Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Exécuté par PRO NATURE (administrateur) sur ASUS (ASUSTeK COMPUTER INC. UX310UQK) (13-09-2022 19:17:21)
Exécuté depuis C:\Users\PRO NATURE\Downloads
Profils chargés: PRO NATURE & SQLTELEMETRY$SQLEXPRESS01 & MSSQL$SQLEXPRESS & MSSQL$SQLEXPRESS01
Plate-forme: Microsoft Windows 10 Famille Langue unique Version 21H2 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Autodesk, Inc. -> Autodesk) C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe ->) (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\Common Files\SMART Technologies\SMART Crash Reporter 1.2\crashpad_handler2.exe
(C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe ->) (SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\Office\SMARTInk-SBSDKProxy.exe
(C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\SentryEye.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Conexant Systems LLC -> Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxEM.exe
(explorer.exe ->) (Google Inc -> Google Inc.) D:\Program Files (x86)\Picasa3\PicasaPhotoViewer.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\62.0.2.0\crashpad_handler.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\63.0.5.0\crashpad_handler.exe <3>
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(explorer.exe ->) (Mega Limited -> Mega Limited) C:\Users\PRO NATURE\AppData\Local\MEGAsync\MEGAsync.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\MSPUB.EXE
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(hasplms.exe ->) (SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplmv.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Joyent, Inc) [Fichier non signé] C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\SBWDKService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <20>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(services.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(services.exe ->) (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(services.exe ->) (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe
(services.exe ->) (Avira Operations GmbH -> Avira Operations GmbH) C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(services.exe ->) (Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(services.exe ->) (ICEpower a/s -> ICEpower A/S) C:\Windows\System32\DriverStore\FileRepository\x40plmwa.inf_amd64_0fe274d0aafd5420\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fb9939a7d714d646\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(services.exe ->) (Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (SafeNet Canada, Inc. -> SafeNet, Inc.) C:\Windows\System32\hasplms.exe
(services.exe ->) (TeamViewer -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe
(SMART Technologies ULC -> SMART Technologies) C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe
(svchost.exe ->) (ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(svchost.exe ->) (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(svchost.exe ->) (Avira Operations GmbH -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBar.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.822.6271.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22062.543.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\pacjsworker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [589840 2022-07-13] (Autodesk, Inc. -> Autodesk, Inc.)
HKLM-x32\...\Run: [SMART Tray Tools] => C:\Program Files (x86)\Common Files\SMART Technologies\SystemMenu\SMARTSystemMenu.exe [649784 2021-06-25] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SMARTNotification] => "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTNotification.exe" (Pas de fichier)
HKLM-x32\...\Run: [SMART Board Service] => "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTBoardService.exe" -d (Pas de fichier)
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\sbsdk-server\NodeLauncher.exe [68544 2019-11-08] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTInk.exe [289336 2021-11-18] (SMART Technologies ULC -> SMART Technologies)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Copper] => C:\Program Files (x86)\NCH Software\Copper\copper.exe [1394736 2018-10-17] (NCH Software Pty Ltd -> NCH Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [708840 2022-04-26] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\ProgramData\Autodesk\Genuine Service\x64\GenuineService.exe [3738160 2022-06-29] (Autodesk, Inc. -> Autodesk)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\63.0.5.0\GoogleDriveFS.exe [52923168 2022-09-10] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\63.0.5.0\GoogleDriveFS.exe [52923168 2022-09-10] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [Google Update] => C:\Users\PRO NATURE\AppData\Local\Google\Update\1.3.36.152\GoogleUpdateCore.exe [230360 2022-08-30] (Google LLC -> Google LLC)
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [49958368 2022-02-01] (Google LLC -> )
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\63.0.5.0\GoogleDriveFS.exe [52923168 2022-09-10] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [] => [X]
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Pas de fichier)
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [CanonImageDisplay] => [X]
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [Dameon.exe] => C:\Users\PRO NATURE\AppData\Roaming\Google\tools\Dameon.exe (Pas de fichier)
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [appnhost] => C:\Users\PRO NATURE\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Vladislavas Jarmalis -> Mixesoft Project)
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Run: [MicrosoftEdgeAutoLaunch_BE21E289FB8A8AB08A650B549610E620] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795360 2022-09-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Policies\Explorer: [] 
HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [5126256 2022-08-11] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-80-3404462892-1987791245-2451609587-3755554482-3689831200\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\63.0.5.0\GoogleDriveFS.exe [52923168 2022-09-10] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\63.0.5.0\GoogleDriveFS.exe [52923168 2022-09-10] (Google LLC -> Google, Inc.)
HKU\S-1-5-80-684135558-66954648-645343295-865517114-2956913369\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\63.0.5.0\GoogleDriveFS.exe [52923168 2022-09-10] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\63.0.5.0\GoogleDriveFS.exe [52923168 2022-09-10] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Pas de fichier)
HKLM\...\Windows x64\Print Processors\Canon G3010 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEI.DLL [482816 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\LMAD2N4C: C:\Windows\System32\spool\prtprocs\x64\LMAD2N4C.DLL [269312 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor G3010 series: C:\Windows\system32\CNMLMEI.DLL [1303040 2017-08-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\LM_LMAD2N: C:\Windows\system32\LMAD2NLANG.DLL [3059712 2013-07-31] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon11.dll [31944 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\SMART Local Port: C:\WINDOWS\system32\smrtlocalmon.dll [39992 2021-11-19] (SMART Technologies ULC -> SMART Technologies ULC)
HKLM\...\Print\Monitors\us008 Langmon: C:\Windows\system32\us008lm.dll [31256 2016-02-15] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\ZDesigner Language Monitor: C:\Windows\system32\zdnNLM64.dll [236032 2013-06-28] (Microsoft Windows Hardware Compatibility Publisher -> Euro Plus d.o.o.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\105.0.5195.102\Installer\chrmstp.exe [2022-09-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-02-18]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
Startup: C:\Users\PRO NATURE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IQTray.lnk [2021-05-06]
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\IQTray.exe (Pas de fichier)
Startup: C:\Users\PRO NATURE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-06-17]
ShortcutTarget: MEGAsync.lnk -> C:\Users\PRO NATURE\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {00E75415-A4D7-4A74-A9B0-8628A6DC6831} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [64408 2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {02F86332-2DC0-4E31-87CF-5C5A7F8AA589} - System32\Tasks\Avira\Safe Shopping\Update => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe InstallerArgs="/quiet CULTURE=en-US DESKTOPSHORTCUT=False STARTMENUSHORTCUT=False" (Pas de fichier)
Task: {056F47B5-627E-4BEE-961D-CBECB713D806} - System32\Tasks\Microsoft\Windows\Conexant\AFA => C:\Program Files\CONEXANT\cAudioFilterAgent\SACpl.exe [1823232 2016-07-05] (Conexant Systems, Inc.) [Fichier non signé]
Task: {0943B3BB-57EA-4F25-9BAF-9637673BC0EC} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {0A13FD4B-A48B-4A70-AC8F-FFE60E76629F} - System32\Tasks\Cache-S-21-2946144819-3e21f723 => C:\Users\PRO [Argument = NATURE\AppData\Local\cache\MoUSO.exe] <==== ATTENTION
Task: {0E1F8C7D-2317-4C9E-B377-8F9875D4D884} - \xfSovbsduoklI2 -> Pas de fichier <==== ATTENTION
Task: {15778B09-3969-4D98-9890-F3A94EDAF09B} - System32\Tasks\Avira_Security_Update => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {1D35DB00-F609-4EA2-8C11-FE5CDA5667E5} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe (Pas de fichier)
Task: {1E253D42-08B5-49C3-B3D6-FD20041DA6A9} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1EAEC213-AA79-47F1-8C37-EC5DB7E1D65A} - System32\Tasks\WpsKtpcntrQingTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exe qing 10.1.0.5644 xxx server_url="http://kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html" ic_server_url="http://info.kingsoftstore.com/wpsv6internet/infos.ads" (Pas de fichier)
Task: {205CA2A1-FA53-423A-986F-ECA7F255F396} - \WpsUpdateTask_PRO NATURE -> Pas de fichier <==== ATTENTION
Task: {20A412EB-B15C-4B05-B36F-93E4C0C2443A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {230DC07B-2E52-4F6E-A331-91A91474FB47} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {24D6D53D-FA01-4FFF-8AAD-C7B3F2FDB722} - System32\Tasks\Microsoft\VisualStudio\Updates\BackgroundDownload => C:\Program Files (x86)\Microsoft Visual Studio\Installer\resources\app\ServiceHub\Services\Microsoft.VisualStudio.Setup.Service\BackgroundDownload.exe (Pas de fichier)
Task: {25120153-B8C7-4D22-9C1F-BC8A0114D381} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-14] (Google LLC -> Google LLC)
Task: {28F5CD80-BED8-4AAE-A924-508BA8EC0CFF} - System32\Tasks\Microsoft\Windows\Conexant\SA2 => C:\Program Files\CONEXANT\SAII\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {2936111F-3C10-464D-A323-C313FA76F189} - System32\Tasks\ASUS Live Update1 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" streamedia"."icu
Task: {296A849F-2A1C-492B-B491-4ABE817F41EE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe (Pas de fichier)
Task: {2A98ED3A-ED76-488E-85B8-BEE32C0963CF} - System32\Tasks\svchost.exe => powershell.exe $env:APPDATA\Whdqw7878WindowSUpdate.exe
Task: {2BB71085-479D-4E8B-A670-F865AF4F3C80} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [55808 2016-10-13] (ASUS) [Fichier non signé]
Task: {2FA35587-E18D-4048-8F6E-A648BCF7AF13} - System32\Tasks\DriverToolkit Autorun => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe --autorun (Pas de fichier)
Task: {306872A8-C14B-4709-AEA6-FD80B232D217} - System32\Tasks\csrss => C:\WINDOWS\rss\csrss.exe (Pas de fichier) <==== ATTENTION
Task: {31A64C53-69F1-4192-A826-A2DAA7BBC794} - System32\Tasks\Avira_Security_Systray => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Systray.Application.exe [1645704 2022-08-29] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {33D536B1-A8B5-4FBD-A6F5-1686A3F4E91D} - \Break Reports for Outlook -> Pas de fichier <==== ATTENTION
Task: {34AF799D-6C74-48FE-A64B-74AFCC9FDB15} - System32\Tasks\PowerControl HR => C:\Program [Argument = Files (x86)\PowerControl\PowerControl_Svc.exe]
Task: {36504D26-F5AF-4F21-992A-4AA28B71AFC8} - \Firefox Default Browser Agent B2E13BFF1F66E1A7 -> Pas de fichier <==== ATTENTION
Task: {38449F7D-B3B6-4729-876C-7BEA1F24EF9E} - System32\Tasks\Avira\Safe Shopping\Check => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe Launch Target=_self Cmdline="Check Target=_app Cmdline=StartMode=check" (Pas de fichier)
Task: {389AD525-C9A2-4513-9F8D-C97669E85047} - \ebGadQBtbggNapQ2 -> Pas de fichier <==== ATTENTION
Task: {3AEE7484-F152-4C46-9D8B-A176570CCB86} - \WxAlive -> Pas de fichier <==== ATTENTION
Task: {3D60E5C2-E9FC-47C0-9D67-EF0EF4CB52A3} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3D9F455A-C1A4-4E24-A79F-355C613537DB} - System32\Tasks\ASUS Live Update2 => "C:\Program Files\Google\Chrome\Application\chrome.exe" streamedia"."icu
Task: {3FD5B566-5C62-454C-B4EB-A91CCF4D94F0} - \NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} -> Pas de fichier <==== ATTENTION
Task: {42A93E2D-8070-4500-B726-A3FF0384EEE0} - \Opera scheduled assistant Autoupdate 1582783863 -> Pas de fichier <==== ATTENTION
Task: {4BBE8BFB-4275-4B75-B5A0-924E59933F75} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1950527399-1813795312-2560553265-1001Core => C:\Users\PRO NATURE\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-25] (Google Inc -> Google Inc.)
Task: {4C6A68C1-35B4-4C10-9DCF-9034698E55DA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {509FDDD2-7C4E-430B-9884-901D9E0103BE} - \Time Trigger Task -> Pas de fichier <==== ATTENTION
Task: {56660DAE-43B4-47E5-9D94-3074C761FD79} - System32\Tasks\Avira_Security_Service_SCM_Watchdog => C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe [257312 2022-08-29] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {591C6227-31CC-4753-B9C9-D37185D66EBD} - System32\Tasks\Opera scheduled Autoupdate 1500897526 => C:\Users\PRO NATURE\AppData\Local\Programs\Opera\launcher.exe [2538448 2022-09-05] (Opera Norway AS -> Opera Software)
Task: {5B4C773F-67D8-4B6B-886B-98BFF5CFB2D2} - System32\Tasks\NCH Software\InventoriaSchedBackup => C:\Program Files (x86)\NCH Software\Inventoria\Inventoria.exe [1882176 2022-01-26] (NCH Software, Inc. -> NCH Software)
Task: {63B8E2C9-15EA-4D8D-B452-3DE557E664C2} - \VoLgCqwXSOmCuV -> Pas de fichier <==== ATTENTION
Task: {65AE1533-3483-45EE-B8B9-7949302E63D4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-14] (Google LLC -> Google LLC)
Task: {734FA16D-E9DA-440B-BC91-0FF1DCE2FFF2} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe (Pas de fichier)
Task: {78312405-2056-4755-ADF6-F03623C622A9} - System32\Tasks\Sage\Sage 100cloud\Saisie de caisse décentralisée 100c\Recalcul des cumuls => C:\Program Files (x86)\Sage\Saisie de caisse décentralisée 100c\SCDMaes.exe -> "C:\Users\Public\Documents\Sage\Saisie de caisse décentralisée 100c\BIJOU.gcm" -u<Administrateur> -cmd=ReajustCumuls.execute(RecalCMUP=1,ArticleMouvementes=1)
Task: {78A3809A-78BE-4998-B1A9-3450ADC030F7} - System32\Tasks\Sage\Sage 100cloud\Gestion Commerciale 100c\Recalcul des cumuls => D:\Program Files (x86)\Sage\Gestion commerciale 100c\GecoMaes.exe -> "C:\Users\Public\Documents\Sage\Gestion commerciale 100c\BIJOU.gcm" -u<Administrateur> -cmd=ReajustCumuls.execute(RecalCMUP=1,ArticleMouvementes=1)
Task: {7BF1DA91-237F-48A2-91C3-ED4A49A8DDF0} - System32\Tasks\Sage\Sage 100c\Gestion Commerciale 100c\Recalcul des cumuls => D:\Program Files (x86)\Sage\Gestion commerciale 100c\GecoMaes.exe -> "C:\Users\Public\Documents\Sage\Gestion commerciale 100c\BIJOU.gcm" -u<Administrateur> -cmd=ReajustCumuls.execute(RecalCMUP=1,ArticleMouvementes=1)
Task: {7C923ADF-BE53-4DC2-A7C4-C13CAE40AA4E} - System32\Tasks\WpsExternal_20161112115516 => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe /wpscloudlaunch /wpsexternal /from=task (Pas de fichier)
Task: {7D78A260-4ACD-4579-BB26-58AC68CB1AAD} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => C:\\ProgramData\\WindowsErrorReporting\\wvermgr.exe /r /i 7 (Pas de fichier) <==== ATTENTION
Task: {80679794-8A00-40F9-9686-600C04C2874C} - \EkTppTUtSTFFWWbHk2 -> Pas de fichier <==== ATTENTION
Task: {853EDC4F-A536-4006-A70A-3F99629CBCA7} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [333760 2022-08-30] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
Task: {86FBEAFC-905F-497B-830C-518F5D280B40} - System32\Tasks\WinZip Update Notifier => C:\Program Files\WinZip\WZUpdateNotifier.exe [1878016 2017-04-19] (WinZip) [Fichier non signé]
Task: {8777B300-0533-4C51-94BD-B25C4FD6A3D7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [142232 2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {92B1AF6F-0CAB-4013-9087-B5CA019974CB} - System32\Tasks\Avira\System Speedup\Delayed Startup\PRO NATURE\1 => C:\Users\PRO NATURE\AppData\Local\Mixesoft\AppNHost\appnhost.exe [453176 2014-08-08] (Vladislavas Jarmalis -> Mixesoft Project)
Task: {9BA3B4BC-0795-4AC5-85DF-2040381C314B} - \Firefox Default Browser Agent BDE4119983953DC2 -> Pas de fichier <==== ATTENTION
Task: {9C1DF862-DD44-4735-B14D-A1347BCF38C9} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe -CancelShutdown (Pas de fichier)
Task: {9D6CE225-0E6D-44E7-A4A1-461D38BF8C22} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe (Pas de fichier)
Task: {9ED28D23-196D-444E-917B-3959CAEAEA5A} - System32\Tasks\PowerControl LG => C:\Program [Argument = Files (x86)\PowerControl\PowerControl_Svc.exe]
Task: {9F17F114-7790-4538-BD5D-6EC498F04101} - \LJAoHKUFWpXEifEFcOK2 -> Pas de fichier <==== ATTENTION
Task: {A41B35F7-7A14-448B-94C0-C143FEAEE454} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1950527399-1813795312-2560553265-1001UA => C:\Users\PRO NATURE\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2017-12-25] (Google Inc -> Google Inc.)
Task: {AEE34DE9-E2EE-4AC6-A432-CA356DA44285} - System32\Tasks\NCH Software\CopperDowngrade => C:\Program Files (x86)\NCH Software\Copper\copper.exe [1394736 2018-10-17] (NCH Software Pty Ltd -> NCH Software)
Task: {B3C7673E-F606-4DCA-9D89-FE64A33D7AFA} - System32\Tasks\Avira_Security_Maintenance => Command(1): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> FallbackTelemetry
Task: {B3C7673E-F606-4DCA-9D89-FE64A33D7AFA} - System32\Tasks\Avira_Security_Maintenance => Command(2): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> ServiceWatchdog
Task: {B3C7673E-F606-4DCA-9D89-FE64A33D7AFA} - System32\Tasks\Avira_Security_Maintenance => Command(3): C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.Worker.exe -> CrashCollector
Task: {B4FA8FC0-5ADD-49D4-A459-F672FD461093} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {B7B58518-2DEF-4C51-A2E5-8F8B23BD2349} - System32\Tasks\ASUSTek Computer Inc\ASUS GIFTBOX => C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe (Pas de fichier)
Task: {B81BA364-F8F5-4585-90C1-DE04F85EE4C1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.)
Task: {B9A6DA29-20F9-4F83-9CFD-E95AE39DA89C} - \Firefox Default Browser Agent 0AD0F4DA6916A977 -> Pas de fichier <==== ATTENTION
Task: {BC8D98CF-DEC4-48D9-BB9E-1DF8EF8B483D} - System32\Tasks\Firefox Default Browser Agent 2EC8974C82FF7562 => C:\Users\PRO NATURE\AppData\Roaming\fiaitrf.exe (Pas de fichier) <==== ATTENTION
Task: {C11B4E0D-42AF-41C6-95AF-7E936ED3E55D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {C9B8100F-7312-4D25-A08A-64D6D571F129} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1950527399-1813795312-2560553265-1001 => C:\Users\PRO NATURE\AppData\Local\MEGAsync\MEGAupdater.exe [1776816 2022-07-22] (Mega Limited -> )
Task: {CA2D0F22-BC83-4B64-8D2F-D5F8CB6CDD69} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23706576 2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB3339D5-4C92-4FF5-A1B9-F46CD4481036} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19967504 2016-11-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
Task: {E09A533A-8962-4DA7-A9C3-1FDB197E83C3} - System32\Tasks\Avira\Safe Shopping\Launch => C:\Program Files (x86)\Avira\Safe Shopping\Updater\Updater.exe Launch Target=_app Cmdline=StartMode=logon (Pas de fichier)
Task: {E1369F69-E93C-4AF3-AFB4-0150190A7AA4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe (Pas de fichier)
Task: {E1BB2995-B3AF-4E81-ABC0-0F49996EB2A3} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3476184 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E617B6CE-A17D-4382-A722-7D487724840C} - System32\Tasks\NCH Software\ExpressInvoiceSchedBackup => C:\Program Files (x86)\NCH Software\ExpressInvoice\ExpressInvoice.exe [2903608 2022-03-15] (NCH Software, Inc. -> NCH Software)
Task: {E6517561-6F74-4AED-8DA7-AFB5CE65CAA9} - \{975aba40-abe8-11eb-9b32-806e6f6e6963} Updater -> Pas de fichier <==== ATTENTION
Task: {ECB828F8-EE18-4F23-AC60-3BF27B0DED3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe -task (Pas de fichier)
Task: {F06DA073-CE07-4616-B3D5-4E8775AD4149} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe (Pas de fichier)
Task: {F68B424C-36C1-48F8-8F28-AA9570F445F4} - System32\Tasks\AviraSystemSpeedupVerify => C:\Program Files (x86)\Avira\System Speedup\setup\avira_speedup_setup.exe [31903104 2022-08-31] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161112115516.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
Task: C:\WINDOWS\Tasks\WpsKtpcntrQingTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\office6\ktpcntr.exeÃqing 10.1.0.5644 xxx server_url=hxxp:/kdl1.cache.wps.com/ksodl/wpscfg/client/____client____html____service____bubble.html ic_server_url=hxxp:/info.kingsoftstore.com/wpsv6internet/infos.ads
Task: C:\WINDOWS\Tasks\WpsUpdateTask_PRO NATURE.job => C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
AutoConfigURL: [{3A6128AD-B84F-4FF6-B641-78E9A266B70B}] => hxxp://35.236.159.79/win.pac <==== ATTENTION
AutoConfigURL: [S-1-5-21-1950527399-1813795312-2560553265-1001] => hxxp://35.236.159.79/win.pac <==== ATTENTION
AutoConfigURL: [S-1-5-80-3404462892-1987791245-2451609587-3755554482-3689831200] => hxxp://35.236.159.79/win.pac <==== ATTENTION
AutoConfigURL: [S-1-5-80-3880006512-4290199581-1648723128-3569869737-3631323133] => hxxp://35.236.159.79/win.pac <==== ATTENTION
AutoConfigURL: [S-1-5-80-684135558-66954648-645343295-865517114-2956913369] => hxxp://35.236.159.79/win.pac <==== ATTENTION
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{4eb444c3-d241-418d-a3c7-e61f749c6feb}: [DhcpNameServer] 192.168.100.1
Tcpip\..\Interfaces\{b7283d48-66f1-4196-84fa-10218979a0a0}: [DhcpNameServer] 192.168.100.3
Tcpip\..\Interfaces\{cd74b8d6-b5eb-4bc2-bd90-fae4f91a8457}: [DhcpNameServer] 192.168.0.1
ManualProxies: 0hxxp://35.236.159.79/win.pac <==== ATTENTION

Edge: 
=======
DownloadDir: C:\Users\PRO NATURE\Downloads
Edge Notifications: HKU\S-1-5-21-1950527399-1813795312-2560553265-1001 -> hxxps://www.facebook.com
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-17]
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\PRO NATURE\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-13]
Edge Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge Extension: (Avira Safe Shopping) - C:\Users\PRO NATURE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2022-04-11]
Edge Extension: (Avira Password Manager) - C:\Users\PRO NATURE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2022-07-14]
Edge Extension: (Convertio) - C:\Users\PRO NATURE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2021-09-30]
Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\PRO NATURE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-09-06]
Edge Extension: (T-Сashback — кэшбэк-сервис) - C:\Users\PRO NATURE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odbmjgikedenicicookngdckhkjbebpd [2022-09-07]
Edge HKLM-x32\...\Edge\Extension: [odbmjgikedenicicookngdckhkjbebpd]

FireFox:
========
FF ProfilePath: C:\Users\PRO NATURE\AppData\Roaming\Mozilla\Firefox\Profiles\uyu5rcJV.default [2022-09-07]
FF Extension: (Avira Browser Safety) - C:\Users\PRO NATURE\AppData\Roaming\Mozilla\Firefox\Profiles\uyu5rcJV.default\Extensions\abs@avira.com [2017-12-26] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\PRO NATURE\AppData\Roaming\Mozilla\Firefox\Profiles\uyu5rcJV.default\Extensions\passwordmanager@avira.com [2017-12-26] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF Plugin: @java.com/DTPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\dtplugin\npDeployJava1.dll [2022-06-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.333.2 -> C:\Program Files\Java\jre1.8.0_333\bin\plugin2\npjp2.dll [2022-06-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2016-04-14] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Picasa3\npPicasa3.dll [2014-08-01] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2022-07-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default [2022-09-13]
CHR Notifications: Default -> hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://drive.google.com; hxxps://mail-notification.info; hxxps://mnthor.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://supertopfreegames.com; hxxps://www.caroom.fr; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.pinterest.es; hxxps://www.pinterest.fr; hxxps://www.pixartprinting.fr; hxxps://www1a.michellehardin.pro; hxxps://zarabotok-online.xyz
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxps://find-it.pro/?utm_source=distr_m"
CHR DefaultSearchURL: Default -> hxxp://search-cdn.net/fip/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> cdn
CHR DefaultSuggestURL: Default -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (Safe Torrent Scanner) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-06-19]
CHR Extension: (Avira Password Manager) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2022-09-13]
CHR Extension: (Avira Safe Shopping) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2022-09-13]
CHR Extension: (WeeklyHits) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebkcaaigdmochdchgeiofaddpokiondc [2022-09-09]
CHR Extension: (Nettoyer tout - Nettoyeur d'historique et de cache) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\elidgjfpciimeeeoeneeiifkmhadhkeh [2022-08-11]
CHR Extension: (Convertio) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2020-12-02]
CHR Extension: (Protection Web Avira) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-09-13]
CHR Extension: (YoutubeDownloader) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-09-07] [UpdateUrl:hxxps://clients19.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs hors connexion) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-24]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-09-01]
CHR Extension: (JForce) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngibmjbkjncmjbofjccgenddgnbemic [2022-01-17]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-01-23]
CHR Extension: (Find-it.Pro Search) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-09-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Pinterest) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmncileebcgjlaigmolmknmnnfpfcckj [2022-01-17]
CHR Extension: (Google Translate) - C:\Program Files\aieoplapobidheellikiicjfpamacpfd [2022-09-07]
CHR Profile: C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-09-07]
CHR HomePage: Guest Profile -> hxxps://find-it.pro/?utm_source=distr_m
CHR StartupUrls: Guest Profile -> "hxxps://find-it.pro/?utm_source=distr_m" 
CHR DefaultSearchKeyword: Guest Profile -> cdn
CHR DefaultSuggestURL: Guest Profile -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (YoutubeDownloader) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-09-07] [UpdateUrl:hxxps://clients98.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Find-it.Pro Search) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-09-07]
CHR Profile: C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-08-11]
CHR HomePage: Profile 1 -> hxxps://find-it.pro/?utm_source=distr_m
CHR StartupUrls: Profile 1 -> "hxxps://find-it.pro/?utm_source=distr_m" 
CHR DefaultSearchKeyword: Profile 1 -> cdn
CHR DefaultSuggestURL: Profile 1 -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (Safe Torrent Scanner) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2022-07-04]
CHR Extension: (YoutubeDownloader) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-09-07] [UpdateUrl:hxxps://clients79.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-01]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-07-04]
CHR Extension: (Find-it.Pro Search) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-09-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-04]
CHR Profile: C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 2 [2022-09-10]
CHR Notifications: Profile 2 -> hxxps://best-loan-info.com; hxxps://ccleaner-download.xyz; hxxps://mail-notification.info; hxxps://mnthor.xyz; hxxps://pinghauz.xyz; hxxps://s-tracking.xyz; hxxps://supertopfreegames.com; hxxps://zarabotok-online.xyz
CHR HomePage: Profile 2 -> hxxp://fr.yahoo.com/?fr=fp-yie9
CHR StartupUrls: Profile 2 -> "hxxp://fr.yahoo.com/?fr=fp-yie9","hxxp://google.fr/","hxxps://find-it.pro/?utm_source=distr_m"
CHR Extension: (WeeklyHits) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ebkcaaigdmochdchgeiofaddpokiondc [2022-09-07]
CHR Extension: (YoutubeDownloader) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-09-07] [UpdateUrl:hxxps://clients45.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Google Docs hors connexion) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-06]
CHR Extension: (Find-it.Pro Search) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-09-07]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-18]
CHR Profile: C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\System Profile [2022-09-07]
CHR HomePage: System Profile -> hxxps://find-it.pro/?utm_source=distr_m
CHR StartupUrls: System Profile -> "hxxps://find-it.pro/?utm_source=distr_m" 
CHR DefaultSearchKeyword: System Profile -> cdn
CHR DefaultSuggestURL: System Profile -> hxxps://www.google.ru/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&q={searchTerms}
CHR Extension: (YoutubeDownloader) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\gfcdbodapcbfckbfpmgeldfkkgjknceo [2022-09-07] [UpdateUrl:hxxps://clients69.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Find-it.Pro Search) - C:\Users\PRO NATURE\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-09-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
CHR HKU\S-1-5-21-1950527399-1813795312-2560553265-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera: 
=======
OPR Profile: C:\Users\PRO NATURE\AppData\Roaming\Opera Software\Opera Stable [2022-09-13]
OPR DefaultSearchKeyword: Opera Stable -> find-it.pro
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (SurfEasy VPN - Security, Privacy, Unblock) - C:\Users\PRO NATURE\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2018-10-27]
OPR Extension: (Rich Hints Agent) - C:\Users\PRO NATURE\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-01-17]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\PRO NATURE\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-01-17]
OPR Extension: (Find-it.Pro Search) - C:\Users\PRO NATURE\AppData\Roaming\Opera Software\Opera Stable\Extensions\meejmcfbiapijdfaadackoblffmidlig [2022-09-07]
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\PRO NATURE\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2022-01-17]
OPR Extension: (YoutubeDownloader) - C:\Users\PRO NATURE\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdfbhfjldacbdamjhomkgomeialekbng [2022-09-07]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1166352 2022-07-13] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3863256 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3701464 2022-07-27] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [3004688 2022-07-22] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [386864 2022-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AviraSecurity; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Service.exe [265416 2022-08-29] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
S2 AviraSecurityUpdater; C:\Program Files (x86)\Avira\Security\Avira.Spotlight.Common.Updater.exe [284136 2022-08-29] (Avira Operations GmbH -> Avira Operations GmbH & Co. KG)
R2 AzureAttestService; C:\Program Files\Microsoft\AzureAttestService\AzureAttestService.dll [151288 2019-07-24] (Microsoft Windows -> Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12126112 2022-09-09] (Microsoft Corporation -> Microsoft Corporation)
S3 CopperService; C:\Program Files (x86)\NCH Software\Copper\copper.exe [1394736 2018-10-17] (NCH Software Pty Ltd -> NCH Software)
S2 EndpointProtectionService; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8563200 2022-09-09] (Avira Operations GmbH -> Avira Operations GmbH)
R3 EndpointProtectionService2; C:\Program Files\Avira\Endpoint Protection SDK\endpointprotection.exe [8563200 2022-09-09] (Avira Operations GmbH -> Avira Operations GmbH)
S3 ExpressAccountsService; C:\Program Files (x86)\NCH Software\ExpressAccounts\expressaccounts.exe [3736640 2022-01-21] (NCH Software, Inc. -> NCH Software)
S3 ExpressInvoiceService; C:\Program Files (x86)\NCH Software\ExpressInvoice\expressinvoice.exe [2903608 2022-03-15] (NCH Software, Inc. -> NCH Software)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4295208 2017-07-07] (SafeNet Canada, Inc. -> SafeNet, Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Fichier non signé]
S3 InventoriaService; C:\Program Files (x86)\NCH Software\Inventoria\inventoria.exe [1882176 2022-01-26] (NCH Software, Inc. -> NCH Software)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [133376 2016-11-12] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [370368 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$SQLEXPRESS01; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlservr.exe [624544 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2017-03-09] (Nitro Software, Inc. -> )
R2 nlsX86cc; C:\WINDOWS\SysWOW64\NLSSRV32.EXE [71880 2017-03-09] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S3 Soda PDF Desktop; C:\Program Files\Soda PDF Desktop\ws.exe [2581864 2017-01-25] (LULU Software -> LULU Software)
S3 Soda PDF Desktop CrashHandler; C:\Program Files\Soda PDF Desktop\crash-handler-ws.exe [931176 2017-01-25] (LULU Software -> LULU Software)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-06-10] (Microsoft Corporation -> Microsoft Corporation)
S4 SQLAgent$SQLEXPRESS01; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\SQLAGENT.EXE [690088 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$SQLEXPRESS01; C:\Program Files\Microsoft SQL Server\MSSQL15.SQLEXPRESS01\MSSQL\Binn\sqlceip.exe [284600 2022-04-29] (Microsoft Corporation -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\NisSrv.exe [3201616 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1910.4-0\MsMpEng.exe [103168 2019-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
U3 wuauserv; C:\WINDOWS\system32\svchost.exe [55320 2022-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
U3 wuauserv; C:\WINDOWS\SysWOW64\svchost.exe [46504 2022-07-15] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 NitroDriverReadSpool11; "C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe" [X]
S2 SMARTHelperService; "C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTHelperService.exe" [X]
S4 VBoxGuest; VBoxGuest [X]
S4 VBoxMouse; VBoxMouse [X]
S4 VBoxService; VBoxService [X]
S4 VBoxSF; VBoxSF [X]
S4 VBoxVideo; VBoxVideo [X]
S4 VBoxWddm; VBoxWddm [X]
S2 WmiPrvSE; "C:\Users\PRO NATURE\AppData\Local\Temp\csrss\tor\Tor\tor.exe" --nt-service -f "C:\Users\PRO NATURE\AppData\Local\Temp\csrss\tor\torrc" --Log "notice file C:\Users\PRO NATURE\AppData\Local\Temp\csrss\tor\log.txt" <==== ATTENTION

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AiCharger; C:\WINDOWS\system32\DRIVERS\AiCharger.sys [29312 2016-11-15] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [79168 2017-07-07] (SafeNet, Inc. -> SafeNet, Inc.)
R3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [323392 2017-07-07] (SafeNet, Inc. -> SafeNet, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 ASMMAP64; C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [18048 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUS)
R3 AsusHFilter; C:\WINDOWS\System32\drivers\AsusHFilter.sys [30200 2016-12-23] (ASUSTeK Computer Inc. -> )
R3 AsusPTPDrv; C:\WINDOWS\System32\drivers\AsusPTPFilter.sys [108504 2019-04-24] (ASUSTek Computer Inc. -> ASUSTek COMPUTER INC.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [20096 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> ASUSTek Computer Inc.)
R1 BdSentry; C:\WINDOWS\System32\DRIVERS\BdSentry.sys [230520 2022-06-21] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 googledrivefs3758; C:\WINDOWS\System32\DRIVERS\googledrivefs3758.sys [384584 2022-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [1296160 2017-07-07] (SafeNet, Inc. -> SafeNet, Inc.)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32696 2020-11-19] (ASUSTek Computer Inc. -> ASUS)
S3 libusb0; C:\WINDOWS\system32\DRIVERS\libusb0.sys [61696 2019-09-09] (Travis Lee Robinson -> hxxp://libusb-win32.sourceforge.net)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 netprotection_network_filter; C:\WINDOWS\System32\drivers\netprotection_network_filter.sys [100128 2022-06-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [50248 2020-08-11] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 rimvndis; C:\WINDOWS\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) [Fichier non signé]
S3 RimVSerPort; C:\WINDOWS\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
S4 RsFx0300; C:\WINDOWS\System32\DRIVERS\RsFx0300.sys [247488 2014-02-21] (Microsoft Corporation -> Microsoft Corporation)
S4 RsFx0600; C:\WINDOWS\System32\DRIVERS\RsFx0600.sys [286976 2019-09-24] (Microsoft Corporation -> Microsoft Corporation)
S0 rtp_elam; C:\WINDOWS\System32\DRIVERS\rtp_elam.sys [24024 2022-06-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH)
R2 rtp_filesystem_filter; C:\WINDOWS\System32\DRIVERS\rtp_filesystem_filter.sys [205768 2022-09-02] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_process_monitor; C:\WINDOWS\system32\DRIVERS\rtp_process_monitor.sys [187496 2022-09-02] (Avira Operations GmbH -> Avira Operations GmbH)
R1 rtp_traverse; C:\WINDOWS\system32\DRIVERS\rtp_traverse.sys [45672 2022-08-26] (Avira Operations GmbH -> Avira Operations GmbH)
R3 SMARTMouseFilterx64; C:\WINDOWS\System32\drivers\SMARTMouseFilterx64.sys [18952 2020-10-13] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\WINDOWS\System32\drivers\SMARTVHidMiniVistaAmd64.sys [28168 2021-09-09] (Microsoft Windows Hardware Compatibility Publisher -> SMART Technologies)
R3 vip; C:\WINDOWS\System32\drivers\vip.sys [686592 2017-01-20] (Accès refusé)  [Fichier non signé]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [351968 2019-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 netprotection_network_filter2; System32\drivers\netprotection_network_filter2.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-09-13 19:17 - 2022-09-13 19:19 - 000063540 _____ C:\Users\PRO NATURE\Downloads\FRST.txt
2022-09-13 19:16 - 2022-09-13 19:18 - 000000000 ___DC C:\FRST
2022-09-13 19:16 - 2022-09-13 19:16 - 002371072 _____ (Farbar) C:\Users\PRO NATURE\Downloads\FRST64.exe
2022-09-13 19:15 - 2022-09-13 19:15 - 002074112 _____ (Farbar) C:\Users\PRO NATURE\Downloads\FRST.exe
2022-09-12 09:24 - 2022-09-13 10:06 - 000000035 _____ C:\Users\PRO NATURE\AppData\Roaming\sp_data.sys
2022-09-10 18:01 - 2022-09-10 18:02 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\APLI-Agipa
2022-09-10 18:01 - 2022-09-10 18:01 - 000000858 _____ C:\Users\PRO NATURE\Desktop\APLI-AGIPA Business Card Software.lnk
2022-09-10 18:01 - 2022-09-10 18:01 - 000000822 _____ C:\Users\PRO NATURE\Desktop\APLI-AGIPA Hobby&Papers.lnk
2022-09-10 18:01 - 2022-09-10 18:01 - 000000822 _____ C:\Users\PRO NATURE\Desktop\APLI-AGIPA CD Label.lnk
2022-09-10 18:01 - 2022-09-10 18:01 - 000000810 _____ C:\Users\PRO NATURE\Desktop\APLI-AGIPA Label.lnk
2022-09-10 18:01 - 2022-09-10 18:01 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\APLI-AGIPA Soft
2022-09-10 17:42 - 2022-09-10 17:42 - 000000849 _____ C:\Users\PRO NATURE\Desktop\Top Office Software.lnk
2022-09-10 17:42 - 2022-09-10 17:42 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\TopOffice
2022-09-10 17:42 - 2022-09-10 17:42 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Top-Office
2022-09-10 17:42 - 2003-06-25 11:17 - 000374272 _____ (Herd Software Entwicklung/ Ketteler Str. 35/ D-68642 Bürstadt/ hxxp://www.herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) C:\WINDOWS\SysWOW64\Dav3_32.dll
2022-09-10 17:42 - 2003-06-24 13:35 - 000143360 _____ (Herd Software Entwicklung/ Ketteler Str.35/ D-68642 Bürstadt/ hxxp://www.herdsoft.com/ eMail:info@herdsoft.com/ Telefon:+49-6206-707775/ Telefax:+49-6206-707776) C:\WINDOWS\SysWOW64\Leon3_32.dll
2022-09-10 14:03 - 2022-09-10 14:03 - 000001941 _____ C:\Users\Public\Desktop\Labeljoy.lnk
2022-09-10 14:03 - 2022-09-10 14:03 - 000001941 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Labeljoy.lnk
2022-09-10 14:03 - 2022-09-10 14:03 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\Delivery Tech Corp
2022-09-10 14:03 - 2022-09-10 14:03 - 000000000 ____D C:\ProgramData\Delivery Tech Corp
2022-09-10 14:03 - 2022-09-10 14:03 - 000000000 ____D C:\Program Files (x86)\Delivery Tech Corp
2022-09-09 22:01 - 2022-09-09 22:17 - 000000000 ____D C:\Users\PRO NATURE\Desktop\HAMZA
2022-09-07 00:12 - 2022-09-07 00:19 - 000000000 ____D C:\Program Files (x86)\aPsLpItOHpzEtPCAktR
2022-09-07 00:12 - 2022-09-07 00:13 - 000000000 ____D C:\Program Files (x86)\coJkIEbTfJUn
2022-09-07 00:12 - 2022-09-07 00:12 - 000000000 ____D C:\Users\PRO NATURE\Documents\VlcpVideoV1.0.1
2022-09-07 00:11 - 2022-09-07 00:11 - 003218493 _____ (My PDF Company Ltd ) C:\WINDOWS\unins001.exe
2022-09-07 00:11 - 2022-09-07 00:11 - 000000973 _____ C:\WINDOWS\unins001.dat
2022-09-07 00:11 - 2022-09-07 00:11 - 000000000 _____ C:\Users\PRO NATURE\AppData\Roaming\68EB.tmp
2022-09-07 00:10 - 2022-09-07 00:10 - 000000000 _____ C:\Users\PRO NATURE\AppData\Roaming\C45E.tmp
2022-09-07 00:09 - 2022-02-19 11:38 - 002785280 _____ C:\ProgramData\86743209840563735894387333
2022-09-07 00:07 - 2022-09-07 00:07 - 000003560 _____ C:\WINDOWS\system32\Tasks\svchost.exe
2022-09-07 00:05 - 2022-09-07 00:05 - 000000000 _____ C:\Users\PRO NATURE\AppData\Roaming\E24E.tmp
2022-09-07 00:05 - 2022-02-19 11:38 - 002785280 _____ C:\ProgramData\73826873954975462886655069
2022-09-07 00:03 - 2022-09-07 00:03 - 000000000 ____D C:\Program Files\aieoplapobidheellikiicjfpamacpfd
2022-09-07 00:02 - 2022-02-19 11:38 - 002785280 _____ C:\ProgramData\98822416308115943214574811
2022-09-06 23:58 - 2022-09-06 23:58 - 000003658 _____ C:\WINDOWS\system32\Tasks\Cache-S-21-2946144819-3e21f723
2022-09-06 23:58 - 2022-09-06 23:58 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\d750e9ed-6070-49a7-8f8a-ba10cc63a01f
2022-09-06 23:57 - 2022-09-06 23:57 - 000003746 _____ C:\WINDOWS\system32\Tasks\Firefox Default Browser Agent 2EC8974C82FF7562
2022-09-06 23:57 - 2022-09-06 23:57 - 000003246 _____ C:\WINDOWS\system32\Tasks\csrss
2022-09-06 23:57 - 2022-09-06 23:57 - 000000557 _____ C:\Users\PRO NATURE\AppData\Local\bowsakkdestx.txt
2022-09-06 23:57 - 2022-09-06 23:57 - 000000000 ___DC C:\SystemID
2022-09-06 23:57 - 2022-02-19 11:38 - 002785280 _____ C:\ProgramData\24668334330209691175656454
2022-09-06 23:56 - 2022-09-07 00:20 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\44745163-9481-4cef-a07f-4008f9edc65d
2022-09-06 23:56 - 2022-09-07 00:01 - 000003636 _____ C:\WINDOWS\system32\Tasks\PowerControl HR
2022-09-06 23:56 - 2022-09-07 00:01 - 000003380 _____ C:\WINDOWS\system32\Tasks\PowerControl LG
2022-09-06 23:56 - 2022-09-06 23:56 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\Yandex
2022-09-06 23:55 - 2022-09-07 00:19 - 000000000 ____D C:\Program Files (x86)\PowerControl
2022-09-06 23:54 - 2022-09-07 00:25 - 000000000 ____D C:\Users\PRO NATURE\Downloads\NCH SUITE K
2022-09-06 23:53 - 2022-09-06 23:53 - 004712738 _____ C:\Users\PRO NATURE\Downloads\File.zip
2022-09-06 23:40 - 2022-09-06 23:40 - 000001333 _____ C:\Users\Public\Desktop\NCH Suite.lnk
2022-09-06 23:40 - 2022-09-06 23:40 - 000001205 _____ C:\Users\Public\Desktop\Copper Point of Sale Software.lnk
2022-09-06 23:06 - 2022-09-06 23:06 - 000000168 _____ C:\Users\PRO NATURE\Downloads\Inventoria Stock Manager_8.03 Beta_Crack.txt
2022-09-05 15:28 - 2022-09-05 15:28 - 009372584 _____ C:\Users\PRO NATURE\Downloads\Automatismes_Exercices_TDs_Ordi.pdf
2022-09-05 15:26 - 2022-09-05 15:26 - 038235361 _____ C:\Users\PRO NATURE\Downloads\Memento-2017.pdf
2022-09-05 15:26 - 2022-09-05 15:26 - 003452270 _____ C:\Users\PRO NATURE\Downloads\SARII_TP_Autom_2019-2020.pdf
2022-09-02 15:42 - 2022-09-02 15:42 - 000003888 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Maintenance
2022-09-02 15:42 - 2022-09-02 15:42 - 000003428 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Service_SCM_Watchdog
2022-09-02 15:42 - 2022-09-02 15:42 - 000002818 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Systray
2022-08-31 10:43 - 2022-08-31 10:43 - 000003772 _____ C:\WINDOWS\system32\Tasks\AviraSystemSpeedupVerify
2022-08-26 18:55 - 2022-08-26 20:11 - 000001486 _____ C:\Users\PRO NATURE\Desktop\CADe_SIMU.exe - Raccourci.lnk
2022-08-26 18:55 - 2022-08-26 18:55 - 000001450 _____ C:\Users\PRO NATURE\Desktop\PC_SIMU.exe - Raccourci.lnk
2022-08-24 21:10 - 2022-09-09 21:59 - 000002030 _____ C:\Users\PRO NATURE\Desktop\WhatsApp.exe - Raccourci.lnk
2022-08-22 14:11 - 2022-08-22 14:11 - 008345166 _____ C:\Users\PRO NATURE\Downloads\INSTALLATIONS INDUSTRIELLES (2).pdf
2022-08-22 12:40 - 2022-08-22 12:40 - 000803185 _____ C:\Users\PRO NATURE\Downloads\334312007-Dim  ensio  nnement-D  une-Install   ation-Photovoltaique-Autonome_watermark (1).pdf
2022-08-22 12:37 - 2022-08-22 12:37 - 000803185 _____ C:\Users\PRO NATURE\Downloads\334312007-Dim  ensio  nnement-D  une-Install   ation-Photovoltaique-Autonome_watermark.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2022-09-13 19:10 - 2021-05-03 09:47 - 000004166 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{90BC4572-29AB-4AB0-B7D8-5317857F7266}
2022-09-13 18:56 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-13 18:44 - 2019-10-02 19:06 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-13 16:29 - 2017-07-24 16:33 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\WhatsApp
2022-09-13 12:53 - 2020-06-17 16:39 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2022-09-13 12:25 - 2017-08-07 00:53 - 000000000 ____D C:\ProgramData\NVIDIA
2022-09-13 10:00 - 2021-05-03 09:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-09-13 08:52 - 2021-05-04 23:32 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\Deployment
2022-09-13 08:51 - 2017-07-21 16:36 - 000000000 ____D C:\ProgramData\Autodesk
2022-09-13 08:47 - 2022-07-25 03:52 - 000033280 _____ C:\Users\PRO NATURE\Downloads\NbLettre.xla
2022-09-12 03:08 - 2018-07-04 14:43 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\D3DSCache
2022-09-10 23:13 - 2021-05-21 02:25 - 000000000 ____D C:\Users\PRO NATURE\Documents\Lumion 10.0
2022-09-10 17:54 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2022-09-10 14:03 - 2021-03-05 21:24 - 000001644 _____ C:\WINDOWS\ODBCINST.INI
2022-09-10 13:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-09-10 11:28 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-10 11:28 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-09-10 10:37 - 2021-05-03 09:47 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-09-10 10:37 - 2017-07-25 01:50 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2022-09-10 10:35 - 2021-09-25 12:25 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2022-09-10 10:35 - 2021-09-25 12:25 - 000001901 _____ C:\Users\Default\Desktop\Google Slides.lnk
2022-09-10 10:35 - 2021-09-25 12:25 - 000001901 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2022-09-10 10:35 - 2021-09-25 12:25 - 000001889 _____ C:\Users\Default\Desktop\Google Docs.lnk
2022-09-10 10:35 - 2020-04-14 13:43 - 000001865 _____ C:\Users\PRO NATURE\Desktop\Google Drive.lnk
2022-09-10 10:29 - 2020-11-26 23:52 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-10 10:29 - 2020-11-26 23:52 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-09-09 22:20 - 2017-03-11 06:35 - 000000000 ____D C:\Program Files\Microsoft Office
2022-09-09 22:15 - 2021-05-03 09:35 - 001621214 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-09-09 22:15 - 2019-12-07 15:49 - 000690536 _____ C:\WINDOWS\system32\perfh00C.dat
2022-09-09 22:15 - 2019-12-07 15:49 - 000174090 _____ C:\WINDOWS\system32\perfc00C.dat
2022-09-09 22:15 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-09-09 22:14 - 2017-07-24 21:56 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\CrashDumps
2022-09-09 22:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-09-09 22:13 - 2017-03-11 06:59 - 000000000 __SHD C:\Users\PRO NATURE\IntelGraphicsProfiles
2022-09-09 22:07 - 2021-05-03 09:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-09-09 22:07 - 2017-03-11 06:05 - 000000000 __HDC C:\Intel
2022-09-09 22:06 - 2022-07-01 00:33 - 004289632 _____ C:\WINDOWS\system32\rtp.db
2022-09-09 22:06 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-09-08 13:16 - 2021-05-03 09:47 - 000004210 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1500897526
2022-09-08 13:16 - 2017-07-24 12:58 - 000001494 _____ C:\Users\PRO NATURE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2022-09-07 00:20 - 2020-03-19 16:09 - 000000000 ___HD C:\Users\PRO NATURE\AppData\Local\cache
2022-09-07 00:17 - 2017-03-11 06:01 - 000000000 ____D C:\ProgramData\Package Cache
2022-09-07 00:16 - 2017-07-24 21:41 - 000000290 __RSH C:\ProgramData\ntuser.pol
2022-09-07 00:08 - 2020-08-30 20:48 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\Google
2022-09-06 23:59 - 2022-05-19 16:36 - 000000000 ____D C:\WINDOWS\system32\Tasks\NCH Software
2022-09-06 23:40 - 2022-05-19 17:27 - 000001217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Copper Point of Sale Software.lnk
2022-09-06 23:40 - 2022-05-19 16:36 - 000000000 ____D C:\Program Files (x86)\NCH Software
2022-09-06 23:35 - 2017-03-11 07:01 - 000000000 ___RD C:\Users\PRO NATURE\OneDrive
2022-09-06 23:08 - 2022-03-24 09:38 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-09-06 11:53 - 2017-08-20 17:03 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\NitroSpoolDir
2022-09-06 11:53 - 2017-07-22 23:04 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\Nitro
2022-09-06 03:09 - 2017-12-24 01:26 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\Packages
2022-09-02 18:16 - 2022-04-20 13:51 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-02 18:16 - 2022-04-20 13:51 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-02 15:42 - 2021-05-03 09:47 - 000003478 _____ C:\WINDOWS\system32\Tasks\Avira_Security_Update
2022-09-02 15:42 - 2021-04-23 11:55 - 000001080 _____ C:\Users\Public\Desktop\Avira.lnk
2022-09-02 15:42 - 2021-04-23 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2022-09-02 12:30 - 2022-07-01 00:32 - 000205768 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_filesystem_filter.sys
2022-09-02 12:30 - 2022-07-01 00:32 - 000187496 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_process_monitor.sys
2022-09-01 14:48 - 2017-08-09 21:56 - 000000000 ____D C:\Users\PRO NATURE\AppData\Roaming\speechi
2022-08-30 01:10 - 2021-05-03 09:47 - 000003694 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1950527399-1813795312-2560553265-1001UA
2022-08-30 01:10 - 2021-05-03 09:47 - 000003426 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-1950527399-1813795312-2560553265-1001Core
2022-08-30 01:10 - 2021-05-03 09:47 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 01:10 - 2021-05-03 09:47 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-27 22:47 - 2021-12-13 02:51 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1950527399-1813795312-2560553265-1001
2022-08-27 22:47 - 2021-05-03 09:47 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1950527399-1813795312-2560553265-1001
2022-08-27 22:47 - 2021-05-03 09:25 - 000002438 _____ C:\Users\PRO NATURE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-26 21:06 - 2021-05-03 09:25 - 000000000 ____D C:\Users\PRO NATURE
2022-08-26 18:49 - 2022-07-01 00:32 - 000045672 _____ (Avira Operations GmbH) C:\WINDOWS\system32\Drivers\rtp_traverse.sys
2022-08-24 21:25 - 2022-05-18 22:36 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\WhatsApp
2022-08-24 21:25 - 2018-04-01 19:08 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\PlaceholderTileLogoFolder
2022-08-24 20:29 - 2021-05-03 09:47 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2022-08-24 08:13 - 2021-05-03 09:47 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-24 08:13 - 2021-05-03 09:47 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-22 17:16 - 2017-07-24 12:18 - 000000000 ____D C:\Users\PRO NATURE\AppData\Local\ElevatedDiagnostics

==================== Fichiers à la racine de certains dossiers ========

2022-09-07 00:11 - 2022-09-07 00:11 - 000000000 _____ () C:\Users\PRO NATURE\AppData\Roaming\68EB.tmp
2022-05-17 11:26 - 2022-05-17 11:26 - 000248375 ___SH () C:\Users\PRO NATURE\AppData\Roaming\aruaweu
2022-09-07 00:10 - 2022-09-07 00:10 - 000000000 _____ () C:\Users\PRO NATURE\AppData\Roaming\C45E.tmp
2022-09-07 00:05 - 2022-09-07 00:05 - 000000000 _____ () C:\Users\PRO NATURE\AppData\Roaming\E24E.tmp
2022-05-17 11:26 - 2022-05-17 11:26 - 000160970 ___SH () C:\Users\PRO NATURE\AppData\Roaming\scvbdsw
2022-09-12 09:24 - 2022-09-13 10:06 - 000000035 _____ () C:\Users\PRO NATURE\AppData\Roaming\sp_data.sys
2022-09-06 23:57 - 2022-09-06 23:57 - 000000557 _____ () C:\Users\PRO NATURE\AppData\Local\bowsakkdestx.txt
2017-09-28 21:52 - 2022-02-02 13:10 - 000022016 _____ () C:\Users\PRO NATURE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-08-24 13:10 - 2017-08-24 13:10 - 000140800 _____ () C:\Users\PRO NATURE\AppData\Local\installer.dat
2020-06-17 16:35 - 2020-06-17 16:35 - 000000410 _____ () C:\Users\PRO NATURE\AppData\Local\oobelibMkey.log
2020-12-31 19:45 - 2021-06-11 10:14 - 000057344 _____ () C:\Users\PRO NATURE\AppData\Local\WebpageIcons.db

==================== FLock ==============================

2017-01-20 01:56 C:\WINDOWS\system32\Drivers\vip.sys

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================