Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2020 Exécuté par Mr KONATE (administrateur) sur PCKONATE (LENOVO 80S2) (15-03-2020 23:04:40) Exécuté depuis C:\Users\Mr KONATE\Desktop Profils chargés: Mr KONATE (Profils disponibles: Mr KONATE) Platform: Windows 10 Pro Version 1909 18363.693 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe (Adobe Inc. -> Adobe Inc) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AdobeNotificationClient_1.0.1.22_x86__enpm4xejd91yc\AdobeNotificationClient.exe (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe (Conexant Systems, Inc.) [Fichier non signé] C:\Windows\SysWOW64\UIUSrv.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Deezer SA) C:\Program Files\WindowsApps\Deezer.62021768415AF_4.18.60.0_x86__q7m17pa7q8kj0\app\Deezer.exe (Deezer SA) C:\Program Files\WindowsApps\Deezer.62021768415AF_4.18.60.0_x86__q7m17pa7q8kj0\app\Deezer.exe (Deezer SA) C:\Program Files\WindowsApps\Deezer.62021768415AF_4.18.60.0_x86__q7m17pa7q8kj0\app\Deezer.exe (Deezer SA) C:\Program Files\WindowsApps\Deezer.62021768415AF_4.18.60.0_x86__q7m17pa7q8kj0\app\Deezer.exe (Deezer SA) C:\Program Files\WindowsApps\Deezer.62021768415AF_4.18.60.0_x86__q7m17pa7q8kj0\app\Deezer.exe (Deezer SA) C:\Program Files\WindowsApps\Deezer.62021768415AF_4.18.60.0_x86__q7m17pa7q8kj0\app\Deezer.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Users\Mr KONATE\AppData\Local\Google\Update\1.3.35.442\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Users\Mr KONATE\AppData\Local\Google\Update\1.3.35.442\GoogleCrashHandler64.exe (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (LENOVO -> Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe (LENOVO -> Lenovo) C:\Program Files\Lenovo\BTlocker\BTDemoService.exe (LENOVO -> Lenovo) C:\Program Files\Lenovo\BTlocker\BTLocker.exe (LENOVO -> Lenovo) C:\Program Files\Lenovo\BTlocker\RestartThread.exe (LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officec2rclient.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.19418.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Node.js Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe (Node.js Foundation -> Node.js) C:\Program Files\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\Realtek Bluetooth\SkypePlugin.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [BTLocker] => C:\Program Files\Lenovo\BtLocker\BTLocker.exe [677304 2015-07-15] (LENOVO -> Lenovo) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation - Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [916184 2014-07-02] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [230104 2015-07-10] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (LENOVO -> Lenovo(beijing) Limited) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc. -> Conexant Systems, Inc.) HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110008 2015-07-21] (CyberLink Corp. -> CyberLink) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492472 2015-07-21] (CyberLink Corp. -> CyberLink Corp.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2084920 2019-09-27] (Adobe Inc. -> Adobe Inc.) HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0 HKLM\...\Policies\Explorer: [HideSCAHealth] 0 HKU\S-1-5-21-1960310863-1766197830-830914656-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-03-17] (CyberLink Corp. -> CyberLink Corp.) HKU\S-1-5-21-1960310863-1766197830-830914656-1001\...\Run: [Google Update] => C:\Users\Mr KONATE\AppData\Local\Google\Update\1.3.35.442\GoogleUpdateCore.exe [217544 2020-02-19] (Google LLC -> Google LLC) HKU\S-1-5-21-1960310863-1766197830-830914656-1001\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart HKU\S-1-5-21-1960310863-1766197830-830914656-1001\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [597640 2020-02-07] (Adobe Inc. -> Adobe Systems Incorporated) HKU\S-1-5-21-1960310863-1766197830-830914656-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe [2487352 2019-09-27] (Adobe Inc. -> Adobe Inc.) HKU\S-1-5-21-1960310863-1766197830-830914656-1001\...\Policies\Explorer: [TaskbarNoNotification] 0 HKU\S-1-5-21-1960310863-1766197830-830914656-1001\...\Policies\Explorer: [HideSCAHealth] 0 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.132\Installer\chrmstp.exe [2020-03-10] (Google LLC -> Google LLC) Startup: C:\Users\Mr KONATE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-03-01] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0141D208-0ED5-4D5C-83BC-F69B769F2EBB} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo) Task: {020A7034-9FBC-476B-B9EE-B3E349B0CF8D} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [85432 2015-09-11] (CyberLink Corp. -> CyberLink Corp.) Task: {02FB1201-1129-49A0-95EC-3E6AEC0B3CEE} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1320416 2016-01-25] (LENOVO -> Lenovo) Task: {07D25BA7-0136-4990-807B-0EC7F8EFEA71} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {0F88A820-2E2A-4C99-B9A4-67170F561D0D} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-25] (Adobe Inc. -> Adobe) Task: {128BC621-500F-4AAB-8AFC-247ACCC5F8D1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\3188dcb9-8055-493a-8d75-8c9275deb399 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {224FF2F9-32C3-4400-9F21-54EB69ABD557} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1960310863-1766197830-830914656-1001 => C:\Users\Mr KONATE\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [86824 2019-12-18] (Lenovo (Beijing) Limited -> Lenovo Group Limited) Task: {2CFB35A4-9F7A-413A-879E-49ADC71BF250} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK Task: {2EE66567-8FE9-4A0E-AA2C-C62EFA5D379C} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9773024 2016-01-25] (LENOVO -> Lenovo) Task: {374E5B38-AE80-4D60-9AB9-F2F8A0CC1A72} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> ) Task: {3E99BDD8-2307-4F4D-B720-0C28B4A4C2F9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1960310863-1766197830-830914656-1001Core => C:\Users\Mr KONATE\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-15] (Google Inc -> Google Inc.) Task: {4F1E5DAE-C759-4B2F-8F72-26D8F92C9959} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_pepper.exe [1453624 2020-02-25] (Adobe Inc. -> Adobe) Task: {5A4D2470-C7A0-4948-A621-AD3881E76974} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe Task: {657767FF-5D3A-4137-AD36-DEE736D38BF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {6B11CADF-2AA0-4132-A84E-72855B17BBF4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {6CD3F5AF-3BD9-4D4E-BAE0-C2FF01893427} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\be365ee9-3ccb-4580-8dcc-29ef2b2e20d7 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {6FA1EA93-DC2C-44AA-8F70-F33967F4DCAA} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [270304 2016-01-25] (LENOVO -> Lenovo) Task: {7109176F-5849-45B7-9782-E1AA6C891527} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [54424 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {759B1B0E-BFA5-4F22-8ABD-0595E1E1A841} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b11cb7aa-81f8-4dcc-8d90-9d5429fc2f39 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {7F6F8681-8148-4AA6-BBAE-40B70740F9A0} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe Task: {864D6D93-83AB-4166-8E96-5BC5B1530DC0} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [16832 2015-07-06] (LENOVO -> Lenovo) Task: {89C89506-B4E0-413C-A31A-CDBD16D49720} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {90A0A0C4-7486-40CC-A8EB-E69E6D035F0D} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe Task: {9768ACAB-5E37-4CFF-8867-E6FDE062CA91} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\4528c5f1-ffb7-4b66-9921-97327b35633b => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [80536 2020-02-11] (Lenovo -> Lenovo Group Ltd.) Task: {99F32C87-2F81-47AA-9922-C61F2BDD49DF} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe Task: {ACB1881F-F938-4672-B3B3-C207BC857A43} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [745240 2016-03-17] (CyberLink Corp. -> CyberLink Corp.) Task: {B038A18D-12DA-474B-A1B5-914EE3BE6806} - System32\Tasks\Microsoft\Windows\UpdateAssistant\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe Task: {B550BED0-1E7E-4F9E-92DE-60827D84FD9B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {BA292AF5-9F9A-41FB-A22F-415AC1970CFD} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [1758984 2020-02-11] (Lenovo -> ) Task: {C41619E8-7D12-477B-A4FE-6A0FDE407BD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-04-17] (Google Inc -> Google Inc.) Task: {D368ECF4-594B-4A70-8018-C60F8FC839BA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1960310863-1766197830-830914656-1001UA => C:\Users\Mr KONATE\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2017-04-15] (Google Inc -> Google Inc.) Task: {D516EAE5-0FCC-4260-B089-ED3C65E2EE4A} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [564664 2015-06-12] (LENOVO -> Lenovo) Task: {DFFB87F8-400D-4A3F-B474-F9548D00370D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-04-17] (Google Inc -> Google Inc.) Task: {E4A75189-64FD-489F-BA58-4BBB03FEF188} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [120407888 2020-02-22] (Microsoft Windows -> Microsoft Corporation) Task: {F071E65C-4E6D-40F5-826B-36E5AF7075C5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6f8d7709-d0d7-42c1-9161-fcd4dd22af93}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{866568f4-b2ae-48d3-96c9-99cc7be1a11b}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{9ac630e1-d220-4ec7-85c5-88a41f2d74a0}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKU\S-1-5-21-1960310863-1766197830-830914656-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-1960310863-1766197830-830914656-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE HKU\S-1-5-21-1960310863-1766197830-830914656-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com HKU\S-1-5-21-1960310863-1766197830-830914656-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2020-02-22] (Microsoft Corporation -> Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2020-02-22] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2020-02-22] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== DownloadDir: C:\Users\Mr KONATE\Downloads Edge HomeButtonPage: HKU\S-1-5-21-1960310863-1766197830-830914656-1001 -> about:start Edge Extension: (Translator pour Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-02-22] FireFox: ======== FF DefaultProfile: ktu2z726.default FF ProfilePath: C:\Users\Mr KONATE\AppData\Roaming\Mozilla\Firefox\Profiles\ktu2z726.default [2020-03-15] FF Homepage: Mozilla\Firefox\Profiles\ktu2z726.default -> about:blank FF Notifications: Mozilla\Firefox\Profiles\ktu2z726.default -> hxxps://www.facebook.com; hxxps://mail.google.com FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-09-27] (Adobe Inc. -> Adobe Systems) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2020-02-22] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-09-27] (Adobe Inc. -> Adobe Systems) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default [2020-03-15] CHR Notifications: Default -> hxxps://01net-by.accengage.net; hxxps://community.windows.com; hxxps://drive.google.com; hxxps://mail.google.com; hxxps://plus.google.com; hxxps://www.facebook.com; hxxps://www.youtube.com CHR HomePage: Default -> hxxp://www.google.ci/ CHR StartupUrls: Default -> "hxxps://www.google.com/intl/fr/chrome/browser/welcome.html" CHR NewTab: Default -> Not-active:"chrome-extension://lklfbkdigihjaaeamncibechhgalldgl/iframe_msn.html" CHR Extension: (Slides) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Docs) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-16] CHR Extension: (YouTube) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-16] CHR Extension: (Multi Web Search) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\chflbgjeimkjmkgdeecfdlmgifclacic [2019-11-13] CHR Extension: (Sheets) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Docs hors connexion) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-13] CHR Extension: (Conjugaison française - extension) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\goppknomocjclmklldbjpilkcbafdclh [2018-01-22] CHR Extension: (Ultimedia Videos Premium) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlodlcjfnnoingcnaaicdnjmddaejlnf [2018-01-22] CHR Extension: (Rechercher tous les) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdkbemdpepjjppbfgeapjienologapa [2019-11-13] CHR Extension: (Microsoft News New Tab) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lklfbkdigihjaaeamncibechhgalldgl [2020-01-27] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-03-02] CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-12-07] CHR Extension: (Screencastify - Screen Video Recorder) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmeijimgabbpbgpdklnllpncmdofkcpn [2020-03-15] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-13] CHR Extension: (Traducteur Français - Anglais) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoknggblacdpjbfjdioaipdfjnihpdn [2018-01-22] CHR Extension: (Reverso Context, traduction et dictionnaire) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2020-01-27] CHR Extension: (Gmail) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-13] CHR Extension: (Chrome Media Router) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-27] CHR Profile: C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-10] CHR Profile: C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-03-10] CHR Notifications: Profile 1 -> hxxps://chat.google.com; hxxps://mail.google.com; hxxps://www.bestcours.com; hxxps://www.facebook.com; hxxps://www.youtube.com CHR HomePage: Profile 1 -> hxxp://google.com/ CHR Extension: (Slides) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-20] CHR Extension: (Docs) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-20] CHR Extension: (Google Drive) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-02] CHR Extension: (YouTube) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-02] CHR Extension: (Adobe Acrobat) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-02-22] CHR Extension: (Sheets) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-20] CHR Extension: (McAfee® WebAdvisor) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-02-22] CHR Extension: (Google Docs hors connexion) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-02-22] CHR Extension: (Avast Online Security) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-02-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-13] CHR Extension: (Gmail) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-13] CHR Extension: (Chrome Media Router) - C:\Users\Mr KONATE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-22] CHR HKU\S-1-5-21-1960310863-1766197830-830914656-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] CHR HKU\S-1-5-21-1960310863-1766197830-830914656-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] Opera: ======= OPR Notifications: hxxps://mail.google.com; hxxps://www.bestcours.com; hxxps://www.youtube.com OPR Extension: (Amazon Assistant for Opera) - C:\Users\Mr KONATE\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2019-02-11] OPR Extension: (SaveFrom.net Helper) - C:\Users\Mr KONATE\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2019-02-19]