Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-01-2023
Exécuté par Kenzi (administrateur) sur LAPTOP-TS8VPE4S (HP HP Pavilion Notebook) (22-01-2023 12:00:36)
Exécuté depuis C:\Users\Kenzi\Desktop
Profils chargés: Kenzi
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2364 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(services.exe ->) (Keepsolid Inc. -> KeepSolid Inc.) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Sanford, L.P.) [Fichier non signé] C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> wondershare) C:\ProgramData\Wondershare\wsServices\WsidService.exe
(svchost.exe ->) () [Fichier non signé] C:\Users\Kenzi\AppData\Local\Temp\16de06bfb4\nbveek.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\pacjsworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\wscript.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9353720 2022-04-13] () [Fichier non signé]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [UniConverterUpdateHelper] => C:\Program Files\Wondershare\UniConverter 14\WSVCUUpdateHelper.exe (Pas de fichier)
HKLM\...\Run: [NCH Sync Service] => C:\Users\Kenzi\AppData\Roaming\NCH Software\DrawPad\DpEditor.exe [2812416 2023-01-18] () [Fichier non signé]
HKLM-x32\...\Run: [I16A] => C:\WINDOWS\twain_32\Brimi16a\Common\TwDsUiLaunch.exe [177896 2022-04-13] () [Fichier non signé]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [DYMOWebApi] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.WebApi.Win.Host.exe [181230592 2022-02-24] (Sanford, L.P. -> DYMO.WebApi.Win.Host)
HKLM-x32\...\Run: [DymoOfficeHelper] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.OfficeHelper.exe [63488 2022-02-24] () [Fichier non signé]
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2023-01-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
HKLM\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32883768 2021-01-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-04-18] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [409280 2022-01-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [185480 2022-04-11] () [Fichier non signé]
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [] => [X]
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [DYMOConnectLauncher] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe [163968 2022-02-24] (Sanford, L.P. -> )
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [Bonus.SSR.FR14] => C:\Program Files (x86)\ABBYY FineReader 14\ScreenshotReader.exe [1082016 2019-02-13] (ABBYY Production LLC -> ABBYY Production LLC.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [NoAutoTrayNotify] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [DisableThumbnailCache] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\MountPoints2: {9717d467-2cf9-11ec-95b0-802bf97ae470} - "E:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\windows\system32\LW400MON.DLL [16384 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-06-23] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2187520 2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR: C:\WINDOWS\system32\pxc50pmaf.dll [57536 2016-10-03] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\pdfcmon: C:\windows\system32\pdfcmon.dll [116736 2020-06-23] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{7AAA1755-7D74-46C7-8FFC-555695FA5A75}] -> C:\Program Files (x86)\ABBYY FineReader 14\ScreenshotReader.exe [2019-02-13] (ABBYY Production LLC -> ABBYY Production LLC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2022-01-18] () <==== ATTENTION [zéro octet Fichier/Dossier]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java Corporation.jar [2022-01-12] () [Fichier non signé]
Startup: C:\Users\Kenzi\AppData\Local\Temp\16de06bfb4\\nbveek.exe [] () [Fichier non signé]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0F1E5D70-42FD-46B4-8A32-85B379CEA041} - System32\Tasks\otEygLumisDPdh => rundll32 "C:\Program Files (x86)\wJlaTuOLtKJU2\spjfyFZyYIKKz.dll",#1 <==== ATTENTION
Task: {1367E190-3C17-463D-9F32-4CE984AFABE7} - System32\Tasks\WqtroWbimSXMCzo2 => rundll32 "C:\Program Files (x86)\KHoavQDJU\pfFyIK.dll",#1 <==== ATTENTION
Task: {18F2AF05-6DCC-4058-8DCD-5732EEEF18BD} - System32\Tasks\GoogleUpdateTaskMachineCore{5107069F-6FD2-4756-AA4D-5B267A29A884} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-15] (Google LLC -> Google LLC)
Task: {1BDC0FAC-4AE4-4370-9FAA-5C0D6B8C123C} - System32\Tasks\CCleanerSkipUAC - Kenzi => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F04FE6C-541E-4C2C-851F-034A9BF9D55A} - System32\Tasks\tbsnethprovfw => C:\\ProgramData\\provlaunchActionCenterCPL\\tbsnethprovfw.exe (Pas de fichier)
Task: {218E4DE2-7F97-4BFD-AB3C-C0B34C5D7B08} - System32\Tasks\CertEnrollCtrlwsnhmp32 => C:\\ProgramData\\provlaunchActionCenterCPL\\CertEnrollCtrlwsnhmp32.exe (Pas de fichier)
Task: {286A211F-AC82-4DD1-83EF-4DF947BB3B1C} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-09-26] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {2895FAD5-8753-4032-BB80-E575A2F80DFA} - System32\Tasks\GoogleUpdateTaskMachineUA{158C8F57-DAA9-4E70-B355-AAB51EBEE3FC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-15] (Google LLC -> Google LLC)
Task: {2A30C857-2717-48CC-8C20-41D10F233B36} - System32\Tasks\FreedomeReset => C:\Program Files (x86)\F-Secure\Freedome\Freset.exe (Pas de fichier)
Task: {48572D4E-2E7F-4530-959E-C6F7318379C4} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1318912 2022-04-12] () [Fichier non signé]
Task: {52EC819D-A10F-42B2-9F9E-27044D7D5806} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {68785F30-EA1C-4FFF-A40C-3EFAC46FBD33} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A0ECEA6-0151-4CB1-84EE-6C41720ABF4C} - System32\Tasks\IJxgZaXRQLFfKvxUy => C:\WINDOWS\Temp\SREVnnslRCgnBiYt\DiAhsUsSRwlpddi\hPdCZLQ.exe fc /site_id 385104 /S (Pas de fichier) <==== ATTENTION
Task: {6B761B6F-1F79-431F-9410-FDA6E7BA085F} - System32\Tasks\jJqUCWELvHLKCSHkM2 => rundll32 "C:\Program Files (x86)\haxpJacLpedqIyIGTER\yCpsLak.dll",#1 <==== ATTENTION
Task: {7FDB885A-3623-4252-8EDA-8CDCE8F3736F} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Kenzi\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {83F6E9CB-28AC-49A1-B0FB-CB421DDFD14B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2263190244-149697588-2662336564-500 => C:\Users\Kenzi\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {8456A0B7-59AA-4416-B943-9A42C8CA1A7E} - System32\Tasks\DXXDqSMoPFhlY2 => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\cqPTTQEbRbGTurVB\Whoudcw.wsf" <==== ATTENTION
Task: {CD80CDE7-8FE7-4E85-8306-97636C0AF0A1} - System32\Tasks\gUKbNaAXe => powershell -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA== <==== ATTENTION
Task: {D3D935B9-75A7-4A09-82E0-458579A67B0B} - System32\Tasks\YuEoRlvyhXXXUQKVHEv2 => rundll32 "C:\Program Files (x86)\QFruvzjEqeEAC\pkURsDY.dll",#1 <==== ATTENTION
Task: {DCD5C851-6221-4532-8F53-2FCEE4AB9475} - System32\Tasks\UGejf1 => "C:\Program Files\Mozilla Firefox\firefox.exe" (Pas de fichier)
Task: {E0BA8FE3-F210-48D1-A6DE-0DED5A5861C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC17B8DC-EAD6-4B67-8E12-2694390EDDA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {EE3765E2-1FA0-4AD5-B677-10025327AC98} - System32\Tasks\LicensingUIRobocopy => C:\\ProgramData\\provlaunchActionCenterCPL\\LicensingUIRobocopy.exe (Pas de fichier)
Task: {EF6C4174-F41F-42FF-B37E-A77E17985B1A} - System32\Tasks\nbveek.exe => C:\Users\Kenzi\AppData\Local\Temp\16de06bfb4\nbveek.exe [250368 2023-01-18] () [Fichier non signé] <==== ATTENTION
Task: {F181D08F-5F2B-4B56-AB9D-F5D8B5479B56} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\Kenzi\AppData\Roaming\\sysinfotool\\sitool.exe [75776 ] () [Fichier non signé] <==== ATTENTION
Task: {F45846EA-4638-45E6-8521-4F775C96ABD0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {F6B5DDE6-1C62-44A2-A328-209FB7770D20} - System32\Tasks\Disable LockScreen => reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\IJxgZaXRQLFfKvxUy.job => C:\WINDOWS\Temp\SREVnnslRCgnBiYt\DiAhsUsSRwlpddi\hPdCZLQ.exe <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [{0DACFC30-90FA-40FB-A18C-3AAB3D79D666}] => hxxp://34.80.59.191/win.pac <==== ATTENTION
ProxyServer: [S-1-5-21-2263190244-149697588-2662336564-1001] => 127.0.0.1:8080
AutoConfigURL: [S-1-5-21-2263190244-149697588-2662336564-1001] => hxxp://34.80.59.191/win.pac <==== ATTENTION
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222
Tcpip\..\Interfaces\{651a03fb-f63e-41e9-bf5a-c49ab5775260}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1
Tcpip\..\Interfaces\{8aed3270-611b-4b9e-91d6-e5eb5b9ff02d}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a91f2b1c-798f-4be3-a832-7d064f842df4}: [DhcpNameServer] 208.67.222.222
Tcpip\..\Interfaces\{b67a6736-90ba-4893-beab-c66059491752}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{f1c315ee-340c-434c-a619-5232958f2b32}: [DhcpNameServer] 208.67.222.222
ManualProxies: 0hxxp://34.80.59.191/win.pac <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kenzi\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-22]
Edge HomePage: Default -> hxxps://find-it.pro/?utm_source=distr_m
Edge StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m"
Edge DefaultSearchURL: Default -> hxxp://search-cdn.net/fip/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> cdn
Edge DefaultSuggestURL: Default -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
Edge Extension: (YoutubeDownloader) - C:\Users\Kenzi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\geiolieogaichbpfhcannipendgnnbkn [2023-01-20] [UpdateUrl:hxxps://clients63.google.com/service/update2/crx] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 6jtz1zr1.default
FF ProfilePath: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\6jtz1zr1.default [2023-01-22]
FF user.js: detected! => C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\6jtz1zr1.default\user.js [2022-09-11]
FF Homepage: Mozilla\Firefox\Profiles\6jtz1zr1.default -> hxxps://www.google.com/
FF SearchPlugin: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\6jtz1zr1.default\searchplugins\cdnsearch.xml [2023-01-21]
FF ProfilePath: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 [2023-01-22]
FF user.js: detected! => C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\user.js [2022-09-11]
FF DownloadDir: C:\Users\Kenzi\Desktop
FF Homepage: Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 -> hxxps://find-it.pro/?utm_source=distr_m
FF NetworkProxy: Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 -> socks", "105.98.42.186"
FF Notifications: Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 -> hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz
FF Extension: (AdBlocker Ultimate) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\adblockultimate@adblockultimate.net.xpi [2022-09-30]
FF Extension: (To Google Translate) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-03-25]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-10-05]
FF Extension: (Video DownloadHelper) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-08]
FF SearchPlugin: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\searchplugins\cdnsearch.xml [2023-01-21]
FF Extension: (Pas de nom) - C:\Program Files\Mozilla Firefox\browser\features\{85FD6ACE-3736-491B-8514-6C8C9556E131}.xpi [2023-01-20] [non signé]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-26] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-26] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-02-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default [2023-01-22]
CHR Notifications: Default -> hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://mail-notification.info; hxxps://mnthor.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://supertopfreegames.com; hxxps://zarabotok-online.xyz
CHR HomePage: Default -> hxxps://find-it.pro/?utm_source=distr_m
CHR StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m","hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://search-cdn.net/fip/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> cdn
CHR DefaultSuggestURL: Default -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (Google Traduction) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-10]
CHR Extension: (YoutubeDownloader) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo [2023-01-20] [UpdateUrl:hxxps://clients38.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Keyword Surfer) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bafijghppfhdpldihckdcadbcobikaca [2022-11-02]
CHR Extension: (WeeklyHits) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkcaaigdmochdchgeiofaddpokiondc [2023-01-19]
CHR Extension: (Télécommande Freebox Delta / Révolution / HD) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhpkpfbolhjcbejckjbiciinkcjlijj [2022-04-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-21]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-20]
CHR Extension: (360 Internet Protection) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2023-01-19]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2023-01-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-10]
CHR Extension: (Google Translate) - C:\Program Files\nndannfdnoaiphfcbbpgkhodebpoiocf [2023-01-18]
CHR Profile: C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault [2023-01-21] <==== ATTENTION
CHR HomePage: oldDefault -> hxxps://find-it.pro/?utm_source=distr_m
CHR StartupUrls: oldDefault -> "hxxps://find-it.pro/?utm_source=distr_m"
CHR DefaultSearchKeyword: oldDefault -> cdn
CHR DefaultSuggestURL: oldDefault -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (Slides) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-15]
CHR Extension: (YoutubeDownloader) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\agcghmjnenlfcjmnldooeaadankclolo [2023-01-21] [UpdateUrl:hxxps://clients91.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Docs) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-15]
CHR Extension: (Google Drive) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-15]
CHR Extension: (YouTube) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-15]
CHR Extension: (Sheets) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-15]
CHR Extension: (Google Docs Offline) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-15]
CHR Extension: (Gmail) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-15]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S2 AppServices; C:\WINDOWS\system32\4VW5GFTT8J.tmp [6144 2023-01-21] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [762344 2022-04-12] () [Fichier non signé]
R2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [1072880 2022-11-16] (Wondershare Technology Group Co.,Ltd -> wondershare)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5030080 2022-01-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DYMOConnectPnPService; C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe [26112 2022-02-24] (Sanford, L.P.) [Fichier non signé]
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
S2 esifsvc; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2224008 2022-04-13] () [Fichier non signé]
S2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\fsvpnservice.exe [1723544 2022-04-12] () [Fichier non signé]
S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\HfcDisableService.exe [1966800 2022-04-13] () [Fichier non signé]
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2956496 2022-04-13] () [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe [868184 2022-04-13] () [Fichier non signé]
S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe [812888 2022-04-13] () [Fichier non signé]
S2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [731128 2022-04-13] () [Fichier non signé]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10605472 2021-04-18] (Logitech Inc -> Logitech, Inc.)
S2 LMS; C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe [4147328 2022-04-13] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2022-12-16] (Malwarebytes Inc. -> Malwarebytes)
R2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [360304 2022-04-12] () [Fichier non signé]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [1102080 2023-01-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S3 QHProtected; C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe [3082096 2023-01-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [350712 2022-04-13] () [Fichier non signé]
S2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [821656 2022-04-13] () [Fichier non signé]
S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [467208 2022-04-13] () [Fichier non signé]
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [48072 2022-11-02] (Keepsolid Inc. -> KeepSolid Inc.)
S3 WireGuardTunnel$VPNUWireguard; C:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [29128 2022-11-02] (Keepsolid Inc. -> )
S3 WsDrvInst; C:\Program Files\Wondershare\UniConverter\Transfer\DriverInstall.exe [112560 2020-12-23] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [164416 2022-04-13] () [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 BadlionAnticheat; C:\WINDOWS\system32\drivers\BadlionAnticheat.sys [2480872 2020-02-05] (Microsoft Windows Hardware Compatibility Publisher ->)
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2021-10-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-09-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-10-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2022-01-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 fsfreedomewintun; C:\WINDOWS\System32\drivers\fsfreedomewintun.sys [31248 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [226560 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2022-06-01] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-04-18] (Logitech Inc -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-05-07] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-05-07] (Logitech -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-05-08] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-05-08] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-05-08] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
S3 SilvrLnk; C:\WINDOWS\System32\drivers\silvrlnk.sys [129536 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [43824 2019-02-01] (SteelSeries ApS -> )
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-10-21] (SteelSeries ApS -> )
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-10-21] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
U0 TaskKill; C:\Users\Kenzi\AppData\Local\Temp\Иисус.sys [36208 2023-01-18] (Sysinternals - www.sysinternals.com) [Fichier non signé] <==== ATTENTION
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-01-24] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66368 2020-06-05] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-19] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S1 360FsFlt; system32\DRIVERS\360FsFlt.sys [X]
U3 aspnet_state; pas de ImagePath
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-22 11:59 - 2023-01-22 11:59 - 000049794 ____C C:\Users\Kenzi\Desktop\Addition.txt
2023-01-22 11:58 - 2023-01-22 12:01 - 000043785 ____C C:\Users\Kenzi\Desktop\FRST.txt
2023-01-22 11:57 - 2023-01-22 11:57 - 000000230 ____C C:\Users\Kenzi\Desktop\Search.txt
2023-01-22 11:56 - 2023-01-22 12:00 - 000000000 ____D C:\FRST
2023-01-22 11:56 - 2023-01-22 11:56 - 002376704 ____C (Farbar) C:\Users\Kenzi\Desktop\FRST64.exe
2023-01-22 11:39 - 2023-01-22 11:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-01-22 11:28 - 2023-01-22 11:28 - 000000000 ___HD C:\$WinREAgent
2023-01-21 13:15 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\AuymVFioVKUn
2023-01-20 17:29 - 2023-01-21 13:15 - 000003356 _____ C:\WINDOWS\system32\Tasks\otEygLumisDPdh
2023-01-20 17:29 - 2023-01-21 13:15 - 000003044 _____ C:\WINDOWS\system32\Tasks\DXXDqSMoPFhlY2
2023-01-20 17:29 - 2023-01-21 13:15 - 000003034 _____ C:\WINDOWS\system32\Tasks\jJqUCWELvHLKCSHkM2
2023-01-20 17:29 - 2023-01-21 13:15 - 000003026 _____ C:\WINDOWS\system32\Tasks\YuEoRlvyhXXXUQKVHEv2
2023-01-20 17:29 - 2023-01-21 13:15 - 000003008 _____ C:\WINDOWS\system32\Tasks\WqtroWbimSXMCzo2
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\ProgramData\cqPTTQEbRbGTurVB
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\wJlaTuOLtKJU2
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\QFruvzjEqeEAC
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\haxpJacLpedqIyIGTER
2023-01-20 17:27 - 2023-01-21 15:06 - 000000000 ____D C:\Program Files (x86)\KHoavQDJU
2023-01-18 21:34 - 2023-01-18 21:34 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\07c6bc37dc5087
2023-01-18 21:32 - 2023-01-22 11:31 - 000003594 _____ C:\WINDOWS\system32\Tasks\nbveek.exe
2023-01-18 21:32 - 2023-01-21 13:59 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\4VW5GFTT8J.tmp
2023-01-18 21:32 - 2023-01-18 21:32 - 000003632 _____ C:\WINDOWS\system32\Tasks\gUKbNaAXe
2023-01-18 21:32 - 2023-01-18 21:32 - 000003286 _____ C:\WINDOWS\system32\Tasks\UGejf1
2023-01-18 21:32 - 2023-01-18 21:32 - 000003002 _____ C:\WINDOWS\system32\Tasks\IJxgZaXRQLFfKvxUy
2023-01-18 21:32 - 2023-01-18 21:32 - 000000460 _____ C:\WINDOWS\Tasks\IJxgZaXRQLFfKvxUy.job
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ___HD C:\ProgramData\DNTException
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\ULPYJrunZ
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\r49qmxGY4MN
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\OLtg6C
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Program Files\nndannfdnoaiphfcbbpgkhodebpoiocf
2023-01-18 21:31 - 2023-01-18 21:31 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\powerOff.lnk
2023-01-18 21:31 - 2023-01-18 21:31 - 000001088 _____ C:\Users\Public\Desktop\powerOff.lnk
2023-01-18 21:31 - 2023-01-18 21:31 - 000000000 ____D C:\Program Files (x86)\powerOff
2023-01-18 21:25 - 2023-01-18 21:26 - 000000000 ____D C:\ProgramData\360TotalSecurity
2023-01-18 21:25 - 2023-01-18 21:25 - 000001229 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ___DC C:\Users\Kenzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\360TotalSecurity
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\ProgramData\360safe
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\Program Files (x86)\360
2023-01-18 21:24 - 2023-01-18 21:24 - 003218493 _____ (Pdf converter ) C:\WINDOWS\unins000.exe
2023-01-18 21:24 - 2023-01-18 21:24 - 000000985 _____ C:\WINDOWS\unins000.dat
2023-01-18 20:48 - 2023-01-18 21:31 - 000000000 ____D C:\Users\Kenzi\AppData\Local\infocomp
2023-01-18 20:48 - 2023-01-18 20:49 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\pmQzPt
2023-01-18 20:48 - 2023-01-18 20:49 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\FC45D5D4B06008F4
2023-01-18 20:48 - 2023-01-18 20:48 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\P2pvzMo1Q
2023-01-18 20:48 - 2023-01-18 20:48 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\kR2sYJi
2023-01-17 23:10 - 2023-01-17 23:10 - 008802798 ____C C:\Users\Kenzi\Desktop\ddddUntitled.tif
2023-01-17 23:03 - 2023-01-17 23:11 - 000831662 ____C C:\Users\Kenzi\Desktop\kenz.tif
2023-01-17 22:57 - 2023-01-17 22:57 - 008697658 ____C C:\Users\Kenzi\Desktop\Untitled.tif
2023-01-17 17:20 - 2023-01-17 17:20 - 000018995 _____ C:\Users\Kenzi\Downloads\FA1640564.pdf
2023-01-17 16:54 - 2023-01-17 17:21 - 000000000 ___DC C:\Users\Kenzi\Desktop\Nouveau dossier (2)
2023-01-17 16:26 - 2023-01-17 16:26 - 000037769 ____C C:\Users\Kenzi\Desktop\CRA_SEPTEMBRE_2022_KAMEL.ods
2023-01-13 18:51 - 2023-01-13 18:51 - 000383441 _____ C:\Users\Kenzi\Downloads\order-confirmation-63c19a0b1b9fe.pdf
2023-01-12 18:35 - 2023-01-12 18:35 - 000017033 _____ C:\Users\Kenzi\Downloads\WordPress Securiser son site.torrent
2023-01-12 18:34 - 2023-01-12 18:34 - 000009329 _____ C:\Users\Kenzi\Downloads\La petite boîte à outils de Facebook Ads et Instagram Ads - Clément Pellerin.epub.torrent
2023-01-12 18:33 - 2023-01-12 18:33 - 000076518 _____ C:\Users\Kenzi\Downloads\Udemy - Comment utiliser la publicité Facebook en 2019 (1).torrent
2023-01-12 18:29 - 2023-01-12 18:29 - 000076518 _____ C:\Users\Kenzi\Downloads\Udemy - Comment utiliser la publicité Facebook en 2019.torrent
2023-01-12 18:27 - 2023-01-12 18:27 - 000001143 _____ C:\Users\Public\Desktop\VPN Unlimited.lnk
2023-01-12 18:27 - 2023-01-12 18:27 - 000000000 ____D C:\Users\Kenzi\AppData\Local\KeepSolid Inc
2023-01-12 18:27 - 2023-01-12 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2023-01-12 18:25 - 2023-01-12 18:26 - 077389280 _____ (KeepSolid Inc. ) C:\Users\Kenzi\Downloads\VPN_Unlimited_v8.6.1.exe
2023-01-12 14:28 - 2023-01-12 14:28 - 020359903 _____ C:\Users\Kenzi\Desktop\Guide Excel 2022 - Excel Pirate.pptx
2023-01-12 13:40 - 2023-01-12 13:40 - 000010974 ____C C:\Users\Kenzi\Desktop\Correction-6-Boursier.xlsx
2023-01-12 13:28 - 2023-01-12 14:48 - 000010311 ____C C:\Users\Kenzi\Desktop\Correction-5-Date-de-livraison.xlsx
2023-01-12 13:26 - 2023-01-12 13:26 - 000010257 ____C C:\Users\Kenzi\Desktop\Exercice-5-Date-de-livraison.xlsx
2023-01-12 12:50 - 2023-01-12 12:59 - 000000000 ___DC C:\Users\Kenzi\Desktop\JANV 23
2023-01-11 12:53 - 2023-01-12 13:48 - 000000000 ___DC C:\Users\Kenzi\Desktop\Nouveau dossier CV modifié(6)
2023-01-10 16:25 - 2023-01-10 16:25 - 000025873 ____C C:\Users\Kenzi\Desktop\Compte-rendu normé.xlsx
2023-01-10 16:25 - 2023-01-10 16:25 - 000025873 ____C C:\Users\Kenzi\Desktop\Compte-rendu normé(1).xlsx
2023-01-09 21:21 - 2023-01-09 21:21 - 012870595 ____C C:\Users\Kenzi\Desktop\Guide Excel 2022 - Excel Pirate.pdf
2022-12-28 18:40 - 2023-01-12 12:58 - 000000000 ___DC C:\Users\Kenzi\Desktop\Nouveau dossier (5)
2022-12-28 18:31 - 2023-01-18 20:48 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\SysInfoTool
2022-12-28 17:59 - 2022-12-28 17:59 - 000688675 _____ C:\Users\Kenzi\Downloads\Arabic Calligrapher 3.0.3.zip
2022-12-28 17:43 - 2022-12-29 14:51 - 000000000 ____D C:\Program Files (x86)\Hemlocksoft
2022-12-28 17:36 - 2022-12-28 17:36 - 000000218 _____ C:\Users\Kenzi\AppData\Local\recently-used.xbel
2022-12-28 13:31 - 2022-12-28 13:31 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\Skype
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-22 12:01 - 2019-11-30 15:56 - 000000000 ____D C:\Users\Kenzi\AppData\Local\CrashDumps
2023-01-22 11:58 - 2019-11-23 18:11 - 000000000 ____D C:\Users\Kenzi\AppData\Local\D3DSCache
2023-01-22 11:50 - 2022-02-11 18:37 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-22 11:49 - 2019-11-23 17:56 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-22 11:49 - 2019-06-09 13:48 - 000000000 ___DC C:\Users\Kenzi\AppData\LocalLow\Mozilla
2023-01-22 11:35 - 2021-05-02 21:29 - 000000008 __RSH C:\ProgramData\ntuser.pol
2023-01-22 11:32 - 2021-10-03 13:14 - 000007422 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-22 11:32 - 2019-12-07 15:49 - 007103234 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-22 11:32 - 2019-12-07 15:49 - 002012904 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-22 11:31 - 2020-01-04 19:18 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-22 11:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-22 11:28 - 2021-10-03 13:12 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-22 11:27 - 2020-11-18 23:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-21 15:09 - 2019-11-23 17:19 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-21 15:08 - 2019-11-23 18:40 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\LGHUB
2023-01-21 15:06 - 2021-10-03 13:06 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 15:06 - 2020-11-19 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-21 15:06 - 2020-01-19 18:38 - 000000000 ____D C:\Users\Kenzi\AppData\Local\LGHUB
2023-01-21 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-21 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-21 15:06 - 2019-06-09 12:30 - 000000000 __SHD C:\Users\Kenzi\IntelGraphicsProfiles
2023-01-21 15:06 - 2019-06-09 12:08 - 000000000 ___DC C:\Intel
2023-01-21 13:59 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-01-21 13:42 - 2021-08-31 07:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-21 13:42 - 2018-08-25 05:24 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-21 13:22 - 2020-01-04 19:19 - 000000000 ____D C:\Program Files\CCleaner
2023-01-20 17:19 - 2021-08-31 07:24 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-18 21:31 - 2022-05-30 18:35 - 000000000 ____D C:\Program Files\Inkscape
2023-01-18 20:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-18 20:49 - 2022-04-15 19:15 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-18 20:49 - 2020-12-30 15:04 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\NCH Software
2023-01-17 22:55 - 2022-04-22 14:57 - 000000000 ____D C:\Users\Kenzi\AppData\Local\ABBYY
2023-01-17 15:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-12 18:49 - 2020-11-03 11:03 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\uTorrent
2023-01-12 18:48 - 2022-10-05 19:36 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\vlc
2023-01-12 18:43 - 2020-11-03 11:03 - 000000000 ____D C:\Users\Kenzi\AppData\Local\BitTorrentHelper
2023-01-12 18:27 - 2022-02-25 22:08 - 000000000 ____D C:\Program Files (x86)\VPN Unlimited
2023-01-12 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-01-12 17:19 - 2019-12-01 15:34 - 000000000 ____D C:\Users\Kenzi\AppData\Local\ElevatedDiagnostics
2023-01-12 17:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-12 14:28 - 2019-11-23 17:26 - 000000000 ____D C:\Users\Kenzi\AppData\Local\Packages
2023-01-12 12:56 - 2022-04-22 16:54 - 000000000 ___DC C:\Users\Kenzi\Desktop\Apprendre Arabe
2023-01-11 12:53 - 2021-07-25 17:57 - 000000000 ___DC C:\Users\Kenzi\Desktop\BUREAU 25 JUILLET
2022-12-29 12:48 - 2021-10-03 13:07 - 000000000 ____D C:\Users\Kenzi
2022-12-28 15:55 - 2022-05-30 18:38 - 000000000 ____D C:\Users\Kenzi\.dbus-keyrings
==================== Fichiers à la racine de certains dossiers ========
2021-10-26 09:33 - 2021-10-26 09:33 - 000094793 _____ () C:\Users\Kenzi\AppData\Roaming\Java Corporation.jar
2019-11-29 21:46 - 2020-02-25 23:01 - 000034261 _____ () C:\Users\Kenzi\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-12-21 23:24 - 2020-01-29 21:04 - 000004688 _____ () C:\Users\Kenzi\AppData\Roaming\VoiceMeeterDefault.xml
2022-11-17 16:35 - 2022-11-17 22:08 - 000005032 _____ () C:\Users\Kenzi\AppData\Local\lang_info.xml
2022-12-28 17:36 - 2022-12-28 17:36 - 000000218 _____ () C:\Users\Kenzi\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Kenzi (administrateur) sur LAPTOP-TS8VPE4S (HP HP Pavilion Notebook) (22-01-2023 12:00:36)
Exécuté depuis C:\Users\Kenzi\Desktop
Profils chargés: Kenzi
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2364 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <15>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\RstMwService.exe
(services.exe ->) (Keepsolid Inc. -> KeepSolid Inc.) C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\LGHUB\lghub_updater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe
(services.exe ->) (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe
(services.exe ->) (Sanford, L.P.) [Fichier non signé] C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> ) C:\ProgramData\Wondershare\wsServices\ElevationService.exe
(services.exe ->) (Wondershare Technology Group Co.,Ltd -> wondershare) C:\ProgramData\Wondershare\wsServices\WsidService.exe
(svchost.exe ->) () [Fichier non signé] C:\Users\Kenzi\AppData\Local\Temp\16de06bfb4\nbveek.exe
(svchost.exe ->) (INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.4478.0_x64__8j3eq9eme6ctt\IGCC.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\pacjsworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\wscript.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9353720 2022-04-13] () [Fichier non signé]
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321096 2017-11-27] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [UniConverterUpdateHelper] => C:\Program Files\Wondershare\UniConverter 14\WSVCUUpdateHelper.exe (Pas de fichier)
HKLM\...\Run: [NCH Sync Service] => C:\Users\Kenzi\AppData\Roaming\NCH Software\DrawPad\DpEditor.exe [2812416 2023-01-18] () [Fichier non signé]
HKLM-x32\...\Run: [I16A] => C:\WINDOWS\twain_32\Brimi16a\Common\TwDsUiLaunch.exe [177896 2022-04-13] () [Fichier non signé]
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [DYMOWebApi] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.WebApi.Win.Host.exe [181230592 2022-02-24] (Sanford, L.P. -> DYMO.WebApi.Win.Host)
HKLM-x32\...\Run: [DymoOfficeHelper] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMO.OfficeHelper.exe [63488 2022-02-24] () [Fichier non signé]
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2023-01-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
HKLM\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1
HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32883768 2021-01-30] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [LGHUB] => C:\Program Files\LGHUB\lghub.exe [123792288 2021-04-18] (Logitech Inc -> Logitech, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [409280 2022-01-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [185480 2022-04-11] () [Fichier non signé]
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [] => [X]
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [DYMOConnectLauncher] => C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectLauncher.exe [163968 2022-02-24] (Sanford, L.P. -> )
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Run: [Bonus.SSR.FR14] => C:\Program Files (x86)\ABBYY FineReader 14\ScreenshotReader.exe [1082016 2019-02-13] (ABBYY Production LLC -> ABBYY Production LLC.)
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [NoAutoTrayNotify] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [DisableThumbnailCache] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2263190244-149697588-2662336564-1001\...\MountPoints2: {9717d467-2cf9-11ec-95b0-802bf97ae470} - "E:\SETUP.EXE"
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\55.0.3.0\GoogleDriveFS.exe [55334232 2022-01-25] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\DYMO LabelWriter Monitor: C:\windows\system32\LW400MON.DLL [16384 2022-02-24] (Microsoft Windows Hardware Compatibility Publisher -> DYMO Corp.)
HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2020-06-23] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com))
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\WINDOWS\system32\pxcpmL.dll [2187520 2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\PDF-XChange5-ABBYY-FR: C:\WINDOWS\system32\pxc50pmaf.dll [57536 2016-10-03] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\pdfcmon: C:\windows\system32\pdfcmon.dll [116736 2020-06-23] (pdfforge GmbH) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.75\Installer\chrmstp.exe [2023-01-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{7AAA1755-7D74-46C7-8FFC-555695FA5A75}] -> C:\Program Files (x86)\ABBYY FineReader 14\ScreenshotReader.exe [2019-02-13] (ABBYY Production LLC -> ABBYY Production LLC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\errorlog.txt [2022-01-18] () <==== ATTENTION [zéro octet Fichier/Dossier]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Java Corporation.jar [2022-01-12] () [Fichier non signé]
Startup: C:\Users\Kenzi\AppData\Local\Temp\16de06bfb4\\nbveek.exe [] () [Fichier non signé]
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0F1E5D70-42FD-46B4-8A32-85B379CEA041} - System32\Tasks\otEygLumisDPdh => rundll32 "C:\Program Files (x86)\wJlaTuOLtKJU2\spjfyFZyYIKKz.dll",#1 <==== ATTENTION
Task: {1367E190-3C17-463D-9F32-4CE984AFABE7} - System32\Tasks\WqtroWbimSXMCzo2 => rundll32 "C:\Program Files (x86)\KHoavQDJU\pfFyIK.dll",#1 <==== ATTENTION
Task: {18F2AF05-6DCC-4058-8DCD-5732EEEF18BD} - System32\Tasks\GoogleUpdateTaskMachineCore{5107069F-6FD2-4756-AA4D-5B267A29A884} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-15] (Google LLC -> Google LLC)
Task: {1BDC0FAC-4AE4-4370-9FAA-5C0D6B8C123C} - System32\Tasks\CCleanerSkipUAC - Kenzi => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {1F04FE6C-541E-4C2C-851F-034A9BF9D55A} - System32\Tasks\tbsnethprovfw => C:\\ProgramData\\provlaunchActionCenterCPL\\tbsnethprovfw.exe (Pas de fichier)
Task: {218E4DE2-7F97-4BFD-AB3C-C0B34C5D7B08} - System32\Tasks\CertEnrollCtrlwsnhmp32 => C:\\ProgramData\\provlaunchActionCenterCPL\\CertEnrollCtrlwsnhmp32.exe (Pas de fichier)
Task: {286A211F-AC82-4DD1-83EF-4DF947BB3B1C} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2022-09-26] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {2895FAD5-8753-4032-BB80-E575A2F80DFA} - System32\Tasks\GoogleUpdateTaskMachineUA{158C8F57-DAA9-4E70-B355-AAB51EBEE3FC} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-15] (Google LLC -> Google LLC)
Task: {2A30C857-2717-48CC-8C20-41D10F233B36} - System32\Tasks\FreedomeReset => C:\Program Files (x86)\F-Secure\Freedome\Freset.exe (Pas de fichier)
Task: {48572D4E-2E7F-4530-959E-C6F7318379C4} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1318912 2022-04-12] () [Fichier non signé]
Task: {52EC819D-A10F-42B2-9F9E-27044D7D5806} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {68785F30-EA1C-4FFF-A40C-3EFAC46FBD33} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {6A0ECEA6-0151-4CB1-84EE-6C41720ABF4C} - System32\Tasks\IJxgZaXRQLFfKvxUy => C:\WINDOWS\Temp\SREVnnslRCgnBiYt\DiAhsUsSRwlpddi\hPdCZLQ.exe fc /site_id 385104 /S (Pas de fichier) <==== ATTENTION
Task: {6B761B6F-1F79-431F-9410-FDA6E7BA085F} - System32\Tasks\jJqUCWELvHLKCSHkM2 => rundll32 "C:\Program Files (x86)\haxpJacLpedqIyIGTER\yCpsLak.dll",#1 <==== ATTENTION
Task: {7FDB885A-3623-4252-8EDA-8CDCE8F3736F} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Kenzi\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {83F6E9CB-28AC-49A1-B0FB-CB421DDFD14B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2263190244-149697588-2662336564-500 => C:\Users\Kenzi\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {8456A0B7-59AA-4416-B943-9A42C8CA1A7E} - System32\Tasks\DXXDqSMoPFhlY2 => C:\WINDOWS\system32\wscript.exe "C:\ProgramData\cqPTTQEbRbGTurVB\Whoudcw.wsf" <==== ATTENTION
Task: {CD80CDE7-8FE7-4E85-8306-97636C0AF0A1} - System32\Tasks\gUKbNaAXe => powershell -WindowStyle Hidden -EncodedCommand cwB0AGEAcgB0AC0AcAByAG8AYwBlAHMAcwAgAC0AVwBpAG4AZABvAHcAUwB0AHkAbABlACAASABpAGQAZABlAG4AIABnAHAAdQBwAGQAYQB0AGUALgBlAHgAZQAgAC8AZgBvAHIAYwBlAA== <==== ATTENTION
Task: {D3D935B9-75A7-4A09-82E0-458579A67B0B} - System32\Tasks\YuEoRlvyhXXXUQKVHEv2 => rundll32 "C:\Program Files (x86)\QFruvzjEqeEAC\pkURsDY.dll",#1 <==== ATTENTION
Task: {DCD5C851-6221-4532-8F53-2FCEE4AB9475} - System32\Tasks\UGejf1 => "C:\Program Files\Mozilla Firefox\firefox.exe" (Pas de fichier)
Task: {E0BA8FE3-F210-48D1-A6DE-0DED5A5861C2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC17B8DC-EAD6-4B67-8E12-2694390EDDA5} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform)
Task: {EE3765E2-1FA0-4AD5-B677-10025327AC98} - System32\Tasks\LicensingUIRobocopy => C:\\ProgramData\\provlaunchActionCenterCPL\\LicensingUIRobocopy.exe (Pas de fichier)
Task: {EF6C4174-F41F-42FF-B37E-A77E17985B1A} - System32\Tasks\nbveek.exe => C:\Users\Kenzi\AppData\Local\Temp\16de06bfb4\nbveek.exe [250368 2023-01-18] () [Fichier non signé] <==== ATTENTION
Task: {F181D08F-5F2B-4B56-AB9D-F5D8B5479B56} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\SystemInfo => C:\Users\Kenzi\AppData\Roaming\\sysinfotool\\sitool.exe [75776 ] () [Fichier non signé] <==== ATTENTION
Task: {F45846EA-4638-45E6-8521-4F775C96ABD0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {F6B5DDE6-1C62-44A2-A328-209FB7770D20} - System32\Tasks\Disable LockScreen => reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\IJxgZaXRQLFfKvxUy.job => C:\WINDOWS\Temp\SREVnnslRCgnBiYt\DiAhsUsSRwlpddi\hPdCZLQ.exe <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
AutoConfigURL: [{0DACFC30-90FA-40FB-A18C-3AAB3D79D666}] => hxxp://34.80.59.191/win.pac <==== ATTENTION
ProxyServer: [S-1-5-21-2263190244-149697588-2662336564-1001] => 127.0.0.1:8080
AutoConfigURL: [S-1-5-21-2263190244-149697588-2662336564-1001] => hxxp://34.80.59.191/win.pac <==== ATTENTION
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 208.67.222.222
Tcpip\..\Interfaces\{651a03fb-f63e-41e9-bf5a-c49ab5775260}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{759d83ac-f5e0-c89b-38c2-ca581e218a0c}: [NameServer] 10.100.0.1
Tcpip\..\Interfaces\{8aed3270-611b-4b9e-91d6-e5eb5b9ff02d}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{a91f2b1c-798f-4be3-a832-7d064f842df4}: [DhcpNameServer] 208.67.222.222
Tcpip\..\Interfaces\{b67a6736-90ba-4893-beab-c66059491752}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{f1c315ee-340c-434c-a619-5232958f2b32}: [DhcpNameServer] 208.67.222.222
ManualProxies: 0hxxp://34.80.59.191/win.pac <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Kenzi\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-22]
Edge HomePage: Default -> hxxps://find-it.pro/?utm_source=distr_m
Edge StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m"
Edge DefaultSearchURL: Default -> hxxp://search-cdn.net/fip/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> cdn
Edge DefaultSuggestURL: Default -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
Edge Extension: (YoutubeDownloader) - C:\Users\Kenzi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\geiolieogaichbpfhcannipendgnnbkn [2023-01-20] [UpdateUrl:hxxps://clients63.google.com/service/update2/crx] <==== ATTENTION
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 6jtz1zr1.default
FF ProfilePath: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\6jtz1zr1.default [2023-01-22]
FF user.js: detected! => C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\6jtz1zr1.default\user.js [2022-09-11]
FF Homepage: Mozilla\Firefox\Profiles\6jtz1zr1.default -> hxxps://www.google.com/
FF SearchPlugin: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\6jtz1zr1.default\searchplugins\cdnsearch.xml [2023-01-21]
FF ProfilePath: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 [2023-01-22]
FF user.js: detected! => C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\user.js [2022-09-11]
FF DownloadDir: C:\Users\Kenzi\Desktop
FF Homepage: Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 -> hxxps://find-it.pro/?utm_source=distr_m
FF NetworkProxy: Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 -> socks", "105.98.42.186"
FF Notifications: Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426 -> hxxps://mail-notification.info; hxxps://zarabotok-online.xyz; hxxps://supertopfreegames.com; hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://mnthor.xyz
FF Extension: (AdBlocker Ultimate) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\adblockultimate@adblockultimate.net.xpi [2022-09-30]
FF Extension: (To Google Translate) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-03-25]
FF Extension: (TWP - Translate Web Pages) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\{036a55b4-5e72-4d05-a06c-cba2dfcc134a}.xpi [2022-10-05]
FF Extension: (Video DownloadHelper) - C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2022-12-08]
FF SearchPlugin: C:\Users\Kenzi\AppData\Roaming\Mozilla\Firefox\Profiles\xbo26u00.default-release-1612346221426\searchplugins\cdnsearch.xml [2023-01-21]
FF Extension: (Pas de nom) - C:\Program Files\Mozilla Firefox\browser\features\{85FD6ACE-3736-491B-8514-6C8C9556E131}.xpi [2023-01-20] [non signé]
FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-26] (Adobe Inc. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-26] (Adobe Inc. -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\dtplugin\npDeployJava1.dll [2022-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.321.2 -> C:\Program Files (x86)\Java\jre1.8.0_321\bin\plugin2\npjp2.dll [2022-04-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-02-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-04-22] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default [2023-01-22]
CHR Notifications: Default -> hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://mail-notification.info; hxxps://mnthor.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://supertopfreegames.com; hxxps://zarabotok-online.xyz
CHR HomePage: Default -> hxxps://find-it.pro/?utm_source=distr_m
CHR StartupUrls: Default -> "hxxps://find-it.pro/?utm_source=distr_m","hxxp://www.google.com"
CHR DefaultSearchURL: Default -> hxxp://search-cdn.net/fip/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> cdn
CHR DefaultSuggestURL: Default -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (Google Traduction) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-10]
CHR Extension: (YoutubeDownloader) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\agcghmjnenlfcjmnldooeaadankclolo [2023-01-20] [UpdateUrl:hxxps://clients38.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Keyword Surfer) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bafijghppfhdpldihckdcadbcobikaca [2022-11-02]
CHR Extension: (WeeklyHits) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkcaaigdmochdchgeiofaddpokiondc [2023-01-19]
CHR Extension: (Télécommande Freebox Delta / Révolution / HD) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdhpkpfbolhjcbejckjbiciinkcjlijj [2022-04-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-21]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-12-20]
CHR Extension: (360 Internet Protection) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2023-01-19]
CHR Extension: (Keywords Everywhere - Keyword Tool) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbapdpeemoojbophdfndmlgdhppljgmp [2023-01-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-10]
CHR Extension: (Google Translate) - C:\Program Files\nndannfdnoaiphfcbbpgkhodebpoiocf [2023-01-18]
CHR Profile: C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault [2023-01-21] <==== ATTENTION
CHR HomePage: oldDefault -> hxxps://find-it.pro/?utm_source=distr_m
CHR StartupUrls: oldDefault -> "hxxps://find-it.pro/?utm_source=distr_m"
CHR DefaultSearchKeyword: oldDefault -> cdn
CHR DefaultSuggestURL: oldDefault -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (Slides) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-15]
CHR Extension: (YoutubeDownloader) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\agcghmjnenlfcjmnldooeaadankclolo [2023-01-21] [UpdateUrl:hxxps://clients91.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Docs) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-15]
CHR Extension: (Google Drive) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-15]
CHR Extension: (YouTube) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-15]
CHR Extension: (Sheets) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-15]
CHR Extension: (Google Docs Offline) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-15]
CHR Extension: (Gmail) - C:\Users\Kenzi\AppData\Local\Google\Chrome\User Data\oldDefault\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-15]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
S2 AppServices; C:\WINDOWS\system32\4VW5GFTT8J.tmp [6144 2023-01-21] (Microsoft Corporation) [Fichier non signé] <==== ATTENTION
S2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [762344 2022-04-12] () [Fichier non signé]
R2 DFWSIDService; C:\ProgramData\Wondershare\wsServices\WsidService.exe [1072880 2022-11-16] (Wondershare Technology Group Co.,Ltd -> wondershare)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5030080 2022-01-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 DYMOConnectPnPService; C:\Program Files (x86)\DYMO\DYMO Connect\DYMOConnectPnPService.exe [26112 2022-02-24] (Sanford, L.P.) [Fichier non signé]
R2 ElevationService; C:\ProgramData\Wondershare\wsServices\ElevationService.exe [934648 2022-10-25] (Wondershare Technology Group Co.,Ltd -> )
S2 esifsvc; C:\WINDOWS\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe [2224008 2022-04-13] () [Fichier non signé]
S2 Freedome Service; C:\Program Files (x86)\F-Secure\Freedome\Freedome\1\fsvpnservice.exe [1723544 2022-04-12] () [Fichier non signé]
S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_6ca78a08b838e305\HfcDisableService.exe [1966800 2022-04-13] () [Fichier non signé]
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2956496 2022-04-13] () [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\SocketHeciServer.exe [868184 2022-04-13] () [Fichier non signé]
S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_76523213b78d9046\lib\TPMProvisioningService.exe [812888 2022-04-13] () [Fichier non signé]
S2 jhi_service; C:\WINDOWS\System32\jhi_service.exe [731128 2022-04-13] () [Fichier non signé]
R2 LGHUBUpdaterService; C:\Program Files\LGHUB\lghub_updater.exe [10605472 2021-04-18] (Logitech Inc -> Logitech, Inc.)
S2 LMS; C:\WINDOWS\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe [4147328 2022-04-13] () [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2022-12-16] (Malwarebytes Inc. -> Malwarebytes)
R2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH)
S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [360304 2022-04-12] () [Fichier non signé]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [1102080 2023-01-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S3 QHProtected; C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe [3082096 2023-01-10] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [350712 2022-04-13] () [Fichier non signé]
S2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [821656 2022-04-13] () [Fichier non signé]
S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
S2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [467208 2022-04-13] () [Fichier non signé]
R2 VPNUnlimitedService; C:\Program Files (x86)\VPN Unlimited\vpn-unlimited-daemon.exe [48072 2022-11-02] (Keepsolid Inc. -> KeepSolid Inc.)
S3 WireGuardTunnel$VPNUWireguard; C:\Program Files (x86)\VPN Unlimited\WireVPNUImpl.exe [29128 2022-11-02] (Keepsolid Inc. -> )
S3 WsDrvInst; C:\Program Files\Wondershare\UniConverter\Transfer\DriverInstall.exe [112560 2020-12-23] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 XTU3SERVICE; C:\WINDOWS\SysWOW64\XtuService.exe [164416 2022-04-13] () [Fichier non signé]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvhmig.inf_amd64_715167e770b0a27c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 BadlionAnticheat; C:\WINDOWS\system32\drivers\BadlionAnticheat.sys [2480872 2020-02-05] (Microsoft Windows Hardware Compatibility Publisher ->
R2 BlueStacksDrv_msi2; C:\Program Files\BlueStacks_msi2\BstkDrv_msi2.sys [315768 2021-10-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [321792 2022-09-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-10-14] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [59360 2022-01-16] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 fsfreedomewintun; C:\WINDOWS\System32\drivers\fsfreedomewintun.sys [31248 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> F-Secure Corporation)
R1 googledrivefs3688; C:\WINDOWS\System32\DRIVERS\googledrivefs3688.sys [381456 2021-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 HWHandSet; C:\WINDOWS\system32\DRIVERS\hw_quusbmdm.sys [226560 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 inpoutx64; C:\WINDOWS\System32\Drivers\inpoutx64.sys [15008 2022-06-01] (Red Fox UK Limited -> Highresolution Enterprises [www.highrez.co.uk])
R2 LGHUBTemperatureService; C:\Program Files\LGHUB\logi_core_temp.sys [22864 2021-04-18] (Logitech Inc -> Logitech)
S3 LGJoyHidFilter; C:\WINDOWS\system32\drivers\LGJoyHidFilter.sys [57368 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyHidLo; C:\WINDOWS\system32\drivers\LGJoyHidLo.sys [47256 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc -> Logitech Inc.)
S3 LGSHidFilt; C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [64280 2018-05-07] (Logitech -> Logitech Inc.)
S3 LGSUsbFilt; C:\WINDOWS\System32\drivers\LGSUsbFilt.Sys [41752 2018-05-07] (Logitech -> Logitech Inc.)
R3 logi_joy_bus_enum; C:\WINDOWS\system32\drivers\logi_joy_bus_enum.sys [37200 2021-05-08] (Logitech Inc -> Logitech)
R3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [25928 2021-05-08] (Logitech Inc -> Logitech)
R3 logi_joy_xlcore; C:\WINDOWS\system32\drivers\logi_joy_xlcore.sys [66896 2021-05-08] (Logitech Inc -> Logitech)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S4 RsFx0153; C:\WINDOWS\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 rzbtendpt; C:\WINDOWS\System32\drivers\rzbtendpt.sys [51912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzdaendpt; C:\WINDOWS\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzhnet; C:\WINDOWS\System32\Drivers\rzhnet.sys [29912 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzjstk; C:\WINDOWS\System32\drivers\rzjstk.sys [36568 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzkeypadendpt; C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [46280 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzmpos; C:\WINDOWS\System32\drivers\rzmpos.sys [48840 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzp1endpt; C:\WINDOWS\System32\drivers\rzp1endpt.sys [52424 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvkeyboard; C:\WINDOWS\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc. -> Razer Inc)
S3 rzvmouse; C:\WINDOWS\System32\drivers\rzvmouse.sys [42712 2015-08-13] (Razer Inc. -> Razer Inc)
S3 SilvrLnk; C:\WINDOWS\System32\drivers\silvrlnk.sys [129536 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S3 ssbthid; C:\WINDOWS\System32\drivers\ssbthid.sys [43824 2019-02-01] (SteelSeries ApS -> )
S3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46776 2019-10-21] (SteelSeries ApS -> )
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47824 2019-10-21] (SteelSeries ApS -> SteelSeries ApS)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
U0 TaskKill; C:\Users\Kenzi\AppData\Local\Temp\Иисус.sys [36208 2023-01-18] (Sysinternals - www.sysinternals.com) [Fichier non signé] <==== ATTENTION
R3 VBAudioVACMME; C:\WINDOWS\System32\drivers\vbaudio_cable64_win7.sys [41192 2014-09-02] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 VBAudioVMVAIOMME; C:\WINDOWS\System32\drivers\vbaudio_vmvaio64_win10.sys [71712 2020-01-24] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66368 2020-06-05] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [45664 2020-01-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [355760 2020-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-19] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-02-02] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
S1 360FsFlt; system32\DRIVERS\360FsFlt.sys [X]
U3 aspnet_state; pas de ImagePath
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-22 11:59 - 2023-01-22 11:59 - 000049794 ____C C:\Users\Kenzi\Desktop\Addition.txt
2023-01-22 11:58 - 2023-01-22 12:01 - 000043785 ____C C:\Users\Kenzi\Desktop\FRST.txt
2023-01-22 11:57 - 2023-01-22 11:57 - 000000230 ____C C:\Users\Kenzi\Desktop\Search.txt
2023-01-22 11:56 - 2023-01-22 12:00 - 000000000 ____D C:\FRST
2023-01-22 11:56 - 2023-01-22 11:56 - 002376704 ____C (Farbar) C:\Users\Kenzi\Desktop\FRST64.exe
2023-01-22 11:39 - 2023-01-22 11:49 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-01-22 11:28 - 2023-01-22 11:28 - 000000000 ___HD C:\$WinREAgent
2023-01-21 13:15 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\AuymVFioVKUn
2023-01-20 17:29 - 2023-01-21 13:15 - 000003356 _____ C:\WINDOWS\system32\Tasks\otEygLumisDPdh
2023-01-20 17:29 - 2023-01-21 13:15 - 000003044 _____ C:\WINDOWS\system32\Tasks\DXXDqSMoPFhlY2
2023-01-20 17:29 - 2023-01-21 13:15 - 000003034 _____ C:\WINDOWS\system32\Tasks\jJqUCWELvHLKCSHkM2
2023-01-20 17:29 - 2023-01-21 13:15 - 000003026 _____ C:\WINDOWS\system32\Tasks\YuEoRlvyhXXXUQKVHEv2
2023-01-20 17:29 - 2023-01-21 13:15 - 000003008 _____ C:\WINDOWS\system32\Tasks\WqtroWbimSXMCzo2
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\ProgramData\cqPTTQEbRbGTurVB
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\wJlaTuOLtKJU2
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\QFruvzjEqeEAC
2023-01-20 17:29 - 2023-01-21 13:15 - 000000000 ____D C:\Program Files (x86)\haxpJacLpedqIyIGTER
2023-01-20 17:27 - 2023-01-21 15:06 - 000000000 ____D C:\Program Files (x86)\KHoavQDJU
2023-01-18 21:34 - 2023-01-18 21:34 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\07c6bc37dc5087
2023-01-18 21:32 - 2023-01-22 11:31 - 000003594 _____ C:\WINDOWS\system32\Tasks\nbveek.exe
2023-01-18 21:32 - 2023-01-21 13:59 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\4VW5GFTT8J.tmp
2023-01-18 21:32 - 2023-01-18 21:32 - 000003632 _____ C:\WINDOWS\system32\Tasks\gUKbNaAXe
2023-01-18 21:32 - 2023-01-18 21:32 - 000003286 _____ C:\WINDOWS\system32\Tasks\UGejf1
2023-01-18 21:32 - 2023-01-18 21:32 - 000003002 _____ C:\WINDOWS\system32\Tasks\IJxgZaXRQLFfKvxUy
2023-01-18 21:32 - 2023-01-18 21:32 - 000000460 _____ C:\WINDOWS\Tasks\IJxgZaXRQLFfKvxUy.job
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ___HD C:\ProgramData\DNTException
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\ULPYJrunZ
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\r49qmxGY4MN
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\OLtg6C
2023-01-18 21:32 - 2023-01-18 21:32 - 000000000 ____D C:\Program Files\nndannfdnoaiphfcbbpgkhodebpoiocf
2023-01-18 21:31 - 2023-01-18 21:31 - 000001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\powerOff.lnk
2023-01-18 21:31 - 2023-01-18 21:31 - 000001088 _____ C:\Users\Public\Desktop\powerOff.lnk
2023-01-18 21:31 - 2023-01-18 21:31 - 000000000 ____D C:\Program Files (x86)\powerOff
2023-01-18 21:25 - 2023-01-18 21:26 - 000000000 ____D C:\ProgramData\360TotalSecurity
2023-01-18 21:25 - 2023-01-18 21:25 - 000001229 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ___DC C:\Users\Kenzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\360TotalSecurity
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\ProgramData\360safe
2023-01-18 21:25 - 2023-01-18 21:25 - 000000000 ____D C:\Program Files (x86)\360
2023-01-18 21:24 - 2023-01-18 21:24 - 003218493 _____ (Pdf converter ) C:\WINDOWS\unins000.exe
2023-01-18 21:24 - 2023-01-18 21:24 - 000000985 _____ C:\WINDOWS\unins000.dat
2023-01-18 20:48 - 2023-01-18 21:31 - 000000000 ____D C:\Users\Kenzi\AppData\Local\infocomp
2023-01-18 20:48 - 2023-01-18 20:49 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\pmQzPt
2023-01-18 20:48 - 2023-01-18 20:49 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\FC45D5D4B06008F4
2023-01-18 20:48 - 2023-01-18 20:48 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\P2pvzMo1Q
2023-01-18 20:48 - 2023-01-18 20:48 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\kR2sYJi
2023-01-17 23:10 - 2023-01-17 23:10 - 008802798 ____C C:\Users\Kenzi\Desktop\ddddUntitled.tif
2023-01-17 23:03 - 2023-01-17 23:11 - 000831662 ____C C:\Users\Kenzi\Desktop\kenz.tif
2023-01-17 22:57 - 2023-01-17 22:57 - 008697658 ____C C:\Users\Kenzi\Desktop\Untitled.tif
2023-01-17 17:20 - 2023-01-17 17:20 - 000018995 _____ C:\Users\Kenzi\Downloads\FA1640564.pdf
2023-01-17 16:54 - 2023-01-17 17:21 - 000000000 ___DC C:\Users\Kenzi\Desktop\Nouveau dossier (2)
2023-01-17 16:26 - 2023-01-17 16:26 - 000037769 ____C C:\Users\Kenzi\Desktop\CRA_SEPTEMBRE_2022_KAMEL.ods
2023-01-13 18:51 - 2023-01-13 18:51 - 000383441 _____ C:\Users\Kenzi\Downloads\order-confirmation-63c19a0b1b9fe.pdf
2023-01-12 18:35 - 2023-01-12 18:35 - 000017033 _____ C:\Users\Kenzi\Downloads\WordPress Securiser son site.torrent
2023-01-12 18:34 - 2023-01-12 18:34 - 000009329 _____ C:\Users\Kenzi\Downloads\La petite boîte à outils de Facebook Ads et Instagram Ads - Clément Pellerin.epub.torrent
2023-01-12 18:33 - 2023-01-12 18:33 - 000076518 _____ C:\Users\Kenzi\Downloads\Udemy - Comment utiliser la publicité Facebook en 2019 (1).torrent
2023-01-12 18:29 - 2023-01-12 18:29 - 000076518 _____ C:\Users\Kenzi\Downloads\Udemy - Comment utiliser la publicité Facebook en 2019.torrent
2023-01-12 18:27 - 2023-01-12 18:27 - 000001143 _____ C:\Users\Public\Desktop\VPN Unlimited.lnk
2023-01-12 18:27 - 2023-01-12 18:27 - 000000000 ____D C:\Users\Kenzi\AppData\Local\KeepSolid Inc
2023-01-12 18:27 - 2023-01-12 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VPN Unlimited
2023-01-12 18:25 - 2023-01-12 18:26 - 077389280 _____ (KeepSolid Inc. ) C:\Users\Kenzi\Downloads\VPN_Unlimited_v8.6.1.exe
2023-01-12 14:28 - 2023-01-12 14:28 - 020359903 _____ C:\Users\Kenzi\Desktop\Guide Excel 2022 - Excel Pirate.pptx
2023-01-12 13:40 - 2023-01-12 13:40 - 000010974 ____C C:\Users\Kenzi\Desktop\Correction-6-Boursier.xlsx
2023-01-12 13:28 - 2023-01-12 14:48 - 000010311 ____C C:\Users\Kenzi\Desktop\Correction-5-Date-de-livraison.xlsx
2023-01-12 13:26 - 2023-01-12 13:26 - 000010257 ____C C:\Users\Kenzi\Desktop\Exercice-5-Date-de-livraison.xlsx
2023-01-12 12:50 - 2023-01-12 12:59 - 000000000 ___DC C:\Users\Kenzi\Desktop\JANV 23
2023-01-11 12:53 - 2023-01-12 13:48 - 000000000 ___DC C:\Users\Kenzi\Desktop\Nouveau dossier CV modifié(6)
2023-01-10 16:25 - 2023-01-10 16:25 - 000025873 ____C C:\Users\Kenzi\Desktop\Compte-rendu normé.xlsx
2023-01-10 16:25 - 2023-01-10 16:25 - 000025873 ____C C:\Users\Kenzi\Desktop\Compte-rendu normé(1).xlsx
2023-01-09 21:21 - 2023-01-09 21:21 - 012870595 ____C C:\Users\Kenzi\Desktop\Guide Excel 2022 - Excel Pirate.pdf
2022-12-28 18:40 - 2023-01-12 12:58 - 000000000 ___DC C:\Users\Kenzi\Desktop\Nouveau dossier (5)
2022-12-28 18:31 - 2023-01-18 20:48 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\SysInfoTool
2022-12-28 17:59 - 2022-12-28 17:59 - 000688675 _____ C:\Users\Kenzi\Downloads\Arabic Calligrapher 3.0.3.zip
2022-12-28 17:43 - 2022-12-29 14:51 - 000000000 ____D C:\Program Files (x86)\Hemlocksoft
2022-12-28 17:36 - 2022-12-28 17:36 - 000000218 _____ C:\Users\Kenzi\AppData\Local\recently-used.xbel
2022-12-28 13:31 - 2022-12-28 13:31 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\Skype
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-01-22 12:01 - 2019-11-30 15:56 - 000000000 ____D C:\Users\Kenzi\AppData\Local\CrashDumps
2023-01-22 11:58 - 2019-11-23 18:11 - 000000000 ____D C:\Users\Kenzi\AppData\Local\D3DSCache
2023-01-22 11:50 - 2022-02-11 18:37 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-01-22 11:49 - 2019-11-23 17:56 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-01-22 11:49 - 2019-06-09 13:48 - 000000000 ___DC C:\Users\Kenzi\AppData\LocalLow\Mozilla
2023-01-22 11:35 - 2021-05-02 21:29 - 000000008 __RSH C:\ProgramData\ntuser.pol
2023-01-22 11:32 - 2021-10-03 13:14 - 000007422 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-22 11:32 - 2019-12-07 15:49 - 007103234 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-22 11:32 - 2019-12-07 15:49 - 002012904 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-22 11:31 - 2020-01-04 19:18 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-22 11:29 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-22 11:28 - 2021-10-03 13:12 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-22 11:27 - 2020-11-18 23:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-21 15:09 - 2019-11-23 17:19 - 000000000 ____D C:\ProgramData\NVIDIA
2023-01-21 15:08 - 2019-11-23 18:40 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\LGHUB
2023-01-21 15:06 - 2021-10-03 13:06 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-21 15:06 - 2020-11-19 00:29 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-21 15:06 - 2020-01-19 18:38 - 000000000 ____D C:\Users\Kenzi\AppData\Local\LGHUB
2023-01-21 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-21 15:06 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-21 15:06 - 2019-06-09 12:30 - 000000000 __SHD C:\Users\Kenzi\IntelGraphicsProfiles
2023-01-21 15:06 - 2019-06-09 12:08 - 000000000 ___DC C:\Intel
2023-01-21 13:59 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-01-21 13:42 - 2021-08-31 07:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-21 13:42 - 2018-08-25 05:24 - 000000000 ____D C:\ProgramData\Package Cache
2023-01-21 13:22 - 2020-01-04 19:19 - 000000000 ____D C:\Program Files\CCleaner
2023-01-20 17:19 - 2021-08-31 07:24 - 150199536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-18 21:31 - 2022-05-30 18:35 - 000000000 ____D C:\Program Files\Inkscape
2023-01-18 20:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-18 20:49 - 2022-04-15 19:15 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-18 20:49 - 2020-12-30 15:04 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\NCH Software
2023-01-17 22:55 - 2022-04-22 14:57 - 000000000 ____D C:\Users\Kenzi\AppData\Local\ABBYY
2023-01-17 15:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-12 18:49 - 2020-11-03 11:03 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\uTorrent
2023-01-12 18:48 - 2022-10-05 19:36 - 000000000 ____D C:\Users\Kenzi\AppData\Roaming\vlc
2023-01-12 18:43 - 2020-11-03 11:03 - 000000000 ____D C:\Users\Kenzi\AppData\Local\BitTorrentHelper
2023-01-12 18:27 - 2022-02-25 22:08 - 000000000 ____D C:\Program Files (x86)\VPN Unlimited
2023-01-12 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-01-12 17:19 - 2019-12-01 15:34 - 000000000 ____D C:\Users\Kenzi\AppData\Local\ElevatedDiagnostics
2023-01-12 17:18 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-12 14:28 - 2019-11-23 17:26 - 000000000 ____D C:\Users\Kenzi\AppData\Local\Packages
2023-01-12 12:56 - 2022-04-22 16:54 - 000000000 ___DC C:\Users\Kenzi\Desktop\Apprendre Arabe
2023-01-11 12:53 - 2021-07-25 17:57 - 000000000 ___DC C:\Users\Kenzi\Desktop\BUREAU 25 JUILLET
2022-12-29 12:48 - 2021-10-03 13:07 - 000000000 ____D C:\Users\Kenzi
2022-12-28 15:55 - 2022-05-30 18:38 - 000000000 ____D C:\Users\Kenzi\.dbus-keyrings
==================== Fichiers à la racine de certains dossiers ========
2021-10-26 09:33 - 2021-10-26 09:33 - 000094793 _____ () C:\Users\Kenzi\AppData\Roaming\Java Corporation.jar
2019-11-29 21:46 - 2020-02-25 23:01 - 000034261 _____ () C:\Users\Kenzi\AppData\Roaming\VoiceMeeterBananaDefault.xml
2019-12-21 23:24 - 2020-01-29 21:04 - 000004688 _____ () C:\Users\Kenzi\AppData\Roaming\VoiceMeeterDefault.xml
2022-11-17 16:35 - 2022-11-17 22:08 - 000005032 _____ () C:\Users\Kenzi\AppData\Local\lang_info.xml
2022-12-28 17:36 - 2022-12-28 17:36 - 000000218 _____ () C:\Users\Kenzi\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================