Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Exécuté par conta (administrateur) sur SALON (LENOVO 81MV) (04-01-2023 10:46:14)
Exécuté depuis C:\Users\conta\Desktop
Profils chargés: conta
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2251 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(APTX Software -> ) [Fichier non signé] C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(C:\Users\conta\AppData\Local\Temp\onefile_3796_133172985645493614\WDCloud.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe ->) () [Fichier non signé] C:\Users\conta\AppData\Local\Temp\onefile_3796_133172985645493614\WDCloud.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Thomas Ascher) [Fichier non signé] D:\Logiciel\atnotes\ATnotes.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.1\ABService.exe
(services.exe ->) (bizmodeller Ltd -> bizmodeller Ltd) C:\Program Files\MyMediaForAlexa\MyMediaForAlexa.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (geek software GmbH -> geek software GmbH) D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15831.20208.0_x86__8wekyb3d8bbwe\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15831.20208.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_11.2210.9.0_x64__8wekyb3d8bbwe\Time.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RDMAgent] => "D:\Telechargement\Devolutions.RemoteDesktopManagerFree.Bin.2021.1.40.0\RDMAgent.exe" (Pas de fichier)
HKLM\...\Run: [PDF24] => D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe [595640 2022-10-31] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2020-02-18] (QFX Software Corporation -> QFX Software Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [2469184 2020-11-06] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [EPSON SX410 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-01] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [EPSON SX410 Series (Copie 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-01] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {0a1d9488-4b69-11ec-9d57-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {0a1d94ae-4b69-11ec-9d57-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {1b0f8adc-7388-11ed-9d8f-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {458606f3-f208-11eb-9d42-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {8f277305-0f55-11ed-9d72-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {9212a09c-6a1a-11ec-9d5b-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {afbc2037-d895-11eb-9d29-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {c9754437-96cb-11ec-9d5e-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {dcc1c5b2-8b12-11eb-9d15-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {e3f56e94-791a-11ec-9d5c-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {edbe0ecf-9d2f-11eb-9d18-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\EPSON SX410 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMFCE.DLL [108032 2008-08-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
Startup: C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-04-23]
ShortcutTarget: MEGAsync.lnk -> C:\Users\conta\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar499.lnk [2022-12-25]
ShortcutTarget: Sidebar499.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [Fichier non signé] [Fichier en cours d'utilisation]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy-Firefox: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0379BCF3-4C11-4A3E-B961-F6F942977FB5} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1500095853-800338277-2208543213-1001 => C:\Users\conta\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Pas de fichier)
Task: {0999819F-DEB3-42E7-8A28-811138B95223} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13CD5A29-A5CE-4C40-96BC-8A713CD13877} - \Lenovo\ImController\TimeBasedEvents\671990c2-8e25-432a-ac63-e5c5e53dc2f1 -> Pas de fichier <==== ATTENTION
Task: {1C591C80-FD92-4482-9590-18D676A1123F} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {29ADD5D1-C138-4086-B0D5-A7C55024A4EC} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1500095853-800338277-2208543213-1001 => C:\Users\conta\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-01-01] (Mega Limited -> )
Task: {29EA8AEF-34F6-456C-B18F-5A04ECAD8B28} - \Lenovo\ImController\TimeBasedEvents\f55cec8d-8475-4f61-b258-7b58d406860e -> Pas de fichier <==== ATTENTION
Task: {2B272320-4663-4809-857F-2D015EC5CD97} - System32\Tasks\APTXService => C:\Users\conta\AppData\Local\WAAM\v2519\rhc.exe [1536 2022-11-20] () [Fichier non signé]
Task: {3CC773CE-0454-49E4-8B6B-27AC4B66D498} - System32\Tasks\CCleanerSkipUAC - conta => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5422A9AA-17EB-41CB-B921-60ACF59D7C9F} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5685425D-282F-457B-86F4-07DB05D8B0F9} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {68CE708E-E248-49A4-99ED-0575EE0956B4} - System32\Tasks\Opera scheduled Autoupdate 1669877784 => C:\Users\conta\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {6D06D2E8-7FF3-409E-B1A4-82E47D1B5D23} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {74726AF2-1AD8-4F50-91A4-6A8267281B7F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier)
Task: {802F79B5-9A63-4E53-8F8D-29778AA1623A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {812C783F-7586-4B1E-815F-E02B57A998DF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_TVSUUpdateTask_Once => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {84764F3E-DF35-47E5-B255-447BB428F0D6} - System32\Tasks\TrackerAutoUpdate => D:\Logiciel\pdfxchange viewer\Tracker Software\Update\TrackerUpdate.exe [4475136 2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {8A77FEBD-BD0F-420C-B170-53DED576438C} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {8FC7B212-6F63-4F97-90BF-34B9B74A1855} - System32\Tasks\WDDiscovery Service => C:\Users\conta\AppData\Roaming\UPDX\v3-5\WDDiscovery.exe [844664 2013-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {8FF73DD4-A423-4482-96F0-E17E8DAAA4F9} - System32\Tasks\2BrightSparks\SyncBackFree\SALON-conta\SyncBackFree ASUS Martine 2 => D:\Logiciel\syncback\SyncBackFree\SyncBackFree.exe -m "ASUS Martine 2" (Pas de fichier)
Task: {91A93222-6D45-452D-BCEA-E63502632079} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {949A15D1-8D21-4D12-A688-A4A35E63C149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-23] (Google LLC -> Google LLC)
Task: {980FD14F-D3F5-4232-89C1-604A36D675A3} - System32\Tasks\2BrightSparks\SyncBackFree\SALON-conta\SyncBackFree ASUS Agath => D:\Logiciel\syncback\SyncBackFree\SyncBackFree.exe -m "ASUS Agath" (Pas de fichier)
Task: {9C294B10-0476-4292-8842-8694DBC10744} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {9D82AD20-D8F7-4977-BCDB-DD02FFEF681D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A139B97D-B118-4D9B-BFE0-121A4843BD75} - \Lenovo\ImController\TimeBasedEvents\1febbf1d-fd16-4247-b90b-aaefedde1c0a -> Pas de fichier <==== ATTENTION
Task: {A9485EF7-972E-4D84-993D-091901066CD4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1500095853-800338277-2208543213-500 => C:\Users\conta\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {AD2988FD-B069-4DFF-8E2F-93AF6D3F799B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0521750-A27D-4BD9-A85A-2261F4562415} - \Lenovo\ImController\TimeBasedEvents\110e8ccf-b8d3-421d-8774-fbd5d31600a1 -> Pas de fichier <==== ATTENTION
Task: {B2974FDE-3A89-47B9-8B4B-AF77444547EC} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B378A575-02A9-4DC9-BC74-BAACE3855177} - System32\Tasks\APTXService_LG => Command(1): rhc.exe -> php.exe include.php
Task: {B378A575-02A9-4DC9-BC74-BAACE3855177} - System32\Tasks\APTXService_LG => Command(2): rhc.exe -> php.exe index.php
Task: {B66A25BB-A752-48AD-B125-D374452593F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {BD79ADAB-D670-4EDC-9889-BD6E27AAB748} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {BD874BC1-9B22-4D1F-AA88-4FEEEF470222} - System32\Tasks\VSPXService => C:\Users\conta\AppData\Roaming\YSPX\v3-21\rhc.exe [1536 2022-11-06] () [Fichier non signé]
Task: {C186801C-2836-4F92-B969-DFA0558DE8EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-23] (Google LLC -> Google LLC)
Task: {C3021B3C-D9EE-4B93-BFCE-7425A3D9F1C2} - System32\Tasks\VSPXService_LG => C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe [66984712 2022-12-12] (APTX Software -> ) [Fichier non signé]
Task: {C820F68A-852F-44C0-956A-72A4441D6A13} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CD00290D-A860-4018-A491-CBDE8DD7EC76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DADEECBA-DAC3-4502-8FDE-95F4F68E356C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DE9A3E9C-C5F5-4BCF-BA4B-55B4858CB909} - \Lenovo\ImController\TimeBasedEvents\e9459114-37b8-4869-9e68-d6e187e6b6f9 -> Pas de fichier <==== ATTENTION
Task: {DFF2570C-539A-4827-A176-9570C6C47F11} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "59fa560b-dfca-4f2a-a461-450090c4632e" --version "6.07.10191" --silent
Task: {E52BEF37-3012-4A4A-93AF-176DBE047995} - System32\Tasks\WD Start Service => C:\Users\conta\AppData\Roaming\Packages\TS.exe [25189248 2022-12-26] (APTX Software -> ) [Fichier non signé]
Task: {EB0E586F-64F9-4E7C-B837-76897626D307} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EDD50881-8E9B-4A62-8A0B-62AFC073DFBF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30 (Pas de fichier)
Task: {EE6B8984-1859-4B32-8C45-BB93A455CA2A} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {F807F7CA-8097-494A-A146-07B4494185ED} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION
Task: {FDAB175E-B141-4373-9024-532B1A0A4BA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => D:\Logiciel\pdfxchange viewer\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42d623dd-82c6-4808-aa34-dc43c3efa8e2}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-04]
Edge Extension: (Avira Safe Shopping) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-01-02]
Edge Extension: (Avira Password Manager) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-01-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-25]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ozbwyszl.default
FF DefaultProfile: zqdex72t.default
FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602 [2023-01-04]
FF Homepage: Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602 -> hxxps://www.symbaloo.com/home/mix/13eP7083bb
FF Extension: (AdGuard AdBlocker) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\adguardadblocker@adguard.com.xpi [2023-01-03]
FF Extension: (Save Page WE) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\savepage-we@DW-dev.xpi [2023-01-03]
FF Extension: (Google Translator for Firefox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\translator@zoli.bod.xpi [2023-01-03]
FF Extension: (uBlock Origin) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\uBlock0@raymondhill.net.xpi [2023-01-03]
FF Extension: (Flagfox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2023-01-03]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2023-01-03]
FF Extension: (Firefox Personas) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{566b2b3b-67cd-467f-8dba-e1443e93fb03}.xpi [2023-01-03]
FF Extension: (dreamstime death race) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{7356ce0a-450a-4f4d-9538-5ebd1703e396}.xpi [2023-01-03]
FF Extension: (rainbow blur) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2023-01-03]
FF Extension: (Madjoker of this life) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{886f09cf-2035-40e2-8e71-0a03044f7043}.xpi [2023-01-03]
FF Extension: (Just a theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{8ec3a412-28c0-4836-8be4-ece0a02401af}.xpi [2023-01-03]
FF Extension: (Mozilla: Firefox OS) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2023-01-03]
FF Extension: (Tokisaki Kurumi by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{98abe1c1-a798-4238-93fb-ec2ba3c80bb8}.xpi [2023-01-03]
FF Extension: (Persona 4) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{a7aa8cf5-e9bb-4c03-8282-1377938bec4f}.xpi [2023-01-03]
FF Extension: (Persona 5 Theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{acaa7837-683e-459b-bd13-7f5a2b896ae1}.xpi [2023-01-03]
FF Extension: (Symbaloo Homepage and Search) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{c0674718-842b-4d4c-83f2-0627b7098f12}.xpi [2023-01-03]
FF Extension: (multicolor trail by candelora) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{c3d0c72d-ffef-4fa9-b169-4d7a5d171504}.xpi [2023-01-03]
FF Extension: (FirefoxClassicalBlue) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2023-01-03]
FF Extension: (Megumin by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc58ddef-16a2-4270-8992-aad08be9de60}.xpi [2023-01-03]
FF Extension: (Shimakaze by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc808bc8-9d03-4559-9cde-c535b154d0d1}.xpi [2023-01-03]
FF Extension: (Dark Fox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2023-01-03]
FF Extension: (LUNA FOX for Red Themes) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{f70f3915-bbb5-423d-be63-3c4ad9681b09}.xpi [2023-01-03]
FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\ozbwyszl.default [2021-09-25]
FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 [2023-01-03]
FF Homepage: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> hxxps://www.symbaloo.com/
FF HomepageOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Disabled: {c0674718-842b-4d4c-83f2-0627b7098f12}
FF NewTabOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Disabled: {c0674718-842b-4d4c-83f2-0627b7098f12}
FF NewTabOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Enabled: uBlock0@raymondhill.net
FF Extension: (Facebook Container) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\@contain-facebook.xpi [2021-10-22]
FF Extension: (Save Page WE) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\savepage-we@DW-dev.xpi [2021-10-22]
FF Extension: (Google Translator for Firefox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\translator@zoli.bod.xpi [2021-10-22]
FF Extension: (uBlock Origin) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\uBlock0@raymondhill.net.xpi [2021-10-22]
FF Extension: (Flagfox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2021-10-22]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2021-10-22]
FF Extension: (Bitwarden) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-10-22]
FF Extension: (Firefox Personas) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{566b2b3b-67cd-467f-8dba-e1443e93fb03}.xpi [2021-10-22]
FF Extension: (dreamstime death race) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{7356ce0a-450a-4f4d-9538-5ebd1703e396}.xpi [2021-10-22]
FF Extension: (rainbow blur) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2021-10-22]
FF Extension: (Madjoker of this life) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{886f09cf-2035-40e2-8e71-0a03044f7043}.xpi [2021-10-22]
FF Extension: (Just a theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{8ec3a412-28c0-4836-8be4-ece0a02401af}.xpi [2021-10-22]
FF Extension: (Mozilla: Firefox OS) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2021-10-22]
FF Extension: (Tokisaki Kurumi by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{98abe1c1-a798-4238-93fb-ec2ba3c80bb8}.xpi [2021-10-22]
FF Extension: (Persona 4) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{a7aa8cf5-e9bb-4c03-8282-1377938bec4f}.xpi [2021-10-22]
FF Extension: (Persona 5 Theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{acaa7837-683e-459b-bd13-7f5a2b896ae1}.xpi [2021-10-22]
FF Extension: (Video DownloadHelper) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-10-22]
FF Extension: (Symbaloo Homepage and Search) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c0674718-842b-4d4c-83f2-0627b7098f12}.xpi [2021-10-22]
FF Extension: (multicolor trail by candelora) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c3d0c72d-ffef-4fa9-b169-4d7a5d171504}.xpi [2021-10-22]
FF Extension: () - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c8934291-7998-4094-84fa-a352e8bd3aad}.xpi [2021-10-22]
FF Extension: (FirefoxClassicalBlue) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2021-10-22]
FF Extension: (Megumin by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc58ddef-16a2-4270-8992-aad08be9de60}.xpi [2021-10-22]
FF Extension: (Shimakaze by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc808bc8-9d03-4559-9cde-c535b154d0d1}.xpi [2021-10-22]
FF Extension: (Dark Fox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-10-22]
FF Extension: (LUNA FOX for Red Themes) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{f70f3915-bbb5-423d-be63-3c4ad9681b09}.xpi [2021-10-22]
FF ProfilePath: C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default [2023-01-03]
FF DownloadDir: D:\Telechargement
FF Homepage: Moonchild Productions\Pale Moon\Profiles\zqdex72t.default -> hxxps://www.symbaloo.com/home/mix/13eP7083bb
FF Extension: (French) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\fr-FR@dictionaries.thereisonlyxul.org [2021-08-11] [] [non signé]
FF Extension: (Français (FR) Language Pack) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\langpack-fr@palemoon.org.xpi [2021-08-20] [] [non signé]
FF Extension: (Pale Moon Locale Switcher) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\pm-localeswitch@palemoon.org.xpi [2021-08-11] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => non trouvé(e)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> D:\Logiciel\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Logiciel\Foxit reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Logiciel\Foxit reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Logiciel\picasa\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1500095853-800338277-2208543213-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default [2023-01-03]
CHR HomePage: Default -> hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp3_hp
CHR StartupUrls: Default -> "hxxps://www.symbaloo.com/home/mix/13eP7083bb","hxxps://www.google.com/"
CHR Extension: (Google Traduction) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-01]
CHR Extension: (Save Page WE) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhpefjklgkmgeafimnjhojgjamoafof [2022-12-30]
CHR Extension: (Désactivation de Google Analytics) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2021-07-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-30]
CHR Extension: (WhatFont) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-07-18]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-01-24]
CHR Extension: (Video DownloadHelper) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2022-11-02]
CHR Extension: (Save to Pocket) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-12-30]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-18]
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-03]
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-01-03]
CHR StartupUrls: Profile 1 -> "hxxps://www.symbaloo.com/home/mix/13eP6jdBdd"
CHR Extension: (Slides) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-26]
CHR Extension: (Docs) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-26]
CHR Extension: (Google Drive) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-26]
CHR Extension: (Sheets) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-26]
CHR Extension: (Gmail) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-26]
CHR Extension: (Chrome Media Router) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-26]
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-03]
CHR HKU\S-1-5-21-1500095853-800338277-2208543213-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable [2023-01-04]
OPR DownloadDir: D:\Telechargement
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-01]
OPR Extension: (Opera Wallet) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-03]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-01]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.1\ABService.exe [1024448 2021-05-14] (AOMEI International Network Limited -> AOMEI International Network Limited)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [438592 2020-11-06] (Digital Wave Ltd -> Digital Wave Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2022-09-01] () [Fichier non signé]
R2 MyMediaForAlexa; C:\Program Files\MyMediaForAlexa\MyMediaForAlexa.exe [3140280 2019-02-18] (bizmodeller Ltd -> bizmodeller Ltd)
R2 PDF24; D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe [595640 2022-10-31] (geek software GmbH -> geek software GmbH)
S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2020-02-18] (QFX Software Corporation -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AviraFallbackUpdater; "C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe" FallbackUpdater=true [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\108.0.5359.125\elevation_service.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2021-06-29] (AOMEI International Network Limited -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MpKslb1f3128f; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [214280 2022-12-23] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsldf862111; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E19440A-E264-45A9-A66A-BC10D101CB23}\MpKslDrv.sys [214280 2023-01-04] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-07-09] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-07-09] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700296 2014-07-09] (Paragon Software GmbH -> )
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2021-02-27] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-04 10:45 - 2023-01-04 10:46 - 000049339 _____ C:\Users\conta\Desktop\FRST.txt
2023-01-04 10:44 - 2023-01-04 10:46 - 000000000 ____D C:\FRST
2023-01-04 10:42 - 2023-01-04 10:42 - 002376192 _____ (Farbar) C:\Users\conta\Desktop\FRST64.exe
2023-01-03 10:20 - 2023-01-03 10:21 - 000000000 ____D C:\AdwCleaner
2023-01-03 07:13 - 2023-01-03 07:13 - 000000000 ____D C:\ProgramData\Piriform
2023-01-02 08:31 - 2023-01-02 08:31 - 000000000 ____D C:\Users\Public\Security Sessions
2022-12-31 10:04 - 2022-12-31 10:04 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-12-31 10:00 - 2022-12-31 10:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-12-31 09:56 - 2022-12-31 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-12-31 09:55 - 2022-12-31 09:56 - 000113696 _____ C:\WINDOWS\system32\rtp.db
2022-12-31 09:54 - 2023-01-02 08:32 - 000000000 ____D C:\Users\conta\AppData\Local\Avira
2022-12-31 09:53 - 2023-01-03 18:36 - 000000000 ____D C:\ProgramData\Avira
2022-12-31 04:40 - 2022-12-31 04:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.13
2022-12-31 03:50 - 2023-01-04 08:06 - 000013632 _____ C:\Users\conta\Desktop\EDF GDF 2023.ods
2022-12-30 15:00 - 2023-01-04 10:25 - 000004030 _____ C:\WINDOWS\system32\Tasks\WDDiscovery Service
2022-12-30 14:49 - 2023-01-03 08:00 - 000003636 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-12-29 14:55 - 2022-12-29 14:55 - 000000112 ___SH C:\bootTel.dat
2022-12-29 14:54 - 2022-12-29 14:54 - 000000000 __SHD C:\found.000
2022-12-29 07:39 - 2022-12-31 10:04 - 000000000 ____D C:\Users\conta\AppData\LocalLow\IGDump
2022-12-29 07:37 - 2022-12-31 10:10 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-28 12:03 - 2022-12-28 12:03 - 000000000 ____D C:\Users\conta\.fontconfig
2022-12-28 12:02 - 2022-12-28 12:12 - 000000000 ____D C:\Users\conta\AppData\Local\Movavi
2022-12-28 12:02 - 2022-12-28 12:02 - 000012616 _____ C:\ProgramData\sguasgrp.vby
2022-12-28 12:02 - 2022-12-28 12:02 - 000000000 ____D C:\Users\conta\AppData\Local\converter
2022-12-28 12:02 - 2022-12-28 12:02 - 000000000 ____D C:\ProgramData\movavi
2022-12-28 11:42 - 2023-01-03 08:00 - 000000000 ____D C:\Users\conta\AppData\Local\BrightData
2022-12-28 11:42 - 2023-01-03 08:00 - 000000000 ____D C:\ProgramData\BrightData
2022-12-28 11:41 - 2022-12-31 11:10 - 000000000 ____D C:\Users\conta\AppData\Local\Free_Time_Co.,_Ltd
2022-12-27 16:15 - 2023-01-04 05:25 - 000003816 _____ C:\WINDOWS\system32\Tasks\VSPXService
2022-12-27 16:15 - 2022-12-27 16:15 - 000003344 _____ C:\WINDOWS\system32\Tasks\VSPXService_LG
2022-12-27 16:15 - 2022-12-27 16:15 - 000000000 ____D C:\Users\conta\AppData\Roaming\YSPX
2022-12-26 16:16 - 2022-12-26 16:16 - 000000000 ____D C:\Users\conta\AppData\Roaming\UPDX
2022-12-26 16:14 - 2023-01-04 05:24 - 000003804 _____ C:\WINDOWS\system32\Tasks\APTXService
2022-12-26 16:14 - 2022-12-26 16:14 - 000003784 _____ C:\WINDOWS\system32\Tasks\APTXService_LG
2022-12-26 16:14 - 2022-12-26 16:14 - 000000000 ____D C:\Users\conta\AppData\Local\WAAM
2022-12-26 16:12 - 2022-12-26 16:13 - 000004032 _____ C:\WINDOWS\system32\Tasks\WD Start Service
2022-12-26 16:12 - 2022-12-26 16:12 - 000000000 ____D C:\Users\conta\AppData\Roaming\Packages
2022-12-26 16:12 - 2022-12-26 16:12 - 000000000 ____D C:\ProgramData\Western Digital
2022-12-25 09:43 - 2022-12-25 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2022-12-25 09:43 - 2022-12-25 09:43 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2022-12-23 07:07 - 2022-12-23 07:07 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2022-12-22 09:59 - 2022-12-22 09:59 - 000000000 ____D C:\Users\conta\AppData\Local\BuildAGadget Content
2022-12-22 09:23 - 2022-12-23 16:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-12-19 10:01 - 2023-01-04 07:30 - 000012335 _____ C:\Users\conta\Desktop\dep 2023.ods
2022-12-19 09:27 - 2022-12-31 09:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-15 07:14 - 2022-12-16 09:44 - 000000000 ____D C:\Users\conta\AppData\Roaming\XnViewMP
2022-12-15 07:13 - 2022-12-15 07:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnViewMP
2022-12-09 08:17 - 2022-12-14 10:42 - 000000000 ____D C:\Users\conta\AppData\Roaming\dvdcss
2022-12-01 13:18 - 2022-12-01 13:18 - 000000000 ____D C:\Users\conta\AppData\Roaming\LibreOffice
2022-12-01 13:15 - 2022-12-01 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-12-01 13:14 - 2022-12-01 13:15 - 000000000 ____D C:\Program Files\LibreOffice
2022-12-01 07:56 - 2022-12-23 10:27 - 000004172 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1669877784
2022-12-01 07:56 - 2022-12-23 10:27 - 000001452 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-12-01 07:56 - 2022-12-01 07:56 - 000000000 ____D C:\Users\conta\AppData\Local\Opera Software
2022-12-01 07:55 - 2022-12-01 07:55 - 000000000 ____D C:\Users\conta\AppData\Roaming\Opera Software
2022-11-27 10:57 - 2022-11-27 10:57 - 000000000 ____D C:\Users\conta\AppData\Local\SolidDocuments
2022-11-27 10:56 - 2022-11-27 10:56 - 000000000 ____D C:\Program Files\Adobe
2022-11-27 10:55 - 2022-11-27 10:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-11-24 06:17 - 2022-11-24 06:17 - 000000000 ____D C:\Users\conta\AppData\Local\MicrosoftEdge
2022-11-24 06:08 - 2022-11-24 06:08 - 000000000 ___HD C:\$WinREAgent
2022-11-18 04:18 - 2022-11-18 04:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2022-11-15 07:17 - 2022-12-15 06:11 - 000000000 ____D C:\Program Files\dotnet
2022-11-15 07:17 - 2022-11-15 08:16 - 000000000 ____D C:\Users\conta\AppData\Local\Text_Grab
2022-11-15 07:17 - 2022-11-15 07:17 - 000000000 ____D C:\Users\conta\AppData\Local\ToastNotificationManagerCompat
2022-11-11 09:47 - 2022-11-11 09:59 - 000000000 ____D C:\Program Files\Wondershare
2022-11-11 09:47 - 2022-11-11 09:47 - 000000016 _____ C:\ProgramData\mntemp
2022-11-11 07:47 - 2022-12-28 12:05 - 000000000 ____D C:\Users\conta\AppData\Local\cache
2022-11-11 07:46 - 2022-11-11 07:46 - 000000000 ____D C:\Users\conta\AppData\Local\Topaz Labs
2022-11-08 06:18 - 2023-01-01 09:36 - 000000000 ____D C:\Users\conta\Documents\MEGAsync Downloads
2022-11-05 18:21 - 2022-11-05 18:21 - 000000000 ____D C:\Users\conta\Documents\Snapshot
2022-11-05 18:21 - 2022-11-05 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video to Video
2022-11-05 16:14 - 2022-11-05 16:14 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2022-11-05 16:13 - 2022-11-11 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-11-05 16:13 - 2022-11-06 07:28 - 000000000 ____D C:\Users\conta\AppData\Roaming\Wondershare
2022-11-05 16:13 - 2022-11-05 16:13 - 000000000 ____D C:\Users\conta\AppData\Local\Wondershare
2022-11-05 16:13 - 2022-11-05 16:13 - 000000000 ____D C:\ProgramData\GraphicsType14
2022-11-05 16:12 - 2022-11-11 09:56 - 000000000 ____D C:\ProgramData\Wondershare
2022-11-05 16:12 - 2022-11-11 09:54 - 000000000 ____D C:\Program Files (x86)\Wondershare
2022-11-05 10:47 - 2022-11-05 10:48 - 000000000 ____D C:\Users\conta\AppData\Local\Sidebar7
2022-11-05 10:47 - 2022-11-05 10:47 - 000000000 ____D C:\Users\conta\AppData\Local\Clipboarder
2022-11-04 06:18 - 2022-11-04 06:18 - 000021323 _____ C:\Users\conta\.pdfbox.cache
2022-11-03 08:57 - 2022-11-03 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2022-11-02 07:36 - 2022-12-25 09:45 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-02 07:36 - 2022-12-23 16:05 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-02 07:35 - 2022-11-02 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-10-20 08:21 - 2022-10-20 08:21 - 000000000 ____D C:\Users\conta\AppData\Local\myCANAL
2022-10-20 08:20 - 2022-10-20 08:37 - 000000000 ____D C:\ProgramData\myCANAL
2022-10-20 08:20 - 2022-10-20 08:20 - 000002511 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCANAL.lnk
2022-10-20 08:20 - 2022-10-20 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2022-10-20 08:20 - 2022-10-20 08:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2022-10-19 06:43 - 2022-10-19 06:43 - 000002239 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\Users\conta\AppData\Roaming\lddownloader
2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\Users\conta\AppData\Roaming\ChangZhi2
2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\LDPlayer
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-04 10:46 - 2020-05-04 11:17 - 000000000 ____D C:\Users\conta\AppData\LocalLow\Mozilla
2023-01-04 10:42 - 2022-02-09 07:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-04 10:41 - 2021-02-27 11:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-04 10:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-04 09:53 - 2020-05-07 02:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-04 06:46 - 2020-07-19 06:30 - 000000000 ____D C:\Program Files\MyMediaForAlexa
2023-01-04 06:29 - 2020-05-04 11:57 - 000000000 ____D C:\Users\conta\AppData\Roaming\vlc
2023-01-04 06:19 - 2020-09-20 09:37 - 000000000 ____D C:\Users\conta\AppData\Roaming\ObviousIdea
2023-01-04 06:12 - 2022-03-14 10:49 - 000179146 _____ C:\Users\conta\Documents\conso journaliere.ods
2023-01-04 05:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-04 05:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-04 05:28 - 2021-02-27 12:02 - 000004156 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4FB6E3A9-40EB-4E3E-B014-6812897FD4CA}
2023-01-04 05:27 - 2021-11-08 03:16 - 000000000 ____D C:\Program Files\CCleaner
2023-01-04 05:24 - 2020-05-04 09:38 - 000000000 __SHD C:\Users\conta\IntelGraphicsProfiles
2023-01-03 18:44 - 2021-02-27 12:04 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-03 18:44 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-03 18:44 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-03 18:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-03 18:42 - 2020-05-04 09:43 - 000000000 ____D C:\Users\conta\AppData\Local\Lenovo
2023-01-03 18:37 - 2021-02-27 12:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-03 18:37 - 2021-02-27 11:56 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-03 18:37 - 2020-05-08 07:35 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-01-03 18:37 - 2020-05-08 07:35 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-01-03 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-03 18:37 - 2019-05-16 03:18 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2023-01-03 18:37 - 2019-05-16 03:17 - 000000000 ___HD C:\Intel
2023-01-03 18:36 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-01-03 14:30 - 2021-08-29 08:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-03 12:31 - 2020-05-06 16:38 - 000000000 ____D C:\Users\conta\AppData\Local\D3DSCache
2023-01-03 10:29 - 2020-05-04 09:38 - 000000000 ____D C:\Users\conta\AppData\Local\Packages
2023-01-03 10:21 - 2019-05-16 03:04 - 000000000 ____D C:\ProgramData\Lenovo
2023-01-03 07:29 - 2020-08-18 13:34 - 000000000 ____D C:\Users\conta\AppData\Roaming\ZHP
2023-01-02 15:23 - 2021-04-23 07:56 - 000000000 ____D C:\Program Files\Google
2023-01-01 09:27 - 2021-04-23 07:04 - 000000000 ____D C:\Users\conta\AppData\Local\MEGAsync
2022-12-31 14:23 - 2021-07-04 07:08 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-31 14:23 - 2021-06-16 16:39 - 000000000 ____D C:\Users\conta\AppData\Local\CrashDumps
2022-12-31 09:59 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-31 09:56 - 2021-02-27 11:56 - 000487544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-31 04:40 - 2022-08-06 02:36 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2022-12-30 14:58 - 2021-02-27 11:29 - 000000000 ____D C:\Users\conta
2022-12-30 14:54 - 2020-12-20 09:40 - 000000000 ____D C:\Users\conta\AppData\Roaming\Apowersoft
2022-12-30 14:54 - 2020-12-20 09:39 - 000000000 ____D C:\Users\conta\AppData\Local\Apowersoft
2022-12-27 08:25 - 2021-01-14 07:51 - 000000000 ____D C:\Users\conta\AppData\Local\FileConverter
2022-12-25 10:15 - 2020-05-04 11:41 - 000049513 _____ C:\Users\conta\Desktop\tel 29 dec 2022.ods
2022-12-25 09:43 - 2021-07-02 09:00 - 000000000 ____D C:\Program Files\Windows Sidebar
2022-12-25 09:33 - 2020-05-04 09:42 - 000000000 ____D C:\Users\conta\AppData\Local\PlaceholderTileLogoFolder
2022-12-23 16:05 - 2021-10-13 07:54 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-23 16:04 - 2021-08-29 08:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-22 13:40 - 2020-05-04 11:28 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2022-12-19 09:29 - 2021-08-29 08:58 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-18 10:53 - 2020-05-04 12:16 - 000000000 ____D C:\Users\conta\AppData\Roaming\Molotov
2022-12-17 16:11 - 2020-06-26 05:11 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-15 06:11 - 2019-05-16 03:03 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-14 10:54 - 2020-05-04 11:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 10:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 10:51 - 2020-05-04 11:49 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-10 15:29 - 2022-09-22 08:10 - 000000000 ____D C:\Users\conta\AppData\Local\molotov-updater
2022-12-09 06:54 - 2018-09-19 19:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2021-01-23 04:18 - 2022-10-27 06:15 - 000001520 _____ () C:\Users\conta\AppData\Roaming\FSLog.log
2021-04-28 08:49 - 2021-04-28 08:49 - 000000041 _____ () C:\Users\conta\AppData\Roaming\stsetting.ini
2020-09-05 03:13 - 2021-01-23 03:57 - 000000129 _____ () C:\Users\conta\AppData\Local\ecf81c3ad8bc03595e9e09d117d92c37
2022-07-15 06:58 - 2022-07-15 06:58 - 000001258 _____ () C:\Users\conta\AppData\Local\recently-used.xbel
2020-05-08 05:24 - 2020-05-08 05:24 - 000000017 _____ () C:\Users\conta\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2020-05-10 02:46 - 1998-07-13 01:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2020-05-10 02:46 - 1998-07-13 00:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETFR.DLL
2020-05-10 02:46 - 1998-07-13 02:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCIFR.DLL
2020-05-10 02:46 - 1998-07-13 01:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2020-05-10 02:46 - 1998-07-13 00:00 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIFR.DLL
2020-05-10 02:46 - 2001-08-24 14:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2007-12-04 16:53 - 2007-12-04 16:53 - 000053248 ____R (PalmSource, Inc) C:\WINDOWS\SysWOW64\PalmDevC.dll
2021-07-12 13:12 - 2019-07-16 17:42 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2020-05-10 02:46 - 2000-10-02 02:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2020-05-10 02:46 - 2000-07-15 02:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2020-05-10 02:46 - 2005-10-14 10:57 - 000237568 _____ (EnAppSys Ltd) C:\WINDOWS\SysWOW64\vbXML.dll
2020-05-10 02:46 - 2005-10-16 16:34 - 000151552 _____ (EnAppSys Ltd) C:\WINDOWS\SysWOW64\vbXMLRPC.dll
2023-01-04 10:42 - 2023-01-04 10:42 - 002376192 _____ (Farbar) C:\Users\conta\Desktop\FRST64.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {5dad00f1-77d1-11e9-8ff4-806e6f6e6963}
{bootmgr}
{5dad00f2-77d1-11e9-8ff4-806e6f6e6963}
{5dad00f3-77d1-11e9-8ff4-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {721fdc6f-bbad-11ea-9cd2-3cf011327b1a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {5dad00f1-77d1-11e9-8ff4-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {5dad00f2-77d1-11e9-8ff4-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {5dad00f3-77d1-11e9-8ff4-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {721fdc72-bbad-11ea-9cd2-3cf011327b1a}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {721fdc6f-bbad-11ea-9cd2-3cf011327b1a}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {721fdc72-bbad-11ea-9cd2-3cf011327b1a}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{721fdc73-bbad-11ea-9cd2-3cf011327b1a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{721fdc73-bbad-11ea-9cd2-3cf011327b1a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {721fdc6f-bbad-11ea-9cd2-3cf011327b1a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {721fdc72-bbad-11ea-9cd2-3cf011327b1a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {721fdc73-bbad-11ea-9cd2-3cf011327b1a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par conta (administrateur) sur SALON (LENOVO 81MV) (04-01-2023 10:46:14)
Exécuté depuis C:\Users\conta\Desktop
Profils chargés: conta
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2251 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(APTX Software -> ) [Fichier non signé] C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe
(C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(C:\Users\conta\AppData\Local\Temp\onefile_3796_133172985645493614\WDCloud.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10>
(C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe ->) () [Fichier non signé] C:\Users\conta\AppData\Local\Temp\onefile_3796_133172985645493614\WDCloud.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe
(explorer.exe ->) (Microsoft Corporation) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Windows Sidebar\sidebar.exe
(explorer.exe ->) (Thomas Ascher) [Fichier non signé] D:\Logiciel\atnotes\ATnotes.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.1\ABService.exe
(services.exe ->) (bizmodeller Ltd -> bizmodeller Ltd) C:\Program Files\MyMediaForAlexa\MyMediaForAlexa.exe
(services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(services.exe ->) (geek software GmbH -> geek software GmbH) D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHeciSvc.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15831.20208.0_x86__8wekyb3d8bbwe\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15831.20208.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_11.2210.9.0_x64__8wekyb3d8bbwe\Time.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RDMAgent] => "D:\Telechargement\Devolutions.RemoteDesktopManagerFree.Bin.2021.1.40.0\RDMAgent.exe" (Pas de fichier)
HKLM\...\Run: [PDF24] => D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe [595640 2022-10-31] (geek software GmbH -> geek software GmbH)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2020-02-18] (QFX Software Corporation -> QFX Software Corporation)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [2469184 2020-11-06] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [EPSON SX410 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-01] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [EPSON SX410 Series (Copie 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-01] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Policies\Explorer: [NoSecurityTab] 1
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {0a1d9488-4b69-11ec-9d57-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {0a1d94ae-4b69-11ec-9d57-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {1b0f8adc-7388-11ed-9d8f-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {458606f3-f208-11eb-9d42-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {8f277305-0f55-11ed-9d72-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {9212a09c-6a1a-11ec-9d5b-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {afbc2037-d895-11eb-9d29-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {c9754437-96cb-11ec-9d5e-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {dcc1c5b2-8b12-11eb-9d15-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {e3f56e94-791a-11ec-9d5c-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {edbe0ecf-9d2f-11eb-9d18-3cf011327b1a} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1500095853-800338277-2208543213-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2022-08-10] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\EPSON SX410 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMFCE.DLL [108032 2008-08-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable
Startup: C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-04-23]
ShortcutTarget: MEGAsync.lnk -> C:\Users\conta\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
Startup: C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar499.lnk [2022-12-25]
ShortcutTarget: Sidebar499.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [Fichier non signé] [Fichier en cours d'utilisation]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy-Firefox: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0379BCF3-4C11-4A3E-B961-F6F942977FB5} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1500095853-800338277-2208543213-1001 => C:\Users\conta\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Pas de fichier)
Task: {0999819F-DEB3-42E7-8A28-811138B95223} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {13CD5A29-A5CE-4C40-96BC-8A713CD13877} - \Lenovo\ImController\TimeBasedEvents\671990c2-8e25-432a-ac63-e5c5e53dc2f1 -> Pas de fichier <==== ATTENTION
Task: {1C591C80-FD92-4482-9590-18D676A1123F} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {29ADD5D1-C138-4086-B0D5-A7C55024A4EC} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1500095853-800338277-2208543213-1001 => C:\Users\conta\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-01-01] (Mega Limited -> )
Task: {29EA8AEF-34F6-456C-B18F-5A04ECAD8B28} - \Lenovo\ImController\TimeBasedEvents\f55cec8d-8475-4f61-b258-7b58d406860e -> Pas de fichier <==== ATTENTION
Task: {2B272320-4663-4809-857F-2D015EC5CD97} - System32\Tasks\APTXService => C:\Users\conta\AppData\Local\WAAM\v2519\rhc.exe [1536 2022-11-20] () [Fichier non signé]
Task: {3CC773CE-0454-49E4-8B6B-27AC4B66D498} - System32\Tasks\CCleanerSkipUAC - conta => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5422A9AA-17EB-41CB-B921-60ACF59D7C9F} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {5685425D-282F-457B-86F4-07DB05D8B0F9} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {68CE708E-E248-49A4-99ED-0575EE0956B4} - System32\Tasks\Opera scheduled Autoupdate 1669877784 => C:\Users\conta\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software)
Task: {6D06D2E8-7FF3-409E-B1A4-82E47D1B5D23} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {74726AF2-1AD8-4F50-91A4-6A8267281B7F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier)
Task: {802F79B5-9A63-4E53-8F8D-29778AA1623A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck
Task: {812C783F-7586-4B1E-815F-E02B57A998DF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_TVSUUpdateTask_Once => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {84764F3E-DF35-47E5-B255-447BB428F0D6} - System32\Tasks\TrackerAutoUpdate => D:\Logiciel\pdfxchange viewer\Tracker Software\Update\TrackerUpdate.exe [4475136 2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {8A77FEBD-BD0F-420C-B170-53DED576438C} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {8FC7B212-6F63-4F97-90BF-34B9B74A1855} - System32\Tasks\WDDiscovery Service => C:\Users\conta\AppData\Roaming\UPDX\v3-5\WDDiscovery.exe [844664 2013-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {8FF73DD4-A423-4482-96F0-E17E8DAAA4F9} - System32\Tasks\2BrightSparks\SyncBackFree\SALON-conta\SyncBackFree ASUS Martine 2 => D:\Logiciel\syncback\SyncBackFree\SyncBackFree.exe -m "ASUS Martine 2" (Pas de fichier)
Task: {91A93222-6D45-452D-BCEA-E63502632079} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {949A15D1-8D21-4D12-A688-A4A35E63C149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-23] (Google LLC -> Google LLC)
Task: {980FD14F-D3F5-4232-89C1-604A36D675A3} - System32\Tasks\2BrightSparks\SyncBackFree\SALON-conta\SyncBackFree ASUS Agath => D:\Logiciel\syncback\SyncBackFree\SyncBackFree.exe -m "ASUS Agath" (Pas de fichier)
Task: {9C294B10-0476-4292-8842-8694DBC10744} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {9D82AD20-D8F7-4977-BCDB-DD02FFEF681D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A139B97D-B118-4D9B-BFE0-121A4843BD75} - \Lenovo\ImController\TimeBasedEvents\1febbf1d-fd16-4247-b90b-aaefedde1c0a -> Pas de fichier <==== ATTENTION
Task: {A9485EF7-972E-4D84-993D-091901066CD4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1500095853-800338277-2208543213-500 => C:\Users\conta\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {AD2988FD-B069-4DFF-8E2F-93AF6D3F799B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0521750-A27D-4BD9-A85A-2261F4562415} - \Lenovo\ImController\TimeBasedEvents\110e8ccf-b8d3-421d-8774-fbd5d31600a1 -> Pas de fichier <==== ATTENTION
Task: {B2974FDE-3A89-47B9-8B4B-AF77444547EC} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {B378A575-02A9-4DC9-BC74-BAACE3855177} - System32\Tasks\APTXService_LG => Command(1): rhc.exe -> php.exe include.php
Task: {B378A575-02A9-4DC9-BC74-BAACE3855177} - System32\Tasks\APTXService_LG => Command(2): rhc.exe -> php.exe index.php
Task: {B66A25BB-A752-48AD-B125-D374452593F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform)
Task: {BD79ADAB-D670-4EDC-9889-BD6E27AAB748} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {BD874BC1-9B22-4D1F-AA88-4FEEEF470222} - System32\Tasks\VSPXService => C:\Users\conta\AppData\Roaming\YSPX\v3-21\rhc.exe [1536 2022-11-06] () [Fichier non signé]
Task: {C186801C-2836-4F92-B969-DFA0558DE8EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-23] (Google LLC -> Google LLC)
Task: {C3021B3C-D9EE-4B93-BFCE-7425A3D9F1C2} - System32\Tasks\VSPXService_LG => C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe [66984712 2022-12-12] (APTX Software -> ) [Fichier non signé]
Task: {C820F68A-852F-44C0-956A-72A4441D6A13} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {CD00290D-A860-4018-A491-CBDE8DD7EC76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DADEECBA-DAC3-4502-8FDE-95F4F68E356C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {DE9A3E9C-C5F5-4BCF-BA4B-55B4858CB909} - \Lenovo\ImController\TimeBasedEvents\e9459114-37b8-4869-9e68-d6e187e6b6f9 -> Pas de fichier <==== ATTENTION
Task: {DFF2570C-539A-4827-A176-9570C6C47F11} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "59fa560b-dfca-4f2a-a461-450090c4632e" --version "6.07.10191" --silent
Task: {E52BEF37-3012-4A4A-93AF-176DBE047995} - System32\Tasks\WD Start Service => C:\Users\conta\AppData\Roaming\Packages\TS.exe [25189248 2022-12-26] (APTX Software -> ) [Fichier non signé]
Task: {EB0E586F-64F9-4E7C-B837-76897626D307} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.)
Task: {EDD50881-8E9B-4A62-8A0B-62AFC073DFBF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30 (Pas de fichier)
Task: {EE6B8984-1859-4B32-8C45-BB93A455CA2A} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility://
Task: {F807F7CA-8097-494A-A146-07B4494185ED} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION
Task: {FDAB175E-B141-4373-9024-532B1A0A4BA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => D:\Logiciel\pdfxchange viewer\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{42d623dd-82c6-4808-aa34-dc43c3efa8e2}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Profile: C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-04]
Edge Extension: (Avira Safe Shopping) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-01-02]
Edge Extension: (Avira Password Manager) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-01-02]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-25]
Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip]
Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: ozbwyszl.default
FF DefaultProfile: zqdex72t.default
FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602 [2023-01-04]
FF Homepage: Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602 -> hxxps://www.symbaloo.com/home/mix/13eP7083bb
FF Extension: (AdGuard AdBlocker) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\adguardadblocker@adguard.com.xpi [2023-01-03]
FF Extension: (Save Page WE) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\savepage-we@DW-dev.xpi [2023-01-03]
FF Extension: (Google Translator for Firefox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\translator@zoli.bod.xpi [2023-01-03]
FF Extension: (uBlock Origin) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\uBlock0@raymondhill.net.xpi [2023-01-03]
FF Extension: (Flagfox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2023-01-03]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2023-01-03]
FF Extension: (Firefox Personas) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{566b2b3b-67cd-467f-8dba-e1443e93fb03}.xpi [2023-01-03]
FF Extension: (dreamstime death race) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{7356ce0a-450a-4f4d-9538-5ebd1703e396}.xpi [2023-01-03]
FF Extension: (rainbow blur) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2023-01-03]
FF Extension: (Madjoker of this life) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{886f09cf-2035-40e2-8e71-0a03044f7043}.xpi [2023-01-03]
FF Extension: (Just a theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{8ec3a412-28c0-4836-8be4-ece0a02401af}.xpi [2023-01-03]
FF Extension: (Mozilla: Firefox OS) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2023-01-03]
FF Extension: (Tokisaki Kurumi by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{98abe1c1-a798-4238-93fb-ec2ba3c80bb8}.xpi [2023-01-03]
FF Extension: (Persona 4) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{a7aa8cf5-e9bb-4c03-8282-1377938bec4f}.xpi [2023-01-03]
FF Extension: (Persona 5 Theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{acaa7837-683e-459b-bd13-7f5a2b896ae1}.xpi [2023-01-03]
FF Extension: (Symbaloo Homepage and Search) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{c0674718-842b-4d4c-83f2-0627b7098f12}.xpi [2023-01-03]
FF Extension: (multicolor trail by candelora) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{c3d0c72d-ffef-4fa9-b169-4d7a5d171504}.xpi [2023-01-03]
FF Extension: (FirefoxClassicalBlue) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2023-01-03]
FF Extension: (Megumin by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc58ddef-16a2-4270-8992-aad08be9de60}.xpi [2023-01-03]
FF Extension: (Shimakaze by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc808bc8-9d03-4559-9cde-c535b154d0d1}.xpi [2023-01-03]
FF Extension: (Dark Fox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2023-01-03]
FF Extension: (LUNA FOX for Red Themes) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{f70f3915-bbb5-423d-be63-3c4ad9681b09}.xpi [2023-01-03]
FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\ozbwyszl.default [2021-09-25]
FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 [2023-01-03]
FF Homepage: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> hxxps://www.symbaloo.com/
FF HomepageOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Disabled: {c0674718-842b-4d4c-83f2-0627b7098f12}
FF NewTabOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Disabled: {c0674718-842b-4d4c-83f2-0627b7098f12}
FF NewTabOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Enabled: uBlock0@raymondhill.net
FF Extension: (Facebook Container) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\@contain-facebook.xpi [2021-10-22]
FF Extension: (Save Page WE) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\savepage-we@DW-dev.xpi [2021-10-22]
FF Extension: (Google Translator for Firefox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\translator@zoli.bod.xpi [2021-10-22]
FF Extension: (uBlock Origin) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\uBlock0@raymondhill.net.xpi [2021-10-22]
FF Extension: (Flagfox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2021-10-22]
FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2021-10-22]
FF Extension: (Bitwarden) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-10-22]
FF Extension: (Firefox Personas) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{566b2b3b-67cd-467f-8dba-e1443e93fb03}.xpi [2021-10-22]
FF Extension: (dreamstime death race) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{7356ce0a-450a-4f4d-9538-5ebd1703e396}.xpi [2021-10-22]
FF Extension: (rainbow blur) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2021-10-22]
FF Extension: (Madjoker of this life) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{886f09cf-2035-40e2-8e71-0a03044f7043}.xpi [2021-10-22]
FF Extension: (Just a theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{8ec3a412-28c0-4836-8be4-ece0a02401af}.xpi [2021-10-22]
FF Extension: (Mozilla: Firefox OS) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2021-10-22]
FF Extension: (Tokisaki Kurumi by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{98abe1c1-a798-4238-93fb-ec2ba3c80bb8}.xpi [2021-10-22]
FF Extension: (Persona 4) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{a7aa8cf5-e9bb-4c03-8282-1377938bec4f}.xpi [2021-10-22]
FF Extension: (Persona 5 Theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{acaa7837-683e-459b-bd13-7f5a2b896ae1}.xpi [2021-10-22]
FF Extension: (Video DownloadHelper) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-10-22]
FF Extension: (Symbaloo Homepage and Search) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c0674718-842b-4d4c-83f2-0627b7098f12}.xpi [2021-10-22]
FF Extension: (multicolor trail by candelora) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c3d0c72d-ffef-4fa9-b169-4d7a5d171504}.xpi [2021-10-22]
FF Extension: () - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c8934291-7998-4094-84fa-a352e8bd3aad}.xpi [2021-10-22]
FF Extension: (FirefoxClassicalBlue) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2021-10-22]
FF Extension: (Megumin by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc58ddef-16a2-4270-8992-aad08be9de60}.xpi [2021-10-22]
FF Extension: (Shimakaze by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc808bc8-9d03-4559-9cde-c535b154d0d1}.xpi [2021-10-22]
FF Extension: (Dark Fox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-10-22]
FF Extension: (LUNA FOX for Red Themes) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{f70f3915-bbb5-423d-be63-3c4ad9681b09}.xpi [2021-10-22]
FF ProfilePath: C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default [2023-01-03]
FF DownloadDir: D:\Telechargement
FF Homepage: Moonchild Productions\Pale Moon\Profiles\zqdex72t.default -> hxxps://www.symbaloo.com/home/mix/13eP7083bb
FF Extension: (French) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\fr-FR@dictionaries.thereisonlyxul.org [2021-08-11] [] [non signé]
FF Extension: (Français (FR) Language Pack) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\langpack-fr@palemoon.org.xpi [2021-08-20] [] [non signé]
FF Extension: (Pale Moon Locale Switcher) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\pm-localeswitch@palemoon.org.xpi [2021-08-11] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => non trouvé(e)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.14 -> D:\Logiciel\VLC\npvlc.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Logiciel\Foxit reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Logiciel\Foxit reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Logiciel\picasa\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1500095853-800338277-2208543213-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default [2023-01-03]
CHR HomePage: Default -> hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp3_hp
CHR StartupUrls: Default -> "hxxps://www.symbaloo.com/home/mix/13eP7083bb","hxxps://www.google.com/"
CHR Extension: (Google Traduction) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-01]
CHR Extension: (Save Page WE) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhpefjklgkmgeafimnjhojgjamoafof [2022-12-30]
CHR Extension: (Désactivation de Google Analytics) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2021-07-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-30]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-30]
CHR Extension: (WhatFont) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-07-18]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-01-24]
CHR Extension: (Video DownloadHelper) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2022-11-02]
CHR Extension: (Save to Pocket) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-12-30]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-18]
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-03]
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-01-03]
CHR StartupUrls: Profile 1 -> "hxxps://www.symbaloo.com/home/mix/13eP6jdBdd"
CHR Extension: (Slides) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-26]
CHR Extension: (Docs) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-26]
CHR Extension: (Google Drive) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-26]
CHR Extension: (Sheets) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-26]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-26]
CHR Extension: (Gmail) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-26]
CHR Extension: (Chrome Media Router) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-26]
CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-03]
CHR HKU\S-1-5-21-1500095853-800338277-2208543213-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable [2023-01-04]
OPR DownloadDir: D:\Telechargement
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-01]
OPR Extension: (Opera Wallet) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-03]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-01]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.1\ABService.exe [1024448 2021-05-14] (AOMEI International Network Limited -> AOMEI International Network Limited)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [438592 2020-11-06] (Digital Wave Ltd -> Digital Wave Ltd)
R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé]
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2022-09-01] () [Fichier non signé]
R2 MyMediaForAlexa; C:\Program Files\MyMediaForAlexa\MyMediaForAlexa.exe [3140280 2019-02-18] (bizmodeller Ltd -> bizmodeller Ltd)
R2 PDF24; D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe [595640 2022-10-31] (geek software GmbH -> geek software GmbH)
S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2020-02-18] (QFX Software Corporation -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AviraFallbackUpdater; "C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe" FallbackUpdater=true [X]
S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\108.0.5359.125\elevation_service.exe" [X]
S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2021-06-29] (AOMEI International Network Limited -> )
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MpKslb1f3128f; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [214280 2022-12-23] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsldf862111; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E19440A-E264-45A9-A66A-BC10D101CB23}\MpKslDrv.sys [214280 2023-01-04] (Microsoft Windows -> Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-07-09] (Paragon Software GmbH -> )
R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-07-09] (Paragon Software GmbH -> )
R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700296 2014-07-09] (Paragon Software GmbH -> )
S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2021-02-27] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-04 10:45 - 2023-01-04 10:46 - 000049339 _____ C:\Users\conta\Desktop\FRST.txt
2023-01-04 10:44 - 2023-01-04 10:46 - 000000000 ____D C:\FRST
2023-01-04 10:42 - 2023-01-04 10:42 - 002376192 _____ (Farbar) C:\Users\conta\Desktop\FRST64.exe
2023-01-03 10:20 - 2023-01-03 10:21 - 000000000 ____D C:\AdwCleaner
2023-01-03 07:13 - 2023-01-03 07:13 - 000000000 ____D C:\ProgramData\Piriform
2023-01-02 08:31 - 2023-01-02 08:31 - 000000000 ____D C:\Users\Public\Security Sessions
2022-12-31 10:04 - 2022-12-31 10:04 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-12-31 10:00 - 2022-12-31 10:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira
2022-12-31 09:56 - 2022-12-31 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter
2022-12-31 09:55 - 2022-12-31 09:56 - 000113696 _____ C:\WINDOWS\system32\rtp.db
2022-12-31 09:54 - 2023-01-02 08:32 - 000000000 ____D C:\Users\conta\AppData\Local\Avira
2022-12-31 09:53 - 2023-01-03 18:36 - 000000000 ____D C:\ProgramData\Avira
2022-12-31 04:40 - 2022-12-31 04:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.13
2022-12-31 03:50 - 2023-01-04 08:06 - 000013632 _____ C:\Users\conta\Desktop\EDF GDF 2023.ods
2022-12-30 15:00 - 2023-01-04 10:25 - 000004030 _____ C:\WINDOWS\system32\Tasks\WDDiscovery Service
2022-12-30 14:49 - 2023-01-03 08:00 - 000003636 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask
2022-12-29 14:55 - 2022-12-29 14:55 - 000000112 ___SH C:\bootTel.dat
2022-12-29 14:54 - 2022-12-29 14:54 - 000000000 __SHD C:\found.000
2022-12-29 07:39 - 2022-12-31 10:04 - 000000000 ____D C:\Users\conta\AppData\LocalLow\IGDump
2022-12-29 07:37 - 2022-12-31 10:10 - 000000000 ____D C:\Program Files\Malwarebytes
2022-12-28 12:03 - 2022-12-28 12:03 - 000000000 ____D C:\Users\conta\.fontconfig
2022-12-28 12:02 - 2022-12-28 12:12 - 000000000 ____D C:\Users\conta\AppData\Local\Movavi
2022-12-28 12:02 - 2022-12-28 12:02 - 000012616 _____ C:\ProgramData\sguasgrp.vby
2022-12-28 12:02 - 2022-12-28 12:02 - 000000000 ____D C:\Users\conta\AppData\Local\converter
2022-12-28 12:02 - 2022-12-28 12:02 - 000000000 ____D C:\ProgramData\movavi
2022-12-28 11:42 - 2023-01-03 08:00 - 000000000 ____D C:\Users\conta\AppData\Local\BrightData
2022-12-28 11:42 - 2023-01-03 08:00 - 000000000 ____D C:\ProgramData\BrightData
2022-12-28 11:41 - 2022-12-31 11:10 - 000000000 ____D C:\Users\conta\AppData\Local\Free_Time_Co.,_Ltd
2022-12-27 16:15 - 2023-01-04 05:25 - 000003816 _____ C:\WINDOWS\system32\Tasks\VSPXService
2022-12-27 16:15 - 2022-12-27 16:15 - 000003344 _____ C:\WINDOWS\system32\Tasks\VSPXService_LG
2022-12-27 16:15 - 2022-12-27 16:15 - 000000000 ____D C:\Users\conta\AppData\Roaming\YSPX
2022-12-26 16:16 - 2022-12-26 16:16 - 000000000 ____D C:\Users\conta\AppData\Roaming\UPDX
2022-12-26 16:14 - 2023-01-04 05:24 - 000003804 _____ C:\WINDOWS\system32\Tasks\APTXService
2022-12-26 16:14 - 2022-12-26 16:14 - 000003784 _____ C:\WINDOWS\system32\Tasks\APTXService_LG
2022-12-26 16:14 - 2022-12-26 16:14 - 000000000 ____D C:\Users\conta\AppData\Local\WAAM
2022-12-26 16:12 - 2022-12-26 16:13 - 000004032 _____ C:\WINDOWS\system32\Tasks\WD Start Service
2022-12-26 16:12 - 2022-12-26 16:12 - 000000000 ____D C:\Users\conta\AppData\Roaming\Packages
2022-12-26 16:12 - 2022-12-26 16:12 - 000000000 ____D C:\ProgramData\Western Digital
2022-12-25 09:43 - 2022-12-25 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack
2022-12-25 09:43 - 2022-12-25 09:43 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2022-12-23 07:07 - 2022-12-23 07:07 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2022-12-22 09:59 - 2022-12-22 09:59 - 000000000 ____D C:\Users\conta\AppData\Local\BuildAGadget Content
2022-12-22 09:23 - 2022-12-23 16:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2022-12-19 10:01 - 2023-01-04 07:30 - 000012335 _____ C:\Users\conta\Desktop\dep 2023.ods
2022-12-19 09:27 - 2022-12-31 09:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-12-15 07:14 - 2022-12-16 09:44 - 000000000 ____D C:\Users\conta\AppData\Roaming\XnViewMP
2022-12-15 07:13 - 2022-12-15 07:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnViewMP
2022-12-09 08:17 - 2022-12-14 10:42 - 000000000 ____D C:\Users\conta\AppData\Roaming\dvdcss
2022-12-01 13:18 - 2022-12-01 13:18 - 000000000 ____D C:\Users\conta\AppData\Roaming\LibreOffice
2022-12-01 13:15 - 2022-12-01 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4
2022-12-01 13:14 - 2022-12-01 13:15 - 000000000 ____D C:\Program Files\LibreOffice
2022-12-01 07:56 - 2022-12-23 10:27 - 000004172 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1669877784
2022-12-01 07:56 - 2022-12-23 10:27 - 000001452 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-12-01 07:56 - 2022-12-01 07:56 - 000000000 ____D C:\Users\conta\AppData\Local\Opera Software
2022-12-01 07:55 - 2022-12-01 07:55 - 000000000 ____D C:\Users\conta\AppData\Roaming\Opera Software
2022-11-27 10:57 - 2022-11-27 10:57 - 000000000 ____D C:\Users\conta\AppData\Local\SolidDocuments
2022-11-27 10:56 - 2022-11-27 10:56 - 000000000 ____D C:\Program Files\Adobe
2022-11-27 10:55 - 2022-11-27 10:56 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-11-24 06:17 - 2022-11-24 06:17 - 000000000 ____D C:\Users\conta\AppData\Local\MicrosoftEdge
2022-11-24 06:08 - 2022-11-24 06:08 - 000000000 ___HD C:\$WinREAgent
2022-11-18 04:18 - 2022-11-18 04:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2022-11-15 07:17 - 2022-12-15 06:11 - 000000000 ____D C:\Program Files\dotnet
2022-11-15 07:17 - 2022-11-15 08:16 - 000000000 ____D C:\Users\conta\AppData\Local\Text_Grab
2022-11-15 07:17 - 2022-11-15 07:17 - 000000000 ____D C:\Users\conta\AppData\Local\ToastNotificationManagerCompat
2022-11-11 09:47 - 2022-11-11 09:59 - 000000000 ____D C:\Program Files\Wondershare
2022-11-11 09:47 - 2022-11-11 09:47 - 000000016 _____ C:\ProgramData\mntemp
2022-11-11 07:47 - 2022-12-28 12:05 - 000000000 ____D C:\Users\conta\AppData\Local\cache
2022-11-11 07:46 - 2022-11-11 07:46 - 000000000 ____D C:\Users\conta\AppData\Local\Topaz Labs
2022-11-08 06:18 - 2023-01-01 09:36 - 000000000 ____D C:\Users\conta\Documents\MEGAsync Downloads
2022-11-05 18:21 - 2022-11-05 18:21 - 000000000 ____D C:\Users\conta\Documents\Snapshot
2022-11-05 18:21 - 2022-11-05 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video to Video
2022-11-05 16:14 - 2022-11-05 16:14 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2022-11-05 16:13 - 2022-11-11 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-11-05 16:13 - 2022-11-06 07:28 - 000000000 ____D C:\Users\conta\AppData\Roaming\Wondershare
2022-11-05 16:13 - 2022-11-05 16:13 - 000000000 ____D C:\Users\conta\AppData\Local\Wondershare
2022-11-05 16:13 - 2022-11-05 16:13 - 000000000 ____D C:\ProgramData\GraphicsType14
2022-11-05 16:12 - 2022-11-11 09:56 - 000000000 ____D C:\ProgramData\Wondershare
2022-11-05 16:12 - 2022-11-11 09:54 - 000000000 ____D C:\Program Files (x86)\Wondershare
2022-11-05 10:47 - 2022-11-05 10:48 - 000000000 ____D C:\Users\conta\AppData\Local\Sidebar7
2022-11-05 10:47 - 2022-11-05 10:47 - 000000000 ____D C:\Users\conta\AppData\Local\Clipboarder
2022-11-04 06:18 - 2022-11-04 06:18 - 000021323 _____ C:\Users\conta\.pdfbox.cache
2022-11-03 08:57 - 2022-11-03 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2022-11-02 07:36 - 2022-12-25 09:45 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2022-11-02 07:36 - 2022-12-23 16:05 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2022-11-02 07:35 - 2022-11-02 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2022-10-20 08:21 - 2022-10-20 08:21 - 000000000 ____D C:\Users\conta\AppData\Local\myCANAL
2022-10-20 08:20 - 2022-10-20 08:37 - 000000000 ____D C:\ProgramData\myCANAL
2022-10-20 08:20 - 2022-10-20 08:20 - 000002511 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCANAL.lnk
2022-10-20 08:20 - 2022-10-20 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2022-10-20 08:20 - 2022-10-20 08:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2022-10-19 06:43 - 2022-10-19 06:43 - 000002239 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\Users\conta\AppData\Roaming\lddownloader
2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\Users\conta\AppData\Roaming\ChangZhi2
2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\LDPlayer
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-04 10:46 - 2020-05-04 11:17 - 000000000 ____D C:\Users\conta\AppData\LocalLow\Mozilla
2023-01-04 10:42 - 2022-02-09 07:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-04 10:41 - 2021-02-27 11:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-04 10:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-04 09:53 - 2020-05-07 02:31 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-04 06:46 - 2020-07-19 06:30 - 000000000 ____D C:\Program Files\MyMediaForAlexa
2023-01-04 06:29 - 2020-05-04 11:57 - 000000000 ____D C:\Users\conta\AppData\Roaming\vlc
2023-01-04 06:19 - 2020-09-20 09:37 - 000000000 ____D C:\Users\conta\AppData\Roaming\ObviousIdea
2023-01-04 06:12 - 2022-03-14 10:49 - 000179146 _____ C:\Users\conta\Documents\conso journaliere.ods
2023-01-04 05:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-04 05:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-04 05:28 - 2021-02-27 12:02 - 000004156 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4FB6E3A9-40EB-4E3E-B014-6812897FD4CA}
2023-01-04 05:27 - 2021-11-08 03:16 - 000000000 ____D C:\Program Files\CCleaner
2023-01-04 05:24 - 2020-05-04 09:38 - 000000000 __SHD C:\Users\conta\IntelGraphicsProfiles
2023-01-03 18:44 - 2021-02-27 12:04 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-03 18:44 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-03 18:44 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-03 18:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-03 18:42 - 2020-05-04 09:43 - 000000000 ____D C:\Users\conta\AppData\Local\Lenovo
2023-01-03 18:37 - 2021-02-27 12:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-03 18:37 - 2021-02-27 11:56 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-03 18:37 - 2020-05-08 07:35 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-01-03 18:37 - 2020-05-08 07:35 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-01-03 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-03 18:37 - 2019-05-16 03:18 - 000000134 _____ C:\WINDOWS\system32\regtest.txt
2023-01-03 18:37 - 2019-05-16 03:17 - 000000000 ___HD C:\Intel
2023-01-03 18:36 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-01-03 14:30 - 2021-08-29 08:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-03 12:31 - 2020-05-06 16:38 - 000000000 ____D C:\Users\conta\AppData\Local\D3DSCache
2023-01-03 10:29 - 2020-05-04 09:38 - 000000000 ____D C:\Users\conta\AppData\Local\Packages
2023-01-03 10:21 - 2019-05-16 03:04 - 000000000 ____D C:\ProgramData\Lenovo
2023-01-03 07:29 - 2020-08-18 13:34 - 000000000 ____D C:\Users\conta\AppData\Roaming\ZHP
2023-01-02 15:23 - 2021-04-23 07:56 - 000000000 ____D C:\Program Files\Google
2023-01-01 09:27 - 2021-04-23 07:04 - 000000000 ____D C:\Users\conta\AppData\Local\MEGAsync
2022-12-31 14:23 - 2021-07-04 07:08 - 000000000 ____D C:\WINDOWS\Minidump
2022-12-31 14:23 - 2021-06-16 16:39 - 000000000 ____D C:\Users\conta\AppData\Local\CrashDumps
2022-12-31 09:59 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-12-31 09:56 - 2021-02-27 11:56 - 000487544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-12-31 04:40 - 2022-08-06 02:36 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2022-12-30 14:58 - 2021-02-27 11:29 - 000000000 ____D C:\Users\conta
2022-12-30 14:54 - 2020-12-20 09:40 - 000000000 ____D C:\Users\conta\AppData\Roaming\Apowersoft
2022-12-30 14:54 - 2020-12-20 09:39 - 000000000 ____D C:\Users\conta\AppData\Local\Apowersoft
2022-12-27 08:25 - 2021-01-14 07:51 - 000000000 ____D C:\Users\conta\AppData\Local\FileConverter
2022-12-25 10:15 - 2020-05-04 11:41 - 000049513 _____ C:\Users\conta\Desktop\tel 29 dec 2022.ods
2022-12-25 09:43 - 2021-07-02 09:00 - 000000000 ____D C:\Program Files\Windows Sidebar
2022-12-25 09:33 - 2020-05-04 09:42 - 000000000 ____D C:\Users\conta\AppData\Local\PlaceholderTileLogoFolder
2022-12-23 16:05 - 2021-10-13 07:54 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-12-23 16:04 - 2021-08-29 08:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-22 13:40 - 2020-05-04 11:28 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2022-12-19 09:29 - 2021-08-29 08:58 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-12-18 10:53 - 2020-05-04 12:16 - 000000000 ____D C:\Users\conta\AppData\Roaming\Molotov
2022-12-17 16:11 - 2020-06-26 05:11 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-15 06:11 - 2019-05-16 03:03 - 000000000 ____D C:\ProgramData\Package Cache
2022-12-14 10:54 - 2020-05-04 11:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-14 10:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-12-14 10:51 - 2020-05-04 11:49 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-10 15:29 - 2022-09-22 08:10 - 000000000 ____D C:\Users\conta\AppData\Local\molotov-updater
2022-12-09 06:54 - 2018-09-19 19:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2021-01-23 04:18 - 2022-10-27 06:15 - 000001520 _____ () C:\Users\conta\AppData\Roaming\FSLog.log
2021-04-28 08:49 - 2021-04-28 08:49 - 000000041 _____ () C:\Users\conta\AppData\Roaming\stsetting.ini
2020-09-05 03:13 - 2021-01-23 03:57 - 000000129 _____ () C:\Users\conta\AppData\Local\ecf81c3ad8bc03595e9e09d117d92c37
2022-07-15 06:58 - 2022-07-15 06:58 - 000001258 _____ () C:\Users\conta\AppData\Local\recently-used.xbel
2020-05-08 05:24 - 2020-05-08 05:24 - 000000017 _____ () C:\Users\conta\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2020-05-10 02:46 - 1998-07-13 01:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL
2020-05-10 02:46 - 1998-07-13 00:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETFR.DLL
2020-05-10 02:46 - 1998-07-13 02:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCIFR.DLL
2020-05-10 02:46 - 1998-07-13 01:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL
2020-05-10 02:46 - 1998-07-13 00:00 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIFR.DLL
2020-05-10 02:46 - 2001-08-24 14:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll
2007-12-04 16:53 - 2007-12-04 16:53 - 000053248 ____R (PalmSource, Inc) C:\WINDOWS\SysWOW64\PalmDevC.dll
2021-07-12 13:12 - 2019-07-16 17:42 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll
2020-05-10 02:46 - 2000-10-02 02:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL
2020-05-10 02:46 - 2000-07-15 02:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL
2020-05-10 02:46 - 2005-10-14 10:57 - 000237568 _____ (EnAppSys Ltd) C:\WINDOWS\SysWOW64\vbXML.dll
2020-05-10 02:46 - 2005-10-16 16:34 - 000151552 _____ (EnAppSys Ltd) C:\WINDOWS\SysWOW64\vbXMLRPC.dll
2023-01-04 10:42 - 2023-01-04 10:42 - 002376192 _____ (Farbar) C:\Users\conta\Desktop\FRST64.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de d‚marrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {5dad00f1-77d1-11e9-8ff4-806e6f6e6963}
{bootmgr}
{5dad00f2-77d1-11e9-8ff4-806e6f6e6963}
{5dad00f3-77d1-11e9-8ff4-806e6f6e6963}
timeout 0
Gestionnaire de d‚marrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {721fdc6f-bbad-11ea-9cd2-3cf011327b1a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 0
Application logicielle (101fffff)
--------------------------------
identificateur {5dad00f1-77d1-11e9-8ff4-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {5dad00f2-77d1-11e9-8ff4-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {5dad00f3-77d1-11e9-8ff4-806e6f6e6963}
description EFI Network
Chargeur de d‚marrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {721fdc72-bbad-11ea-9cd2-3cf011327b1a}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {721fdc6f-bbad-11ea-9cd2-3cf011327b1a}
nx OptIn
bootmenupolicy Standard
Chargeur de d‚marrage Windows
-----------------------------
identificateur {721fdc72-bbad-11ea-9cd2-3cf011327b1a}
device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{721fdc73-bbad-11ea-9cd2-3cf011327b1a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{721fdc73-bbad-11ea-9cd2-3cf011327b1a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre … partir de la mise en veille prolong‚e
-------------------------------------------------
identificateur {721fdc6f-bbad-11ea-9cd2-3cf011327b1a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {721fdc72-bbad-11ea-9cd2-3cf011327b1a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de m‚moire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume3
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics m‚moire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
ParamŠtres EMS
--------------
identificateur {emssettings}
bootems No
ParamŠtres du d‚bogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de m‚moire RAM
----------------------
identificateur {badmemory}
ParamŠtres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
ParamŠtres du chargeur de d‚marrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
ParamŠtres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
ParamŠtres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de p‚riph‚rique
-----------------------
identificateur {721fdc73-bbad-11ea-9cd2-3cf011327b1a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume6
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================