Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-02-2021 01 Exécuté par JACKY (administrateur) sur PC-JACKY (Hewlett-Packard p6-2460ef) (20-02-2021 18:03:37) Exécuté depuis C:\Users\JACKY\Desktop Profils chargés: JACKY & MSSQL$SQLEXPRESS Platform: Windows 10 Home Version 20H2 19042.804 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (france telecom -> ) [Fichier non signé] C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12011.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Orange -> Orange) C:\Users\JACKY\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [CLX3180_Scan2Pc] => C:\WINDOWS\Twain_32\Samsung\CLX3180\Scan2pc.exe [1990144 2011-04-29] () [Fichier non signé] HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] () [Fichier non signé] HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [279240 2016-12-09] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-1012857116-3465352419-2232302901-1001\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] (france telecom -> ) [Fichier non signé] HKU\S-1-5-21-1012857116-3465352419-2232302901-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1012857116-3465352419-2232302901-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31046640 2020-08-27] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-1012857116-3465352419-2232302901-500\...\Run: [MailNotifier] => C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [883800 2012-12-10] (FRANCE TELECOM -> Orange) HKLM\...\Windows x64\Print Processors\Canon TS6100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDP.DLL [482816 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\SST2CPC: C:\Windows\System32\spool\prtprocs\x64\sst2cpc.dll [36864 2011-06-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Server 2003 DDK provider) HKLM\...\Windows x64\Print Processors\us003PC: C:\Windows\System32\spool\prtprocs\x64\us003pc.dll [43520 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6100 series: C:\WINDOWS\system32\CNMLMDP.DLL [1302016 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [355840 2012-08-08] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard) HKLM\...\Print\Monitors\Samsung Network PC Fax Port: C:\WINDOWS\system32\NetFaxPort64.dll [240640 2011-04-28] (Samsung Electronics Co., Ltd.) [Fichier non signé] HKLM\...\Print\Monitors\SST2C Langmon: C:\WINDOWS\system32\sst2cl6.dll [34304 2011-06-22] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Print\Monitors\us003 Langmon: C:\WINDOWS\system32\us003lm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\explorer.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-18] (Google LLC -> Google LLC) Startup: C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2016-01-21] ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass) Startup: C:\Users\JACKY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyCashBar.appref-ms [2017-07-25] () [Fichier non signé] Startup: C:\Users\JACKY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2017-04-09] ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) Startup: C:\Users\MSSQL$SQLEXPRESS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2016-01-21] ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass (Marvasol Inc) -> LastPass) GroupPolicy: Restriction - Chrome <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {05B9665A-90BA-4514-B51F-9FAECE676395} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {0671B836-5C0C-4771-A990-D70DC9A96D41} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation) Task: {0B3394E4-9587-4823-85F6-DCA7AD892B1E} - System32\Tasks\ComputtaAutoStart => C:\Program Files\Computta\computta.exe Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {15B1F3BB-1658-4DE0-AE43-E03E0BA39EA8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {16EF4226-A424-48B4-B51E-56623C1F2898} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {184833A3-A710-4461-BFC7-B409ABFFD241} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {212BDE1C-6DA7-4247-828B-9816739ED450} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation) Task: {2357358A-CCF3-46A2-A406-9EB6B14E0FC5} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-19] (Avast Software s.r.o. -> Avast Software) Task: {2EA4A382-0D18-4162-9C67-BD78AFB23AB6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {34A83635-996F-4BCF-9A22-0E1F314C72E3} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {384C073A-D033-4C3A-B413-3C640E758504} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {3B26B476-AD22-48F8-B2F1-A88F97472108} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {3C0C8D74-95EB-4AA6-BE5B-DD6237621DBF} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\JACKY\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe [1935064 2020-11-20] (Orange -> Orange) Task: {444ACEB1-A75F-4505-A08B-6C69CF955212} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe Task: {47086517-3089-4761-B1E1-4177CB1CFADA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {47EAA3A7-28BA-48B5-9882-90DCD5B93625} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {4D4D3844-FCBB-4348-A6F0-C57CD4E18A2C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {4DB47029-83FE-431E-A5B9-FFD9A1912609} - System32\Tasks\Microsoft\Windows\orangeinstaller => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] (france telecom -> ) [Fichier non signé] Task: {4ECC0193-573E-4345-8F11-7F8041D2B71E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {51446D67-5B93-4028-A786-EE8EC727D451} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {5276058D-8247-4A63-8039-DFE304AFDFDC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {62B862AB-D231-498D-BB2A-ECB0FD780586} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-09] (Mozilla Corporation -> Mozilla Foundation) Task: {6477A397-7C29-4300-98EB-7CD11513DEE9} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [4838816 2014-09-28] (Samsung Electronics Co., Ltd. -> Samsung Electronics.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {738D4DD5-95A4-415D-9FBD-BED45950BE88} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {7627CD71-9C91-409C-B560-573FEB472FF4} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink -> CyberLink) Task: {796DF2A2-1FB9-4F50-8C6E-616DE1639B4B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-08-27] (Garmin International, Inc. -> ) Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {8116D29E-1125-4EE6-96C3-934F2DD2E7C8} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {853556E5-4E76-4D07-A79D-5D6DE761A210} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {866A3F7F-1FB9-4877-B8ED-55B0642BE3A7} - System32\Tasks\AssistanceLivebox => C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [146832 2012-11-15] (france telecom -> Orange) [Fichier non signé] Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {887C958B-89A2-4D4A-A332-2ABEEA279F0C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {88D46DA2-0B5D-4B9F-8EC0-65611DFCACEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe Task: {88D6DFEF-8FB6-4F9B-ABBD-3ACC5A7FC706} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {8E646581-9017-452C-A00E-0E88CE66B0F4} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {8E6C9073-6536-41FA-8A96-F2E78B0D17B6} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {8F9CE2BB-8CC8-4F92-9F4D-1719C7523BD5} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {A9D39425-2739-45AF-9D06-545145021254} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {ACC3AD80-7896-4BEF-895C-127C1457A2E4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AE231B89-8699-4F4A-AA13-3B940BA16532} - \WPD\SqmUpload_S-1-5-21-1012857116-3465352419-2232302901-1001 -> Pas de fichier <==== ATTENTION Task: {B28BA39C-0F12-4221-BC58-24E50F7205DC} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe Task: {B2EC4400-D7AF-4BEB-BB0A-E34DAF746910} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {B7324263-A276-46A9-8ECE-FC2B62DA917C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {BAEC65FD-9ED3-482F-8DB6-85C21594F3B9} - System32\Tasks\Open URL by RoboForm => C:\WINDOWS\system32\rundll32.exe url.dll,FileProtocolHandler "https://www.roboform.com/uninstall.html?aaa=KICMIMIMOJMMMMJMNJJMCNPMLMPMPMCNLMMJJJMJCNOJNMHMNMCNJJPMJMNMJJJJPMLJLMJMNJIMJNJICMHMCNJMCNKMFMOMOMCNLMIMJMCNOMHMMMJMNMFMPMCNPMCNOMHMMMJMNMCNNMJNPICMPMFMFMOMMMHMIMJNHICMEKMICNJJCKJNBJCMFLOLMLELGKJNKJCMJNNICMJNDJCMJJNIJNMJCMPMFMPMFMPMJNFICMNIJJIIGJPIKJAJKILIBNKJHIKJ" Task: {C6529E4B-18C4-4552-A213-D3BBF3AE8D19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {CF747B77-24CA-49B1-AFE1-E12504742A89} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {D58FE909-0789-459D-8AB2-EA5D74FABB2C} - \GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1012857116-3465352419-2232302901-1001 -> Pas de fichier <==== ATTENTION Task: {D6C85BB5-5467-4331-8A8E-FDA08E9FE5C2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {D7B546B2-40ED-4A6B-8CDF-05B84432DA98} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {DB92C929-5E8A-427D-B29F-571471C7EB52} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DE291930-2674-4981-AD61-D542D6D691AD} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {E0C45D0A-71E3-4F22-830D-14028385AF12} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {E8ED33D9-D908-4CCB-BA49-942BBA4FDF49} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {ECE94D8E-DBC4-41C8-A0A4-5B90F463443B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {EFC8EC39-0437-4F14-966E-80F8BD29534A} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Pas de fichier <==== ATTENTION Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {F8784B71-5563-434C-9534-68CBB7C4F39F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {F8A7D8E8-3DE5-4DD9-B8F5-0CAD267FE181} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2020-06-16] (Microsoft Corporation -> Microsoft Corporation) Task: {FB567E05-92DF-4C5A-92A2-D19B91B01325} - System32\Tasks\HPCeeScheduleForJACKY => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [91704 2010-09-13] (Hewlett-Packard Company -> Hewlett-Packard) Task: {FFC412E9-315A-4B96-ACE7-904BAE8E1F87} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\HPCeeScheduleForJACKY.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{078adbf8-9f07-4c34-a1a6-1be163e2fed2}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{245d7cfb-0160-4fa0-828b-5a105ad4919d}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{5C852DF7-1F30-48CB-9006-E3F26110F16A}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 Tcpip\..\Interfaces\{74725773-48ab-419f-8ef2-1d439b3c3855}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{90fe20d8-e7a4-486f-b524-e4f2e58cbe7f}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{9B05207F-1F00-4455-AA6A-41B9A88C9678}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ======= DownloadDir: C:\Users\JACKY\Downloads Edge Profile: C:\Users\JACKY\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-17] Edge DownloadDir: C:\Users\JACKY\Downloads Edge Extension: (Malwarebytes Browser Guard) - C:\Users\JACKY\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2020-12-03] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: pyzg4cnn.default FF ProfilePath: C:\Users\JACKY\AppData\Roaming\Mozilla\Firefox\Profiles\pyzg4cnn.default [2019-12-26] FF ProfilePath: C:\Users\JACKY\AppData\Roaming\Mozilla\Firefox\Profiles\nnjxkwa0.default-release [2021-02-20] FF DownloadDir: C:\Users\JACKY\Desktop FF Homepage: Mozilla\Firefox\Profiles\nnjxkwa0.default-release -> hxxps://www.orange.fr/portail FF Notifications: Mozilla\Firefox\Profiles\nnjxkwa0.default-release -> hxxps://rollercoin.com FF Extension: (AdBlocker Ultimate) - C:\Users\JACKY\AppData\Roaming\Mozilla\Firefox\Profiles\nnjxkwa0.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2020-12-18] FF Extension: (To Google Translate) - C:\Users\JACKY\AppData\Roaming\Mozilla\Firefox\Profiles\nnjxkwa0.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2020-11-12] FF Extension: (MetaMask) - C:\Users\JACKY\AppData\Roaming\Mozilla\Firefox\Profiles\nnjxkwa0.default-release\Extensions\webextension@metamask.io.xpi [2021-02-10] FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\JACKY\AppData\Roaming\Mozilla\Firefox\Profiles\nnjxkwa0.default-release\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2021-02-12] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-11-23] [] [non signé] FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (Garmin International, Inc. -> GARMIN Corp.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2019-07-02] (CANON INC.) [Fichier non signé] FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2013-10-09] (Garmin International, Inc. -> GARMIN Corp.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-06-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-06-12] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-03-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-16] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1012857116-3465352419-2232302901-500: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll [Pas de fichier] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\JACKY\AppData\Local\Google\Chrome\User Data\Default [2021-02-17] CHR HomePage: Default -> hxxps://encrypted.google.com CHR StartupUrls: Default -> "hxxps://encrypted.google.com" CHR Extension: (Google Drive) - C:\Users\JACKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-12-14] CHR Extension: (Google Docs hors connexion) - C:\Users\JACKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-12-14] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JACKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-01-30] CHR Extension: (Menu Contextuel Orange) - C:\Users\JACKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfkdglgjjpicgkbfdflchobhdiblbjgf [2014-01-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\JACKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-14] CHR Extension: (Chrome Media Router) - C:\Users\JACKY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-12-14] CHR HKU\S-1-5-21-1012857116-3465352419-2232302901-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JACKY\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-01-28] CHR HKU\S-1-5-21-1012857116-3465352419-2232302901-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [153736 2017-03-02] (Canon Inc. -> CANON INC.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [399296 2019-11-28] (Canon Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-21] (Malwarebytes Inc -> Malwarebytes) R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) S4 postgresql-x64-9.4; C:\Program Files\PostgreSQL\9.4\bin\pg_ctl.exe [92160 2015-06-10] (PostgreSQL Global Development Group) [Fichier non signé] S3 rkrtservice; C:\Program Files\RogueKiller\RogueKillerSvc.exe [13686080 2021-01-13] (Adlice -> ) S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2019-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [208176 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [197176 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [46704 2020-04-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [284160 2012-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) S3 BrSerIf; C:\WINDOWS\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) [Fichier non signé] S3 BrUsbSer; C:\WINDOWS\system32\DRIVERS\BrUsbSer.sys [19584 2006-09-03] (Brother Industries Ltd.) [Fichier non signé] S3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [15360 2011-07-18] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-07-13] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-07] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-19] (Malwarebytes Inc -> Malwarebytes) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.) S4 RsFx0200; C:\WINDOWS\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation -> Microsoft Corporation) R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) S3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [58792 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc. -> Texas Instruments, Inc.) R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc. -> Texas Instruments, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [46160 2013-10-18] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-02-20 18:03 - 2021-02-20 18:04 - 000036559 _____ C:\Users\JACKY\Desktop\FRST.txt 2021-02-20 18:03 - 2021-02-20 18:04 - 000000000 ____D C:\FRST 2021-02-20 17:57 - 2021-02-20 17:57 - 002301440 _____ (Farbar) C:\Users\JACKY\Desktop\FRST64.exe 2021-02-20 11:47 - 2021-02-20 11:47 - 003478152 _____ (Nicolas Coolman) C:\Users\JACKY\Downloads\ZHPSuite.exe 2021-02-19 09:54 - 2021-02-19 09:54 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-02-17 21:32 - 2021-02-20 11:44 - 000147958 _____ C:\Users\JACKY\Documents\Platmusique.xlsm 2021-02-17 21:17 - 2021-02-18 18:48 - 000139724 _____ C:\Users\JACKY\Documents\Trotmusique.xlsm 2021-02-17 18:51 - 2021-02-17 21:05 - 000105219 _____ C:\Users\JACKY\Documents\musiqueturf.xlsm 2021-02-16 21:15 - 2021-02-18 21:33 - 000119884 _____ C:\Users\JACKY\Documents\ProBix.xlsm 2021-02-15 17:39 - 2021-02-15 17:39 - 000000000 ____D C:\Users\JACKY\Documents\pierdutelpapal 2021-02-12 07:47 - 2021-02-12 07:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-02-12 07:47 - 2021-02-12 07:47 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-02-12 07:47 - 2021-02-12 07:47 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-02-12 07:47 - 2021-02-12 07:47 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-02-12 07:46 - 2021-02-12 07:46 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll 2021-02-11 16:59 - 2021-02-11 20:55 - 000026640 _____ C:\Users\JACKY\Documents\CheDri.xlsm 2021-02-09 20:49 - 2021-02-09 20:49 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-02-09 18:46 - 2021-02-10 05:23 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-02-05 17:38 - 2021-02-09 12:07 - 000038382 _____ C:\Users\JACKY\Documents\extraction.xlsm 2021-02-05 15:42 - 2021-02-05 15:42 - 000000000 ____D C:\Users\JACKY\AppData\LocalLow\Temp 2021-02-05 15:41 - 2021-02-05 15:41 - 000000000 ____D C:\WINDOWS\PCHEALTH 2021-01-25 22:13 - 2021-01-25 22:30 - 000010806 _____ C:\Users\JACKY\Documents\filtreavancé.xlsm 2021-01-24 17:52 - 2021-01-24 17:52 - 000000000 ____D C:\Users\JACKY\Documents\Nouveau dossier 2021-01-23 20:55 - 2021-01-23 21:11 - 000012567 _____ C:\Users\JACKY\Documents\controlecombi.xlsm 2021-01-21 08:04 - 2021-02-19 18:27 - 000023416 _____ C:\Users\JACKY\Documents\Numé.xlsx ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-02-20 18:02 - 2016-11-15 18:53 - 000000000 ____D C:\Users\JACKY\AppData\LocalLow\Mozilla 2021-02-20 16:49 - 2014-07-12 17:08 - 000000000 ____D C:\ProgramData\Mozilla 2021-02-20 16:48 - 2017-07-10 10:21 - 004214457 _____ C:\Users\JACKY\Documents\Turf.xlsm 2021-02-20 16:26 - 2020-11-12 19:05 - 001924206 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-02-20 16:26 - 2019-12-07 15:49 - 000831884 _____ C:\WINDOWS\system32\perfh00C.dat 2021-02-20 16:26 - 2019-12-07 15:49 - 000167650 _____ C:\WINDOWS\system32\perfc00C.dat 2021-02-20 16:26 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2021-02-20 16:22 - 2017-08-21 20:59 - 000000000 ____D C:\ProgramData\NVIDIA 2021-02-20 16:21 - 2020-04-07 05:33 - 000000000 ____D C:\Program Files\CCleaner 2021-02-20 16:19 - 2020-11-12 19:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-02-20 16:19 - 2020-11-12 18:52 - 000008192 ___SH C:\DumpStack.log.tmp 2021-02-20 16:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-02-20 12:04 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-02-20 12:04 - 2015-08-29 16:58 - 000000000 ____D C:\Users\JACKY\AppData\Roaming\ZHP 2021-02-20 11:47 - 2017-07-09 16:45 - 000000000 ____D C:\Users\JACKY\AppData\Local\ZHP 2021-02-20 11:23 - 2021-01-05 10:52 - 018415500 _____ C:\Users\JACKY\Documents\Amigo.xlsm 2021-02-20 09:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-02-20 09:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2021-02-20 09:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed 2021-02-20 07:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-02-20 07:58 - 2020-11-12 18:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-02-19 18:16 - 2013-07-24 16:32 - 009015190 _____ C:\Users\JACKY\Documents\neweuroMil.xlsm 2021-02-19 16:43 - 2020-06-18 21:40 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-02-19 16:43 - 2020-06-18 21:40 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-02-19 16:43 - 2020-06-18 21:40 - 000002282 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk 2021-02-19 16:21 - 2020-11-12 19:04 - 000004164 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{392FECA2-D96E-4A79-AAE4-9ACBAEE5CCC3} 2021-02-18 05:16 - 2018-12-11 08:50 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForJACKY.job 2021-02-17 20:50 - 2020-11-12 19:04 - 000003238 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForJACKY 2021-02-17 18:59 - 2020-11-12 18:17 - 000000000 ____D C:\Users\MSSQL$SQLEXPRESS 2021-02-17 18:59 - 2020-11-12 18:17 - 000000000 ____D C:\Users\JACKY 2021-02-16 18:24 - 2016-03-29 20:52 - 000000000 ____D C:\Users\JACKY\AppData\Roaming\Dogecoin 2021-02-16 17:36 - 2014-03-02 15:38 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-02-15 17:45 - 2020-12-29 08:03 - 000002108 _____ C:\Users\JACKY\Documents\IDdejeuKeno.txt 2021-02-12 08:36 - 2020-11-12 18:52 - 000405056 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-02-12 08:02 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-02-12 08:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2021-02-12 07:50 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-02-12 05:36 - 2018-07-03 21:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-02-11 22:11 - 2017-02-21 17:57 - 086632226 _____ C:\Users\JACKY\Documents\NewKeno .xlsm 2021-02-11 05:12 - 2013-10-29 22:29 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-02-11 05:08 - 2013-10-29 22:29 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-02-10 09:06 - 2014-02-24 17:06 - 000000000 ____D C:\Users\JACKY\AppData\Local\ElevatedDiagnostics 2021-02-10 06:25 - 2014-07-17 17:09 - 000000000 ____D C:\Users\JACKY\AppData\Local\CrashDumps 2021-02-10 06:22 - 2019-12-14 18:28 - 000000901 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2021-02-10 06:22 - 2019-12-14 18:28 - 000000901 _____ C:\ProgramData\Desktop\RogueKiller.lnk 2021-02-10 06:22 - 2019-12-14 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2021-02-10 06:22 - 2019-12-14 18:28 - 000000000 ____D C:\Program Files\RogueKiller 2021-02-10 05:36 - 2020-11-12 19:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2021-02-10 05:23 - 2019-12-26 18:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-02-09 20:48 - 2019-12-26 18:02 - 000001101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-02-09 06:37 - 2020-11-28 07:49 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b91dc2279760 2021-02-09 06:37 - 2020-11-12 19:04 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-02-08 20:52 - 2020-11-12 19:04 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012857116-3465352419-2232302901-1001 2021-02-08 20:52 - 2020-11-12 18:17 - 000002447 _____ C:\Users\JACKY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-02-08 20:52 - 2013-05-07 23:15 - 000000000 __RDO C:\Users\JACKY\SkyDrive 2021-02-05 18:29 - 2020-11-12 19:04 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-02-05 13:28 - 2020-12-03 11:42 - 000000000 ____D C:\Users\JACKY\AppData\Roaming\Molotov 2021-02-05 10:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-02-05 06:41 - 2020-11-12 19:04 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-02-05 06:41 - 2020-11-12 19:04 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-02-02 21:27 - 2019-02-03 18:01 - 000000000 ____D C:\ProgramData\CanonIJPLM 2021-01-28 11:47 - 2017-12-26 08:05 - 000000000 ____D C:\Users\JACKY\AppData\Local\Packages 2021-01-22 05:38 - 2013-10-30 10:07 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe ==================== Fichiers à la racine de certains dossiers ======== 2016-03-08 18:34 - 2016-03-08 18:36 - 031934848 _____ (Bitcoin Solutions Ltd) C:\Users\JACKY\multibit-hd-windows-x64-0.2.0.exe 2017-08-22 22:21 - 2017-08-22 22:21 - 033668648 _____ (KeepKey,LLC) C:\Users\JACKY\multibit-windows-x64-0.5.1.exe 2009-03-30 14:57 - 2014-12-27 17:51 - 002917816 _____ () C:\Users\JACKY\Reflector.exe 2016-02-29 08:07 - 2016-02-29 08:07 - 002069504 _____ () C:\Users\JACKY\ZHPCleaner.exe 2016-12-15 11:45 - 2017-04-24 20:05 - 002719232 _____ () C:\Users\JACKY\ZHPDiag3.exe 2015-12-17 11:46 - 2016-01-21 16:00 - 016229400 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2014-12-25 19:11 - 2019-12-12 07:57 - 000011963 _____ () C:\Users\JACKY\AppData\Roaming\SmarThruOptions.xml 2014-04-18 16:56 - 2014-04-28 11:08 - 000007605 _____ () C:\Users\JACKY\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================