Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-07-2022 Exécuté par loic (administrateur) sur DESKTOP-H4VBGPS (23-07-2022 09:35:13) Exécuté depuis C:\Users\loic\Desktop Profils chargés: loic Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1826 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\Holiline\Holiline Reminder\holiline.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe ->) (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe (C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe ->) (Michael Maltsev -> RaMMicHaeL) [Fichier non signé] C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCopyAccelerator.exe (C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe (C:\PVSW\Bin\WGE_SRV.exe ->) () [Fichier non signé] C:\PVSW\Bin\w3dbsmgr.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8> (OLYMPUS CORPORATION -> Olympus Corporation) C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe (services.exe ->) () [Fichier non signé] C:\PVSW\Bin\WGE_SRV.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (services.exe ->) (Acronis International GmbH -> ) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe (services.exe ->) (Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe (services.exe ->) (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe (services.exe ->) (Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Michael Maltsev -> RaMMicHaeL) [Fichier non signé] C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe (services.exe ->) (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (svchost.exe ->) (Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22052.553.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\spaceman.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe <2> (svchost.exe ->) (Orange -> Orange) C:\Users\loic\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-07-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [752168 2019-03-25] (Acronis International GmbH -> ) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4971688 2019-03-25] (Acronis International GmbH -> ) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\tib_mounter_monitor.exe [441448 2019-03-25] (Acronis International GmbH -> Acronis International GmbH) HKLM-x32\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\FirstStart.exe [40400 2018-06-18] (OLYMPUS CORPORATION -> Olympus Corporation) HKLM-x32\...\Run: [adc_launcher] => C:\Program Files (x86)\FreeStyle Libre\adc_launcher.exe [211456 2018-12-06] (Abbott Diabetes Care) [Fichier non signé] HKLM-x32\...\Run: [C16A] => C:\WINDOWS\twain_32\Brimc16a\Common\TwDsUiLaunch.exe [94544 2019-09-24] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-12-07] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [S15A] => C:\WINDOWS\twain_32\Brims15a\Common\TwDsUiLaunch.exe (Pas de fichier) HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [288184 2021-07-26] (Intel Corporation -> Intel) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart (Pas de fichier) HKU\S-1-5-21-1737792242-3146974705-902076100-1003\...\Run: [OV3_Monitor] => C:\Program Files (x86)\OLYMPUS\OLYMPUS Viewer 3\OV3Monitor.exe [415696 2018-06-18] (OLYMPUS CORPORATION -> Olympus Corporation) HKU\S-1-5-21-1737792242-3146974705-902076100-1003\...\Run: [ApowerMirror] => C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe [5626928 2019-11-29] (Apowersoft Ltd -> Apowersoft) HKU\S-1-5-21-1737792242-3146974705-902076100-1003\...\Run: [Holiline Reminder] => C:\Program Files (x86)\Holiline\Holiline Reminder\holiline.exe [4275712 2015-06-23] () [Fichier non signé] HKU\S-1-5-21-1737792242-3146974705-902076100-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-1737792242-3146974705-902076100-1003\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [112186728 2022-01-19] (Skype Software Sarl -> Skype Technologies S.A.) HKU\S-1-5-21-1737792242-3146974705-902076100-1003\...\Run: [MicrosoftEdgeAutoLaunch_84AFA9A0CD04522DD60C55E9BB0FDE81] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-14] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1737792242-3146974705-902076100-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2021-01-13] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-1737792242-3146974705-902076100-1006\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632088 2022-07-13] (Microsoft Corporation -> Microsoft Corporation) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.134\Installer\chrmstp.exe [2022-07-22] (Google LLC -> Google LLC) Startup: C:\Users\loic\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk [2019-02-11] ShortcutTarget: DeskPins.lnk -> C:\Program Files (x86)\DeskPins\deskpins.exe (Elias Fotinis) [Fichier non signé] ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {13B9C429-E506-40FF-BD07-807BC0BD0135} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {1878FCDB-AB5B-4111-8FC0-A98D080E1DA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {1E874D7D-F7BB-473B-99DA-D0A444918925} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) Task: {3A24F583-5D7D-44B2-A3BD-160FC75556C0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs" Task: {3C1AC2FB-9481-4245-A92B-93BCC5EA3DFB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier) Task: {54B3F0C5-ACA6-46B1-B7AA-142D01948D21} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {58FBC9BA-58EA-4E17-BEF6-0F66E09E3104} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-08] (Google Inc -> Google Inc.) Task: {5DD20F28-D40D-4F90-9B27-D81D189B47E3} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-06-14] (Piriform Software Ltd -> Piriform) Task: {6221B884-5D2E-4560-87E8-A3AC2924EAF8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {82646E77-5E52-44E7-8C1A-B936094F3887} - System32\Tasks\CCleanerSkipUAC - loic => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {892E75D1-0DB2-4657-A4CF-0EEC7D6F5F1A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-08] (Google Inc -> Google Inc.) Task: {92BFCFE9-013C-41BD-AAF0-82D8E7E48653} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\loic\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe [1974064 2021-11-10] (Orange -> Orange) Task: {AFB8E389-C632-416A-B016-718AC53E2A9D} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {B3B1E550-D45E-4217-9400-451687D68D49} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3087184 2020-03-10] (Intel(R) Software Development Products -> Intel Corporation) Task: {B9E73B08-074B-4EAE-AD94-8DAF53C69785} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1737792242-3146974705-902076100-1006 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-13] (Microsoft Corporation -> Microsoft Corporation) Task: {C59CC7F1-81AC-4A23-AEFA-37EA1C4A69CD} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {DE697F51-EEDF-4D15-8FD8-B7454187E278} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FBEF3214-3E91-4EEE-B1B4-C1E47603F888} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1737792242-3146974705-902076100-1003 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-07-13] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{afaf3e51-ac68-4680-88d5-dfd642ecc087}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{c3ca12fb-0018-483e-801b-00aac3758c4e}: [DhcpNameServer] 192.168.1.1 Edge: ======= DownloadDir: C:\Users\loic\Downloads Edge HomeButtonPage: HKU\S-1-5-21-1737792242-3146974705-902076100-1003 -> hxxps://www.orange.fr/portail Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2021-10-13] Edge Extension: (AdBlock — best ad blocker) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2021-10-13] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Translator pour Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2021-10-13] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge DefaultProfile: Default Edge Profile: C:\Users\loic\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-23] Edge HomePage: Default -> hxxps://r.orange.fr/r/Oodc_oi_promoHP Edge StartupUrls: Default -> "hxxps://orange.fr/" Edge Extension: (Malwarebytes Browser Guard) - C:\Users\loic\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-06-28] Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\loic\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-07-17] Edge Extension: (uBlock Origin) - C:\Users\loic\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-07-14] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: hqwiwi7u.default FF DefaultProfile: phkg75ew.default-1582620319180 FF ProfilePath: C:\Users\loic\AppData\Roaming\Waterfox\Profiles\hqwiwi7u.default [2019-02-03] FF Homepage: Waterfox\Profiles\hqwiwi7u.default -> hxxps://www.orange.fr/portail FF Extension: (uBlock Origin) - C:\Users\loic\AppData\Roaming\Waterfox\Profiles\hqwiwi7u.default\Extensions\uBlock0@raymondhill.net.xpi [2019-02-02] FF ProfilePath: C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 [2022-07-23] FF DownloadDir: C:\Users\SAV JPH\Downloads FF Homepage: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> hxxps://www.orange.fr/portail FF HomepageOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: admin@fastaddons.com_GroupSpeedDial FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: admin@fastaddons.com_GroupSpeedDial FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: uBlock0@raymondhill.net FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: wikipedia@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: qwant@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: ebay@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: ddg@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: amazon@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: bing@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180 -> Enabled: google@search.mozilla.org FF Extension: (Group Speed Dial) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2022-07-12] FF Extension: (I don't care about cookies) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2022-06-22] FF Extension: (uBlock Origin) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\uBlock0@raymondhill.net.xpi [2022-06-14] FF Extension: (Malwarebytes Browser Guard) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-06-29] FF Extension: (Mozilla: Firefox OS) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2020-02-25] FF Extension: (Floating Player: YouTube, Twitch.tv, etc.) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\{a37dbe97-b3d9-4641-9c9c-9e790132e51b}.xpi [2020-05-08] FF Extension: (Firefox B) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\{ac40163c-8804-4dad-90fc-e25ebd6e9a57}.xpi [2020-02-25] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\loic\AppData\Roaming\Mozilla\Firefox\Profiles\phkg75ew.default-1582620319180\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2022-07-05] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default [2022-06-05] CHR HomePage: Default -> orange.fr CHR StartupUrls: Default -> "hxxp://www.orange.fr/" CHR Extension: (Slides) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-11-29] CHR Extension: (Docs) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-11-29] CHR Extension: (Google Drive) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-11-29] CHR Extension: (YouTube) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-11-29] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-11-29] CHR Extension: (uBlock Origin) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-11-29] CHR Extension: (Sheets) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-11-29] CHR Extension: (I don't care about cookies) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\fihnjjcciajhdojfnbdddfaoknhalnja [2021-11-29] CHR Extension: (Google Docs hors connexion) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-11-29] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-11-29] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05] CHR Extension: (Orange page d'accueil) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2020-08-19] CHR Extension: (Gmail) - C:\Users\loic\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-11-29] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh] Opera: ======= OPR Profile: C:\Users\loic\AppData\Roaming\Opera Software\Opera Stable [2022-06-05] OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.fr/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4383760 2019-03-25] (Acronis International GmbH -> Acronis International GmbH) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1155344 2019-03-25] (Acronis International GmbH -> ) R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6341824 2019-07-08] (Acronis International GmbH -> ) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-12-07] (Brother Industries, Ltd.) [Fichier non signé] R2 DSAService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe [36792 2021-07-26] (Intel Corporation -> Intel) R3 DSAUpdateService; C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe [177080 2021-07-26] (Intel Corporation -> Intel) R2 EBP Pervasive.SQL; C:\PVSW\Bin\WGE_SRV.exe [32768 2006-12-07] () [Fichier non signé] S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.131.0619.0001\FileSyncHelper.exe [3381632 2022-07-13] (Microsoft Corporation -> Microsoft Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8677120 2022-06-22] (Malwarebytes Inc. -> Malwarebytes) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2018-11-23] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2018-11-23] (Acronis International GmbH -> Acronis International GmbH) S3 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1774784 2019-03-25] (Acronis International GmbH -> ) R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2019-06-26] () [Fichier non signé] S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.131.0619.0001\OneDriveUpdaterService.exe [3822496 2022-07-13] (Microsoft Corporation -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2019-09-24] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 ss_conn_service2; C:\Program Files (x86)\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [780328 2019-09-24] (DEVGURU Co., Ltd. -> DEVGURU Co., LTD.) R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7182560 2019-03-25] (Acronis International GmbH -> ) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12986664 2021-12-17] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 Tib Mounter Service; C:\Program Files (x86)\Common Files\Acronis\TibMounter64\tib_mounter_service.exe [7099408 2019-03-25] (Acronis International GmbH -> Acronis International GmbH) R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [111208 2018-12-08] (Michael Maltsev -> RaMMicHaeL) [Fichier non signé] R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe [3120992 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe [133544 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.) S3 BrSerIb; C:\WINDOWS\system32\DRIVERS\BrSerIb.sys [87552 2011-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) S3 BrUsbSIb; C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys [14592 2011-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries Ltd.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2019-07-08] (Acronis International GmbH -> Acronis International GmbH) R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [390592 2019-07-08] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R0 fltsrv; C:\WINDOWS\System32\DRIVERS\fltsrv.sys [182832 2019-03-09] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [192960 2022-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [74704 2022-07-23] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-07-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181992 2022-07-23] (Malwarebytes Inc. -> Malwarebytes) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 tib; C:\WINDOWS\system32\DRIVERS\tib.sys [885880 2019-07-08] (Acronis International GmbH -> Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [171976 2019-07-08] (Acronis International GmbH -> Acronis International GmbH) S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [693768 2019-07-08] (Acronis International GmbH -> Acronis International GmbH) R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [331976 2019-07-08] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) R0 volume_tracker; C:\WINDOWS\System32\DRIVERS\volume_tracker.sys [243472 2019-07-08] (ACRONIS INTERNATIONAL GMBH -> Acronis International GmbH) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2022-06-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [452856 2022-06-23] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [91384 2022-06-23] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-07-23 09:37 - 2022-07-23 09:37 - 000000000 ____D C:\Users\loic\AppData\LocalLow\IGDump 2022-07-23 09:35 - 2022-07-23 09:36 - 000034553 _____ C:\Users\loic\Desktop\FRST.txt 2022-07-23 09:34 - 2022-07-23 09:35 - 000000000 ____D C:\FRST 2022-07-23 09:30 - 2022-07-23 09:30 - 002369536 _____ (Farbar) C:\Users\loic\Desktop\FRST64.exe 2022-07-23 09:26 - 2022-07-23 09:26 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2022-07-23 09:26 - 2022-07-23 09:26 - 000181992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2022-07-23 09:26 - 2022-07-23 09:26 - 000074704 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2022-07-20 20:23 - 2022-07-20 20:23 - 000360662 _____ C:\Users\SAV JPH\Downloads\public_files_file_l_33_8_retraite_maj_03_2022.pdf 2022-07-19 17:48 - 2022-07-19 17:48 - 005537280 _____ C:\Users\SAV JPH\Downloads\Arbres voulant vivre _ Va Mi.pps 2022-07-18 17:49 - 2022-07-18 17:49 - 000508285 _____ C:\Users\SAV JPH\Downloads\IL220716044.pdf 2022-07-16 11:12 - 2022-07-16 11:22 - 000000000 ____D C:\Users\loic\Desktop\Wolfi 2022-07-16 11:09 - 2022-07-17 12:23 - 000000000 ____D C:\Users\loic\Desktop\Marie 2022-07-13 12:22 - 2022-07-13 12:22 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000693248 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000640512 _____ C:\WINDOWS\system32\SettingSyncDownloadHelper.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000530944 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe 2022-07-13 12:22 - 2022-07-13 12:22 - 000470528 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe 2022-07-13 12:22 - 2022-07-13 12:22 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000270848 _____ C:\WINDOWS\system32\EsclScan.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000152064 _____ C:\WINDOWS\system32\EsclProtocol.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000061952 _____ C:\WINDOWS\system32\printticketvalidation.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000057344 _____ C:\WINDOWS\system32\APMonUI.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mode.com 2022-07-13 12:22 - 2022-07-13 12:22 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mode.com 2022-07-13 12:22 - 2022-07-13 12:22 - 000024576 _____ C:\WINDOWS\system32\WsdProviderUtil.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tree.com 2022-07-13 12:22 - 2022-07-13 12:22 - 000018944 _____ C:\WINDOWS\SysWOW64\WsdProviderUtil.dll 2022-07-13 12:22 - 2022-07-13 12:22 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tree.com 2022-07-13 12:22 - 2022-07-13 12:22 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\chcp.com 2022-07-13 12:22 - 2022-07-13 12:22 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chcp.com 2022-07-13 12:22 - 2022-07-13 12:22 - 000011811 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2022-07-13 12:07 - 2022-07-13 12:07 - 000000000 ___HD C:\$WinREAgent 2022-07-12 10:37 - 2022-07-12 10:37 - 008349852 _____ C:\Users\SAV JPH\Downloads\Bilan d'hospitalisation à l'hôpital de Haute Pierre de Madame Schuh Christiane.zip 2022-07-10 20:37 - 2022-07-10 20:38 - 013756031 _____ C:\Users\SAV JPH\Downloads\Blast! (Bolero de Ravel)11.mp4 2022-07-08 10:37 - 2022-07-08 10:37 - 000000207 _____ C:\Users\SAV JPH\Downloads\Part_2(1).dat 2022-07-04 18:51 - 2022-07-04 18:51 - 000051702 _____ C:\Users\SAV JPH\Downloads\Releve Conso Mobile - cycle du 01 juin 2022.pdf 2022-06-27 20:35 - 2022-06-27 20:35 - 002218352 _____ C:\Users\SAV JPH\Downloads\RE cuisine 16D quai des bateliers.zip 2022-06-23 15:42 - 2022-06-23 15:42 - 001528278 _____ C:\Users\SAV JPH\Downloads\TR [fiche visite] 18_03_2022 de Mme Valerie SCHUH situé 16 D QUAI DES BATELIERS, 67000 STRASBOURG (2031 _ 0006).zip 2022-06-23 15:35 - 2022-06-23 15:35 - 000275590 _____ C:\Users\SAV JPH\Downloads\[Pas de sujet](1).zip ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-07-23 09:34 - 2018-12-08 15:48 - 000000000 ____D C:\Users\loic\AppData\LocalLow\Mozilla 2022-07-23 09:32 - 2020-07-22 16:13 - 000000000 ____D C:\Users\loic\AppData\Local\CrashDumps 2022-07-23 09:30 - 2020-09-06 17:17 - 001681434 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2022-07-23 09:30 - 2019-12-07 16:49 - 000755174 _____ C:\WINDOWS\system32\perfh00C.dat 2022-07-23 09:30 - 2019-12-07 16:49 - 000141980 _____ C:\WINDOWS\system32\perfc00C.dat 2022-07-23 09:30 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2022-07-23 09:30 - 2018-12-08 15:40 - 000000000 ____D C:\Program Files (x86)\Google 2022-07-23 09:29 - 2020-09-06 17:20 - 000004174 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{3461CAB5-BDA3-41B0-8F87-8C23500F1D37} 2022-07-23 09:29 - 2018-12-08 15:26 - 000000000 ____D C:\Program Files\CCleaner 2022-07-23 09:28 - 2022-02-09 13:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-07-23 09:26 - 2020-09-06 17:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2022-07-23 09:26 - 2020-09-06 17:13 - 000008192 ___SH C:\DumpStack.log.tmp 2022-07-23 09:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2022-07-23 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2022-07-23 09:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2022-07-23 09:26 - 2019-02-01 18:21 - 000000000 __SHD C:\Users\loic\IntelGraphicsProfiles 2022-07-23 09:26 - 2018-12-08 15:30 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2022-07-22 20:43 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2022-07-22 20:10 - 2020-09-06 17:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2022-07-21 13:16 - 2020-09-06 16:51 - 000000000 ____D C:\Users\loic 2022-07-16 11:08 - 2022-05-31 10:40 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2022-07-16 11:08 - 2022-05-31 10:40 - 000223176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2022-07-16 10:23 - 2020-07-09 18:08 - 000002466 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-07-14 09:12 - 2021-09-12 08:29 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2022-07-13 20:19 - 2021-12-13 11:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1737792242-3146974705-902076100-1006 2022-07-13 20:19 - 2021-12-13 11:56 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1737792242-3146974705-902076100-1003 2022-07-13 20:19 - 2020-09-06 17:20 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2022-07-13 20:19 - 2019-09-29 07:09 - 000002194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2022-07-13 20:17 - 2021-04-21 07:18 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2022-07-13 20:16 - 2020-09-06 17:13 - 000624672 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents 2022-07-13 20:15 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2022-07-13 12:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-07-13 12:22 - 2020-09-06 17:14 - 003010560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2022-07-13 12:06 - 2018-12-08 16:33 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-07-13 12:02 - 2018-12-08 16:32 - 146546848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-07-08 16:56 - 2021-02-09 23:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-07-08 16:56 - 2018-12-08 15:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-07-08 10:46 - 2021-10-14 08:37 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2022-07-08 10:46 - 2018-12-08 15:48 - 000001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-06-24 20:51 - 2018-12-08 20:02 - 000000000 ____D C:\ProgramData\Packages 2022-06-23 08:33 - 2018-12-08 08:40 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Fichiers à la racine de certains dossiers ======== 2020-01-24 08:50 - 2020-02-21 11:59 - 000025175 _____ () C:\Users\loic\AppData\Roaming\Valeurs séparées par une virgule (Windows).ADR 2019-03-20 17:57 - 2021-09-17 19:46 - 000056832 _____ () C:\Users\loic\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2019-05-20 11:04 - 2019-05-20 11:04 - 000000017 _____ () C:\Users\loic\AppData\Local\resmon.resmoncfg ==================== FLock ============================== 2019-02-02 17:28 C:\ProgramData\Brother ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================