Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2022 Exécuté par micka (administrateur) sur AURELIE-LENOVO (LENOVO 80UM) (05-04-2022 15:55:41) Exécuté depuis C:\Users\micka\Desktop Profils chargés: micka Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe (C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe ->) (LENOVO -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\CCSDK\CCSDKUpdateAgent.exe (C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(BatteryWidgetAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(DeviceSettingsHeartbeatAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(DeviceSettingsSystemAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(GenericMessagingAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(GenericTelemetryAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoBoostAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoBoostSystemAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoSecurityAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(LenovoServiceBridgeAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(SmartInteractAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(SmartPrivacyAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantage-(VantageCoreAddin).exe (C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.15028.20160\OfficeClickToRun.exe (C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe <2> (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.Device.exe <2> (C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\PluginHost86\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe (explorer.exe ->) (Lavasoft Software Canada Inc. -> Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <16> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe (services.exe ->) (Avanquest Software (7270356 Canada Inc) -> LULU Software) C:\Program Files\Soda PDF Desktop 12\activation-service.exe (services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe (services.exe ->) (Lavasoft Software Canada Inc. -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe (services.exe ->) (LENOVO -> Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe (services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe (services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe (services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) D:\Program Files\Microvirt\MEmu\MemuService.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (services.exe ->) (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16735744 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1472000 2016-11-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029064 2016-12-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) HKLM\...\Run: [AvastUI.exe] => "C:\Program Files\Avast Software\Avast\AvLaunch.exe" /gui (Pas de fichier) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [10585376 2022-03-15] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [705824 2022-02-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [688256 2022-04-05] (Piriform Software Ltd -> Piriform) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [9250224 2021-11-19] (Lavasoft Software Canada Inc. -> Lavasoft) HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\Run: [utweb] => "C:\Users\micka\AppData\Roaming\uTorrent Web\utweb.exe" /MINIMIZED (Pas de fichier) HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\Run: [MicrosoftEdgeAutoLaunch_EF4A28F3F1547982E3F54036939E36CD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3518880 2022-03-17] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\micka\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\micka\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\RunOnce: [Uninstall 22.033.0213.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\micka\AppData\Local\Microsoft\OneDrive\22.033.0213.0002" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\MountPoints2: {28d5275b-dff2-11eb-8470-3c9509446d68} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\MountPoints2: {28d531cb-dff2-11eb-8470-3c9509446d68} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\MountPoints2: {5e9aa743-2618-11ec-847a-3c9509446d68} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\MountPoints2: {60c1136d-6bdc-11eb-8461-3c9509446d68} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\MountPoints2: {9082bd7e-4d2b-11ec-8486-3c9509446d68} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\MountPoints2: {be929c2f-2677-11eb-8458-3c9509446d68} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-2570693455-3721531784-3910098814-1001\...\MountPoints2: {bf67f229-01aa-11eb-844c-3c9509446d68} - "G:\HiSuiteDownLoader.exe" HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.) HKLM\...\Print\Monitors\Soda PDF Desktop 12 Monitor: C:\WINDOWS\system32\spool\DRIVERS\x64\soda_pdfpmon_v.6.11.0.7.dll [960120 2022-02-22] (PDF Tools AG -> PDF Tools AG (hxxp://www.pdf-tools.com)) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-04-05] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\99.1.36.119\Installer\chrmstp.exe [2022-03-21] (Brave Software, Inc. -> Brave Software, Inc.) Startup: C:\Users\micka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2019-01-31] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {00A9CC84-74AB-4960-BB16-CC1C37B41914} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {03A84B7B-9975-4F91-A60B-441951AE57E6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\78530aab-c3fb-4009-b702-43a3a1e87191 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {06F7726A-1C56-45FE-A5D0-ADB0CB149613} - System32\Tasks\LULU Software\Update => C:\Program Files\Soda PDF Desktop 12\soda.exe [3724360 2022-02-18] (Avanquest Software (7270356 Canada Inc) -> LULU Software) Task: {08EABE6A-3D14-449F-8CAE-CDDDB8B28ECB} - System32\Tasks\Opera scheduled Autoupdate 1612990034 => C:\Users\micka\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {09BC0A13-14C1-43A7-B663-EDE77AF46D6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {12A4E4FA-C531-4D5A-9C05-F90556A27EF3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1178600 2022-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {1C61D87E-BB17-4D45-9427-F9A0857D22DD} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" a été déverrouillé. <==== ATTENTION Task: {1EF451DC-6FF9-4A00-ADF4-E1DF01A0F4EF} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1015416 2017-07-24] (McAfee, Inc. -> McAfee, Inc.) Task: {1F4A3626-A506-484A-B318-251180024681} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {26D2A206-0F8F-4A4B-9CCB-568F325F7480} - System32\Tasks\LULU Software\Soda PDF Desktop 12\Update => C:\Program Files\Soda PDF Desktop 12\soda.exe [3724360 2022-02-18] (Avanquest Software (7270356 Canada Inc) -> LULU Software) Task: {274827BF-315D-488B-BE97-008BB7020DD6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {2BCF56BD-F9FB-4179-9A73-BC9F9A9498AB} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {3234BF57-B243-4BF4-9B60-27AFEA0321E5} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {371D5ED1-44F9-499C-ABE4-36A5C70BEA2C} - System32\Tasks\SkipUAC Nettoyage du Registre => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe /scan:RegistryCleanerModule (Pas de fichier) Task: {4205B874-9705-4DBD-AD1B-CBF097BA92C7} - System32\Tasks\LULU Software\Soda PDF Desktop 12\App Notification => C:\Program Files\Soda PDF Desktop 12\soda-launcher.exe [2079816 2022-02-18] (Avanquest Software (7270356 Canada Inc) -> LULU Software) Task: {421CACA5-DB2B-4A66-8C1C-37A0BD1A2603} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {4C8E4107-D653-40C4-8AB2-018A55261B37} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {4CFE671E-8EA3-46FE-B515-9DDB33CEE734} - System32\Tasks\Opera scheduled assistant Autoupdate 1612990048 => C:\Users\micka\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\micka\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {57D1CEAF-F921-4FB8-8748-E9D3EDE2DDA8} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {5CA9E4BD-5AC8-4202-ACAD-F4B208FD7FB9} - System32\Tasks\LULU Software\Soda PDF Desktop 12\App Notification Logon => C:\Program Files\Soda PDF Desktop 12\soda-launcher.exe [2079816 2022-02-18] (Avanquest Software (7270356 Canada Inc) -> LULU Software) Task: {5CBB261A-03AF-4FBE-85FC-281139B66035} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {5F1362E6-ED91-44EA-8F52-4E35A52841F4} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {60490309-B9F1-4900-A4D3-BAB6D7373D2A} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {66333B26-8085-4702-B416-9E3370242B23} - System32\Tasks\SkipUAC Suppression définitive des éléments de la corbeille => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe /scan:RecycleBinShredderModule (Pas de fichier) Task: {7D432AD0-8194-4B1D-A3E0-E53C3DA9C5BC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) Task: {7E716734-6579-4FD6-9482-170204F076FB} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6650744 2017-06-02] (Nero AG -> Nero AG) Task: {7FC3C431-A77A-49ED-9B4A-A3B118C2B042} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\b60ca6cc-946f-4328-a96b-54f8e257fe29 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {82F7C476-AE33-48FC-B6E9-77F7EBE564FD} - System32\Tasks\SkipUAC Économie d'énergie => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe /scan:PowerSaverModule (Pas de fichier) Task: {87F633B4-C287-47BF-8A40-B8C5C6600CF1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {8CAAB8C7-5DCB-405A-9567-45F533840EEC} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32 Task: {8CDAEED7-2FA0-4A7C-B737-18C30C0E0912} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [253600 2021-12-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {8F6DEAC4-DF05-4578-8FAB-E016A1F2C4BF} - System32\Tasks\SkipUAC Défragmentation des lecteurs => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe /scan:DefragModule (Pas de fichier) Task: {92502002-E940-43A6-B0AC-8D7B8C959E00} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform) Task: {9A180815-1378-4F4C-A04E-B396F517197E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9D62447F-E435-4310-B7A2-DDAE423FA9ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-05] (Google Inc -> Google Inc.) Task: {A0387A85-BDD2-48EA-BA32-381B450C057A} - System32\Tasks\SkipUAC Optimisation des services Windows => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe /scan:ServicesModule (Pas de fichier) Task: {A0517F2E-34D3-4F8A-A6AC-6525FC76111B} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [144456 2021-07-15] (Lenovo -> Lenovo Group Ltd.) Task: {A8F793B9-2B84-4E12-A37C-717F50E543FF} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe (Pas de fichier) Task: {B3903EE7-447F-40C9-9153-39419194FE48} - System32\Tasks\SkipUAC Optimisation du démarrage système => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe /scan:StartUpModule (Pas de fichier) Task: {B402E01F-A124-440C-8CDB-DA290410D23D} - System32\Tasks\SkipUAC Suppression des traces laissées sur Internet => C:\Program Files (x86)\Nero\Nero TuneItUp\tuneitupStart.exe /scan:BrowserCleanerModule (Pas de fichier) Task: {BF7B50E7-9429-4D3B-A1F5-48B0BE62FB76} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\88456ac9-8415-4e69-8fc4-26eab781f075 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {C0CED858-76CC-41DC-8013-3AB27645806B} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe /from_scheduler:1 (Pas de fichier) Task: {C24C43F3-6C62-4AFA-8807-A67DA6543150} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe (Pas de fichier) Task: {C2C236CB-DE5F-405A-B030-A3FD8577B5F0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\22243f17-886c-4d47-9e53-fe673b8acc0f => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) Task: {C515A4FA-87C3-4B30-A0A2-956FA7F2A600} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.) Task: {C51FA981-0974-4A99-8F71-51D40A4A08A2} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService Task: {CCA107AB-4E50-4E45-9A9A-E33DE60AB65F} - System32\Tasks\CCleanerSkipUAC - micka => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd) Task: {CFFBBDDA-AF10-4CED-9CF4-829C5580BA88} - System32\Tasks\PDVDServ14 Task => C:\Program Files (x86)\CyberLink\PowerDVD14\PDVD14Serv.exe [88344 2016-07-14] (CyberLink Corp. -> CyberLink Corp.) Task: {D9C02299-2E92-4542-BD1E-DD2A9FC89D55} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DEB29759-9367-417B-86F9-9157A424FDD8} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1015416 2017-07-24] (McAfee, Inc. -> McAfee, Inc.) Task: {DEDAC42D-BC21-4D93-9AD4-4E58AF8D3B19} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {DFA42F66-D297-403A-B163-FFC38C1AE341} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\ScheduleEventAction.exe [25344 2022-01-20] (Lenovo -> Lenovo Group Ltd.) Task: {E3344EC7-4C0F-4D7F-8D91-DD0216A8D803} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {EB4FE09B-B0EE-4134-80BA-C19F06D6684B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-12-05] (Google Inc -> Google Inc.) Task: {F91A7F01-45D9-4B92-8CC5-457CE4C11FBB} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-17] (Microsoft Corporation -> Microsoft Corporation) Task: {FA149635-4DB8-419C-9C06-55E2A09CAC73} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\606b56a7-f220-40b5-8167-d173267e078e => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0e1ea6b3-924e-4bc8-afe3-c3422113d2c3}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{62084a79-a91f-4895-abd5-b4e371084a9f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7c15421a-d7a4-4d5c-8906-ff1e7e5c4e5a}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d9a1988c-0dfe-46b6-8ae0-735b8aacf5a4}: [DhcpNameServer] 10.11.0.1 Edge: ======= DownloadDir: C:\Users\micka\Desktop Edge Notifications: HKU\S-1-5-21-2570693455-3721531784-3910098814-1001 -> hxxps://web.skype.com; hxxps://objectifvdi.com; hxxps://www.youtube.com; hxxps://www.facebook.com; hxxps://misstoysy.mycasualtouch.com; hxxps://www.rustica.fr; hxxps://mail.google.com; hxxps://upvid.live; hxxps://www.conforama.fr; hxxps://www.marmiton.org Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\micka\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-05] Edge DownloadDir: Default -> C:\Users\micka\Downloads Edge Notifications: Default -> hxxps://community.windows.com; hxxps://fr.shein.com; hxxps://funtoday.info; hxxps://mail.google.com; hxxps://misstoysy.mycasualtouch.com; hxxps://mp3-youtu.be; hxxps://objectifvdi.com; hxxps://playlist-youtu.be; hxxps://smsmms.orange.fr; hxxps://upvid.live; hxxps://vww.zone-tubers.fr; hxxps://web.skype.com; hxxps://www.chien.com; hxxps://www.conforama.fr; hxxps://www.education.gouv.fr; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.kiabi.com; hxxps://www.marmiton.org; hxxps://www.rustica.fr; hxxps://www.tiktok.com; hxxps://www.torrent9.gg; hxxps://www.youtube.com; hxxps://www.zetorrents.org Edge HomePage: Default -> hxxps://google.fr/ Edge StartupUrls: Default -> "hxxp://google.fr/" Edge DefaultSearchURL: Default -> hxxps://af.xdock.co?keyword={searchTerms}&pid=490&subid=4902 Edge DefaultSearchKeyword: Default -> yahoo search Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms} FireFox: ======== FF DefaultProfile: in1vacop.default FF ProfilePath: C:\Users\micka\AppData\Roaming\Mozilla\Firefox\Profiles\in1vacop.default [2022-04-05] FF Homepage: Mozilla\Firefox\Profiles\in1vacop.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2021-02-10 08:47:21&bName= FF NewTab: Mozilla\Firefox\Profiles\in1vacop.default -> hxxps://mysearchengine.co/homepage?hp=1&bitmask=9996&pId=BT171001&iDate=2021-02-10 08:47:21&bName= FF Notifications: Mozilla\Firefox\Profiles\in1vacop.default -> hxxps://www.facebook.com; hxxps://mail.google.com; hxxps://www.castorama.fr; hxxps://eduscol.education.fr; hxxps://www.conforama.fr FF HomepageOverride: Mozilla\Firefox\Profiles\in1vacop.default -> Disabled: _hpMembers_@free.easyfileconvert.com FF NewTabOverride: Mozilla\Firefox\Profiles\in1vacop.default -> Disabled: _hpMembers_@free.easyfileconvert.com FF Extension: (Mes Envies : Ajoutez à votre liste de cadeaux) - C:\Users\micka\AppData\Roaming\Mozilla\Firefox\Profiles\in1vacop.default\Extensions\mesenvies@mesenvies.fr.xpi [2019-10-29] [UpdateUrl:hxxps://www.mesenvies.fr/updates.json] FF Extension: (Default) - C:\Users\micka\AppData\Roaming\Mozilla\Firefox\Profiles\in1vacop.default\Extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2017-08-11] [] [non signé] FF Extension: (Pas de nom) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [non trouvé(e)] FF Extension: (Pas de nom) - C:\Program Files\McAfee\WebAdvisore10ssaffplg.xpi [non trouvé(e)] FF SearchPlugin: C:\Users\micka\AppData\Roaming\Mozilla\Firefox\Profiles\in1vacop.default\searchplugins\My Bing Search.xml [2021-02-10] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-07] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default [2022-03-07] CHR StartupUrls: Default -> "hxxps://www.bing.com/?PC=XK01" CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?q={searchTerms}&pc=COS2&ptag=D021021-N0640A9FCDBB39EF&form=CONBDF&conlogo=CT3335799 CHR DefaultSearchKeyword: Default -> Bing® CHR DefaultNewTabURL: Default -> hxxps://www.bing.com/chrome/newtab?pc=COS2&ptag=D021021-N0630A9FCDBB39EF&form=CONMHP&conlogo=CT3335799 CHR DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms} CHR Extension: (Slides) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-05] CHR Extension: (Safe Torrent Scanner) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-25] CHR Extension: (Docs) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-05] CHR Extension: (Google Drive) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-05-06] CHR Extension: (YouTube) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-05] CHR Extension: (Recherche Google) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-12-05] CHR Extension: (Sheets) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-05] CHR Extension: (McAfee® WebAdvisor) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-05-06] CHR Extension: (Google Docs hors connexion) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-06] CHR Extension: (HP Smart Print) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi [2017-12-05] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-05-06] CHR Extension: (Gmail) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-05-06] CHR Extension: (Chrome Media Router) - C:\Users\micka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-06] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj] Opera: ======= OPR Profile: C:\Users\micka\AppData\Roaming\Opera Software\Opera Stable [2021-02-25] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\micka\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-02-10] OPR Extension: (Safe Torrent Scanner) - C:\Users\micka\AppData\Roaming\Opera Software\Opera Stable\Extensions\gpabaecgmgbeapjghcfhohnbljcocknl [2021-02-10] Brave: ======= BRA Profile: C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-01] BRA DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=brz-brave BRA DefaultSearchKeyword: Default -> :q BRA DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch BRA Extension: (Safe Torrent Scanner) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-02-25] BRA Extension: (McAfee® WebAdvisor) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-25] BRA Extension: (Brave Local Data Files Updater) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-25] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-01] BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2021-02-25] BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-03-01] BRA Extension: (Brave SpeedReader Updater) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-02-25] BRA Extension: (Brave NTP sponsored images) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-03-01] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\micka\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-01] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [253600 2021-12-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [610752 2022-02-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-11] (BattlEye Innovations e.K. -> ) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [162400 2021-02-25] (Brave Software, Inc. -> BraveSoftware Inc.) R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [688992 2017-02-27] (LENOVO -> Lenovo) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-07] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-13] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44328 2022-03-15] (Dropbox, Inc -> Dropbox, Inc.) R2 DCIService; C:\Program Files (x86)\Lavasoft\Web Companion\Service\x64\DCIService.exe [3413424 2021-11-19] (Lavasoft Software Canada Inc. -> ) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [218272 2022-03-21] (HP Inc. -> HP Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2021-06-03] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.) R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.11.20.0\LenovoVantageService.exe [28928 2022-01-20] (Lenovo -> Lenovo Group Ltd.) R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [953544 2020-11-01] (McAfee, LLC -> McAfee, LLC) R2 MEmuSVC; D:\Program Files\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> ) R2 Soda PDF Desktop 12; C:\Program Files\Soda PDF Desktop 12\activation-service.exe [3213896 2022-02-18] (Avanquest Software (7270356 Canada Inc) -> LULU Software) S3 Soda PDF Desktop 12 Creator; C:\Program Files\Soda PDF Desktop 12\creator-ws.exe [509000 2022-02-18] (Avanquest Software (7270356 Canada Inc) -> LULU Software) S3 Soda PDF Desktop 12 Update Service; C:\Program Files\Soda PDF Desktop 12\update-service.exe [311368 2022-02-18] (Avanquest Software (7270356 Canada Inc) -> LULU Software) R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [22960 2021-11-19] (Lavasoft Software Canada Inc. -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-18] (Microsoft Windows Publisher -> Microsoft Corporation) S3 aswbIDSAgent; "C:\Program Files\Avast Software\Avast\aswidsagent.exe" [X] S2 avast! Antivirus; "C:\Program Files\Avast Software\Avast\AvastSvc.exe" /runassvc [X] S2 avast! Tools; "C:\Program Files\Avast Software\Avast\aswToolsSvc.exe" /runassvc [X] S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2021-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-28] (Avast Software s.r.o. -> AVAST Software) S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2017-08-29] (AVAST Software s.r.o. -> The OpenVPN Project) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-28] (Avast Software s.r.o. -> AVAST Software) R2 BdDci; C:\WINDOWS\system32\DRIVERS\bddci.sys [367096 2021-11-19] (Bitdefender SRL -> Bitdefender) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation) S3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2018-02-06] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-18] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-18] (Microsoft Windows -> Microsoft Corporation) S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink) S2 aswStm; system32\drivers\aswStm.sys [X] S3 MpKsl247d419c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AFA7A27F-F273-47DE-AE00-F706B6916185}\MpKslDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-05 16:03 - 2022-04-05 16:03 - 000000000 ____D C:\Users\Public\CyberLink 2022-04-05 15:55 - 2022-04-05 16:00 - 000045709 _____ C:\Users\micka\Desktop\FRST.txt 2022-04-05 15:53 - 2022-04-05 15:58 - 000000000 ____D C:\FRST 2022-04-05 15:48 - 2022-04-05 15:49 - 002365440 _____ (Farbar) C:\Users\micka\Desktop\FRST64.exe 2022-04-05 15:16 - 2022-04-05 15:17 - 002443448 _____ (Malwarebytes) C:\Users\micka\Downloads\MBSetup.exe 2022-03-22 11:03 - 2022-03-22 11:03 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2022-03-18 14:36 - 2022-03-18 14:36 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-03-18 14:35 - 2022-03-18 14:35 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe 2022-03-18 14:34 - 2022-03-18 14:34 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll 2022-03-18 14:33 - 2022-03-18 14:33 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-03-18 14:33 - 2022-03-18 14:33 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe 2022-03-18 14:02 - 2022-03-18 14:02 - 000000000 ___HD C:\$WinREAgent 2022-03-18 12:16 - 2022-03-18 20:04 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-03-18 10:41 - 2022-03-18 10:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2022-03-17 17:40 - 2022-03-17 17:40 - 000608003 _____ C:\Users\micka\Downloads\Licence(s) UFOLEP - 062051004 (1).pdf 2022-03-17 17:39 - 2022-03-17 17:41 - 000608003 _____ C:\Users\micka\Downloads\Licence(s) UFOLEP - 062051004.pdf 2022-03-15 08:36 - 2022-03-15 08:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys 2022-03-15 08:36 - 2022-03-15 08:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys 2022-03-15 08:36 - 2022-03-15 08:36 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys 2022-03-15 08:36 - 2022-03-15 08:36 - 000044328 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2022-03-07 22:44 - 2022-03-07 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-05 16:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-04-05 15:59 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-04-05 15:52 - 2019-06-30 14:57 - 000000000 ____D C:\Program Files\CCleaner 2022-04-05 15:34 - 2020-07-23 11:03 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-05 15:28 - 2017-12-05 10:14 - 000000000 ____D C:\Program Files (x86)\Google 2022-04-05 15:22 - 2020-11-12 15:05 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2570693455-3721531784-3910098814-1001 2022-04-05 15:21 - 2020-11-12 14:35 - 000002428 _____ C:\Users\micka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-04-05 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2022-04-05 15:12 - 2021-12-19 18:31 - 000001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2022-04-05 15:10 - 2020-11-12 15:05 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{55A4373D-DDC2-4768-B154-96AE6A890893} 2022-04-05 15:07 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-04-05 15:00 - 2020-11-12 14:48 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-04-05 15:00 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat 2022-04-05 15:00 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat 2022-04-05 14:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-04-05 14:54 - 2020-11-12 14:35 - 000000000 ____D C:\Users\micka 2022-04-05 14:52 - 2020-11-12 15:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-04-05 14:52 - 2020-11-12 14:24 - 000008192 ___SH C:\DumpStack.log.tmp 2022-04-05 14:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2022-04-05 14:51 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-04-05 14:51 - 2017-08-13 00:37 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2022-04-05 14:51 - 2017-08-11 09:22 - 000000000 ____D C:\Program Files (x86)\Dropbox 2022-04-05 14:43 - 2020-11-12 14:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-03-22 11:12 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-03-22 11:04 - 2021-11-10 18:48 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2022-03-21 21:59 - 2017-08-11 12:37 - 000000000 ____D C:\Users\micka\AppData\LocalLow\Mozilla 2022-03-21 20:14 - 2021-02-25 16:58 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-03-21 20:05 - 2018-08-10 18:22 - 000000000 ____D C:\Users\micka\AppData\Local\CrashDumps 2022-03-21 20:01 - 2020-11-12 15:05 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-03-18 20:06 - 2020-11-12 14:25 - 000621760 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-03-18 20:04 - 2017-08-13 15:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-03-18 20:04 - 2017-08-11 09:23 - 000001216 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2022-03-18 20:04 - 2017-08-11 09:23 - 000001212 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2022-03-18 20:01 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-03-18 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-03-18 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2022-03-18 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-03-18 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2022-03-18 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2022-03-18 20:01 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-03-18 20:01 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing 2022-03-18 16:59 - 2022-02-14 22:51 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-03-18 16:59 - 2017-08-13 15:45 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-03-18 16:05 - 2020-10-06 09:29 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2022-03-18 14:33 - 2020-11-12 14:30 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-03-18 14:02 - 2017-08-12 18:55 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-03-18 13:55 - 2017-08-12 18:54 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-03-18 10:39 - 2018-05-26 17:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2022-03-17 20:10 - 2021-12-19 18:31 - 000003976 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2022-03-17 19:02 - 2017-03-15 16:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2022-03-17 17:43 - 2020-11-30 18:32 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6b8f1a04e6d4f 2022-03-17 17:43 - 2020-11-12 15:05 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-03-17 17:42 - 2021-04-23 15:27 - 000000000 ____D C:\Users\micka\AppData\Roaming\Soda PDF Desktop 12 2022-03-17 17:42 - 2020-02-24 15:47 - 000000000 ____D C:\ProgramData\boost_interprocess 2022-03-17 17:28 - 2020-11-12 15:05 - 000004174 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA 2022-03-17 17:28 - 2020-11-12 15:05 - 000003942 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore 2022-03-07 22:45 - 2017-08-13 00:38 - 000000000 ____D C:\ProgramData\Package Cache ==================== Fichiers à la racine de certains dossiers ======== 2017-08-17 17:46 - 2017-08-17 17:46 - 000000096 _____ () C:\Users\micka\AppData\Roaming\version2.xml 2018-01-15 16:22 - 2018-01-15 16:22 - 000231035 _____ () C:\Users\micka\AppData\Roaming\VideoPad.dmp 2020-01-23 12:00 - 2020-01-23 12:00 - 000003584 _____ () C:\Users\micka\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2022-01-31 21:11 - 2022-01-31 21:11 - 000000218 _____ () C:\Users\micka\AppData\Local\recently-used.xbel ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================