Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 23-08-2020 Exécuté par Franck (administrateur) sur MAINSTYLZ (MEDION MS-7848) (24-08-2020 16:58:33) Exécuté depuis F:\BULK\App Profils chargés: Franck & MSSQLServerOLAPService & MSSQLFDLauncher & MSSQLSERVER Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: Opera Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files\Allen & Heath\QuUSBDriver\cplah.exe () [Fichier non signé] C:\Program Files\JetBrains\DataGrip 2017.1.1\lserver-softhound\dvt-jb_licsrv.amd64.exe () [Fichier non signé] C:\vms\VBoxVmService64.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Allen & Heath Ltd.) [Fichier non signé] C:\Program Files (x86)\Allen & Heath\DAW Control\DAW Control.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe (Avid Technology, Inc. -> M-Audio) C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe (Comodo Security Solutions -> Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe <2> (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe (Comodo Security Solutions -> Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\Comodo\Internet Security Essentials\isesrv.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe <3> (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (E-MU Systems) [Fichier non signé] C:\Program Files (x86)\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe (EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe (Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation -> Microsoft Corporation) D:\ROOT\SQL\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe (Microsoft Corporation -> Microsoft Corporation) D:\ROOT\SQL\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdhost.exe (Microsoft Corporation -> Microsoft Corporation) D:\ROOT\SQL\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe (Microsoft Corporation -> Microsoft Corporation) D:\ROOT\SQL\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <9> (Native Instruments GmbH -> Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe (NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe (NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net) C:\Windows\SysWOW64\WinFLService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (Oracle Corporation -> Oracle Corporation) C:\Program Files\Oracle\Virtualbox\VBoxSVC.exe (Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SurfRight B.V. -> SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [Windows Mobile Device Center] => C:\windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [kbdsprt] => [X] HKLM-x32\...\Run: [Opera Browser Assistant] => C:\Program Files (x86)\Opera\assistant\browser_assistant.exe [3126296 2020-08-18] (Opera Software AS -> Opera Software) HKLM\...\Policies\Explorer\Run: [localSPM] => C:\windows\runkey.exe HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [Lync] => C:\Program Files\Microsoft Office\Office15\lync.exe [28179056 2019-07-18] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8551848 2015-10-19] (Piriform Ltd -> Piriform Ltd) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [729704 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [com.squirrel.splice.Splice] => C:\Users\Franck\AppData\Local\splice\app-3.3.109793\Splice.exe [52374928 2018-12-07] (DISTRIBUTED CREATION INC. -> Splice) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [Blend] => C:\Users\Franck\AppData\Local\Programs\Blend\Blend.exe [83606936 2017-11-30] (ROLI Ltd -> The Blend Team) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [electron.app.Splice] => C:\Users\Franck\AppData\Local\splice\app-3.3.109793\Splice.exe [52374928 2018-12-07] (DISTRIBUTED CREATION INC. -> Splice) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [9198512 2019-06-20] (Support.com, Inc. -> SUPERAntiSpyware) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [AdobeBridge] => [X] HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [uTorrent] => C:\Users\Franck\AppData\Roaming\uTorrent\uTorrent.exe [1920232 2020-08-17] (BitTorrent Inc -> BitTorrent Inc.) HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [WinFLTray] => C:\windows\SysWow64\WinFLTray.ex HKU\S-1-5-21-974459237-872370034-477851868-1001\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.ex HKU\S-1-5-21-974459237-872370034-477851868-1001\...\MountPoints2: {24472ae4-ec52-11e4-8280-448a5b9224b1} - "I:\setup.exe" HKU\S-1-5-21-974459237-872370034-477851868-1001\...\MountPoints2: {b0848f12-d7b3-11ea-86c6-448a5b9224b1} - "J:\HiSuiteDownLoader.exe" HKU\S-1-5-21-974459237-872370034-477851868-1001\...\MountPoints2: {c823844c-d7ad-11e4-8272-806e6f6e6963} - "G:\auto.exe" HKU\S-1-5-21-974459237-872370034-477851868-1001\...\MountPoints2: {eb9ba3e4-8f2b-11e7-8408-448a5b9224b1} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-974459237-872370034-477851868-1001\...\MountPoints2: {eb9ba422-8f2b-11e7-8408-448a5b9224b1} - "I:\HiSuiteDownLoader.exe" HKU\S-1-5-21-974459237-872370034-477851868-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Franck\Downloads\rstassociations-version-scr_1.3.scr [409449 2019-04-14] () [Fichier non signé] HKU\S-1-5-18\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-12-16] (Safer-Networking Ltd.) [Fichier non signé] HKLM\...\Print\Monitors\Adobe PDF Port Monitor: c:\windows\system32\AdobePDF.dll [65096 2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\...\Print\Monitors\PDF995 Monitor: c:\windows\system32\pdf995mon64.dll [40448 2012-04-26] () [Fichier non signé] HKLM\Software\...\AppCompatFlags\InstalledSDB\{ad846bae-d44b-4722-abad-f7420e08bcd9}: [DatabasePath] -> C:\windows\AppPatch\Custom\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb [2016-05-31] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\84.0.4147.135\Installer\chrmstp.exe [2020-08-20] (Google LLC -> Google LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2015-12-27] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DAW Control.lnk [2019-01-24] ShortcutTarget: DAW Control.lnk -> C:\Program Files (x86)\Allen & Heath\DAW Control\DAW Control.exe (Allen & Heath Ltd.) [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Host Services x64.lnk [2020-03-27] ShortcutTarget: Host Services x64.lnk -> C:\Program Files\qemu\Host Services x64.exe (Pas de fichier) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Qu Control Panel Autostart.lnk [2018-10-27] ShortcutTarget: Qu Control Panel Autostart.lnk -> C:\Program Files\Allen & Heath\QuUSBDriver\cplah.exe () [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk [2016-09-16] ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions -> Comodo Security Solutions, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\~ost Services x64.tmp [2020-03-27] () [Fichier non signé] Startup: C:\Users\Franck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-06-27] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Franck\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook) Startup: C:\Users\Franck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PatchMix DSP Application.lnk [2015-12-16] ShortcutTarget: PatchMix DSP Application.lnk -> C:\Program Files (x86)\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe (E-MU Systems) [Fichier non signé] Startup: C:\Users\Franck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2020-06-24] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PatchMix DSP Application.lnk [2015-12-16] ShortcutTarget: PatchMix DSP Application.lnk -> C:\Program Files (x86)\Creative Professional\E-MU PatchMix DSP\EmuPMixDSP.exe (E-MU Systems) [Fichier non signé] GroupPolicy: Restriction ? <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {07E4D31D-9A38-4FA4-B1D5-06BA119EE53B} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {0CAAB5DB-14F9-40A9-8BE3-74B02C4C77EB} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {0F6F6CFE-0331-4FED-A19C-03482B654774} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {23115892-95E4-4048-98F1-694F9E62E974} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2015-07-18] (Microsoft Corporation -> Microsoft Corporation) Task: {24992134-4C16-4A49-9F74-F794DA63A2C2} - \Optimize Start Menu Cache Files-S-1-5-21-974459237-872370034-477851868-500 -> Pas de fichier <==== ATTENTION Task: {253D7E9F-1123-46E4-955D-A5FC51E7730B} - System32\Tasks\{2175B47C-1B8A-48F8-B0B1-1DE2D794E4D9} => C:\windows\system32\pcalua.exe -a C:\Users\Franck\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones\SAMSUNG_USB_Driver_for_Mobile_Phones.exe -d C:\Users\Franck\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones Task: {25EF56FD-455A-47F9-9DAC-5D2E02455060} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-12] (Adobe Inc. -> Adobe) Task: {2DCCC608-642C-49B9-A52D-B33DAE10CF39} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe Task: {2E517DD0-FB29-45BF-BF3D-00824459DEC6} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {4151AC8F-F243-498C-BE8A-86133DC52EBE} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {44F8966F-D985-4FF9-B3EE-30729E7C91A4} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: {4D867E00-E09E-4538-AE34-AD1496F74A76} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Pas de fichier <==== ATTENTION Task: {4DE7B6C6-EB65-4374-BF46-3548283EC0D0} - System32\Tasks\Opera scheduled assistant Autoupdate 1582724671 => C:\Program Files (x86)\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software) Task: {5637F1A4-5672-4F96-8762-139923E85B91} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_pepper.exe [1471032 2020-08-12] (Adobe Inc. -> Adobe) Task: {5FC9CCA3-A186-4600-B741-B5F321D9542B} - System32\Tasks\GoogleUpdateTaskMachineCore1d15d5a530f08dd => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-07] (Google Inc -> Google LLC) Task: {63109362-66D5-40D3-B0A8-B17AEB45DCE4} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {68737597-5A85-4412-8680-DCD20513AAF1} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-02-27] (Avast Software s.r.o. -> Avast Software) Task: {68D6B428-15E4-498C-96D2-DEDEB1D97FC0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe Task: {6D9EDACD-BAD3-40B2-9D64-52BAD13B6494} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Pas de fichier <==== ATTENTION Task: {90C02072-1233-466D-BB36-B7B066E7BE58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-07] (Google Inc -> Google LLC) Task: {91F86864-BDDF-4838-A36A-39C395C56735} - System32\Tasks\Opera scheduled Autoupdate 1450259799 => C:\Program Files (x86)\Opera\launcher.exe [1529880 2020-08-11] (Opera Software AS -> Opera Software) Task: {985CE7A4-2AF0-43B8-BBD2-2027B8B96C0B} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3325520 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {9E3799D4-E200-44DE-BFDF-D550C90AFF94} - \Nero\Nero Info -> Pas de fichier <==== ATTENTION Task: {AFA2A30A-3C4E-49A7-A37B-17E564AFEEB3} - System32\Tasks\AdobeAAMUpdater-1.0-MainStylz-Franck => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe Task: {B337A482-B1FB-4295-A3A4-A8E4EA5B689F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [6564776 2015-10-19] (Piriform Ltd -> Piriform Ltd) Task: {B38FE61F-45E4-48F9-96D3-2EB5222D07CF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: {C4681A37-D9D7-4568-A5F1-16E925BE6055} - System32\Tasks\Red Giant Link => C:\Program [Argument = Files (x86)\Red Giant Link\Red Giant Link.exe] Task: {CC3B6D8C-508C-4111-A6DA-9799B3C281EB} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {D23605D0-A2FE-408C-88D5-1EE0C2C44BE4} - \KMSAuto -> Pas de fichier <==== ATTENTION Task: {D60B76E9-9F9E-4361-B1F4-8B85FC0B56F1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {D656F61A-F247-4B9F-8A67-F81B8152053F} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {DE2E4117-A5EA-4D28-B8C3-7F490211DBB0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_414_Plugin.exe [1475640 2020-08-12] (Adobe Inc. -> Adobe) Task: {E8EB123F-AF0B-4AFD-9A6D-38A4398A1562} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {EDE5E51B-2138-44D8-A309-DBAE0E8E8044} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe Task: {F2FB37AA-458C-4F32-A64E-9B963E0D1CA0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation) Task: {F2FCD813-9BE3-44DC-AB7C-FEF253F91317} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) Task: {F5E46277-DA9A-47A5-A259-E00F272953D5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-08-07] (Google Inc -> Google LLC) Task: {FFEF093D-F983-4747-9DAF-D5D708288A96} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e7d495d27aea.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0f0d8ad48850f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d12d0815f0bcfa.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d137d52ed0dc5f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 212.224.129.90 212.224.129.94 Tcpip\..\Interfaces\{B9CF6A97-57C6-4E55-8F57-14EB2113FC85}: [DhcpNameServer] 212.224.129.90 212.224.129.94 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-974459237-872370034-477851868-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: [S-1-5-80-2872255330-672591203-888807865-2791174282-1554802921] ATTENTION => URLSearchHook par défaut est absent URLSearchHook: [S-1-5-80-3263513310-3392720605-1798839546-683002060-3227631582] ATTENTION => URLSearchHook par défaut est absent URLSearchHook: [S-1-5-80-3880718306-3832830129-1677859214-2598158968-1052248003] ATTENTION => URLSearchHook par défaut est absent SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-974459237-872370034-477851868-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2019-07-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation -> Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: bb3qcch8.default-1491476614547 FF ProfilePath: C:\Users\Franck\AppData\Roaming\Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547 [2020-08-24] FF DownloadDir: F:\BULK\App FF Session Restore: Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547 -> est activé. FF Notifications: Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547 -> hxxps://p6.regardensy.mobi; hxxps://p7.regardensy.mobi; hxxps://rectanthenwirit.info FF Extension: (eID Belgique) - C:\Users\Franck\AppData\Roaming\Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547\Extensions\belgiumeid@eid.belgium.be.xpi [2019-09-05] FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Franck\AppData\Roaming\Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547\Extensions\sp@avast.com.xpi [2020-07-03] FF Extension: (Avast Online Security) - C:\Users\Franck\AppData\Roaming\Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547\Extensions\wrc@avast.com.xpi [2020-06-18] FF Extension: (Connective signing extension) - C:\Users\Franck\AppData\Roaming\Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547\Extensions\{4f643bc8-78f5-49c6-8efd-78ee30289f0b}.xpi [2019-03-25] FF Extension: (Greasemonkey) - C:\Users\Franck\AppData\Roaming\Mozilla\Firefox\Profiles\bb3qcch8.default-1491476614547\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-03-29] FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-27] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_414.dll [2020-08-12] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_414.dll [2020-08-12] (Adobe Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-28] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2017-11-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin HKU\S-1-5-21-974459237-872370034-477851868-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Franck\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies SF -> Unity Technologies ApS) FF Plugin HKU\S-1-5-21-974459237-872370034-477851868-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Franck\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-11] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FF Plugin HKU\S-1-5-21-974459237-872370034-477851868-1001: connective.be/BrowserPlugin -> C:\Users\Franck\AppData\Local\Connective\SigningFirefoxPlugin\npapi-plugin.dll [2018-07-17] (Connective n.v.) [Fichier non signé] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default [2020-08-24] CHR HomePage: Default -> hxxp://www.google.be/ CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=CE8C0008D3828505&affID=122147&tsp=4966","hxxp://us.yahoo.com/?fr=fpc-comodo","hxxp://www.yessearches.com/?ts=AHEpA30sAHQqBU..&uid=901B461F16B6A750E9B560EB13D07493&ptid=wak&mode=nnnb","hxxp://www.yoursearching.com/?type=hp&ts=1455115920&z=8e5156d5104b9fceb6b0253gbz1wbw2g3g1w3tco4e&from=itr&uid=crucialxct256mx100ssd1_15040e87af810e87af81","hxxps://www.google.com/" CHR NewTab: Default -> "active": false, "entry": "chrome-extension://nkhjnpgcnmdpeikbeegmibjcfjpamjnp/home.html" CHR Session Restore: Default -> est activé. CHR Extension: (Slides) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Docs) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Drive) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-22] CHR Extension: (YouTube) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Chrome IG Story) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\bojgejgifofondahckoaahkilneffhmf [2019-02-18] CHR Extension: (Good pass generator) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\boknikkmhfehlhiedlcloieendddcifj [2017-03-29] CHR Extension: (Recherche Google) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31] CHR Extension: (Dropbox pour Gmail) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2019-10-29] CHR Extension: (Adobe Acrobat) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-07-24] CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-07-13] CHR Extension: (Sheets) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Docs hors connexion) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-28] CHR Extension: (IG Stories for Instagram™) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nilbfjdbacfdodpbdondbbkmoigehodg [2020-07-13] CHR Extension: (Piktab) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkhjnpgcnmdpeikbeegmibjcfjpamjnp [2017-10-10] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-06] CHR Extension: (Downloader for Instagram™ + Direct Message) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\olkpikmlhoaojbbmmpejnimiglejmboe [2020-07-13] CHR Extension: (Bitdefender QuickScan) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-12-16] CHR Extension: (Gmail) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09] CHR Extension: (Chrome Media Router) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-24] CHR Profile: C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp [2020-08-24] <==== ATTENTION CHR HomePage: Default bkp -> hxxps://www.google.com/ CHR StartupUrls: Default bkp -> "hxxps://www.google.com/" CHR DefaultSearchURL: Default bkp -> hxxp://www.yessearches.com/chrome.php?q={searchTerms}&ts=AHEpA30sAHQqBU..&uid=901B461F16B6A750E9B560EB13D07493&ptid=wak&mode=nnnb CHR DefaultSearchKeyword: Default bkp -> www.yessearches.com CHR Extension: (Google Slides) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-04] CHR Extension: (Google Docs) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-04] CHR Extension: (Google Drive) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-18] CHR Extension: (YouTube) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-04] CHR Extension: (Recherche Google) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-04] CHR Extension: (Adobe Acrobat – Créer un fichier PDF) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-05-04] CHR Extension: (Google Sheets) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-23] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-23] CHR Extension: (CinemaPlus-3.2cV07.05) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-05-08] CHR Extension: (Simple Get) - C:\Users\Franck\AppData\Local\Google\Chrome\User Data\Default bkp\Extensions\pgnbkflnoffangkfbmlfkdlmikmoilkj [2015-05-24] [UpdateUrl:hxxp://pinel.cc/files/simple-get/updates.xml] <==== ATTENTION CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] Opera: ======= OPR DownloadDir: F:\BULK\Watch.Dogs-RELOADED OPR Extension: (DownAlbum) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgjnhhjpfcdhbhlcmmjppicjmgfkppok [2020-08-01] OPR Extension: (Save for Instagram) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\dfkgabdpiobbidknahgdmmcpebghjpkj [2020-06-25] OPR Extension: (Downloader for Instagram™) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhchoilkelgbblajmpbhpofhheecgkhh [2020-03-07] OPR Extension: (App for Instagram™) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\gejgfjamkgcjolieehgjjifppoldndhg [2019-03-10] OPR Extension: (Install Chrome Extensions) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2019-12-17] OPR Extension: (Instagram Downloader) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\nhddjiapfjkfbooicpajnllkinjnncao [2019-03-13] OPR Extension: (Downloader for Instagram™ + Direct Message) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\olkpikmlhoaojbbmmpejnimiglejmboe [2020-08-01] OPR Extension: (InstaSaver) - C:\Users\Franck\AppData\Roaming\Opera Software\Opera Stable\Extensions\ppnmlegfoocoljiopbdfjgfmegenpdgm [2019-03-10] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com -> SUPERAntiSpyware.com) S3 AdobeFlashPlayerUpdateSvc; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-08-12] (Adobe Inc. -> Adobe) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3673680 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3406416 2020-06-04] (Adobe Inc. -> Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-11-06] (Apple Inc. -> Apple Inc.) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Fichier non signé] R2 ChromodoUpdater; C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2273424 2017-04-07] (Comodo Security Solutions -> Comodo) R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70848 2015-10-29] (Comodo Security Solutions -> Comodo Security Solutions, Inc.) R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO) R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO) R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2019-01-08] (Dropbox, Inc -> Dropbox, Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [3606632 2018-06-20] (AVB Disc Soft, SIA -> Disc Soft Ltd) R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2971640 2020-07-16] (Comodo Security Solutions -> Comodo) R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [10072880 2019-01-13] (EnigmaSoft Limited -> EnigmaSoft Limited) R2 FLService; C:\windows\SysWow64\WinFLService.exe [94768 2020-03-15] (NewSoftwares.net, Inc SDN. BHD. -> NewSoftwares.net) R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-05-06] (SurfRight B.V. -> SurfRight B.V.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-06-29] (Huawei Technologies Co., Ltd. -> ) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé] R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO) R2 JetBrainsLicServerDVT; C:\Program Files\JetBrains\DataGrip 2017.1.1\lserver-softhound\dvt-jb_licsrv.amd64.exe [5762048 2016-10-06] () [Fichier non signé] R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes) R2 MIDISPORTAudioDevMon; C:\Program Files (x86)\M-Audio\MIDISPORT\AudioDevMon.exe [1638704 2016-02-17] (Avid Technology, Inc. -> M-Audio) R3 MSSQLFDLauncher; D:\ROOT\SQL\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) R2 MSSQLSERVER; D:\ROOT\SQL\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [190904 2012-06-12] (Microsoft Corporation -> Microsoft Corporation) R2 RapiMgr; C:\windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2015-12-16] (Safer Networking Ltd. -> Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2015-12-16] (Safer Networking Ltd. -> Safer-Networking Ltd.) R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [537904 2019-01-13] (EnigmaSoft Limited -> EnigmaSoft Limited) R2 VBoxVmService; C:\vms\VBoxVmService64.exe [127488 2017-10-19] () [Fichier non signé] R2 WcesComm; C:\windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-04-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-04-12] (Microsoft Corporation -> Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.225\WsAppService.exe [473824 2017-05-05] (Wondershare Technology Co.,Ltd -> Wondershare) R2 MSSQLServerOLAPService; "D:\ROOT\SQL\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe" -s "D:\ROOT\SQL\MSAS11.MSSQLSERVER\OLAP\Config" S2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 4192ED6C; C:\windows\System32\drivers\4192ED6C.sys [478392 2019-01-23] (Kaspersky Lab -> Kaspersky Lab ZAO) R1 asrdmon; C:\windows\system32\drivers\asrdmon.sys [19608 2020-02-01] (Advanced System Repair, Inc. -> Advanced System Repair Inc.) R1 CFRMD; C:\windows\System32\DRIVERS\CFRMD.sys [40224 2015-04-28] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider) R1 cmderd; C:\windows\System32\DRIVERS\cmderd.sys [34792 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdGuard; C:\windows\System32\DRIVERS\cmdguard.sys [840424 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO) R1 cmdhlp; C:\windows\system32\DRIVERS\cmdhlp.sys [43048 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO) R1 DMProtect; C:\windows\System32\DRIVERS\DMProtect64.sys [28416 2015-07-10] (Shanghai Damo Network Technology Co. Ltd. -> ) U5 dokan1; C:\Windows\System32\Drivers\dokan1.sys [87936 2018-08-09] (D3L -> Dokan Project) R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2018-06-23] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2018-06-23] (Disc Soft Ltd -> Disc Soft Ltd) R3 EnigmaFileMonDriver; C:\windows\system32\Drivers\EnigmaFileMonDriver.sys [69432 2020-08-24] (EnigmaSoft Limited -> EnigmaSoft Limited) S3 epmntdrv; C:\windows\system32\epmntdrv.sys [18528 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] S3 EuGdiDrv; C:\windows\system32\EuGdiDrv.sys [10848 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé] S3 ew_usbccgpfilter; C:\windows\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 inspect; C:\windows\system32\DRIVERS\inspect.sys [125656 2019-03-15] (Comodo Security Solutions, Inc. -> COMODO) R1 isedrv; C:\windows\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO) R3 kmloop; C:\windows\system32\DRIVERS\loop.sys [15360 2013-08-22] (Microsoft Windows -> Microsoft Corporation) S3 MADFUMIDISPORT2010; C:\windows\System32\drivers\MAudioMIDISPORT_DFU.sys [30512 2016-02-17] (Avid Technology, Inc. -> M-Audio) S3 MAUSBMIDISPORT; C:\windows\system32\DRIVERS\MAudioMIDISPORT.sys [201008 2016-02-17] (Avid Technology, Inc. -> M-Audio) R2 NEWDRIVER; C:\windows\SysWow64\WinVDEdrv6.sys [197648 2020-03-15] (NewSoftwares.net Inc. SDN. BHD. -> ) R0 PxHlpa64; C:\windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation -> Corel Corporation) R3 QuUSBDriver; C:\windows\System32\drivers\QuUSBDriver_x64.sys [283648 2016-02-16] (Allen & Heath Ltd -> ) R3 QuUSBDriverks; C:\windows\system32\DRIVERS\QuUSBDriverks_x64.sys [49664 2016-02-16] (Allen & Heath Ltd -> ) S4 RsFx0200; C:\windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (Support.com, Inc. -> SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 SensorsSimulatorDriver; C:\windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-22] (Microsoft Windows -> Microsoft Corporation) S3 ssm_bus; C:\windows\System32\drivers\ssm_bus.sys [136192 2015-06-27] (MCCI Corporation -> MCCI Corporation) S3 ssm_mdfl; C:\windows\system32\DRIVERS\ssm_mdfl.sys [18944 2015-06-27] (MCCI Corporation -> MCCI Corporation) S3 ssm_mdm; C:\windows\system32\DRIVERS\ssm_mdm.sys [172032 2015-06-27] (MCCI Corporation -> MCCI Corporation) S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [167232 2018-12-12] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 teVirtualMIDI64; C:\windows\system32\DRIVERS\teVirtualMIDI64.sys [41016 2015-07-12] (Tobias Erichsen -> Tobias Erichsen) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> ) S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2016-11-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R3 VBoxNetAdp; C:\windows\system32\DRIVERS\VBoxNetAdp6.sys [213080 2018-08-14] (Oracle Corporation -> Oracle Corporation) R2 VMnetBridge; C:\windows\system32\DRIVERS\vmnetbridge.sys [46160 2014-10-29] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc. -> VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-04-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-04-12] (Microsoft Windows -> Microsoft Corporation) R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36472 2020-03-15] (Newsoftwares.net, Inc SDN BHD -> ) R2 WinVDEDrv; C:\windows\SysWow64\WinVDEdrv.sys [225680 2020-03-15] (NewSoftwares.net Inc. SDN. BHD. -> NewSoftwares.net, Inc.) U2 ADSafeSvc; pas de ImagePath U3 aswbdisk; pas de ImagePath S3 dbx; system32\DRIVERS\dbx.sys [X] S1 VBoxNetLwf; \SystemRoot\system32\DRIVERS\VBoxNetLwf.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-24 16:58 - 2020-08-24 16:58 - 000000000 ____D C:\FRST 2020-08-24 16:22 - 2020-08-24 16:22 - 000023292 _____ C:\Users\Franck\Documents\cc_20200824_162210.reg 2020-08-22 15:15 - 2020-08-22 15:15 - 000000000 ____D C:\Users\Nelya_2\Documents\ROBLOX 2020-08-19 16:33 - 2020-08-19 16:33 - 001582648 _____ (Roblox Corporation) C:\Users\Nelya_2\Downloads\RobloxPlayerLauncher (3).exe 2020-08-15 09:25 - 2020-08-15 09:25 - 000001019 _____ C:\Users\Franck\Desktop\Electra.lnk 2020-08-15 09:25 - 2020-08-15 09:25 - 000000000 ____D C:\Users\Franck\Documents\Tone2 2020-08-15 09:25 - 2020-08-15 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tone2 2020-08-09 18:40 - 2020-08-09 18:40 - 000000613 _____ C:\Users\Franck\Desktop\M1.lnk 2020-08-09 18:32 - 2020-08-09 18:33 - 000000806 _____ C:\Users\Franck\Desktop\Activate KORG Products.lnk 2020-08-09 18:27 - 2020-08-09 18:27 - 000000701 _____ C:\Users\Franck\Desktop\WAVESTATION.lnk 2020-08-08 23:08 - 2020-08-08 23:08 - 000001003 _____ C:\Users\Public\Desktop\HiSuite.lnk 2020-08-08 23:08 - 2020-08-08 23:08 - 000001003 _____ C:\ProgramData\Desktop\HiSuite.lnk 2020-08-08 14:51 - 2020-08-08 14:51 - 001582136 _____ (Roblox Corporation) C:\Users\Nelya_2\Downloads\RobloxPlayerLauncher(1).exe 2020-08-01 22:30 - 2020-08-16 11:38 - 000000000 ____D C:\ProgramData\{89DF3612-BE12-A0A6-D34F-FD696F512FCB} 2020-08-01 22:30 - 2020-08-01 22:30 - 000001867 _____ C:\Users\Franck\Desktop\Spyrix Personal Monitor.lnk 2020-08-01 22:30 - 2020-08-01 22:30 - 000000000 ____D C:\ProgramData\Spyrix Personal Monitor 2020-08-01 22:30 - 2020-08-01 22:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyrix Personal Monitor 2020-08-01 17:44 - 2020-08-12 05:48 - 000004454 _____ C:\windows\system32\Tasks\Adobe Flash Player Updater 2020-08-01 17:43 - 2020-08-01 17:44 - 001232968 _____ (Adobe Inc) C:\Users\Franck\Downloads\flashplayer32au_a_install.exe 2020-07-28 17:17 - 2020-07-28 17:18 - 001579064 _____ (Roblox Corporation) C:\Users\Nelya_2\Downloads\RobloxPlayerLauncher (2).exe 2020-07-28 17:13 - 2020-07-28 17:14 - 001579064 _____ (Roblox Corporation) C:\Users\Nelya_2\Downloads\RobloxPlayerLauncher (1).exe 2020-07-26 13:44 - 2020-07-26 13:44 - 000001201 _____ C:\Users\Franck\Desktop\Toontrack EZkeys (32Bit).lnk 2020-07-26 13:44 - 2020-07-26 13:44 - 000000982 _____ C:\Users\Franck\Desktop\Toontrack EZkeys (64Bit).lnk ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-08-24 16:59 - 2019-12-07 00:05 - 000000000 ____D C:\tempo 2020-08-24 16:58 - 2015-05-03 22:04 - 000000000 ____D C:\Users\Franck\AppData\Roaming\Celemony Software GmbH 2020-08-24 16:57 - 2019-01-28 03:08 - 002853034 _____ C:\windows\system32\Drivers\fvstore.dat 2020-08-24 16:43 - 2015-07-18 09:36 - 000001206 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job 2020-08-24 16:35 - 2016-11-21 03:00 - 000000000 ____D C:\Users\Franck\AppData\LocalLow\Mozilla 2020-08-24 16:24 - 2015-03-11 13:34 - 000282806 _____ C:\windows\system32\perfc00E.dat 2020-08-24 16:24 - 2015-03-11 13:34 - 000004254 _____ C:\windows\system32\perfh00E.dat 2020-08-24 16:24 - 2015-03-10 10:47 - 001342624 _____ C:\windows\system32\perfh00C.dat 2020-08-24 16:24 - 2015-03-10 10:47 - 000354988 _____ C:\windows\system32\perfc00C.dat 2020-08-24 16:24 - 2014-11-22 03:01 - 003186792 _____ C:\windows\system32\PerfStringBackup.INI 2020-08-24 16:24 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf 2020-08-24 16:23 - 2016-04-03 11:25 - 000000000 ____D C:\Users\Franck\AppData\Roaming\Ample Sound 2020-08-24 16:22 - 2016-04-03 11:26 - 000000000 ____D C:\Users\Franck\Documents\Ample Sound 2020-08-24 16:17 - 2015-04-27 22:36 - 000000000 ____D C:\Users\Franck\AppData\Roaming\uTorrent 2020-08-24 16:02 - 2020-06-28 07:58 - 000000000 ____D C:\ProgramData\NVIDIA 2020-08-24 16:02 - 2015-09-05 14:15 - 000001092 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2020-08-24 16:02 - 2015-07-18 09:36 - 000001202 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job 2020-08-24 12:56 - 2020-03-01 14:49 - 000003948 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{92BD5C33-B522-4FB3-9C05-1CB900355F4E} 2020-08-24 11:52 - 2019-04-27 22:39 - 000069432 _____ (EnigmaSoft Limited) C:\windows\system32\Drivers\EnigmaFileMonDriver.sys 2020-08-24 11:52 - 2018-07-08 17:55 - 000000000 ____D C:\data 2020-08-24 11:52 - 2015-06-01 14:02 - 000000000 ____D C:\ProgramData\VMware 2020-08-24 11:51 - 2013-08-22 17:36 - 000000000 ____D C:\windows\registration 2020-08-24 11:51 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT 2020-08-24 10:53 - 2019-07-04 01:45 - 000000000 ____D C:\Users\Nelya_2 2020-08-24 10:53 - 2015-04-23 22:58 - 000000000 ____D C:\Users\Franck 2020-08-24 10:41 - 2015-04-23 22:14 - 000003944 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{18FCA75B-BA73-4D1C-BECA-A697BA9EB36E} 2020-08-24 10:40 - 2017-07-04 20:03 - 000003936 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{09C7848B-9AC5-4E0E-8E7F-8BAFB5BB7E42} 2020-08-24 01:37 - 2019-10-03 22:30 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2020-08-24 01:37 - 2019-10-03 22:30 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData 2020-08-23 19:31 - 2015-05-10 21:32 - 000000000 ____D C:\Users\Franck\AppData\Roaming\vlc 2020-08-23 13:40 - 2017-04-20 14:40 - 000000000 ____D C:\Users\MSSQLServerOLAPService 2020-08-23 13:40 - 2017-04-20 14:39 - 000000000 ____D C:\Users\MSSQLFDLauncher 2020-08-23 13:39 - 2017-04-20 14:39 - 000000000 ____D C:\Users\MSSQLSERVER 2020-08-23 11:52 - 2019-08-07 10:04 - 000000000 ____D C:\Users\Nelya_2\AppData\LocalLow\Mozilla 2020-08-22 19:00 - 2020-05-20 08:20 - 000000082 _____ C:\Users\Noah\Desktop\zoom.txt 2020-08-22 16:14 - 2019-07-04 09:50 - 000003594 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-974459237-872370034-477851868-1010 2020-08-22 15:09 - 2019-07-04 18:43 - 000001417 _____ C:\Users\Nelya_2\Desktop\Roblox Studio.lnk 2020-08-22 15:09 - 2019-07-04 18:43 - 000000254 _____ C:\Users\Nelya_2\AppData\LocalLow\rbxcsettings.rbx 2020-08-22 15:09 - 2019-07-04 18:43 - 000000000 ____D C:\Users\Nelya_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2020-08-21 21:19 - 2017-03-29 09:16 - 000000000 ____D C:\Users\Noah 2020-08-21 09:33 - 2018-10-30 09:15 - 000000002 _____ C:\Users\Franck\AppData\Roaming\ExplorerFavorites.txt 2020-08-21 09:33 - 2018-10-30 00:32 - 000000000 ____D C:\Users\Franck\Documents\ACID Pro Projects 2020-08-21 09:25 - 2019-05-27 19:57 - 000394747 _____ C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST2_x64.scan 2020-08-21 09:13 - 2019-05-27 19:37 - 000022048 _____ C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST3_x64.scan 2020-08-21 09:13 - 2019-05-27 19:35 - 000236457 _____ C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST2_x32.scan 2020-08-21 09:13 - 2019-05-27 19:34 - 000005791 _____ C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST3_x32.scan 2020-08-20 20:06 - 2019-07-04 18:44 - 000001397 _____ C:\Users\Nelya_2\Desktop\Roblox Player.lnk 2020-08-20 12:45 - 2017-03-29 09:21 - 000003594 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-974459237-872370034-477851868-1005 2020-08-20 12:45 - 2015-05-06 09:45 - 000003594 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-974459237-872370034-477851868-1001 2020-08-20 12:17 - 2015-05-03 21:48 - 000000000 ____D C:\Program Files (x86)\Opera 2020-08-20 11:13 - 2019-03-15 20:55 - 000001394 _____ C:\Users\Noah\Desktop\Roblox Player.lnk 2020-08-20 11:13 - 2019-03-15 20:54 - 000001217 _____ C:\Users\Noah\Desktop\Roblox Studio.lnk 2020-08-20 11:13 - 2019-03-15 20:54 - 000000000 ____D C:\Users\Noah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2020-08-19 23:39 - 2015-05-03 12:24 - 000000000 ____D C:\Program Files\Vstplugins 2020-08-19 23:31 - 2016-04-03 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ample Sound 2020-08-18 18:59 - 2020-02-26 15:44 - 000004052 _____ C:\windows\system32\Tasks\Opera scheduled assistant Autoupdate 1582724671 2020-08-18 13:36 - 2013-08-22 15:25 - 000786432 ___SH C:\windows\system32\config\BBI 2020-08-17 12:17 - 2017-06-29 22:52 - 000001102 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2020-08-17 12:17 - 2016-04-18 09:32 - 000003874 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1450259799 2020-08-17 11:04 - 2017-03-29 09:16 - 000000000 ____D C:\Users\Noah\AppData\Roaming\Adobe 2020-08-17 10:15 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\NDF 2020-08-14 21:46 - 2018-04-27 20:48 - 000000000 ____D C:\Users\Franck\AppData\Roaming\Scaler 2020-08-14 21:44 - 2015-04-30 10:34 - 000000000 ____D C:\Users\Franck\AppData\Roaming\PreSonus 2020-08-12 05:48 - 2019-09-11 10:09 - 004510264 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerInstaller.exe 2020-08-12 05:48 - 2019-01-12 13:59 - 000842296 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe 2020-08-12 05:48 - 2019-01-12 13:59 - 000175160 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-08-12 05:48 - 2016-04-07 22:09 - 000004602 _____ C:\windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-08-12 05:48 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed 2020-08-12 05:48 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed 2020-08-12 04:48 - 2018-03-13 14:09 - 000004638 _____ C:\windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-08-09 18:40 - 2016-01-31 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KORG 2020-08-09 18:33 - 2020-01-09 22:08 - 000000000 ____D C:\Program Files\KORG 2020-08-09 18:27 - 2018-03-28 00:08 - 000000000 ____D C:\Program Files\Common Files\KORG 2020-08-09 16:30 - 2019-03-15 20:54 - 000000256 _____ C:\Users\Noah\AppData\LocalLow\rbxcsettings.rbx 2020-08-09 16:27 - 2017-03-29 15:12 - 000000000 ____D C:\Users\Noah\AppData\LocalLow\Mozilla 2020-08-09 00:19 - 2015-04-28 12:54 - 000000033 _____ C:\Users\Franck\AppData\Roaming\AdobeWLCMCache.dat 2020-08-08 23:49 - 2016-01-06 15:36 - 011322880 ___SH C:\Users\Franck\Downloads\Thumbs.db 2020-08-08 23:49 - 2015-10-27 06:51 - 006406656 ___SH C:\Users\Franck\Documents\Thumbs.db 2020-08-08 23:08 - 2017-09-03 17:52 - 000000000 ____D C:\Program Files (x86)\HiSuite 2020-08-02 09:44 - 2020-07-17 08:48 - 000000000 ____D C:\ProgramData\Venomode 2020-08-02 09:44 - 2020-07-17 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Venomode 2020-08-01 17:24 - 2020-03-08 14:09 - 000000000 ____D C:\Users\Nelya_2\AppData\Roaming\vlc 2020-07-31 22:58 - 2015-06-03 08:24 - 000000256 _____ C:\windows\msocreg32.dat 2020-07-31 22:58 - 2015-06-03 08:24 - 000000240 _____ C:\windows\system32\w3data.vss 2020-07-31 22:58 - 2015-06-03 08:24 - 000000240 _____ C:\windows\system32\msvcsv60.dll 2020-07-31 22:58 - 2015-06-02 00:35 - 000000256 _____ C:\Users\Franck\AppData\Roaming\msregsvv.dll 2020-07-31 22:58 - 2015-06-02 00:35 - 000000256 _____ C:\ProgramData\autobk.inc 2020-07-31 16:43 - 2019-07-20 20:49 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-07-29 22:55 - 2019-01-24 22:59 - 000002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-07-29 22:55 - 2019-01-24 22:59 - 000002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-07-29 22:55 - 2015-09-05 14:16 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-07-29 07:50 - 2015-05-24 17:01 - 000000912 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-07-26 17:25 - 2020-01-31 23:00 - 000000000 ____D C:\Users\Public\Ticket 2020-07-26 13:44 - 2016-02-27 06:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toontrack 2020-07-26 13:38 - 2019-11-16 21:08 - 000000000 ____D C:\Program Files\Toontrack 2020-07-26 13:38 - 2016-03-01 11:06 - 000000000 ____D C:\Program Files (x86)\Toontrack 2020-07-26 13:38 - 2015-06-08 22:40 - 000000000 ____D C:\Program Files (x86)\VSTPlugIns ==================== Fichiers à la racine de certains dossiers ======== 2016-11-19 19:37 - 2016-11-19 19:37 - 002722286 _____ () C:\Program Files (x86)\Auto-Tune 8 Manual.pdf 2019-08-07 09:54 - 2019-08-07 09:55 - 006922240 _____ () C:\Program Files (x86)\GUTA115.tmp 2016-11-19 19:37 - 2016-11-19 19:37 - 000056051 _____ () C:\Program Files (x86)\VST PC Read Me.pdf 2016-02-18 16:16 - 2016-02-18 16:16 - 000000000 ____H () C:\Users\Franck\AppData\Roaming\.C3F34F5228CEB20A.sys 2016-02-18 16:11 - 2016-02-18 16:11 - 000000000 ____H () C:\Users\Franck\AppData\Roaming\.C3F34F523E818710.sys 2016-02-18 16:14 - 2016-02-18 16:14 - 000000000 ____H () C:\Users\Franck\AppData\Roaming\.C3F34F526659B183.sys 2015-04-28 12:54 - 2020-08-09 00:19 - 000000033 _____ () C:\Users\Franck\AppData\Roaming\AdobeWLCMCache.dat 2020-04-09 19:49 - 2020-04-09 19:49 - 000000128 ____H () C:\Users\Franck\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6 2018-10-30 09:15 - 2020-08-21 09:33 - 000000002 _____ () C:\Users\Franck\AppData\Roaming\ExplorerFavorites.txt 2015-12-12 09:35 - 2015-12-12 09:35 - 000005120 _____ () C:\Users\Franck\AppData\Roaming\GiftBag.db 2015-06-02 00:35 - 2020-07-31 22:58 - 000000256 _____ () C:\Users\Franck\AppData\Roaming\msregsvv.dll 2019-05-27 19:35 - 2020-08-21 09:13 - 000236457 _____ () C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST2_x32.scan 2019-05-27 19:57 - 2020-08-21 09:25 - 000394747 _____ () C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST2_x64.scan 2019-05-27 19:34 - 2020-08-21 09:13 - 000005791 _____ () C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST3_x32.scan 2019-05-27 19:37 - 2020-08-21 09:13 - 000022048 _____ () C:\Users\Franck\AppData\Roaming\plugin_scan_state_VST3_x64.scan 2015-05-12 00:33 - 2020-08-22 14:18 - 000001456 _____ () C:\Users\Franck\AppData\Local\Adobe Save for Web 13.0 Prefs 2020-05-22 21:22 - 2020-05-22 21:22 - 000000362 _____ () C:\Users\Franck\AppData\Local\karboncalligraphyrc 2020-05-22 20:59 - 2020-05-22 21:31 - 000002408 _____ () C:\Users\Franck\AppData\Local\krita-sysinfo.log 2020-05-22 20:59 - 2020-05-22 21:31 - 000001377 _____ () C:\Users\Franck\AppData\Local\krita.log 2020-05-22 21:31 - 2020-05-22 21:31 - 000000039 _____ () C:\Users\Franck\AppData\Local\kritadisplayrc 2020-05-22 20:59 - 2020-05-22 21:31 - 000016729 _____ () C:\Users\Franck\AppData\Local\kritarc 2018-12-27 07:24 - 2018-12-27 07:24 - 000000000 _____ () C:\Users\Franck\AppData\Local\oobelibMkey.log 2015-05-06 20:45 - 2015-05-06 20:45 - 000000017 _____ () C:\Users\Franck\AppData\Local\resmon.resmoncfg 2015-04-28 11:45 - 2015-04-28 11:45 - 000000802 _____ () C:\Users\Franck\AppData\Local\Temp-log.txt 2016-01-28 22:08 - 2006-09-22 22:07 - 002600164 _____ () C:\Users\Franck\AppData\Local\TempMediaPlay.wav 2017-04-18 18:22 - 2017-04-18 18:24 - 000000000 _____ () C:\Users\Franck\AppData\Local\{AA9F8957-7D80-42BC-8960-FA27DD5498F7} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2020-08-23 02:13 ==================== Fin de FRST.txt ========================