Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-12-2019 Exécuté par Adrien (administrateur) sur VALERO-ADRIEN (ASUSTeK COMPUTER INC. G11CD-K) (28-12-2019 17:51:41) Exécuté depuis C:\Users\Adrien.VALERO-ADRIEN\Desktop Profils chargés: Adrien (Profils disponibles: defaultuser0 & 7J0nPFTYqvCO & Adrien & Administrateur) Platform: Windows 10 Home Version 1809 17763.678 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\No-IP\ducservice.exe (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.2.9.564\AsusWSWinService.exe (Avanquest Software SAS -> Avanquest Software) C:\Program Files (x86)\OneSafe PC Cleaner\OSPCNotifications.exe (BattlEye Innovations e.K. -> ) C:\Program Files (x86)\Common Files\BattlEye\BEService.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\DiscoverySrv.exe (Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (CyberGhost SRL -> CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\UnrealCEFSubProcess.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.422\GoogleCrashHandler64.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe (McAfee, Inc. -> Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\browserhost.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe (McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) C:\Program Files\Microvirt\MEmu\MemuService.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe (PC HelpSoft Labs Inc -> PC Helpsoft) C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Surround\Driver\RzSurroundVADStreamingService.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe (Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9237984 2017-11-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [134272480 2019-08-17] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.9.564\ASUSWSLoader.exe [63968 2016-06-22] (ASUS Cloud Corporation -> ASUS Cloud Corporation) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [598200 2019-06-12] (Razer USA Ltd. -> Razer Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601928 2018-12-15] (Oracle America, Inc. -> Oracle Corporation) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM\...\Policies\Explorer: [NoStartMenuMFUprogramsList] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [36060048 2019-12-18] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24916512 2019-10-01] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [2222032 2019-08-09] (TEFINCOM S.A. -> NordVPN) HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\Run: [Discord] => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\Run: [WLAN Optimizer] => C:\Users\Adrien.VALERO-ADRIEN\Desktop\WLAN\WLAN Optimizer.exe HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\Run: [Salad] => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Programs\Salad\Salad.exe [93681392 2019-10-18] (Salad Technologies, Inc -> Salad Technologies) [Fichier non signé] HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\RunOnce: [Application Restart #1] => C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe --no-displaying-insecure-content --disable-devtools --disable-raf-throttling --user-data-dir="C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\ASUS GIFT (l'élément de données a 138 caractères en plus). HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-28] (Adobe Inc. -> Adobe) HKU\S-1-5-21-3625449888-4197136442-909293187-1012\...\Policies\Explorer: [NoAutoTrayNotify] 1 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\79.0.3945.88\Installer\chrmstp.exe [2019-12-19] (Google LLC -> Google LLC) Startup: C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\hide.me VPN.lnk [2019-09-20] ShortcutTarget: hide.me VPN.lnk -> C:\Program Files (x86)\hide.me VPN\Hide.me.exe (eVenture Limited -> eVenture Limited) Startup: C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 5.4.lnk [2019-08-15] ShortcutTarget: LibreOffice 5.4.lnk -> C:\Program Files (x86)\LibreOffice 5\program\quickstart.exe (The Document Foundation -> ) Startup: C:\Users\adrzl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LibreOffice 5.4.lnk [2019-02-10] ShortcutTarget: LibreOffice 5.4.lnk -> C:\Program Files (x86)\LibreOffice 5\program\quickstart.exe (The Document Foundation -> ) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ScpToolkit Tray Notifications.lnk [2019-08-14] ShortcutTarget: ScpToolkit Tray Notifications.lnk -> C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpTrayApp.exe (Open Source Developer, Benjamin Höglinger-Stelzer -> Scarlet.Crush Productions) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1C1A9A2A-7394-4434-BD3A-3869A1AE43E3} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {27462BAA-5B92-4E95-A192-68D430C2E667} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé] Task: {27D497F5-1450-4BC0-B17E-0F70A4A7C9BD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Task: {2D9F592F-BF0B-48CC-AA3C-9D83CB9F99A8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC) Task: {31561EB3-C516-40E9-969B-2EB93D49BD46} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-10-01] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3BAD2D69-122D-45EF-9F73-D4AF7B446A0D} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {44794ECE-2D70-47E8-A98A-82DBC3EAB219} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [19968 2016-10-04] (InputMapper) [Fichier non signé] Task: {468BB392-9E6D-492E-A767-BB6D909D8239} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Task: {483C83EA-7950-4BF8-9CFB-FFCDD2972611} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {48B8F554-F182-4968-984F-2ACDAC31B812} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984 2011-06-01] (Apple Inc. -> Apple Inc.) Task: {494F69F6-1E08-4927-AA96-9906E36E2D94} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-adrzlol@outlook.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {4ACBBD61-0215-4ED2-A5FE-4CE4A160DD07} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe [1531136 2016-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {55237532-34C1-4A78-BF63-DAFFEA12E305} - System32\Tasks\Chameleon Folder-adrzv => "C:\Program Files (x86)\Chameleon Explorer\ChameleonFolder.exe" Task: {5681DF83-B003-463E-8536-3F6F2970B8F7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation) Task: {60CBEB08-EE4B-40C3-B9E3-75DC55DC2D24} - System32\Tasks\Opera scheduled Autoupdate 1556195136 => C:\Users\adrzl\AppData\Local\Programs\Opera\launcher.exe Task: {6657C494-C564-4E72-B978-2C80673E6B66} - System32\Tasks\Opera scheduled Autoupdate 1514216465 => C:\Users\adrzv\AppData\Local\Programs\Opera\launcher.exe Task: {685D3F67-ACFE-4049-88B4-AA0B1525BB95} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-adrzvlz66@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {6AC62EAE-5D2C-4E6F-8CF4-68BAD4A086CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-07-30] (Google Inc -> Google LLC) Task: {70A78D40-88CE-4EB1-8E23-21172830EE6D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18732320 2019-10-01] (Piriform Software Ltd -> Piriform Ltd) Task: {70CEBA8A-3C11-4B5E-8633-0CA95DEF65CE} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625449888-4197136442-909293187-1012 => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {812D4DC1-7936-4BE6-9744-2F866F1F1F6A} - System32\Tasks\WpsExternal_20160818080138 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe [516352 2016-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) Task: {82734398-D286-4969-BA54-5083689EFECD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1578784 2016-07-07] (ASUSTeK Computer Inc. -> ASUSTek COMPUTER INC.) [Fichier non signé] Task: {841A6113-4A2E-442F-B215-7F6688FB75E4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-28] (Adobe Inc. -> Adobe) Task: {87983BF5-967E-419B-87A8-81D899E5C0C0} - System32\Tasks\ScpUpdater => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe [460480 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Nefarius Software Solutions) Task: {88F63079-A8A1-4E48-B2E8-B6DC7189AC55} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3302880 2019-12-09] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8BC2E64D-5B06-4F6B-BDD9-776CB1F73CB2} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8CB8DF7B-C83B-4270-800B-D4B2CEF44B67} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8D60713E-DE2F-4463-B2E3-78B72FEB932C} - System32\Tasks\Disable LockScreen => reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f Task: {9A2C6834-B834-427D-A1D4-1274B5F7F1D3} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {9B5218D3-94B8-4C48-8FB1-9FA8C98CCB48} - System32\Tasks\OneSafe PC Cleaner automatic scan and notifications => C:\Program Files (x86)\OneSafe PC Cleaner\OSPCNotifications.exe [4797952 2019-09-09] (Avanquest Software SAS -> Avanquest Software) Task: {A2F48F84-A9B0-4A6F-8498-FA42974CBB57} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé] Task: {A3E47229-48EB-42EC-82BA-766AC078FCAF} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: {A6011C3C-2511-47A6-990E-3795903E3576} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {AB5971C8-EB44-4673-957F-8F88EEDE3C79} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {B65D029C-D7E0-42F5-ABB2-B358E4EC5D43} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-3625449888-4197136442-909293187-1001 => C:\Users\adrzv\AppData\Local\MEGAsync\MEGAupdater.exe Task: {B67EECED-98BC-43CA-A100-9078C45BC2B3} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625449888-4197136442-909293187-1001 => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B7F84D7E-78DB-4244-AFF9-80A835E9C38D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625449888-4197136442-909293187-1007 => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {B97EE7A8-178B-4531-9E42-AE60B6535C94} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625449888-4197136442-909293187-1002 => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {BA4F5359-F21A-4D78-8F5A-20B62CFB98B5} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {C601AEE6-4749-485E-ACFB-B6242BC594D2} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [488760 2019-07-15] (Bitdefender SRL -> Bitdefender) Task: {CF9A03FC-3254-4291-BAFE-FCF856159600} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Task: {D9B2D76C-4381-4E83-836F-B47F92441A6E} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625449888-4197136442-909293187-1010 => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {E465F603-B41A-471E-91FD-BB054CAC0FBE} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [653848 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {EA694BB2-C9E3-4D78-8712-87F69E57F5ED} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [17920 2016-08-01] () [Fichier non signé] Task: {EAE1E95C-5CDB-41BB-AE66-0FD1B5A3DE9E} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Task: {F52BCD54-6D5C-4E44-B3B2-0DB2638B92ED} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2090312 2019-12-14] (Microsoft Corporation -> Microsoft Corporation) Task: {F551C03C-58A5-4BCD-8EF5-0A5025DCBD0C} - System32\Tasks\Opera scheduled suite Autoupdate 1514216469 => C:\Users\adrzv\AppData\Local\Programs\Opera\launcher.exe Task: {F5D021A9-3C56-4CBB-998E-37F3A94D6CF5} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3625449888-4197136442-909293187-1011 => C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {F9028D63-1CA6-4AF3-AA87-679D8AD6BD13} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-28] (Adobe Inc. -> Adobe) Task: {FB0050B2-27A0-40CB-A75F-D05DD7A4BB0D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [909112 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) Task: {FC101A3C-A480-4D66-98EC-6681E05F4ACC} - System32\Tasks\PC Cleaner automatic scan and notifications => C:\Program Files (x86)\PC Cleaner\PCCNotifications.exe [3982056 2019-12-13] (PC HelpSoft Labs Inc -> PC Helpsoft) Task: {FC9EBADA-E364-4D87-A2BF-48C8FAEA8B1A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [914456 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FD522AE2-4392-47DA-88C7-908BFDA519B7} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1134104 2019-12-08] (NVIDIA Corporation -> NVIDIA Corporation) Task: {FE858499-DB66-4B5D-A4F1-CCA0255AA1E4} - System32\Tasks\ASUS\AEGIS III SysInfo Helper => C:\Program Files (x86)\ASUS\AEGIS III\AEGIS_III_SysMode.exe [336856 2016-11-17] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe Task: C:\WINDOWS\Tasks\ScpUpdater.job => C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpUpdater.exe Task: C:\WINDOWS\Tasks\WpsExternal_20160818080138.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\Parameters: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{0d749bab-539d-494b-a9ee-df6074e2d7bc}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{4ec79df7-37c8-45a4-a50b-e6100ebbc34d}: [NameServer] 46.166.179.49 46.166.179.51 Tcpip\..\Interfaces\{4ec79df7-37c8-45a4-a50b-e6100ebbc34d}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{548224f0-a398-4f8a-ab5e-0625b8864c2d}: [NameServer] 8.8.8.8 Tcpip\..\Interfaces\{548224f0-a398-4f8a-ab5e-0625b8864c2d}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{5ed09c0e-5c42-4981-b0e2-0b54b7f0da4c}: [NameServer] 46.166.179.49 46.166.179.51 Tcpip\..\Interfaces\{ba6ba32c-c468-4341-bdf1-51981a950a9e}: [NameServer] 116.203.6.218 185.130.104.222 185.4.65.4 185.4.64.13 8.8.8.8 Tcpip\..\Interfaces\{ba6ba32c-c468-4341-bdf1-51981a950a9e}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{dfe506d2-13d6-4a03-8274-4b486082d464}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{dfe506d2-13d6-4a03-8274-4b486082d464}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ed43958a-c345-48a0-9c47-1f2599bb04bd}: [NameServer] 116.203.6.218 185.130.104.222 185.4.65.4 185.4.64.13 8.8.8.8 Tcpip\..\Interfaces\{ed43958a-c345-48a0-9c47-1f2599bb04bd}: [DhcpNameServer] 8.8.8.8 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_sutdxjmpkvoouns29v98b3e1g_19_28_ssg00¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtBtDtAzz0CyDyDyC0B0C0F0B0A0CtDtN0D0Tzu0StByByDtCtN1L2XzuyEtFyDtCtFtDtFtCzytAtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDyCtAyBtBtB0D0BtGtD0AzzyBtG0F0CyB0DtGtC0CyE0AtG0AyEyB0CtCtBtBzyyCzzyC0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzzyEtDyDyCtAzyyBtGyCtBtDtCtGyEtAzz1TtG1S1RzytCtGtBzyzytDtD1QyEzz1QtD1SyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutBtBtCyDzytN1Q2Z1B1P1RzutCyDyCtAtCtBzzzzzztB%26cr%3D1872744346%26a%3Dwsg_sutdxjmpkvoouns29v98b3e1g_19_28_ssg00%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-3625449888-4197136442-909293187-1012\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.accueil-nav.com/ HKU\S-1-5-21-3625449888-4197136442-909293187-1012\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE SearchScopes: HKU\S-1-5-21-3625449888-4197136442-909293187-1012 -> DefaultScope {BB37379D-C433-4ECC-8053-4EA2D67CB4A6} URL = hxxp://www.accueil-nav.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3625449888-4197136442-909293187-1012 -> {BB37379D-C433-4ECC-8053-4EA2D67CB4A6} URL = hxxp://www.accueil-nav.com/search?q={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_201\bin\ssv.dll [2019-08-09] (Oracle America, Inc. -> Oracle Corporation) BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-12-12] (McAfee, LLC -> McAfee, Inc.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-08-09] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-12-12] (McAfee, LLC -> McAfee, Inc.) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: ljp9s1nf.default FF ProfilePath: C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Mozilla\Firefox\Profiles\ljp9s1nf.default [2019-07-26] FF ProfilePath: C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Mozilla\Firefox\Profiles\35r1lgoe.default-release [2019-12-28] FF Homepage: Mozilla\Firefox\Profiles\35r1lgoe.default-release -> hxxp://www.accueil-nav.com/ FF Notifications: Mozilla\Firefox\Profiles\35r1lgoe.default-release -> hxxps://gamekit.com; hxxps://www.youtube.com; hxxps://ckk.ai; hxxps://www.ytmonster.net; hxxps://fc.lc; hxxps://skript-mc.fr; hxxps://instagrowing.net; hxxps://teamshiginima.com FF Extension: (Hoxx VPN Proxy) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Mozilla\Firefox\Profiles\35r1lgoe.default-release\Extensions\@hoxx-vpn.xpi [2019-11-29] FF Extension: (Avast Online Security) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Mozilla\Firefox\Profiles\35r1lgoe.default-release\Extensions\wrc@avast.com.xpi [2019-09-25] FF Extension: (iMacros for Firefox) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Mozilla\Firefox\Profiles\35r1lgoe.default-release\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi [2019-08-25] FF Extension: (Pas de nom) - C:\Program Files\Mozilla Firefox\browser\features\{1189C9DF-3038-4787-9592-8C6E41CC7F94}.xpi [2019-06-23] [non signé] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-12-12] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-28] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-08-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-08-09] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-28] (Adobe Inc. -> ) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-13] (Google LLC -> Google LLC) Chrome: ======= CHR HomePage: Default -> hxxp://www.accueil-nav.com/ CHR StartupUrls: Default -> "hxxp://www.accueil-nav.com/" CHR NewTab: Default -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html" CHR DefaultSearchURL: Default -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=chrome&addonversion=2.1.0 CHR DefaultSearchKeyword: Default -> ecosia CHR DefaultSuggestURL: Default -> hxxps://ac.ecosia.org/?q={searchTerms}&type=list&mkt=fr CHR Notifications: Default -> hxxps://www.youtube.com CHR Profile: C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default [2019-12-28] CHR DownloadDir: C:\Users\Adrien.VALERO-ADRIEN\Desktop CHR Extension: (Slides) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-30] CHR Extension: (Lookbox.net) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ancfgganhepljbilijkjebkfgcphiclg [2019-08-08] CHR Extension: (Docs) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-07-31] CHR Extension: (Google Drive) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-31] CHR Extension: (YouTube) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-30] CHR Extension: (iMacros for Chrome) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2019-08-25] CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-07-30] CHR Extension: (Ecosia Search) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2019-10-26] CHR Extension: (wanteeed) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2019-11-07] CHR Extension: (Sheets) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-30] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-11-23] CHR Extension: (Google Docs hors connexion) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-07-31] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-12-28] CHR Extension: (Avast Online Security) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-12-19] CHR Extension: (LIKEPOOL - Get 10x more likes together) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\mambmbfnejfjgihdebahcddfgclmllap [2019-12-11] CHR Extension: (Search Manager) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2019-11-26] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-01] CHR Extension: (Gmail) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-30] CHR Extension: (Chrome Media Router) - C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-17] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] CHR HKU\S-1-5-21-3625449888-4197136442-909293187-1012\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AALSvc; C:\AlphaAntiLeak\AAL\bin\server\AALSvc.exe [2913960 2019-08-26] (Constantin Schreiber -> ) S3 ACTION_SVC; C:\Program Files (x86)\Mirillis\Action!\action_svc.exe [16064 2014-10-25] (Mirillis -> ) S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.01\atkexComSvc.exe [933872 2016-11-24] (ASUSTeK Computer Inc. -> ) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.9.564\AsusWSWinService.exe [75264 2016-06-22] (ASUS Cloud Corporation) [Fichier non signé] R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [409176 2018-09-19] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) R3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8402648 2019-12-18] (BattlEye Innovations e.K. -> ) R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation) S3 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [326032 2018-06-05] (ASUSTeK Computer Inc. -> ) S2 Ds3Service; C:\Program Files\Nefarius Software Solutions\ScpToolkit\ScpService.exe [394944 2016-04-12] (Open Source Developer, Benjamin Höglinger-Stelzer -> Scarlet.Crush Productions) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [805488 2019-12-18] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [391744 2017-07-11] (Canon Inc. -> ) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Trusted Connect Service -> Intel(R) Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21304 2017-09-28] (Microsoft Corporation -> Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-05] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-12] (McAfee, LLC -> McAfee, Inc.) S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.7.371.0\\McCSPServiceHost.exe [2140888 2017-12-14] (McAfee, Inc. -> McAfee, Inc.) R2 MEmusvc; C:\Program Files\Microvirt\MEmu\MemuService.exe [269480 2017-05-26] (Microvirt Software Technology Co., Ltd. -> Microvirt Software Technology Co. Ltd.) S3 mracsvc; C:\WINDOWS\System32\mracsvc.exe [18534552 2019-08-20] (Mail.Ru LLC -> LLC Mail.Ru) R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [310272 2018-11-11] (Locktime Software s.r.o. -> Locktime Software) R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Fichier non signé] S2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [218576 2019-08-09] (TEFINCOM S.A. -> ) R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [858480 2019-12-05] (NVIDIA Corporation -> NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2332464 2019-07-12] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3206448 2019-07-12] (Electronic Arts, Inc. -> Electronic Arts) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1046456 2017-09-24] (McAfee, Inc. -> Intel Security, Inc.) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1291888 2019-07-15] (Bitdefender SRL -> Bitdefender) R2 QcomWlanSrv; C:\WINDOWS\System32\drivers\QcomWlanSrvx64.exe [191440 2018-09-19] (Qualcomm Atheros -> Qualcomm Technologies Inc.) R2 Razer Chroma SDK Server; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [439936 2018-01-10] (Razer USA Ltd. -> Razer Inc.) R2 Razer Chroma SDK Service; C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [943232 2018-01-10] (Razer USA Ltd. -> Razer Inc.) S2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [147792 2017-08-12] (Razer USA Ltd. -> Razer Inc) S2 Razer Synapse Service; C:\Program Files (x86)\Razer\Synapse3\Service\Razer Synapse Service.exe [283888 2018-06-01] (Razer USA Ltd. -> ) S2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [533376 2018-05-30] (Razer USA Ltd. -> Razer Inc.) R2 RzSurroundVADStreamingService; C:\Program Files (x86)\Razer\Razer Surround\Driver\RzSurroundVADStreamingService.exe [4261344 2018-01-09] (Razer USA Ltd. -> Razer Inc) S2 symsrv; C:\Program Files\windows nt\symsrv.exe [145168 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [139896 2019-06-19] (TunnelBear -> TunnelBear) S2 VSStandardCollectorService160; c:\windows\fonts\xxx\TASKH0ST.EXE [331264 2019-05-07] () [Fichier non signé] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-09-01] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-09-01] (Microsoft Corporation -> Microsoft Corporation) S3 wpscloudsvr; C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [162048 2016-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 S2 rcdll; C:\Users\adrzl\AppData\Local\Temp\rcdll.exe [X] <==== ATTENTION ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AALProtect; C:\AlphaAntiLeak\AAL\bin\server\AALProtect.sys [35984 2019-05-20] (OOO AMEKS -> ) S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-24] (ASUSTeK Computer Inc. -> ) R3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [2836840 2019-12-27] (BattlEye Innovations e.K. -> ) S3 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [269408 2018-02-23] (Bluestack Systems, Inc. -> Bluestack System Inc. ) R1 hideFirewall; C:\WINDOWS\System32\drivers\hideFirewall.sys [79488 2019-06-21] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) S3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [89912 2016-08-29] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) S4 IObitUnlocker; C:\Program Files (x86)\IObit\IObit Unlocker\IObitUnlocker.sys [66824 2017-06-15] (IObit Information Technology -> IObit) S3 libusbK; C:\WINDOWS\System32\drivers\libusbK.sys [47200 2019-08-07] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net) R3 MEmuDrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [260368 2015-11-02] (上海迈微软件科技有限公司 -> Microvirt Corporation) S3 mracdrv; C:\WINDOWS\System32\drivers\mracdrv.sys [17770920 2019-08-20] (Mail.Ru LLC -> LLC Mail.Ru) R0 nldrv; C:\WINDOWS\System32\drivers\nldrv.sys [174536 2018-11-10] (Locktime Software s.r.o. -> Locktime Software) R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvaki.inf_amd64_f49f680690b3e39d\nvlddmkm.sys [22749640 2019-11-08] (NVIDIA Corporation -> NVIDIA Corporation) S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-12-07] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [75600 2019-08-23] (NVIDIA Corporation -> NVIDIA Corporation) R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2358736 2018-09-19] (Qualcomm Atheros -> Qualcomm Atheros, Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-08-22] (Realtek Semiconductor Corp. -> Realtek ) R3 rzendpt; C:\WINDOWS\System32\drivers\rzendpt.sys [51736 2016-06-23] (Razer USA Ltd. -> Razer Inc) R3 RZSURROUNDVADService; C:\WINDOWS\system32\drivers\RzSurroundVAD.sys [49176 2016-10-16] (Razer USA Ltd. -> Windows (R) Win 7 DDK provider) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-09-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-09-01] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-09-01] (Microsoft Windows -> Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [74552 2019-07-23] (Wellbia.com Co., Ltd. -> Wellbia.com Co., Ltd.) S3 xspirit; C:\WINDOWS\xspirit.sys [1 2019-07-08] (Microsoft Windows -> ) S1 csidbqda; \??\C:\WINDOWS\system32\drivers\csidbqda.sys [X] S3 KProcessHacker2; \??\C:\Users\adrzl\AppData\Local\Temp\kprocesshacker.sys [X] <==== ATTENTION S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-12-28 17:51 - 2019-12-28 17:55 - 000051239 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\FRST.txt 2019-12-28 17:51 - 2019-12-28 17:54 - 000000000 ____D C:\FRST 2019-12-28 17:50 - 2019-12-28 17:50 - 002272256 _____ (Farbar) C:\Users\Adrien.VALERO-ADRIEN\Desktop\FRST64.exe 2019-12-27 16:15 - 2019-12-27 16:15 - 015809807 _____ C:\Users\Adrien.VALERO-ADRIEN\Downloads\! §cHikari §8[§f32x§8].zip 2019-12-27 16:15 - 2019-12-27 16:15 - 010907706 _____ C:\Users\Adrien.VALERO-ADRIEN\Downloads\! §cSuch§4Speed §8[§716§4x§8].zip 2019-12-27 16:15 - 2019-12-27 16:15 - 000525303 _____ C:\Users\Adrien.VALERO-ADRIEN\Downloads\v5F1.8 Hypixel Skyblock Pack.zip 2019-12-26 17:21 - 2019-12-26 17:21 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign1ab0855627a2a4a6 2019-12-26 17:17 - 2019-12-26 17:27 - 480026257 _____ C:\Users\Adrien.VALERO-ADRIEN\Downloads\PACK GFX RENDERS 3D BY TRALDEN (1).psd 2019-12-26 17:14 - 2019-12-26 17:15 - 455441689 _____ C:\Users\Adrien.VALERO-ADRIEN\Downloads\ALZIUM PACK V1 !.psd 2019-12-26 15:49 - 2019-12-26 15:49 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign46c7820ff261c784 2019-12-26 15:42 - 2019-12-26 15:50 - 373481885 _____ C:\Users\Adrien.VALERO-ADRIEN\Downloads\SirgoGFXPack.psd 2019-12-26 15:39 - 2019-12-26 15:39 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign49005e200c045152 2019-12-26 15:04 - 2019-12-26 15:04 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsigncd0b8f00ecc6d67b 2019-12-26 15:04 - 2019-12-26 15:04 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign860bc1b1762c0b95 2019-12-26 15:03 - 2019-12-26 15:03 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsigndc6854b7743e9be5 2019-12-26 15:02 - 2019-12-26 15:02 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsignfb1e84f48254eb36 2019-12-26 14:29 - 2019-12-26 14:35 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Documents\Camtasia Studio 2019-12-26 14:22 - 2019-12-26 14:24 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\Transitions 2019-12-26 14:22 - 2017-12-30 21:05 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\Bruitages 2019-12-26 14:21 - 2019-12-26 14:21 - 014822333 _____ C:\Users\Adrien.VALERO-ADRIEN\Downloads\Top Bruitages et Musiques par Théo Jacquin.zip 2019-12-25 14:43 - 2019-12-25 14:43 - 000022240 _____ (EasyAntiCheat Oy) C:\WINDOWS\system32\eac_usermode_1685131443657.dll 2019-12-23 17:48 - 2019-12-23 17:48 - 000000222 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Black Squad.url 2019-12-20 17:11 - 2019-12-28 00:00 - 000003406 _____ C:\WINDOWS\system32\Tasks\PC Cleaner automatic scan and notifications 2019-12-20 17:11 - 2019-12-20 17:17 - 000000000 ____D C:\ProgramData\PC Cleaner 2019-12-20 17:11 - 2019-12-20 17:11 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\PC Cleaner 2019-12-20 17:11 - 2019-12-20 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Cleaner 2019-12-20 17:11 - 2019-12-20 17:11 - 000000000 ____D C:\Program Files (x86)\PC Cleaner 2019-12-20 15:51 - 2019-12-20 15:51 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Documents\AEGIS III 2019-12-20 15:41 - 2019-12-20 15:41 - 000000000 ____D C:\WINDOWS\pss 2019-12-20 15:31 - 2019-12-20 15:33 - 000000000 ___HD C:\$SysReset 2019-12-18 14:25 - 2019-12-18 14:25 - 000000014 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Nouveau document texte.txt 2019-12-10 15:38 - 2019-12-10 15:38 - 000000082 _____ C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\.valkyriaconfig.properties 2019-12-10 15:37 - 2019-12-10 15:40 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\.valkyria 2019-12-10 13:06 - 2019-12-10 13:06 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign82962cc37a691128 2019-12-10 13:00 - 2019-12-10 13:01 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\Overlay Discord 2019-12-10 12:32 - 2019-12-10 12:32 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\AnkamaCertificates 2019-12-10 12:31 - 2019-12-10 12:52 - 000000008 _____ C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\DofusAppId0_1 2019-12-10 12:31 - 2019-12-10 12:52 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Dofus 2019-12-10 12:31 - 2019-12-10 12:31 - 000000133 _____ C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\D2Info0 2019-12-10 12:31 - 2019-12-10 12:31 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\[Worker].null 2019-12-10 09:21 - 2019-12-17 16:34 - 000001527 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Dofus.lnk 2019-12-10 09:01 - 2019-12-10 09:09 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Dofus Retro 2019-12-10 09:01 - 2019-12-10 09:01 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus Retro 2019-12-10 08:59 - 2019-12-17 16:34 - 000001539 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Dofus Retro.lnk 2019-12-07 16:24 - 2019-12-07 16:24 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsignd99c706b8b9242ba 2019-12-07 16:23 - 2019-12-07 16:23 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign746d94b09eeae545 2019-12-07 13:34 - 2019-12-07 13:34 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsignec35a08a2789e1d0 2019-12-05 12:32 - 2019-12-07 13:35 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\Chibis WakFight 2019-12-04 23:10 - 2019-12-04 23:10 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign812c08864123e72f 2019-12-04 22:55 - 2019-12-04 22:55 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign3b8d2c99ae1ea881 2019-12-04 22:55 - 2019-12-04 22:55 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign3a98be1b39baccab 2019-12-04 22:55 - 2019-12-04 22:55 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign26813e2cf4315692 2019-12-04 22:49 - 2019-12-04 22:49 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsigne6ae8b657427dfe5 2019-12-04 21:00 - 2019-10-23 20:06 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\C4D Pack 2019-12-04 20:19 - 2019-12-04 20:19 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsignc2d89eadadee563a 2019-12-04 19:57 - 2019-12-04 19:57 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign2e601f25d2096866 2019-12-04 19:56 - 2019-12-04 19:56 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign30c1c10b4a18a8ee 2019-12-04 19:55 - 2019-12-04 19:55 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign6c5bf00c072c695c 2019-12-04 19:55 - 2019-12-04 19:55 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign2a143ac26e0c2275 2019-11-29 19:31 - 2019-11-29 19:31 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign66856fff15bbe11a 2019-11-29 19:30 - 2019-11-29 19:30 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsignea7a4a24a304d03f 2019-11-29 19:30 - 2019-11-29 19:30 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsign25bdb1bb0fcaa3ac 2019-11-29 19:29 - 2019-11-29 19:29 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsignbb3a2c6eb9386701 2019-11-29 19:28 - 2019-11-29 19:28 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Tempzxpsignf452871798bc0782 ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-12-28 16:41 - 2019-10-09 20:42 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\zaap 2019-12-28 16:41 - 2019-10-09 20:42 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Ankama Launcher 2019-12-28 13:36 - 2018-07-16 10:16 - 000000000 _____ C:\WINDOWS\system32\RzSurroundVADAudioDeviceManager_log.txt 2019-12-28 13:15 - 2019-01-17 20:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-12-28 12:25 - 2017-01-09 07:06 - 000000000 ____D C:\ProgramData\NVIDIA 2019-12-28 00:00 - 2019-10-16 21:15 - 000003440 _____ C:\WINDOWS\system32\Tasks\OneSafe PC Cleaner automatic scan and notifications 2019-12-27 19:34 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-12-27 17:21 - 2019-01-17 21:10 - 001771406 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-12-27 17:21 - 2018-09-15 17:39 - 000791768 _____ C:\WINDOWS\system32\perfh00C.dat 2019-12-27 17:21 - 2018-09-15 17:39 - 000149836 _____ C:\WINDOWS\system32\perfc00C.dat 2019-12-27 17:21 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF 2019-12-27 17:01 - 2019-07-26 15:29 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\CrashDumps 2019-12-27 16:50 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-12-27 16:34 - 2019-08-19 17:56 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\.minecraft 2019-12-27 16:03 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps 2019-12-27 15:59 - 2019-08-29 12:58 - 000000600 _____ C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\winscp.rnd 2019-12-27 14:11 - 2019-07-24 02:05 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2019-12-27 13:07 - 2019-07-31 02:33 - 000000000 ____D C:\Program Files (x86)\TunnelBear 2019-12-27 13:06 - 2019-01-17 21:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-12-27 13:06 - 2017-12-13 22:46 - 000000000 ____D C:\ProgramData\AVAST Software 2019-12-26 20:45 - 2018-09-15 07:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2019-12-26 20:44 - 2019-07-26 15:28 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN 2019-12-26 20:27 - 2019-08-10 23:33 - 000007601 _____ C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Resmon.ResmonCfg 2019-12-26 18:21 - 2019-07-26 19:24 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Tencent 2019-12-26 18:21 - 2019-03-01 14:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software 2019-12-26 18:20 - 2019-07-26 15:55 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\ASUS GIFTBOX 2019-12-26 18:20 - 2019-01-17 21:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\ASUSTek Computer Inc 2019-12-26 18:20 - 2016-08-18 08:01 - 000000000 ____D C:\Program Files (x86)\ASUS 2019-12-26 18:19 - 2019-08-14 21:37 - 000000000 ____D C:\Program Files (x86)\DriverToolkit 2019-12-26 18:02 - 2019-11-19 19:39 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:02 - 2019-11-19 19:39 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:02 - 2017-12-13 21:55 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2019-12-26 18:02 - 2017-12-13 21:54 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2019-12-26 18:01 - 2019-11-19 19:39 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2019-11-19 19:39 - 000004106 _____ C:\WINDOWS\system32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2019-11-19 19:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2019-11-19 19:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2019-11-19 19:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2019-11-19 19:39 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2019-01-19 21:20 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2019-01-19 21:20 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} 2019-12-26 18:01 - 2017-12-13 21:54 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2019-12-26 14:22 - 2019-08-31 20:02 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\obs-studio 2019-12-26 14:22 - 2019-08-08 11:11 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\Musiques 2019-12-26 13:04 - 2019-07-26 15:28 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Packages 2019-12-25 14:35 - 2019-08-14 22:03 - 000000388 _____ C:\WINDOWS\Tasks\DriverToolkit Autorun.job 2019-12-24 00:06 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-12-23 17:53 - 2017-12-30 16:18 - 000000000 ____D C:\Program Files (x86)\Steam 2019-12-23 17:48 - 2019-08-11 23:09 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2019-12-22 13:17 - 2019-10-22 16:04 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\Badlion Client 2019-12-22 13:13 - 2019-10-22 16:12 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\badlion-client-updater 2019-12-22 13:13 - 2018-08-20 09:49 - 000000000 ____D C:\Program Files\Badlion Client 2019-12-20 22:07 - 2019-08-14 22:03 - 000002814 _____ C:\WINDOWS\system32\Tasks\DriverToolkit Autorun 2019-12-18 19:01 - 2018-06-13 18:27 - 000000000 ____D C:\ProgramData\CanonIJPLM 2019-12-17 16:34 - 2019-11-18 00:15 - 000001537 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Wakfu Beta.lnk 2019-12-17 16:34 - 2019-11-08 18:53 - 000001539 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Waven Alpha.lnk 2019-12-17 16:34 - 2019-10-30 01:13 - 000001292 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\AlbionOnline.lnk 2019-12-17 16:34 - 2019-10-18 06:48 - 000002223 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\VPS.lnk 2019-12-17 16:34 - 2019-10-09 23:40 - 000001529 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Wakfu.lnk 2019-12-17 16:34 - 2019-10-09 20:42 - 000002434 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\Ankama Launcher.lnk 2019-12-17 16:34 - 2019-07-26 16:55 - 000001484 _____ C:\Users\Adrien.VALERO-ADRIEN\Desktop\GeForce Experience.lnk 2019-12-17 13:25 - 2018-10-12 22:45 - 000002187 _____ C:\WINDOWS\wininit.ini 2019-12-14 23:18 - 2017-01-09 07:21 - 000000000 ____D C:\Program Files\Microsoft Office 2019-12-13 23:30 - 2019-07-30 19:36 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2019-12-13 23:30 - 2019-07-30 19:36 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2019-12-10 14:42 - 2019-03-30 13:16 - 000000000 ___RD C:\Users\Adrien.VALERO-ADRIEN\Desktop\JeuEnDev 2019-12-10 13:04 - 2019-11-03 14:02 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\Plugins 2019-12-10 13:04 - 2019-08-23 20:19 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\Miniatures Tool 2019-12-08 17:58 - 2019-08-21 14:24 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\ElevatedDiagnostics 2019-12-08 15:47 - 2019-11-19 19:39 - 002859872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll 2019-12-08 15:47 - 2019-11-19 19:39 - 002221064 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2019-12-08 15:47 - 2019-11-19 19:39 - 001321496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll 2019-12-07 17:40 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2019-12-07 15:21 - 2019-11-19 19:39 - 000174560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll 2019-12-07 15:21 - 2019-11-19 19:39 - 000149472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2019-12-05 22:24 - 2019-11-19 19:39 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat 2019-12-04 23:36 - 2019-09-08 01:05 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\Desktop\photoshop pack 2019-12-01 09:57 - 2018-05-08 16:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-11-30 12:16 - 2019-07-26 15:55 - 000000000 ____D C:\Users\Adrien.VALERO-ADRIEN\AppData\LocalLow\Mozilla 2019-11-29 22:28 - 2019-07-26 15:56 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-11-29 22:28 - 2018-05-08 16:18 - 000001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk ==================== Fichiers à la racine de certains dossiers ======== 2019-07-11 09:38 - 2019-07-11 09:38 - 003034496 _____ (Nicolas Coolman) C:\Users\adrzl\ZHPDiag3.exe 2018-08-10 10:02 - 2009-07-14 01:14 - 000031232 ___SH () C:\ProgramData\cpsvchost.exe 2019-03-19 19:49 - 2019-03-19 19:49 - 000334288 _____ (Mozilla Foundation) C:\ProgramData\freebl3.dll 2019-03-19 19:49 - 2019-03-19 19:49 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll 2019-03-19 19:50 - 2019-03-19 19:50 - 000440120 _____ (Microsoft Corporation) C:\ProgramData\msvcp140.dll 2019-03-19 19:50 - 2019-03-19 19:50 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll 2018-08-10 10:02 - 2009-07-14 01:14 - 000031232 ___SH () C:\ProgramData\olly.exe 2019-03-19 19:50 - 2019-03-19 19:50 - 000144848 _____ (Mozilla Foundation) C:\ProgramData\softokn3.dll 2018-08-10 10:02 - 2009-07-14 01:14 - 000031232 ___SH () C:\ProgramData\System Idle.exe 2019-03-19 19:50 - 2019-03-19 19:50 - 000083784 _____ (Microsoft Corporation) C:\ProgramData\vcruntime140.dll 2018-09-03 11:29 - 2018-09-03 11:29 - 000027163 _____ () C:\Program Files (x86)\survivorroyale_license.htm 2019-12-10 15:38 - 2019-12-10 15:38 - 000000082 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\.valkyriaconfig.properties 2019-08-19 17:32 - 2019-08-19 17:32 - 000000794 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\AdobeWLCMR2Cache.dat 2019-12-10 12:31 - 2019-12-10 12:31 - 000000133 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\D2Info0 2019-07-28 14:47 - 2019-07-28 14:47 - 000001209 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\D3D5D3C0-0F3D-40c1-9973-CEB7C072AE32.ini 2019-12-10 12:31 - 2019-12-10 12:52 - 000000008 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\DofusAppId0_1 2019-08-29 12:58 - 2019-12-27 15:59 - 000000600 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Roaming\winscp.rnd 2019-10-01 14:23 - 2019-11-03 13:26 - 000000128 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\PUTTY.RND 2019-08-10 23:33 - 2019-12-26 20:27 - 000007601 _____ () C:\Users\Adrien.VALERO-ADRIEN\AppData\Local\Resmon.ResmonCfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================