Windows\system32\CNMLMC0.DLL [391168 2013-08-26] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\Windows\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-10] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk [2020-10-17]
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2022-05-13]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Acrobat.lnk [2021-07-27]
ShortcutTarget: Lancement rapide d'Adobe Acrobat.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-BA7E-000000000002}\SC_Acrobat.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2022-03-30]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
Startup: C:\Users\xavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Webshots.lnk [2022-03-30]
ShortcutTarget: Webshots.lnk -> C:\Program Files (x86)\Webshots\Launcher.exe (American Greetings, Inc. -> Webshots.com)
BootExecute: autocheck autochk autopartntautopartnt*
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {033E33B9-3E2D-480A-AF8C-048DC05F7FD1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-06-10] (Google Inc -> Google LLC)
Task: {1976B008-CB36-40BC-8DE7-33DFC4955F2B} - System32\Tasks\WD Device Agent Task xavie => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Device Agent.exe [723728 2022-03-11] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {24C658A2-FA1E-4A77-8356-ED4A838372C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-774505180-2724163677-2308238838-1001Core => C:\Users\xavie\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-09-21] (Google LLC -> Google LLC)
Task: {302066A9-F8A4-4A9A-855E-755ADA01C702} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {39562492-121E-4E54-95C2-23ADA3E12963} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {56D66D86-E7C6-43B4-8E13-EF925E8247C4} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {5B0882DE-E38A-4FAF-8A50-02A415DB17EA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [144800 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {60D5273C-FD3B-4DE3-85D8-197E646F6DB8} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [4329008 2019-05-22] (ASUSTeK Computer Inc. -> TODO:
Task: {668E7733-73D6-45BF-A773-EA80B9928810} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-774505180-2724163677-2308238838-1001UA => C:\Users\xavie\AppData\Local\Google\Update\GoogleUpdate.exe [156104 2020-09-21] (Google LLC -> Google LLC)
Task: {7A456E30-4FD0-48CC-BCF4-592CCD937A01} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [1509424 2019-06-14] (ASUSTeK Computer Inc. -> )
Task: {802E6A78-D065-476B-A024-1F20804A863C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304072 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {80853281-3593-45E3-AE5B-008178EAB3B0} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2110000 2019-04-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
Task: {80A4FE67-5702-42B4-9A74-1D4EA12AFA93} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8308CF55-A2E4-414D-88B2-5738748C1F5C} - System32\Tasks\CCleanerSkipUAC - xavie => C:\Program Files\CCleaner\CCleaner.exe [30924528 2022-05-11] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {8E2AD6BF-F354-4BA4-8835-989B73979909} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2020-06-10] (Google Inc -> Google LLC)
Task: {A4E95E95-5F6B-4A09-A14B-738CCE321841} - System32\Tasks\WD Discovery Service Task xavie => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [78608 2022-03-11] (Western Digital Technologies, Inc. -> )
Task: {C5046E6B-F5EC-4653-AE38-E47265EE8821} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [67472 2022-05-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {C637D14B-2FC9-496D-A6F2-D4D3112E62CD} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {D5860439-92C3-4442-8095-FB6E2CCE2C64} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [8304072 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {D596050D-2A32-49EE-980A-AE4D224CC703} - System32\Tasks\ASUS\ASUS File Transfer Server Launcher => C:\Program Files (x86)\ASUS\AI Suite III\File Transfer\Wi-Fi GO! AssistTool\File Transfer Server Launcher.exe [1898480 2017-09-19] (ASUSTeK Computer Inc. -> TODO:
Task: {DFAE0159-8EEE-4A27-A39A-D551323B1022} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [1467752 2019-06-21] (ASUSTeK Computer Inc. -> )
Task: {F4FA0814-906A-445A-BBDA-78A592526BB4} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {F67CE105-E67D-405F-A5E0-BC2ABB46EAEB} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [3158704 2022-03-03] (Corel Corporation -> Corel Corporation)
Task: {FDA92AF3-4CB1-4266-A6D1-D958AC71ED0E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-31] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d3d6bc91-4f3c-4ec9-b9a5-bc651fa27aa1}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\xavie\Downloads
Edge Notifications: HKU\S-1-5-21-774505180-2724163677-2308238838-1001 -> hxxps://www.1formatik.com; hxxps://www.facebook.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-20]
Edge Extension: (Outlook) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-11-04]
Edge Extension: (Dashlane - Gestionnaire de mots de passe) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gehmmocbbkpblljhkekmfhjpfbkclbph [2022-06-17]
Edge Extension: (Word) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-11-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-17]
Edge Extension: (Excel) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-11-04]
Edge Extension: (PowerPoint) - C:\Users\xavie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-11-04]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: u3sppxu6.default
FF ProfilePath: C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\u3sppxu6.default [2021-09-16]
FF ProfilePath: C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764 [2022-06-20]
FF Session Restore: Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764 -> est activé.
FF Extension: (HTML5 Video Everywhere) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\h5vew@tik.tn.xpi [2021-09-20]
FF Extension: (uBlock Origin) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\uBlock0@raymondhill.net.xpi [2022-06-14]
FF Extension: (Space in the Rocks II) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{06842023-0900-463f-a020-f61534ab0f28}.xpi [2021-09-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-06-09]
FF Extension: (Вълни) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{2d247782-ee7b-4ffa-b083-45bec9cf9a37}.xpi [2021-09-20]
FF Extension: (Logitech SetPoint) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2021-09-20]
FF Extension: (A Color Within Another Color) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{9e420261-1c2f-4eb7-a9f0-dc7292f17459}.xpi [2021-12-01]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\xavie\AppData\Roaming\Mozilla\Firefox\Profiles\b0iwcs0m.default-release-1632145716764\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-06-01]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2022-03-09] [non signé]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\x64\npDgnRia2_x64.dll [2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\dtplugin\npDeployJava1.dll [2021-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.311.2 -> C:\Program Files (x86)\Java\jre1.8.0_311\bin\plugin2\npjp2.dll [2021-11-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-04-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking13\Program\npDgnRia2.dll [2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
FF Plugin HKU\S-1-5-21-774505180-2724163677-2308238838-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\xavie\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-774505180-2724163677-2308238838-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\xavie\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2022-06-20]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default [2022-06-20]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://www.google.com/","hxxps://www.google.com/","hxxp://www.google.com","hxxps://www.google.com/","hxxps://www.google.com/"
CHR Extension: (Weather Avenue) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\baampgkagbmhnlhleemfbpecfjpakffj [2020-07-19]
CHR Extension: (Adblock pour Youtube™) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2022-05-18]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2020-07-19]
CHR Extension: (Proper Menubar for Google Chrome) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\egclcjdpndeoioimlbbbmdhcaopnedkp [2021-09-27]
CHR Extension: (ExpressVPN : proxy VPN pour une connexion sécurisée) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgddmllnllkalaagkghckoinaemmogpe [2021-11-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-20]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-05-17]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-10]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xavie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR HKU\S-1-5-21-774505180-2724163677-2308238838-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-06-18]
BRA Extension: (Application Launcher for Drive (by Google)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-10-23]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2020-10-23]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2020-10-23]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-07-08]
BRA Extension: (Brave NTP sponsored images) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\ejhkplcmfikggnbclnmlknehecbgkpoc [2020-10-23]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2020-10-23]
BRA Extension: (Brave User Model Installer) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2020-10-02]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-10-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\xavie\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2020-10-02]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [10426224 2021-12-23] (Acronis International GmbH -> )
R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1264400 2021-02-12] (Acronis International GmbH -> Acronis International GmbH)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2021-07-27] (Adobe Systems) [Fichier non signé]
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6382320 2022-03-12] (Acronis International GmbH -> )
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3848888 2022-05-13] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\4.00.38\atkexComSvc.exe [440368 2019-04-09] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.77\AsusFanControlService.exe [2061872 2019-05-14] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988384 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3730288 2018-10-17] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [151616 2014-11-04] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-04-02] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3210720 2022-04-02] (ESET, spol. s r.o. -> ESET)
R2 EZCastLiteService; C:\Program Files (x86)\EZCast Lite\EZCastLiteService.exe [259072 2020-10-30] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8524512 2022-05-17] (Malwarebytes Inc. -> Malwarebytes)
R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4882992 2021-12-23] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2019-03-25] (Acronis International GmbH -> Acronis International GmbH)
S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1928184 2021-12-23] (Acronis International GmbH -> )
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254368 2022-06-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7393448 2021-12-23] (Acronis International GmbH -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13274600 2022-04-05] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7095824 2020-03-31] (Acronis International GmbH -> Acronis International GmbH)
S2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [19256 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [19256 2020-10-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2017-06-01] (ASUSTeK Computer Inc. -> )
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [25728 2019-06-14] (ASUSTeK Computer Inc. -> )
R1 Asusgio2; C:\Windows\system32\drivers\AsIO2.sys [33832 2019-04-09] (ASUSTeK Computer Inc. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2020-06-10] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2020-06-10] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [183888 2022-04-02] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107944 2022-04-02] (ESET, spol. s r.o. -> ESET)
R1 edevmonm; C:\Windows\System32\DRIVERS\edevmonm.sys [108512 2022-04-02] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15824 2021-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [226264 2022-04-02] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [111624 2022-04-02] (ESET, spol. s r.o. -> ESET)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [701064 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [390592 2022-03-12] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R0 fltsrv; C:\Windows\System32\DRIVERS\fltsrv.sys [182832 2020-06-10] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
R1 googledrivefs3758; C:\Windows\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R4 IOMap; C:\Windows\system32\drivers\IOMap64.sys [34064 2019-03-21] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-04-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-04-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 tib; C:\Windows\system32\DRIVERS\tib.sys [883256 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [171968 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [693768 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [330176 2022-03-12] (Acronis International GmbH -> Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2022-03-12] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\Windows\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\Windows\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-20 07:25 - 2022-06-20 07:25 - 000000000 ____D C:\Users\xavie\Downloads\FRST-OlderVersion
2022-06-18 19:23 - 2022-06-18 19:23 - 000001829 _____ C:\Users\xavie\Desktop\Réalisé complet au 11.12.20 2021.xlsx - Raccourci.lnk
2022-06-18 19:22 - 2022-06-18 19:24 - 000001137 _____ C:\Users\xavie\Desktop\Réalisé complet au 1.1.2022.xlsx - Raccourci (2).lnk
2022-06-18 16:26 - 2022-06-18 16:26 - 000002514 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-18 16:26 - 2022-06-18 16:26 - 000002352 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-18 11:59 - 2022-06-18 12:03 - 000065544 _____ C:\Users\xavie\Downloads\Addition.txt
2022-06-18 11:58 - 2022-06-20 07:26 - 000045139 _____ C:\Users\xavie\Downloads\FRST.txt
2022-06-18 11:44 - 2022-06-20 07:26 - 000000000 ____D C:\FRST
2022-06-18 11:44 - 2022-06-20 07:25 - 002369024 _____ (Farbar) C:\Users\xavie\Downloads\FRST64.exe
2022-06-18 11:23 - 2022-06-18 11:23 - 000001039 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2022-06-18 11:23 - 2022-06-18 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2022-06-18 11:23 - 2022-06-18 11:23 - 000000000 ____D C:\Program Files\VS Revo Group
2022-06-18 11:22 - 2022-06-18 11:22 - 007513880 _____ (VS Revo Group ) C:\Users\xavie\Downloads\revosetup.exe
2022-06-17 07:57 - 2022-06-17 07:57 - 002260480 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000479744 _____ C:\Windows\system32\AssignedAccessCsp.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000232288 _____ C:\Windows\system32\containerdevicemanagement.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000104448 _____ C:\Windows\system32\nettraceex.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000040960 _____ C:\Windows\system32\uwfservicingapi.dll
2022-06-17 07:57 - 2022-06-17 07:57 - 000011787 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-06-17 07:51 - 2022-06-17 07:51 - 000000000 ___HD C:\$WinREAgent
2022-06-16 14:57 - 2022-06-16 14:57 - 000001823 _____ C:\Users\Public\Desktop\Vuze.lnk
2022-06-16 14:57 - 2022-06-16 14:57 - 000001823 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2022-06-16 14:57 - 2022-06-16 14:57 - 000000000 ____D C:\Users\xavie\.swt
2022-06-16 14:56 - 2022-06-17 07:45 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Azureus
2022-06-16 14:56 - 2022-06-16 14:56 - 000091808 _____ (Azureus Software, Inc.) C:\Users\xavie\Downloads\VuzeBittorrentClientInstaller.exe
2022-06-11 07:00 - 2022-06-11 07:00 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-06-10 18:57 - 2022-06-12 06:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-03 18:09 - 2022-06-05 07:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-05-25 23:23 - 2022-05-25 23:23 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2022-05-25 23:23 - 2022-05-25 23:23 - 000002201 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2022-05-25 09:26 - 2022-05-25 09:26 - 000975300 _____ C:\Users\xavie\Documents\IMG_20220525_0001.pdf
2022-05-25 09:25 - 2022-05-25 09:26 - 000000000 ___HD C:\ProgramData\CanonIJScan
2022-05-25 09:25 - 2022-05-25 09:25 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Canon
2022-05-25 09:10 - 2022-05-25 09:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2022-05-25 09:10 - 2022-05-25 09:10 - 000000000 ____D C:\Program Files (x86)\Canon
2022-05-25 09:09 - 2022-05-25 09:09 - 000000000 ___HD C:\ProgramData\CanonIJFAX
2022-05-25 09:09 - 2014-08-18 08:59 - 000092928 _____ C:\Windows\SysWOW64\CNC1787D.TBL
2022-05-25 09:09 - 2014-07-08 11:09 - 000353792 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_CKL.dll
2022-05-25 09:09 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2022-05-25 09:05 - 2022-05-25 09:05 - 000000000 ___HD C:\Program Files\CanonBJ
2022-05-25 09:05 - 2015-01-29 18:41 - 000312832 _____ (CANON INC.) C:\Windows\system32\CNC_CKC.dll
2022-05-25 09:05 - 2015-01-29 18:41 - 000123392 _____ (CANON INC.) C:\Windows\system32\CNC_CKI.dll
2022-05-25 09:05 - 2014-09-22 06:00 - 000303104 _____ (CANON INC.) C:\Windows\system32\CNCALCK.DLL
2022-05-25 09:05 - 2014-09-10 05:00 - 000406528 _____ (CANON INC.) C:\Windows\system32\CNMLMCK.DLL
2022-05-25 09:05 - 2014-08-18 08:59 - 000092928 _____ C:\Windows\system32\CNC1787D.TBL
2022-05-25 09:05 - 2014-07-08 11:10 - 000387584 _____ (CANON INC.) C:\Windows\system32\CNC_CKL.dll
2022-05-25 09:05 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\Windows\system32\CNHMCA6.dll
2022-05-25 09:04 - 2022-05-25 09:04 - 033869440 _____ C:\Users\xavie\Downloads\mp68-win-mx490-1_02-ea33_3.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-20 07:26 - 2021-06-26 08:24 - 000000000 ____D C:\Users\xavie\Documents\Webshots
2022-06-20 07:23 - 2020-07-31 12:15 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Molotov
2022-06-20 07:21 - 2020-06-10 19:04 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-20 07:21 - 2020-06-10 14:55 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-06-20 07:15 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-20 07:09 - 2020-06-10 19:14 - 000000000 ____D C:\Users\xavie\AppData\Roaming\Webshots
2022-06-20 06:52 - 2022-05-11 12:30 - 000787844 _____ C:\Windows\system32\perfh00C.dat
2022-06-20 06:52 - 2022-05-11 12:30 - 000148780 _____ C:\Windows\system32\perfc00C.dat
2022-06-20 06:52 - 2020-06-10 15:04 - 001761484 _____ C:\Windows\system32\PerfStringBackup.INI
2022-06-20 06:52 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-06-20 06:47 - 2022-02-09 08:22 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-20 06:47 - 2020-06-10 16:02 - 000000000 ____D C:\ProgramData\Mozilla
2022-06-20 06:47 - 2019-01-09 10:44 - 000000000 ____D C:\Program Files\CCleaner
2022-06-20 06:46 - 2021-12-24 17:21 - 000000000 ____D C:\Users\xavie\.wdc
2022-06-20 06:46 - 2020-06-10 16:02 - 000000000 ____D C:\Users\xavie\AppData\LocalLow\Mozilla
2022-06-20 06:45 - 2022-04-11 15:05 - 000000000 ____D C:\Program Files\Microsoft Office
2022-06-20 06:45 - 2021-12-24 17:22 - 000000000 ____D C:\Users\xavie\AppData\Roaming\WD Discovery
2022-06-20 06:45 - 2021-04-25 10:09 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-20 06:45 - 2020-06-10 19:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2022-06-20 06:45 - 2020-06-10 15:38 - 000000000 ____D C:\ProgramData\ASUS
2022-06-20 06:45 - 2020-06-10 15:28 - 000000000 ____D C:\ProgramData\NVIDIA
2022-06-20 06:45 - 2020-06-10 14:55 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-06-20 06:45 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-06-18 19:18 - 2020-06-10 15:32 - 000000000 ____D C:\Users\xavie\AppData\Local\Packages
2022-06-18 19:18 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-18 19:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-06-18 18:27 - 2021-12-28 14:57 - 000004097 _____ C:\Users\xavie\Desktop\CCleaner.lnk
2022-06-18 17:23 - 2022-04-02 13:43 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-06-18 17:22 - 2020-12-16 11:26 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-06-18 16:15 - 2020-06-10 15:28 - 000000000 ____D C:\Users\xavie
2022-06-18 11:41 - 2022-04-13 17:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-06-18 11:21 - 2020-06-10 15:33 - 000000000 ___RD C:\Users\xavie\OneDrive
2022-06-18 07:03 - 2021-07-28 20:00 - 000012466 _____ C:\Users\xavie\Documents\poids xavier.xlsx
2022-06-17 21:56 - 2021-05-22 09:09 - 000002327 _____ C:\Users\xavie\Desktop\Webshots.lnk
2022-06-17 16:57 - 2019-12-07 16:51 - 000000000 ____D C:\Windows\system32\FxsTmp
2022-06-17 16:10 - 2022-05-03 06:57 - 000462104 _____ C:\Windows\system32\FNTCACHE.DAT
2022-06-17 16:08 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-06-17 16:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-06-17 16:08 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-06-17 16:08 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2022-06-17 07:59 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-06-17 07:57 - 2020-06-10 15:01 - 002877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-06-17 07:51 - 2020-06-13 08:31 - 000000000 ____D C:\Windows\system32\MRT
2022-06-17 07:49 - 2020-06-13 08:31 - 145918784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-06-16 14:57 - 2014-08-31 19:12 - 000000000 ____D C:\Program Files\Vuze
2022-06-15 16:31 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Registration
2022-06-12 06:20 - 2020-06-10 16:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-11 07:13 - 2020-11-04 09:24 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-11 07:13 - 2020-11-04 09:24 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-06-11 07:00 - 2020-06-10 16:02 - 000000965 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-10 06:23 - 2022-01-13 09:04 - 000002017 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-06-10 06:23 - 2021-09-11 17:41 - 000001859 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-06-10 06:23 - 2021-09-11 17:41 - 000001859 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-06-10 06:23 - 2021-09-11 17:41 - 000001847 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-06-10 06:23 - 2020-12-25 12:04 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-10 06:23 - 2020-12-25 12:04 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-07 09:33 - 2020-06-10 17:55 - 000000000 ____D C:\Users\xavie\Documents\EX231W-UserManual-all
2022-06-01 10:12 - 2022-04-11 15:31 - 000002364 _____ C:\Users\xavie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2022-06-01 07:19 - 2020-06-10 15:32 - 000000000 ____D C:\ProgramData\Packages
2022-05-31 07:20 - 2020-06-26 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2022-05-25 23:23 - 2020-08-11 08:20 - 000000000 ____D C:\Program Files\Google
2022-05-25 09:09 - 2019-12-07 11:14 - 000000000 __RSD C:\Windows\Media
==================== Fichiers à la racine de certains dossiers ========
2022-03-30 09:33 - 2022-03-30 09:33 - 001533613 _____ (Igor Pavlov) C:\ProgramData\7z2107-x64.exe
2021-08-21 11:55 - 2021-08-21 11:55 - 104015384 _____ (Facebook, Inc.) C:\ProgramData\Messenger.97.11.116.exe
2021-08-21 12:26 - 2021-08-21 12:26 - 129598664 _____ (WhatsApp) C:\ProgramData\WhatsAppSetup.exe
2022-01-06 08:26 - 2022-01-06 08:26 - 001016632 _____ (WinZip Computing) C:\ProgramData\winzip26-downwz.exe
2022-03-30 09:10 - 2022-03-30 09:10 - 001016648 _____ (WinZip Computing) C:\ProgramData\winzip26.exe
2021-07-27 12:03 - 2021-07-27 12:03 - 000004454 _____ () C:\Users\xavie\AppData\Roaming\Microsoft\PowerPoint - Raccourci.lnk
2021-07-27 12:18 - 2021-07-27 12:18 - 000004411 _____ () C:\Users\xavie\AppData\Roaming\Microsoft\Publisher - Raccourci.lnk
2021-04-21 11:08 - 2021-04-21 11:08 - 000001013 _____ () C:\Users\xavie\AppData\Local\key-73f76fa0-64e4-4e48-aa45-aaf279660b16.xml
2020-07-20 18:25 - 2020-07-20 18:25 - 000001015 _____ () C:\Users\xavie\AppData\Local\key-e0a18ee1-398e-4fdc-bfb8-7fc12d8864b5.xml
2022-05-19 09:51 - 2022-05-19 09:51 - 000000886 _____ () C:\Users\xavie\AppData\Local\recently-used.xbel
2020-07-24 10:10 - 2020-07-24 10:10 - 000000017 _____ () C:\Users\xavie\AppData\Local\resmon.resmoncfg
2021-12-29 17:02 - 2021-12-29 17:02 - 000000056 _____ () C:\Users\xavie\AppData\Local\X-Plane 11 Preferences.prf
2021-05-24 07:47 - 2021-12-29 20:14 - 000000037 _____ () C:\Users\xavie\AppData\Local\X-Plane Installer.prf
2021-05-23 15:32 - 2021-12-29 17:05 - 000000075 _____ () C:\Users\xavie\AppData\Local\X-Plane_drm_11.prf
2021-05-23 15:33 - 2021-12-29 17:06 - 000000032 _____ () C:\Users\xavie\AppData\Local\x-plane_install_11.txt
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================