Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2021 Exécuté par angelique (administrateur) sur ANGEL (Acer Aspire XC-605) (03-08-2021 18:14:46) Exécuté depuis C:\Users\angelique\Downloads Profils chargés: angelique Platform: Windows 10 Home Version 21H1 19043.1110 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2> (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.92\GoogleCrashHandler64.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe (Intel(R) Technology Access -> Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe (Mega Limited -> Mega Limited) C:\Users\angelique\AppData\Local\MEGAsync\MEGAsync.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 8\updater-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 8\ws.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Pokki, Inc. -> Pokki) C:\Users\angelique\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe <2> (Pokki, Inc. -> Pokki) C:\Users\angelique\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (Pokki, Inc. -> Pokki) C:\Users\angelique\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TODO: ) [Fichier non signé] C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (VTech Electronics North America, LLC -> ) C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [317824 2016-01-18] (VTech Electronics North America, LLC -> ) HKLM-x32\...\Run: [Monitor] => C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [124544 2018-03-13] (LeapFrog Enterprises, Inc. -> LeapFrog Enterprises, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle America, Inc. -> Oracle Corporation) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation) HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [33264096 2021-08-02] (Epic Games Inc. -> Epic Games, Inc.) HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\...\Run: [Chromium] => "c:\users\angelique\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\...\Run: [Spotify] => C:\Users\angelique\AppData\Roaming\Spotify\Spotify.exe [24276096 2021-08-03] (Spotify AB -> Spotify Ltd) HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\...\RunOnce: [Application Restart #1] => C:\Users\angelique\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki) HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\...\RunOnce: [Application Restart #0] => C:\Users\angelique\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [9581800 2020-12-04] (Pokki, Inc. -> Pokki) HKLM\...\Windows x64\Print Processors\Canon MG3100 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAR.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Windows x64\Print Processors\Canon MX470 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDC2.DLL [30208 2013-09-12] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3100 series: C:\Windows\system32\CNMLMAR.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\PDF Architect 7 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\pdf architect_pdfpmon_v.4.12.26.3.dll [932984 2019-11-25] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\...\Print\Monitors\PDF Architect 8 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\architect_pdfpmon_v.4.12.26.3.dll [932984 2021-01-14] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\...\Print\Monitors\pdfcmon: C:\Windows\system32\pdfcmon.dll [116736 2019-07-03] (pdfforge GmbH) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.107\Installer\chrmstp.exe [2021-07-27] (Google LLC -> Google LLC) Startup: C:\Users\angelique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-09-11] ShortcutTarget: MEGAsync.lnk -> C:\Users\angelique\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {01536800-3579-42A1-88B6-50FAB3CBBD16} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {04966666-547D-4D69-B510-1DBB25DE7B04} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [1456128 2019-01-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {08B59854-5796-4556-BF74-26ACE17488F4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {0F0CBA9D-35A1-4317-B250-1BEF952235A8} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe Task: {12372C51-2C8B-4350-A1E6-BBD646499436} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6526328 2016-03-01] (Nero AG -> Nero AG) Task: {1738D424-3370-4065-9C83-B198DB2C2651} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-08-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1E90D4D1-E753-4A92-8833-A9F8B6996CE8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {24A6E2F5-DDEC-4F0C-8956-D06FCF8F85D8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {2E3A32A0-D515-4C3C-8E8B-DFB127EC07B4} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated) Task: {303D6927-37FC-4104-A3C2-BB19BF1AD740} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {36C370EF-20ED-4262-A622-24848722CEF7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd) Task: {42B1F8E2-5A8D-48D5-AC62-8E9544D525EB} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [527616 2013-12-30] (Acer Incorporated -> Acer Incorporated) Task: {44A5E49B-8D0E-463E-A586-4BDEF771857A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-08-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {492D23DD-072B-4771-9A08-4F75DEC256AC} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1738504 2015-09-04] (Intel(R) Software -> Intel Corporation) Task: {56CF9420-EA13-4F9B-B5A7-BB6AAD4557E6} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {6D4B23D6-B169-42F5-BDF8-E3AF7D89F825} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {6FDED1D2-C631-4896-9730-70D4527A1C24} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe Task: {73D91FB2-5217-4FBE-BDF0-54737FC481F7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {762EAFA9-53F0-4E38-98A1-6DE1CC34D958} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {793EBF05-0DFF-43A0-8360-85F97437CA3E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {7A5A9974-75DC-4FC9-BBFD-C0D3E6A1BBE2} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [4153648 2017-03-15] (Acer Incorporated -> ) Task: {7DBF709A-3A83-4F0A-B164-FD8599DF2762} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {8714A4DC-9D06-4E68-B0E5-B7B62B454814} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {87C46492-22E1-46AE-9A9F-78CA5EAC4FB4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform) Task: {87E9A89F-43F2-42A8-9AC9-403DE0CB7563} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [1769312 2017-09-28] (Acer Incorporated -> ) Task: {8ACC7530-AC50-4AAA-A658-5225DD8FDE11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-08-03] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8ECC526B-A2BC-44A2-A674-3609B5009DFE} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-01-24] (Acer Incorporated -> TODO: ) Task: {92746435-DC53-4577-9E56-E2BA2787F55B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-4241619420-3314726663-2689967803-1001 => C:\Users\angelique\AppData\Local\MEGAsync\MEGAupdater.exe [1306288 2021-07-09] (Mega Limited -> Mega Limited) Task: {9B54E2F8-B342-4102-A18F-486DAFFDAB43} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2437920 2017-10-02] (Acer Incorporated -> Acer) Task: {9EA70F5D-3688-4BEC-BFC8-70024C5023F2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) Task: {A66793DD-FB03-4B6A-947F-195C6832B826} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION Task: {A8778ECC-26F7-4A15-8773-14795BCEF9DA} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {A9336095-22F7-4D01-9536-D008B6312C84} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {B9ED9D6E-2DBE-4187-8444-5C8EF25B509C} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [1456128 2019-01-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {BC4059BE-2BE0-4451-9966-BBF37BBEEE5D} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D4E3B016-AE81-43F3-8E72-D2D38A845BDC} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe Task: {D58D23BC-617F-4CDB-9969-5FBCA62800F7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {DB391184-A380-4937-915E-EF94354FE12C} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [40352 2016-07-06] (Acer Incorporated -> ) Task: {DBDD4E4A-0D80-483F-9775-4CA44CE0C00B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {DEAB1C9A-88EA-47F7-8F56-03F1DE2AB551} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.) Task: {E08234F5-ECC6-40CA-9FC2-1BB420729CC4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {E1222488-EE16-47EE-93E8-5B73AA637079} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {E3692380-CFB5-4890-8DB0-B28B7C2A6BA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1190424 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {E5113249-B109-4440-99AB-489F7EB57EE8} - System32\Tasks\SweetLabs App Platform => C:\Users\angelique\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [10650856 2020-12-04] (Pokki, Inc. -> Pokki) Task: {F04A7B68-D337-463A-9489-15B1B96B4C41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972184 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {F23D16D6-145E-40DD-A2B2-6C1F3DDAF040} - \WPD\SqmUpload_S-1-5-21-4241619420-3314726663-2689967803-1001 -> Pas de fichier <==== ATTENTION Task: {F80DB1D0-B04A-4D5F-9FC3-3261A218E25F} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation) Task: {F9A253AA-12F6-4D45-9553-36F9FA41E142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-08-03] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyServer: [S-1-5-21-4241619420-3314726663-2689967803-1001] => 127.0.0.1 Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{0cf13cbe-195b-45de-85d1-2d5b20280a17}: [DhcpNameServer] 192.168.0.254 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\angelique\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-03] Edge StartupUrls: Default -> "hxxps://fr.search.yahoo.com/yhs/web?hspart=ner&hsimp=yhs-001&type=aee_84d015defd161c9282¶m1=ArFaIWxoNqArQGMVADwgQGR7B7NoN9InxrFbMmYsQGMVw7ofB6poNqAqAXFaIWQBvmE4ICILNopcGWUIvmE4ICoUvmldJCoVNVRdJmoXNVE9J6oWvmo9ISk4NVE4ISILNVJdESk8NUM9Jmk3vmo4J6ILNFdbDSk8vFE9ImoVvFQ9ImIVwVA9J6IVvFM9GqUNNFM3wGUXvFFcEmk4wV5cGWUSNFRcEqULNopcGWUIvmFbF6IYNVFdICk3vmk9IWYWNVU9I6oVNVVdImoVwVw3vmoUvFI4ISISwVU4IGYYNVU9I6IVNVRdImIXwVRdISIWwVU3vmoXNVRdIqQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGwVU3vmIWwVU4JmoXvFRcESISvmo3vCk4wVQ9I6oUvmpcFCIWwVxcFaUJNEQ4ISISvFQ9ISIYvFI3vmoUvFNcFCk4vFM3vCk4NoU9GqYYNVc3wCoUwV5cJqQzNEBcEWUGNF43wCIXvFE4J6IYwVQ9GqUINolcJqUJNEQ3wCIWvFI4JmoVvFM4J6k4wVI4JmIWQGR7B6RoN9JcNqV8NWFdNWp9QGR7BHFaISopzU0aCaV4CaN5C6EdAU0oA78dxmYuNWYuNWZoNqAex807ACRoN9JcNX5dQGR7y6NoN9ICzD4py6waQGQXNGZoNpQRy78o¶m2=NGx9NaF9MWFbNt%3D%3D" Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&FORM={referrer:source} FireFox: ======== FF DefaultProfile: qzjr6z9v.default FF ProfilePath: C:\Users\angelique\AppData\Roaming\Mozilla\Firefox\Profiles\qzjr6z9v.default [2021-08-03] FF Homepage: Mozilla\Firefox\Profiles\qzjr6z9v.default -> hxxp://www.bing.com/?pc=COSP&ptag=D080116-A8D15A5DDE3&form=CONMHP&conlogo=CT3335578 FF NewTab: Mozilla\Firefox\Profiles\qzjr6z9v.default -> hxxp://www.bing.com/?pc=COSP&ptag=D080116-A8D15A5DDE3&form=CONMHP&conlogo=CT3335578 FF NewTabOverride: Mozilla\Firefox\Profiles\qzjr6z9v.default -> Enabled: {24436206-088d-4a1a-8d0e-cf93ca7a2d23} FF Extension: (Adaware Secure Search) - C:\Users\angelique\AppData\Roaming\Mozilla\Firefox\Profiles\qzjr6z9v.default\Extensions\@new-tab.xpi [2017-10-27] [] FF Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\angelique\AppData\Roaming\Mozilla\Firefox\Profiles\qzjr6z9v.default\Extensions\sp@avast.com.xpi [2019-02-07] FF Extension: (Avast Online Security) - C:\Users\angelique\AppData\Roaming\Mozilla\Firefox\Profiles\qzjr6z9v.default\Extensions\wrc@avast.com.xpi [2018-06-21] FF Extension: (Search Manager) - C:\Users\angelique\AppData\Roaming\Mozilla\Firefox\Profiles\qzjr6z9v.default\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2019-12-06] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\angelique\AppData\Roaming\Mozilla\Firefox\Profiles\qzjr6z9v.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-29] FF SearchPlugin: C:\Users\angelique\AppData\Roaming\Mozilla\Firefox\Profiles\qzjr6z9v.default\searchplugins\bing-lavasoft.xml [2017-11-25] FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-09-08] [] [non signé] FF HKLM\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Extension: (PDF Architect 7 Creator) - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi [2019-10-02] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_7_conv_v.2@pdfforge.org] - C:\Program Files\PDF Architect 7\creator\plugins\FirefoxAddin\pdf_architect_7_conv_v.2@pdfforge.org.xpi FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] (Adobe Systems Incorporated -> ) FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-05-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-05-01] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] (Adobe Systems Incorporated -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-25] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\Common Files\Nero\BrowserPlugin\npBrowserPlugin.dll [2016-02-29] (Nero AG -> Nero AG) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-13] (WildTangent Inc -> ) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH -> pdfforge GmbH) FF Plugin-x32: PDF Architect 5 -> C:\Program Files (x86)\PDF Architect 5\np-previewer.dll [2017-11-29] (pdfforge GmbH -> pdfforge GmbH) FF Plugin HKU\S-1-5-21-4241619420-3314726663-2689967803-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\angelique\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies SF -> Unity Technologies ApS) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default [2021-08-03] CHR Notifications: Default -> hxxps://aventurepingouin.com; hxxps://cponline.pw; hxxps://kizi.com; hxxps://subscribe.free.fr; hxxps://www.jeux.fr CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006 CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006" CHR NewTab: Default -> Not-active:"chrome-extension://lfogljjmjckmhnblkmnedjkhfdgdebmd/new-tab.html" CHR DefaultSearchURL: Default -> hxxps://movix.searchalgo.com/search/?category=web&s=wvds&q={searchTerms} CHR DefaultSearchKeyword: Default -> WowMovix CHR DefaultSuggestURL: Default -> hxxps://sug.searchalgo.com/search/index_sg.php?q={searchTerms} CHR Extension: (Slides) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14] CHR Extension: (Docs) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14] CHR Extension: (Google Drive) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-20] CHR Extension: (YouTube) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-07-27] CHR Extension: (Recherche Google) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Sheets) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14] CHR Extension: (Google Docs hors connexion) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-27] CHR Extension: (Avast Online Security) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-02-18] CHR Extension: (WowMovix) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjkofiknkjdjgkkbfdibgajealfbjhdj [2020-02-12] CHR Extension: (Adaware Secure) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfogljjmjckmhnblkmnedjkhfdgdebmd [2019-07-26] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29] CHR Extension: (Adaware Secure) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcahildbjonlnmkfcdeiglkeodeijdco [2019-05-31] CHR Extension: (Gmail) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-28] CHR Profile: C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-31] CHR Profile: C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-07-31] CHR HomePage: Profile 1 -> hxxp://www.sweetpacks-search.com/?barid=&src=10& CHR StartupUrls: Profile 1 -> "hxxp://www.sweetpacks-search.com/?barid=&src=10&", "", "hxxp://www.sweetpacks-search.com/?barid=&src=10&&st=23", "hxxp://start.mysearchdial.com/?f=1&a=tele0202ch&cd=2XzuyEtN2Y1L1QzutDtDtCyEtB0AyEtCtBtDtD0BzyyE0FyEtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1CzutDzytDtCtG1TtN1L1G1B1V1N2Y1L1Qzu2StA0E0A0FtCzy0F0FtGzy0Dzy0DtG0A0D0FyDtGyD0E0E0EtGyBzyzz0B0B0DtCyEtDtA0C0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0F0BtDzyyDtC0CtGyBtDyBtBtGyEtAzy0BtGzy0A0B0AtGtDyByE0D0D0E0EtB0A0DtD0B2Q&cr=1795798451&ir=", "hxxp://istart.webssearches.com/?type=hp&ts=1402679154&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1402750436&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1402760576&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1402823616&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1402849357&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1402923463&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403086274&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403164001&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403244884&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403268673&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403355689&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403431652&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403452461&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403467746&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403599796&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403686598&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403766974&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403856120&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1403949507&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1404032745&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1404107857&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://istart.webssearches.com/?type=hppp&ts=1404199987&from=tugs&uid=3219913727_3905_643B94F4", "hxxp://www.google.fr/" CHR DefaultSearchKeyword: Profile 1 -> Adaware Secure CHR Extension: (Slides) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-07-26] CHR Extension: (Google Drive) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-07-26] CHR Extension: (YouTube) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-07-26] CHR Extension: (Mogicons) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe [2020-04-17] CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-17] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-06-19] CHR Extension: (Sheets) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-07-26] CHR Extension: (Google Docs Offline) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-19] CHR Extension: (Avast Online Security) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-19] CHR Extension: (ProfileVisitors) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihjbpjahiibmjdlcgodcnmpelpmilamk [2019-07-26] CHR Extension: (Chrome Web Store Payments) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-19] CHR Extension: (Adaware Secure Search) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pcahildbjonlnmkfcdeiglkeodeijdco [2019-07-26] CHR Extension: (Gmail) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-07-26] CHR Extension: (Chrome Media Router) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-19] CHR Profile: C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-07-31] CHR Extension: (Slides) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-11-02] CHR Extension: (Docs) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2020-11-02] CHR Extension: (Google Drive) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-02] CHR Extension: (YouTube) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-11-02] CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-11-02] CHR Extension: (Sheets) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-11-02] CHR Extension: (Google Docs Offline) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-02] CHR Extension: (Avast Online Security) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-11-02] CHR Extension: (Chrome Web Store Payments) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-11-02] CHR Extension: (Gmail) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-02] CHR Extension: (Chrome Media Router) - C:\Users\angelique\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-11-02] CHR Profile: C:\Users\angelique\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-31] CHR HKLM\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael] CHR HKLM\...\Chrome\Extension: [pcahildbjonlnmkfcdeiglkeodeijdco] CHR HKU\S-1-5-21-4241619420-3314726663-2689967803-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx CHR HKLM-x32\...\Chrome\Extension: [nccfgpamboionigdpfjmijhlgmgdbael] CHR HKLM-x32\...\Chrome\Extension: [pcahildbjonlnmkfcdeiglkeodeijdco] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [83984 2018-08-14] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-08] (Adobe Systems Incorporated -> Adobe Systems Incorporated) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6875688 2018-07-08] (BattlEye Innovations e.K. -> ) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052952 2021-03-17] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-07-08] (EasyAntiCheat Oy -> EasyAntiCheat Ltd) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: ) [Fichier non signé] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-08-12] (Intel(R) Software Asset Manager -> Intel Corporation) R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [153296 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation) R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [478416 2016-04-26] (Intel(R) Technology Access -> Intel(R) Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel(R) Update Manager -> Intel Corporation) S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 5; C:\Program Files\PDF Architect 5\ws.exe [2832560 2017-11-29] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 5 Creator; C:\Program Files\PDF Architect 5\creator\common\creator-ws.exe [874680 2017-11-29] (pdfforge GmbH -> pdfforge GmbH) R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 7 Creator; C:\Program Files\PDF Architect 7\creator\common\creator-ws.exe [692008 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) R3 PDF Architect 8; C:\Program Files\PDF Architect 8\ws.exe [2731616 2020-11-16] (pdfforge GmbH -> pdfforge GmbH) S3 PDF Architect 8 Creator; C:\Program Files\PDF Architect 8\creator-ws.exe [628832 2020-11-16] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 8 Update Service; C:\Program Files\PDF Architect 8\updater-ws.exe [1826400 2020-11-16] (pdfforge GmbH -> pdfforge GmbH) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (Acer Incorporated -> acer) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-08-03] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-08-03] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [303616 2017-04-17] () [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [35328 2017-04-17] () [Fichier non signé] R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel(R) Technology Access -> Intel Corporation) R3 NetTap630; C:\WINDOWS\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel(R) Technology Access -> Intel Corporation) R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [29912 2013-07-19] (Realtek Semiconductor Corp -> Realtek semiconductor corp) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-08-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-08-03] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-08-03] (Microsoft Windows -> Microsoft Corporation) R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [310536 2020-03-02] (Beijing Duodian Online Science and Technology Co.,Ltd -> BigNox Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-03 18:14 - 2021-08-03 18:17 - 000045130 _____ C:\Users\angelique\Downloads\FRST.txt 2021-08-03 18:05 - 2021-08-03 18:16 - 000000000 ____D C:\FRST 2021-08-03 17:58 - 2021-08-03 17:58 - 002300416 _____ (Farbar) C:\Users\angelique\Downloads\FRST64 (1).exe 2021-08-03 17:36 - 2021-08-03 17:36 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2021-08-03 17:20 - 2021-08-03 17:20 - 012232024 _____ (AVAST Software) C:\Users\angelique\Downloads\avastclear.exe 2021-08-03 16:49 - 2021-08-03 16:50 - 002300416 _____ (Farbar) C:\Users\angelique\Downloads\FRST64.exe 2021-08-02 19:32 - 2021-08-02 19:32 - 000000112 ___SH C:\bootTel.dat 2021-08-02 19:11 - 2021-08-02 19:11 - 000001832 _____ C:\Users\angelique\Desktop\CrystalDiskInfo.lnk 2021-08-02 19:11 - 2021-08-02 19:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2021-08-02 19:11 - 2021-08-02 19:11 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2021-08-02 19:09 - 2021-08-02 19:09 - 004726824 _____ (Crystal Dew World ) C:\Users\angelique\Downloads\CrystalDiskInfo8_12_4.exe 2021-08-02 14:52 - 2021-08-03 17:33 - 000003368 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7790c76c66113 2021-08-02 10:37 - 2021-08-02 10:37 - 000161600 _____ C:\Users\angelique\Downloads\Attestation-IncendieDegatsDesEaux.pdf 2021-08-02 10:31 - 2021-08-02 10:32 - 000045568 _____ C:\Users\angelique\Downloads\Avis d_échéance Assurance Habitation Contrat BQ 000000006799329 au 2021-07-13.pdf 2021-07-31 22:05 - 2019-07-15 12:21 - 735240200 _____ C:\Users\angelique\Desktop\01. John Wick 1.avi 2021-07-31 21:52 - 2021-07-31 21:52 - 000000000 ____D C:\Users\angelique\Desktop\Nouveau dossier (3) 2021-07-31 15:39 - 2021-07-31 15:40 - 000000000 ____D C:\Users\angelique\Desktop\tir à l'arc gwen 2021-07-26 20:56 - 2021-08-03 18:01 - 000000000 ____D C:\Users\angelique\Desktop\Nouveau dossier (2) 2021-07-15 12:03 - 2021-07-15 12:03 - 000009645 _____ C:\Users\angelique\Downloads\FA017448.pdf 2021-07-14 11:44 - 2021-07-14 11:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb 2021-07-14 11:44 - 2021-07-14 11:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb 2021-07-14 11:44 - 2021-07-14 11:44 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb 2021-07-14 11:44 - 2021-07-14 11:44 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb 2021-07-14 11:43 - 2021-07-14 11:43 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-07-14 11:42 - 2021-07-14 11:42 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-07-10 10:41 - 2021-07-10 10:41 - 000327312 _____ C:\Users\angelique\Downloads\MENU JEUDI 02 SEPTEMBRE.pdf 2021-07-08 14:38 - 2021-07-08 14:38 - 000172131 _____ C:\Users\angelique\Downloads\paiement (22).pdf 2021-07-08 14:19 - 2021-07-08 14:19 - 000040356 _____ C:\Users\angelique\Downloads\avis_de_situation (7).pdf 2021-07-08 12:02 - 2021-07-08 12:02 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll 2021-07-08 12:02 - 2021-07-08 12:02 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-07-08 12:02 - 2021-07-08 12:02 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2021-07-08 12:02 - 2021-07-08 12:02 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2021-07-08 12:02 - 2021-07-08 12:02 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2021-07-08 12:02 - 2021-07-08 12:02 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl 2021-07-08 12:01 - 2021-07-08 12:01 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-07-08 12:01 - 2021-07-08 12:01 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-07-08 12:00 - 2021-07-08 12:00 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2021-07-08 12:00 - 2021-07-08 12:00 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys 2021-07-04 18:15 - 2021-07-04 18:15 - 000000726 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator.lnk 2021-07-04 18:15 - 2021-07-04 18:15 - 000000680 _____ C:\Users\Public\Desktop\PDFCreator.lnk 2021-07-04 18:05 - 2021-07-04 18:06 - 036406376 _____ (pdfforge GmbH) C:\Users\angelique\Downloads\PDFCreator-4_3_0-Setup.exe ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-08-03 18:02 - 2018-05-21 20:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-08-03 18:01 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-08-03 17:58 - 2015-01-20 10:08 - 000000000 ____D C:\Users\angelique\AppData\Local\SweetLabs App Platform 2021-08-03 17:56 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-08-03 17:56 - 2017-07-25 13:53 - 000000000 ____D C:\Program Files\CCleaner 2021-08-03 17:54 - 2015-04-12 21:33 - 000000000 ____D C:\Users\angelique\AppData\Local\Spotify 2021-08-03 17:53 - 2015-04-12 21:33 - 000000000 ____D C:\Users\angelique\AppData\Roaming\Spotify 2021-08-03 17:53 - 2015-01-20 10:19 - 000000000 ____D C:\Program Files (x86)\Google 2021-08-03 17:52 - 2015-01-28 10:34 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2021-08-03 17:51 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-08-03 17:51 - 2016-07-25 18:04 - 000000000 ____D C:\Program Files (x86)\Steam 2021-08-03 17:50 - 2015-01-20 10:08 - 000000000 __SHD C:\Users\angelique\IntelGraphicsProfiles 2021-08-03 17:49 - 2016-09-29 10:21 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2021-08-03 17:49 - 2015-01-20 10:26 - 000000000 ____D C:\ProgramData\AVAST Software 2021-08-03 17:48 - 2020-12-14 12:01 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-08-03 17:48 - 2020-12-14 11:27 - 000008192 ___SH C:\DumpStack.log.tmp 2021-08-03 17:48 - 2018-06-22 00:02 - 000000000 ____D C:\Users\angelique\AppData\Local\AVAST Software 2021-08-03 17:47 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-08-03 17:33 - 2020-12-14 12:01 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-08-03 17:33 - 2020-12-14 12:01 - 000003516 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2021-08-03 17:33 - 2020-12-14 12:01 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-08-03 17:33 - 2020-12-14 12:01 - 000003292 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2021-08-03 17:33 - 2020-12-14 12:01 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2021-08-03 17:33 - 2020-12-14 12:01 - 000002652 _____ C:\WINDOWS\system32\Tasks\SweetLabs App Platform 2021-08-03 17:33 - 2020-12-14 12:01 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2021-08-03 17:18 - 2020-12-14 11:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-08-03 12:11 - 2020-12-14 12:01 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software 2021-08-02 20:52 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-08-02 19:51 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-08-02 19:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-08-02 19:45 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-08-02 19:42 - 2017-12-27 19:09 - 000000000 ____D C:\Users\angelique\AppData\Local\PlaceholderTileLogoFolder 2021-08-01 00:03 - 2017-09-24 12:46 - 000000000 ____D C:\Users\angelique\AppData\Roaming\vlc 2021-07-31 22:06 - 2020-06-22 01:34 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-07-31 22:06 - 2020-06-22 01:34 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-07-31 13:45 - 2017-11-30 14:00 - 000000000 ____D C:\Users\angelique\AppData\Local\Packages 2021-07-31 13:45 - 2014-03-06 09:31 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2021-07-31 13:42 - 2020-04-14 21:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPlayCity.com 2021-07-31 11:59 - 2015-01-20 11:50 - 000000000 ____D C:\Users\angelique\AppData\Local\CrashDumps 2021-07-31 03:11 - 2021-02-23 14:32 - 000000000 ____D C:\Users\angelique\AppData\Roaming\aventurepingouin 2021-07-30 13:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-07-30 10:14 - 2020-12-14 12:01 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-07-21 09:37 - 2015-01-25 16:51 - 000000000 ____D C:\Program Files\Microsoft Office 15 2021-07-20 23:44 - 2019-07-26 01:35 - 000002446 _____ C:\Users\angelique\Desktop\Personne 3 - Chrome.lnk 2021-07-20 23:14 - 2020-12-01 01:23 - 000000000 ___HD C:\$WinREAgent 2021-07-20 02:12 - 2021-03-27 22:42 - 000000000 ____D C:\Users\angelique\Desktop\Camera 2021-07-15 11:22 - 2020-12-14 11:45 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-07-15 11:22 - 2019-12-07 16:49 - 000791756 _____ C:\WINDOWS\system32\perfh00C.dat 2021-07-15 11:22 - 2019-12-07 16:49 - 000149922 _____ C:\WINDOWS\system32\perfc00C.dat 2021-07-15 01:58 - 2020-12-14 11:28 - 000641480 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-07-15 01:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-07-15 01:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2021-07-15 01:54 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-07-15 01:53 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-07-14 10:31 - 2015-01-22 12:15 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-07-14 10:31 - 2015-01-22 12:15 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-07-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-07-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-07-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-07-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-07-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-07-11 00:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-07-11 00:12 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-07-11 00:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-07-09 01:16 - 2016-09-11 12:52 - 000000000 ____D C:\Users\angelique\AppData\Local\MEGAsync 2021-07-04 18:15 - 2016-06-22 09:24 - 000000000 ____D C:\Program Files\PDFCreator 2021-07-04 12:46 - 2021-01-30 17:21 - 000000000 ____D C:\Users\angelique\Desktop\a vendre Martine ==================== Fichiers à la racine de certains dossiers ======== 2016-10-07 21:13 - 2016-10-07 21:13 - 000000903 _____ () C:\Users\angelique\AppData\Roaming\AdobeWLCMR2Cache.dat 2019-06-21 23:47 - 2019-11-05 21:37 - 000000012 _____ () C:\Users\angelique\AppData\Local\conf.ini.lock 2019-06-21 23:47 - 2019-06-21 23:47 - 000000027 _____ () C:\Users\angelique\AppData\Local\conf.ini.SS9296 2019-11-05 21:37 - 2019-11-05 21:37 - 000000027 _____ () C:\Users\angelique\AppData\Local\conf.ini.tm4820 2018-12-07 09:22 - 2019-10-27 19:43 - 000000523 _____ () C:\Users\angelique\AppData\Local\Nox_crash.log 2020-06-04 15:13 - 2020-06-04 15:13 - 000001813 _____ () C:\Users\angelique\AppData\Local\recently-used.xbel 2019-03-08 11:57 - 2019-11-25 22:40 - 000000073 _____ () C:\Users\angelique\AppData\Local\update_progress.txt ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================