Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 26-04-2020 Exécuté par Nohrs'Dragg (administrateur) sur COOPIRATE (Hewlett-Packard Presario CQ56 Notebook PC) (28-04-2020 19:33:27) Exécuté depuis C:\Users\Nohrs'Dragg\Desktop Profils chargés: Nohrs'Dragg (Profils disponibles: Nohrs'Dragg & Administrateur & Invité) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 9 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <2> (Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Incendo Technology Ltd -> Incendo Technology) C:\Program Files (x86)\Vectir\Vectir.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe (Windscribe Limited -> Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe ==================== Registre (Tous(tes)) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6245408 2010-05-26] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [386840 2014-12-30] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [417560 2014-12-30] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [162584 2014-12-30] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [30720 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Windows -> Microsoft Corporation) HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [2616320 2011-02-25] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0 HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKLM\ DisallowedCertificates: 1916A2AF346D399F50313C393200F14140456616 (U) HKLM\ DisallowedCertificates: 2A83E9020591A55FC6DDAD3FB102794C52B24E70 (U) HKLM\ DisallowedCertificates: 2B84BFBB34EE2EF949FE1CBE30AA026416EB2216 (U) HKLM\ DisallowedCertificates: 305F8BD17AA2CBC483A4C41B19A39A0C75DA39D6 (U) HKLM\ DisallowedCertificates: 367D4B3B4FCBBC0B767B2EC0CDB2A36EAB71A4EB (U) HKLM\ DisallowedCertificates: 3A850044D8A195CD401A680C012CB0A3B5F8DC08 (U) HKLM\ DisallowedCertificates: 40AA38731BD189F9CDB5B9DC35E2136F38777AF4 (U) HKLM\ DisallowedCertificates: 43D9BCB568E039D073A74A71D8511F7476089CC3 (U) HKLM\ DisallowedCertificates: 471C949A8143DB5AD5CDF1C972864A2504FA23C9 (U) HKLM\ DisallowedCertificates: 51C3247D60F356C7CA3BAF4C3F429DAC93EE7B74 (U) HKLM\ DisallowedCertificates: 5DE83EE82AC5090AEA9D6AC4E7A6E213F946E179 (U) HKLM\ DisallowedCertificates: 61793FCBFA4F9008309BBA5FF12D2CB29CD4151A (U) HKLM\ DisallowedCertificates: 637162CC59A3A1E25956FA5FA8F60D2E1C52EAC6 (U) HKLM\ DisallowedCertificates: 63FEAE960BAA91E343CE2BD8B71798C76BDB77D0 (U) HKLM\ DisallowedCertificates: 6431723036FD26DEA502792FA595922493030F97 (U) HKLM\ DisallowedCertificates: 7D7F4414CCEF168ADF6BF40753B5BECD78375931 (U) HKLM\ DisallowedCertificates: 80962AE4D6C5B442894E95A13E4A699E07D694CF (U) HKLM\ DisallowedCertificates: 86E817C81A5CA672FE000F36F878C19518D6F844 (U) HKLM\ DisallowedCertificates: 8E5BD50D6AE686D65252F843A9D4B96D197730AB (U) HKLM\ DisallowedCertificates: 9845A431D51959CAF225322B4A4FE9F223CE6D15 (U) HKLM\ DisallowedCertificates: B533345D06F64516403C00DA03187D3BFEF59156 (U) HKLM\ DisallowedCertificates: B86E791620F759F17B8D25E38CA8BE32E7D5EAC2 (U) HKLM\ DisallowedCertificates: C060ED44CBD881BD0EF86C0BA287DDCF8167478C (U) HKLM\ DisallowedCertificates: CEA586B2CE593EC7D939898337C57814708AB2BE (U) HKLM\ DisallowedCertificates: D018B62DC518907247DF50925BB09ACF4A5CB3AD (U) HKLM\ DisallowedCertificates: F8A54E03AADC5692B850496A4C4630FFEAA29D83 (U) HKLM\ DisallowedCertificates: FA6660A94AB45F6A88C0D7874D89A863D74DEE97 (U) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190416924\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [Fichier non signé] HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190416924\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-19\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190417934\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190417934\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418099\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418099\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-2620554350-2478030218-4193951288-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-2620554350-2478030218-4193951288-1001\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2620554350-2478030218-4193951288-1001\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2620554350-2478030218-4193951288-1001\...\MountPoints2: {5d0bfb35-5a10-11e4-af42-6431505f47d1} - F:\Startme.exe HKU\S-1-5-21-2620554350-2478030218-4193951288-1001\...\MountPoints2: {d5af292a-4e5f-11e0-a8e2-6431505f47d1} - G:\autorun.exe HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619\...\MountPoints2: {5d0bfb35-5a10-11e4-af42-6431505f47d1} - F:\Startme.exe HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619\...\MountPoints2: {d5af292a-4e5f-11e0-a8e2-6431505f47d1} - G:\autorun.exe HKU\S-1-5-21-2620554350-2478030218-4193951288-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418214\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] (Hewlett-Packard Company -> ) HKU\S-1-5-21-2620554350-2478030218-4193951288-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418214\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company) [Fichier non signé] HKU\S-1-5-21-2620554350-2478030218-4193951288-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418214\...\Policies\Explorer: [NoDriveTypeAutoRun] 145 HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [1712184 2010-02-09] (Hewlett-Packard Company -> ) HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-05-19] (Hewlett-Packard Company) [Fichier non signé] HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\Policies\system: [DisableLockWorkstation] 0 HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\Policies\system: [DisableTaskMgr] 0 HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\Policies\system: [DisableChangePassword] 0 HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\MountPoints2: {35c23ee9-3aab-11e0-aa8d-806e6f6e6963} - E:\FalloutLauncher.exe HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\MountPoints2: {5d0bfb35-5a10-11e4-af42-6431505f47d1} - F:\Startme.exe HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\...\MountPoints2: {d5af292a-4e5f-11e0-a8e2-6431505f47d1} - G:\INSTALL.EXE HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) [Fichier non signé] HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKLM\...\Providers\Internet Print Provider: C:\Windows\system32\inetpp.dll [166400 2017-08-11] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Providers\LanMan Print Services: C:\Windows\system32\win32spl.dll [757248 2017-08-11] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\Windows\System32\ie4uinit.exe [2012-03-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\System32\iedkcs32.dll [2012-03-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U shell32.dll HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\System32\ie4uinit.exe [2012-03-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\system32\mscories.dll [2014-06-19] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.129\Installer\chrmstp.exe [2020-04-28] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\Windows\SysWOW64\ie4uinit.exe [2012-03-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\Windows\SysWOW64\iedkcs32.dll [2012-03-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2010-05-19] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U shell32.dll HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\SysWOW64\ie4uinit.exe [2012-03-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\mscories.dll [2014-06-19] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.) HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\Windows\system32\authui.dll [2019-03-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\Windows\system32\authui.dll [2019-03-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> C:\Windows\System32\VaultCredProvider.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{6f45dc1e-5384-457a-bc13-2cd81b0d28ed}] -> C:\Windows\system32\authui.dll [2019-03-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{8bf9a910-a8ff-457f-999f-a5ca10b4a885}] -> C:\Windows\system32\SmartcardCredentialProvider.dll [2013-10-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\Windows\system32\SmartcardCredentialProvider.dll [2013-10-04] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{AC3AC249-E820-4343-A65B-377AC634DC09}] -> C:\Windows\System32\BioCredProv.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{e74e57b0-6c6d-44d5-9cda-fb2df5ed7435}] -> C:\Windows\system32\certCredProvider.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\Windows\system32\authui.dll [2019-03-16] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Authentication\PLAP Providers: [{5537E283-B1E7-4EF8-9C6E-7AB0AFE5056D}] -> C:\Windows\system32\rasplap.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\Windows\system32\wlgpclnt.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\Windows\system32\fdeploy.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}] -> HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\Windows\System32\dskquota.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\Windows\system32\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4bcd6cde-777b-48b6-9804-43568e23545d}] -> C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll [2013-10-02] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\Windows\System32\iedkcs32.dll [2012-03-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}] -> C:\Windows\System32\RdpGroupPolicyExtension.dll [2016-03-24] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{7933F41E-56F8-41d6-A31C-4148A711EE93}] -> C:\Windows\System32\srchadmin.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\Windows\System32\iedkcs32.dll [2012-03-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\Windows\system32\scecli.dll [2010-11-20] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{8A28E2C5-8D06-49A4-A08C-632DAA493E17}] -> C:\Windows\system32\gpprnext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}] -> C:\Windows\System32\iedkcs32.dll [2012-03-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\Windows\system32\dot3gpclnt.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\Windows\system32\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\Windows\System32\iedkcs32.dll [2012-03-14] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\Windows\System32\polstore.dll [2016-05-12] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> C:\Windows\system32\auditcse.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\Windows\system32\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\Windows\system32\gptext.dll [2009-07-14] (Microsoft Windows -> Microsoft Corporation) Lsa: [Authentication Packages] msv1_0 Lsa: [Notification Packages] scecli SecurityProviders: credssp.dll BootExecute: autocheck autochk * AlternateShell: cmd.exe FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0529BC84-6322-446E-98B6-58C4AFF97E1E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {0EF5055F-4484-40D9-9B21-8B9A1E139F09} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {0EF5055F-4484-40D9-9B21-8B9A1E139F09} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation) Task: {1C9A98A7-3973-4087-AB87-F2BA0802057D} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {1F958430-3F30-40BE-A3E0-276B82FC5B10} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-15] (Adobe Inc. -> Adobe) Task: {231C6F6C-3A4B-4705-85D9-7A7AD16661A4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {279BBAC9-CB1D-4EA7-A6B7-576B497FA18E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2045832 2019-08-20] (AVAST Software s.r.o. -> AVAST Software) Task: {29ABB165-5DD6-47CE-9B91-B20C58B88630} - System32\Tasks\Opera scheduled Autoupdate 1587248302 => C:\Users\Nohrs'Dragg\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-04-08] (Opera Software AS -> Opera Software) Task: {56333740-1DBC-4174-81A4-4D2D583B1112} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO) Task: {56DACD77-9E68-405D-9C99-FE7E6FBB2CAF} - System32\Tasks\{80942FD9-4E92-479E-9B74-DE7B73FA64A3} => C:\Windows\system32\pcalua.exe -a "C:\Users\Nohrs'Dragg\AppData\Roaming\InstallShield Installation Information\{32E4F0D2-C135-475E-A841-1D59A0D22989}\setup.exe" -c -runfromtemp -l0x040c -removeonly Task: {57AFE4B3-3522-4818-9714-244DD831B6CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe Task: {5AD65014-4B39-4FDB-9C4D-0B747191CAE0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {5B6F5EDF-A223-4BD2-914A-C7C1A12B8309} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO) Task: {67DCFA31-0B74-407B-AD2C-D667CE1AAFE9} - \Re-markit Update -> Pas de fichier <==== ATTENTION Task: {6D670D44-5DE2-4146-87B5-3050294CA4E5} - System32\Tasks\{371F769F-468E-4A1B-A789-34AF2851981C} => C:\Windows\system32\pcalua.exe -a G:\autorun.exe -d G:\ Task: {6EEE2875-540F-4455-A9DD-67DC8FDBFE4D} - System32\Tasks\Opera scheduled assistant Autoupdate 1587248337 => C:\Users\Nohrs'Dragg\AppData\Local\Programs\Opera\launcher.exe [1538584 2020-04-08] (Opera Software AS -> Opera Software) Task: {75D14549-998B-4EDB-ABFA-17B6E1EDCB16} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {7C11D826-242D-4E6E-B2C5-21CFDC6FB3F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe) Task: {80EA75CC-F1D5-4024-B6E9-6E2287F0123A} - System32\Tasks\Avast Driver Updater Startup => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe Task: {84BF07F4-A502-4C64-82ED-D087C42FF490} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO) Task: {933EA92E-95FC-48AE-9D0A-0B6DE6A2E35E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-15] (Piriform Software Ltd -> Piriform Ltd) Task: {9347799E-A273-4695-9183-011080ED36DF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {9800E395-DA5C-4A6D-ABDA-79C00068D479} - System32\Tasks\HPCeeScheduleForNohrs'Dragg => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704 2010-01-05] (Hewlett-Packard Company -> Hewlett-Packard) Task: {9E5881A1-AA62-43C2-8233-0BEEEBBFE659} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {A181A5CA-BBB3-4508-8DF7-119D97FC7A61} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-15] (Piriform Software Ltd -> Piriform Software Ltd) Task: {A6613017-1169-414A-B89C-6DA0FE2D63EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {A98EDBA9-C4A8-417D-A15C-DE1F15A00FB5} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe) Task: {ABBD0348-C6B6-4B49-8B1C-385AB0C9C45E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {B283F40C-CFF3-43EB-80C3-59A1E669DE75} - System32\Tasks\{822B9E27-D3D9-4328-9DB7-1C6A874F4B5C} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe -c /M{1C08A24C-B168-407E-A826-68FAF5F20710} Task: {B60191F6-041E-42BB-934E-9B9FBF8B8685} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {C5F5E66E-3F2D-4BFB-B647-74DC86B6720A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {C5F5E66E-3F2D-4BFB-B647-74DC86B6720A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation) Task: {C6036996-CDDA-4F1E-A31E-D30E8062343E} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO) Task: {CC84F372-7128-4FDD-AD0A-DEF65A6DC1DA} - System32\Tasks\{CBE9BED9-C518-4C7D-AB0B-62F6A639BFE7} => C:\Windows\system32\pcalua.exe -a C:\SwSetup\sp66381\Installer.exe -d C:\SwSetup\sp66381 Task: {D6A8DBE1-EEBA-4DEA-B237-E908B448CA9D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {D9132A04-75AA-4596-9339-3A235E2BB152} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2177464 2019-11-15] (Microsoft Corporation -> Microsoft) Task: {E0EF88C8-5EFD-4118-BC88-E975B9CF750B} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32696 2019-11-15] (Microsoft Corporation -> Microsoft) Task: {E331E740-6582-4D57-8DC2-8D37876EAEA1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {E331E740-6582-4D57-8DC2-8D37876EAEA1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {E331E740-6582-4D57-8DC2-8D37876EAEA1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [360960 [360960 2015-09-30]] (Microsoft Windows -> Microsoft Corporation) Task: {E84CEBFB-0847-445E-9EFA-2E9417595E58} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.) Task: {EA88D463-A05C-4729-ADF2-D6A0039FA235} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation) Task: {EF568F5A-B0A5-448B-8B57-73B1E12B76AB} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5714384 2019-07-31] (Comodo Security Solutions -> COMODO) Task: {F125CCC4-6642-46EA-8DE2-1009D5451511} - System32\Tasks\{155637C6-42F4-4B60-953D-84DAD635238D} => C:\Windows\system32\pcalua.exe -a C:\Users\Nohrs'Dragg\Downloads\LopSD.exe -d C:\Users\Nohrs'Dragg\Downloads Task: {FF92723A-65FF-4871-B867-ACDB96A55CF1} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13036496 2019-07-31] (Comodo Security Solutions -> COMODO) Task: {FFBA6EAF-9DE7-405B-B763-682C555D5608} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-05-25] (Hewlett-Packard Company -> ) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\Avast Driver Updater Startup.job => C:\Program Files (x86)\Avast Driver Updater\Avast Driver Updater.exe Task: C:\Windows\Tasks\HPCeeScheduleForNohrs'Dragg.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyServer: [S-1-5-21-2620554350-2478030218-4193951288-1001] => localhost:8080 ProxyServer: [S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619] => localhost:8080 Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\..\Interfaces\{0604FC1B-E674-4982-9362-AF070EA0631E}: [NameServer] 37.187.0.40,37.59.72.228 Tcpip\..\Interfaces\{12E9664A-B410-4CD8-A6BD-E1B29A52FC9A}: [NameServer] 156.154.70.25,156.154.71.25 Tcpip\..\Interfaces\{446A9F79-7963-4C62-804A-F7098BFCD821}: [NameServer] 37.187.0.40,37.59.72.228 Tcpip\..\Interfaces\{B556D817-42F2-48B6-AA0E-38E1954C126E}: [NameServer] 156.154.70.25,156.154.71.25 HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.0.254,-1] Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-2620554350-2478030218-4193951288-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418214\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQCON/11 HKU\S-1-5-21-2620554350-2478030218-4193951288-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418214\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQCON/11 HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQCON/11 HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQCON/11 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {157FFF0C-F18A-48B9-B037-25B9EBC34B92} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {2D02F418-78E5-42ED-876A-324E75DE567D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {E68E0CC4-CF44-4D61-89A0-39F0787CF7A8} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente SearchScopes: HKLM-x32 -> {157FFF0C-F18A-48B9-B037-25B9EBC34B92} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM-x32 -> {2D02F418-78E5-42ED-876A-324E75DE567D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {E68E0CC4-CF44-4D61-89A0-39F0787CF7A8} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001 -> {157FFF0C-F18A-48B9-B037-25B9EBC34B92} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001 -> {2D02F418-78E5-42ED-876A-324E75DE567D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001 -> {E68E0CC4-CF44-4D61-89A0-39F0787CF7A8} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619 -> {157FFF0C-F18A-48B9-B037-25B9EBC34B92} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619 -> {2D02F418-78E5-42ED-876A-324E75DE567D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619 -> {E68E0CC4-CF44-4D61-89A0-39F0787CF7A8} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419 -> DefaultScope {2D02F418-78E5-42ED-876A-324E75DE567D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419 -> {157FFF0C-F18A-48B9-B037-25B9EBC34B92} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419 -> {2D02F418-78E5-42ED-876A-324E75DE567D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419 -> {E68E0CC4-CF44-4D61-89A0-39F0787CF7A8} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPNTDF BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-19] (Oracle America, Inc. -> Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-19] (Oracle America, Inc. -> Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Pas de fichier Toolbar: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Toolbar: HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier Toolbar: HKU\S-1-5-21-2620554350-2478030218-4193951288-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190418419 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier DPF: HKLM-x32 {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///E:/viewer/ORDcmViewCD.ocx Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Pas de fichier FireFox: ======== FF DefaultProfile: yxgqscyy.default FF DefaultProfile: 4csx53l4.default-1436202503494 FF ProfilePath: C:\Users\Nohrs'Dragg\AppData\Roaming\Waterfox\Profiles\yxgqscyy.default [2019-12-04] FF ProfilePath: C:\Users\Nohrs'Dragg\AppData\Roaming\Nvu\Profiles\9ydw3mqs.default [2017-11-16] FF ProfilePath: C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494 [2020-04-28] FF DownloadDir: C:\Users\Nohrs'Dragg\Downloads FF Session Restore: Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494 -> est activé. FF Notifications: Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494 -> hxxps://soundcloud.com FF Extension: (Windscribe VPN) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\@windscribeff.xpi [2019-03-04] FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\firefox@ghostery.com.xpi [2020-04-15] FF Extension: (Tampermonkey) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\firefox@tampermonkey.net.xpi [2020-04-13] FF Extension: (Open Page in Private Window) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\open-page-in-private-window@cpeterso.com.xpi [2018-08-26] FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\sp@avast.com.xpi [2020-02-28] FF Extension: (Avast Online Security) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\wrc@avast.com.xpi [2020-03-11] FF Extension: (NoScript) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2020-04-22] FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2019-05-20] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Nohrs'Dragg\AppData\Roaming\Mozilla\Firefox\Profiles\4csx53l4.default-1436202503494\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-07] FF ProfilePath: C:\Users\Nohrs'Dragg\AppData\Roaming\KompoZer\Profiles\ma0j6z7j.default [2017-03-17] FF Extension: (FrenchLocale) - C:\Users\Nohrs'Dragg\AppData\Roaming\KompoZer\Profiles\ma0j6z7j.default\Extensions\{5bf73a30-8317-404b-bb12-bb1d7aacb90d} [2017-03-16] [] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> ) FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-10-13] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2620554350-2478030218-4193951288-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nohrs'Dragg\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS -> Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2620554350-2478030218-4193951288-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-04282020190419619: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Nohrs'Dragg\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-01-23] (Unity Technologies ApS -> Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default [2020-04-28] CHR NewTab: Default -> Active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html" CHR DefaultSearchURL: Default -> hxxps://www.ecosia.org/search?q={searchTerms}&addon=chrome&addonversion=2.1.0 CHR DefaultSearchKeyword: Default -> ecosia CHR DefaultSuggestURL: Default -> hxxps://ac.ecosia.org/?q={searchTerms}&type=list&mkt=fr CHR Extension: (Slides) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-12] CHR Extension: (Docs) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-24] CHR Extension: (YouTube) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Recherche Google) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Tampermonkey) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2019-12-06] CHR Extension: (Typio Form Recovery) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\djkbihbnjhkjahbhjaadbepppbpoedaa [2019-11-19] CHR Extension: (Ecosia Search) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2019-10-11] CHR Extension: (Sheets) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-12] CHR Extension: (Stylish – Thèmes personnalisés pour sites Web) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2018-12-28] CHR Extension: (Google Docs hors connexion) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-21] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-16] CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-04-28] CHR Extension: (Lightshot (outil de capture d’écran)) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2020-04-10] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (WebRTC Block) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nphkkbaidamjmhfanlpblblcadhfbkdm [2015-07-31] CHR Extension: (Gmail) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-30] CHR Extension: (Chrome Media Router) - C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-22] CHR Profile: C:\Users\Nohrs'Dragg\AppData\Local\Google\Chrome\User Data\System Profile [2019-12-17] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11307792 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2649040 2019-07-31] (Comodo Security Solutions -> COMODO) S2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé] S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé] S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-24] (Malwarebytes Inc -> Malwarebytes) S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Fichier non signé] S2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [493232 2019-01-19] (Windscribe Limited -> Windscribe Limited) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36256 2010-03-25] (MCCI Internal Testing Software -> Google Inc) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-05-01] (Tages SA -> ) R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [29056 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [857912 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [53776 2019-07-31] (Comodo Security Solutions, Inc. -> COMODO) R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2020-04-21] (Malwarebytes Corporation -> Malwarebytes) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-10-23] (Sony Mobile Communications AB -> Sony Mobile Communications) R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [41704 2012-08-01] (AnchorFree Inc -> AnchorFree Inc.) R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [126680 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-05-01] (Tages SA -> ) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [214496 2020-04-28] (Malwarebytes Inc -> Malwarebytes) R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [195432 2020-04-28] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73584 2020-04-28] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248968 2020-04-28] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [112752 2020-04-28] (Malwarebytes Inc -> Malwarebytes) S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0086.sys [40704 2015-07-17] (SoftEther Corporation -> SoftEther Corporation) S3 Passthru; C:\Windows\System32\DRIVERS\PPFlt.sys [28408 2014-12-24] (PrivacyProtector -> ) R3 PrivacyProtectorMP; C:\Windows\System32\DRIVERS\PPFlt.sys [28408 2014-12-24] (PrivacyProtector -> ) S3 ptun0901; C:\Windows\System32\DRIVERS\ptun0901.sys [27136 2014-08-08] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited) S3 SEE; C:\Windows\System32\drivers\see.sys [49864 2018-10-05] (SoftEther Corporation -> SoftEther Corporation) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-26] (Disc Soft Ltd -> Duplex Secure Ltd.) S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2019-01-16] (AVG Technologies CZ, s.r.o. -> SlimWare Utilities, Inc.) S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-12-26] (AnchorFree Inc -> Anchorfree Inc.) S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2011-08-19] (OpenVPN Technologies, Inc. -> The OpenVPN Project) R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2018-07-13] (Windscribe Limited -> The OpenVPN Project) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [Fichier non signé] S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115488 2014-05-16] (Oracle Corporation -> Oracle Corporation) S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2015-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies) U3 au9vxyce; C:\Windows\System32\Drivers\au9vxyce.sys [0 0000-00-00] (Advanced Micro Devices) <==== ATTENTION (zéro octet Fichier/Dossier) S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X] S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X] S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X] S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-04-28 19:17 - 2020-04-28 19:18 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\LocalLow\IGDump 2020-04-28 19:12 - 2020-04-28 19:36 - 000058757 _____ C:\Users\Nohrs'Dragg\Desktop\FRST.txt 2020-04-28 19:10 - 2020-04-28 19:35 - 000000000 ____D C:\FRST 2020-04-28 18:50 - 2020-04-28 18:50 - 002283008 _____ (Farbar) C:\Users\Nohrs'Dragg\Desktop\FRST64.exe 2020-04-28 18:37 - 2020-04-28 19:04 - 000073584 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2020-04-28 18:34 - 2020-04-28 18:34 - 000195432 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys 2020-04-28 18:34 - 2020-04-28 18:34 - 000112752 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys 2020-04-28 18:31 - 2020-04-28 19:01 - 000248968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2020-04-28 18:31 - 2020-04-28 18:31 - 000214496 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys 2020-04-27 16:34 - 2020-04-27 16:34 - 000003668 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe 2020-04-27 16:34 - 2020-04-27 16:34 - 000003118 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe 2020-04-27 16:34 - 2020-04-27 16:34 - 000003092 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_ipoint_exe 2020-04-27 16:34 - 2020-04-27 16:34 - 000003090 _____ C:\Windows\system32\Tasks\Microsoft_Hardware_Launch_itype_exe 2020-04-27 16:34 - 2020-04-27 16:34 - 000003062 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe 2020-04-27 16:34 - 2020-04-27 16:34 - 000003060 _____ C:\Windows\system32\Tasks\Microsoft_MKC_Logon_Task_itype.exe 2020-04-27 16:33 - 2020-04-27 16:33 - 000002285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre Souris et Claviers Microsoft.lnk 2020-04-27 16:30 - 2020-04-27 16:31 - 000000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center 2020-04-27 16:14 - 2020-04-27 16:14 - 048444040 _____ (Microsoft Corporation) C:\Users\Nohrs'Dragg\Downloads\MouseKeyboardCenter_64bit_FRA_12.181.exe 2020-04-25 15:56 - 2020-04-25 15:57 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\CHILDISH GAMBINO - 3.15.20 (2020).[MP3.320Kbps](AXALAR) 2020-04-25 15:55 - 2020-04-25 15:55 - 000022080 _____ C:\Users\Nohrs'Dragg\Downloads\CHILDISH GAMBINO - 3.15.20 (2020).[MP3.320Kbps](AXALAR).torrent 2020-04-25 15:55 - 2020-04-25 15:55 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\FIVE FIVE (Album) 2020-04-25 15:54 - 2020-04-25 15:54 - 000014270 _____ C:\Users\Nohrs'Dragg\Downloads\FIVE FIVE (Album).torrent 2020-04-25 15:47 - 2020-04-25 15:52 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Future - Future & Juice WRLD Present... WRLD ON DRUGS , 2018 , FLAC 16-bit , 44.1KHz 2020-04-25 15:47 - 2020-04-25 15:48 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Anderson .Paak - Ventura (2019) 2020-04-25 15:47 - 2020-04-25 15:47 - 000003807 _____ C:\Users\Nohrs'Dragg\Downloads\Juice Wrld - Death Race For Love-2019(WEB.FLAC.16BIT. 44100 HZ)(onasimlap).torrent 2020-04-25 15:46 - 2020-04-25 15:46 - 000013484 _____ C:\Users\Nohrs'Dragg\Downloads\Future - Future & Juice WRLD Present... WRLD ON DRUGS , 2018 , FLAC 16-bit , 44.1KHz.torrent 2020-04-25 15:45 - 2020-04-25 15:45 - 000015649 _____ C:\Users\Nohrs'Dragg\Downloads\Anderson .Paak - Ventura (2019).torrent 2020-04-23 21:26 - 2020-04-23 21:26 - 000000000 __SHD C:\found.001 2020-04-21 13:31 - 2020-04-21 13:33 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Eminem - Revival (2017) - MP3 320 kbps 2020-04-21 13:30 - 2020-04-21 13:31 - 000016483 _____ C:\Users\Nohrs'Dragg\Downloads\Eminem - Revival (2017) - MP3 320 kbps.torrent 2020-04-21 13:15 - 2020-04-21 13:18 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Eminem - Kamikaze (2018) [MP3 320kbps] 2020-04-21 13:13 - 2020-04-21 13:14 - 000037445 _____ C:\Users\Nohrs'Dragg\Downloads\Eminem - Kamikaze (2018) [MP3 320kbps].torrent 2020-04-21 13:09 - 2020-04-21 13:40 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\CCleaner.5.65.7632.All.Portable (Windows) 2020-04-21 13:07 - 2020-04-21 13:08 - 000028487 _____ C:\Users\Nohrs'Dragg\Downloads\CCleaner.5.65.7632.All.Portable (Windows).torrent 2020-04-21 12:22 - 2020-04-24 15:54 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\opera autoupdate 2020-04-20 23:13 - 2020-04-20 23:17 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Ekhö monde miroir [HD] (1DVD) 2020-04-20 23:09 - 2020-04-20 23:09 - 000018162 _____ C:\Users\Nohrs'Dragg\Downloads\Ekhö monde miroir [HD] (1DVD).torrent 2020-04-20 23:08 - 2020-04-20 23:08 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\000000 EKHÖ Monde Miroir - T09 - Abidjan-Nairobi Express - [1664] - Bds - Fr - CBR 2020-04-20 23:06 - 2020-04-20 23:06 - 000019616 _____ C:\Users\Nohrs'Dragg\Downloads\000000 EKHÖ Monde Miroir - T09 - Abidjan-Nairobi Express - [1664] - Bds - Fr - CBR.torrent 2020-04-20 23:00 - 2020-04-21 12:30 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Eminem - Music To Be Murdered By (2020) 320 kbps 2020-04-20 22:59 - 2020-04-20 23:10 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Die Antwoord • House of Zef (2020) • [Flac 16bits 44,1kHz] 2020-04-20 22:59 - 2020-04-20 22:59 - 000013711 _____ C:\Users\Nohrs'Dragg\Downloads\Eminem - Music To Be Murdered By (2020) 320 kbps.torrent 2020-04-20 22:58 - 2020-04-20 22:58 - 000040701 _____ C:\Users\Nohrs'Dragg\Downloads\Die Antwoord • House of Zef (2020) • [Flac 16bits 44,1kHz].torrent 2020-04-20 22:56 - 2020-04-20 22:56 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Infected Mushroom • More Than Just A Name - 2020 • Mp3-320 kbps 2020-04-20 22:55 - 2020-04-20 22:55 - 000045843 _____ C:\Users\Nohrs'Dragg\Downloads\Infected Mushroom • More Than Just A Name - 2020 • Mp3-320 kbps.torrent 2020-04-19 23:01 - 2020-04-19 23:02 - 022267336 _____ (Piriform Software Ltd) C:\Users\Nohrs'Dragg\Downloads\ccsetup565.exe 2020-04-19 00:19 - 2020-04-24 15:55 - 000004354 _____ C:\Windows\system32\Tasks\Opera scheduled assistant Autoupdate 1587248337 2020-04-19 00:19 - 2020-04-19 00:19 - 000004134 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1587248302 2020-04-19 00:18 - 2020-04-19 00:18 - 000001552 _____ C:\Users\Nohrs'Dragg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2020-04-19 00:18 - 2020-04-19 00:18 - 000001544 _____ C:\Users\Nohrs'Dragg\Desktop\Navigateur Opera.lnk 2020-04-16 13:00 - 2020-04-16 13:07 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\Easy Macro Recorder 2020-04-13 13:11 - 2020-04-16 11:17 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\Perfect Automation 2020-04-13 13:11 - 2020-04-13 13:11 - 000001056 _____ C:\Users\Nohrs'Dragg\Desktop\Perfect Automation.lnk 2020-04-13 13:11 - 2020-04-13 13:11 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Perfect Automation 2020-04-13 13:11 - 2020-04-13 13:11 - 000000000 ____D C:\Program Files (x86)\Perfect Automation ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-04-28 19:35 - 2019-08-12 00:40 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat 2020-04-28 18:36 - 2009-07-14 06:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-04-28 18:36 - 2009-07-14 06:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-04-28 18:28 - 2011-02-17 19:48 - 000127464 _____ C:\Users\Nohrs'Dragg\AppData\Local\GDIPFONTCACHEV1.DAT 2020-04-28 17:52 - 2019-06-24 01:41 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\vlc 2020-04-28 17:44 - 2016-11-25 03:39 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\LocalLow\Mozilla 2020-04-28 01:25 - 2014-07-13 11:34 - 000002182 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-04-28 01:25 - 2014-07-13 11:34 - 000002141 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-04-28 01:25 - 2014-07-13 11:34 - 000002141 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-04-28 00:33 - 2010-08-01 05:17 - 000758832 _____ C:\Windows\system32\perfh00C.dat 2020-04-28 00:33 - 2010-08-01 05:17 - 000156028 _____ C:\Windows\system32\perfc00C.dat 2020-04-28 00:33 - 2009-07-14 07:13 - 001701950 _____ C:\Windows\system32\PerfStringBackup.INI 2020-04-28 00:33 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2020-04-27 15:08 - 2008-01-01 00:16 - 000106710 _____ C:\Windows\system32\Drivers\fvstore.dat 2020-04-26 23:57 - 2012-09-01 15:22 - 000003222 _____ C:\Windows\system32\Tasks\HPCeeScheduleForNohrs'Dragg 2020-04-26 23:57 - 2012-09-01 15:22 - 000000356 _____ C:\Windows\Tasks\HPCeeScheduleForNohrs'Dragg.job 2020-04-26 20:00 - 2020-03-19 14:34 - 000325120 ___SH C:\Users\Nohrs'Dragg\Downloads\Thumbs.db 2020-04-25 16:51 - 2014-12-24 01:57 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\uTorrent 2020-04-24 15:45 - 2019-01-16 06:37 - 000000494 _____ C:\Windows\Tasks\Avast Driver Updater Startup.job 2020-04-24 15:45 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-04-21 14:30 - 2011-02-18 19:21 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Local\CrashDumps 2020-04-21 12:31 - 2019-07-18 20:11 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys 2020-04-21 12:16 - 2012-05-05 12:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-04-21 12:11 - 2011-07-17 15:43 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Local\ElevatedDiagnostics 2020-04-20 22:57 - 2018-09-06 12:22 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Lecture 2020-04-20 15:19 - 2020-03-19 14:21 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\FileZilla 2020-04-20 14:49 - 2012-12-29 04:20 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Reg-save 2020-04-19 16:05 - 2017-02-27 23:03 - 000000132 _____ C:\Users\Nohrs'Dragg\AppData\Roaming\Préfs Format PNG Adobe CS6 2020-04-17 13:25 - 2016-05-08 19:57 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\discord 2020-04-15 19:50 - 2011-02-18 16:37 - 000000000 ____D C:\Users\Nohrs'Dragg\AppData\Roaming\SoftGrid Client 2020-04-15 08:43 - 2014-12-11 12:55 - 000000000 ____D C:\Users\Nohrs'Dragg\Downloads\Cours 2020-04-15 03:16 - 2019-02-17 03:16 - 000004660 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-04-15 03:16 - 2019-02-17 02:22 - 000004496 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-04-15 03:16 - 2014-12-10 13:30 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-04-15 03:16 - 2014-12-10 13:30 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-04-15 03:16 - 2011-11-11 20:05 - 000000000 ____D C:\Windows\system32\Macromed 2020-04-15 03:16 - 2010-07-31 20:17 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-04-15 02:17 - 2019-02-17 02:22 - 000004648 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-04-14 10:20 - 2016-10-21 23:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== Fichiers à la racine de certains dossiers ======== 2012-10-06 21:43 - 2013-12-09 21:04 - 000000132 _____ () C:\Users\Nohrs'Dragg\AppData\Roaming\Adobe PNG Format CS5 Prefs 2011-04-09 14:17 - 2012-03-18 20:44 - 000001854 _____ () C:\Users\Nohrs'Dragg\AppData\Roaming\GhostObjGAFix.xml 2017-02-27 23:03 - 2020-04-19 16:05 - 000000132 _____ () C:\Users\Nohrs'Dragg\AppData\Roaming\Préfs Format PNG Adobe CS6 2012-08-18 15:21 - 2012-11-05 22:59 - 000001515 _____ () C:\Users\Nohrs'Dragg\AppData\Roaming\SAS7_000.DAT 2017-03-18 03:19 - 2017-03-18 04:28 - 000001456 _____ () C:\Users\Nohrs'Dragg\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs 2014-01-09 21:25 - 2014-01-09 21:25 - 000000099 _____ () C:\Users\Nohrs'Dragg\AppData\Local\fusioncache.dat 2020-03-19 14:27 - 2020-03-19 14:30 - 000000128 _____ () C:\Users\Nohrs'Dragg\AppData\Local\PUTTY.RND 2019-01-09 23:14 - 2019-01-09 23:14 - 000000218 _____ () C:\Users\Nohrs'Dragg\AppData\Local\recently-used.xbel 2012-03-11 01:27 - 2019-12-27 02:09 - 000007574 _____ () C:\Users\Nohrs'Dragg\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2020-04-17 01:44 ==================== Fin de FRST.txt ========================