Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022 Exécuté par conta (administrateur) sur SALON (LENOVO 81MV) (04-01-2023 10:46:14) Exécuté depuis C:\Users\conta\Desktop Profils chargés: conta Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2251 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (APTX Software -> ) [Fichier non signé] C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe (C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(DeviceSettingsSystemAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(MultimediaAddin).exe (C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantage-(VantageCoreAddin).exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe (C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe (C:\Users\conta\AppData\Local\Temp\onefile_3796_133172985645493614\WDCloud.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <10> (C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe ->) () [Fichier non signé] C:\Users\conta\AppData\Local\Temp\onefile_3796_133172985645493614\WDCloud.exe (DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxEM.exe (explorer.exe ->) (Microsoft Corporation) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Windows Sidebar\sidebar.exe (explorer.exe ->) (Thomas Ascher) [Fichier non signé] D:\Logiciel\atnotes\ATnotes.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe (services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.1\ABService.exe (services.exe ->) (bizmodeller Ltd -> bizmodeller Ltd) C:\Program Files\MyMediaForAlexa\MyMediaForAlexa.exe (services.exe ->) (Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (services.exe ->) (Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2> (services.exe ->) (geek software GmbH -> geek software GmbH) D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe (services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_7ecc5be6ca7b3b0d\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_3de4831720bb2934\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_0d8dab4470c5524b\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a9a2dde7124f013f\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHDCPSvc.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5d54dd32fa1ef4d4\IntelCpHeciSvc.exe (services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\LenovoVantageService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Locator.exe (services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (services.exe ->) (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE (services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15831.20208.0_x86__8wekyb3d8bbwe\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15831.20208.0_x86__8wekyb3d8bbwe\Office16\SDXHelperBgt.exe (svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsAlarms_11.2210.9.0_x64__8wekyb3d8bbwe\Time.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\UtcDecoderHost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1076728 2020-03-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [RDMAgent] => "D:\Telechargement\Devolutions.RemoteDesktopManagerFree.Bin.2021.1.40.0\RDMAgent.exe" (Pas de fichier) HKLM\...\Run: [PDF24] => D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe [595640 2022-10-31] (geek software GmbH -> geek software GmbH) HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier) HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [516240 2020-02-18] (QFX Software Corporation -> QFX Software Corporation) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier) HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [Adobe Reader Synchronizer] => "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe" (Pas de fichier) HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [2469184 2020-11-06] (Digital Wave Ltd -> Digital Wave Ltd) HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [EPSON SX410 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-01] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Run: [EPSON SX410 Series (Copie 1)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE [223232 2008-10-01] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\Policies\Explorer: [NoSecurityTab] 1 HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {0a1d9488-4b69-11ec-9d57-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {0a1d94ae-4b69-11ec-9d57-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {1b0f8adc-7388-11ed-9d8f-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {458606f3-f208-11eb-9d42-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {8f277305-0f55-11ed-9d72-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {9212a09c-6a1a-11ec-9d5b-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {afbc2037-d895-11eb-9d29-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {c9754437-96cb-11ec-9d5e-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {dcc1c5b2-8b12-11eb-9d15-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {e3f56e94-791a-11ec-9d5c-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\...\MountPoints2: {edbe0ecf-9d2f-11eb-9d18-3cf011327b1a} - "E:\HiSuiteDownLoader.exe" HKU\S-1-5-21-1500095853-800338277-2208543213-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [581120 2022-08-10] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\54.0.3.0\GoogleDriveFS.exe --startup_mode (Pas de fichier) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> HKLM\...\Print\Monitors\EPSON SX410 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMFCE.DLL [108032 2008-08-08] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --channel=stable Startup: C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-04-23] ShortcutTarget: MEGAsync.lnk -> C:\Users\conta\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) Startup: C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar499.lnk [2022-12-25] ShortcutTarget: Sidebar499.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) [Fichier non signé] [Fichier en cours d'utilisation] GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy-Firefox: Restriction <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0379BCF3-4C11-4A3E-B961-F6F942977FB5} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1500095853-800338277-2208543213-1001 => C:\Users\conta\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe (Pas de fichier) Task: {0999819F-DEB3-42E7-8A28-811138B95223} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {13CD5A29-A5CE-4C40-96BC-8A713CD13877} - \Lenovo\ImController\TimeBasedEvents\671990c2-8e25-432a-ac63-e5c5e53dc2f1 -> Pas de fichier <==== ATTENTION Task: {1C591C80-FD92-4482-9590-18D676A1123F} - System32\Tasks\Lenovo\Vantage\Schedule\IdeaNotebookAddinDailyEvent => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {29ADD5D1-C138-4086-B0D5-A7C55024A4EC} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1500095853-800338277-2208543213-1001 => C:\Users\conta\AppData\Local\MEGAsync\MEGAupdater.exe [2531504 2023-01-01] (Mega Limited -> ) Task: {29EA8AEF-34F6-456C-B18F-5A04ECAD8B28} - \Lenovo\ImController\TimeBasedEvents\f55cec8d-8475-4f61-b258-7b58d406860e -> Pas de fichier <==== ATTENTION Task: {2B272320-4663-4809-857F-2D015EC5CD97} - System32\Tasks\APTXService => C:\Users\conta\AppData\Local\WAAM\v2519\rhc.exe [1536 2022-11-20] () [Fichier non signé] Task: {3CC773CE-0454-49E4-8B6B-27AC4B66D498} - System32\Tasks\CCleanerSkipUAC - conta => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {5422A9AA-17EB-41CB-B921-60ACF59D7C9F} - System32\Tasks\Lenovo\Vantage\Schedule\GenericMessagingAddin => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {5685425D-282F-457B-86F4-07DB05D8B0F9} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION Task: {68CE708E-E248-49A4-99ED-0575EE0956B4} - System32\Tasks\Opera scheduled Autoupdate 1669877784 => C:\Users\conta\AppData\Local\Programs\Opera\launcher.exe [2607560 2022-12-20] (Opera Norway AS -> Opera Software) Task: {6D06D2E8-7FF3-409E-B1A4-82E47D1B5D23} - System32\Tasks\Lenovo\Vantage\Schedule\SettingsWidgetAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {74726AF2-1AD8-4F50-91A4-6A8267281B7F} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe VantageTelemetryAddinTask (Pas de fichier) Task: {802F79B5-9A63-4E53-8F8D-29778AA1623A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NoUACCheck Task: {812C783F-7586-4B1E-815F-E02B57A998DF} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_TVSUUpdateTask_Once => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {84764F3E-DF35-47E5-B255-447BB428F0D6} - System32\Tasks\TrackerAutoUpdate => D:\Logiciel\pdfxchange viewer\Tracker Software\Update\TrackerUpdate.exe [4475136 2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Task: {8A77FEBD-BD0F-420C-B170-53DED576438C} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoCompanionAppAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {8FC7B212-6F63-4F97-90BF-34B9B74A1855} - System32\Tasks\WDDiscovery Service => C:\Users\conta\AppData\Roaming\UPDX\v3-5\WDDiscovery.exe [844664 2013-07-31] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) Task: {8FF73DD4-A423-4482-96F0-E17E8DAAA4F9} - System32\Tasks\2BrightSparks\SyncBackFree\SALON-conta\SyncBackFree ASUS Martine 2 => D:\Logiciel\syncback\SyncBackFree\SyncBackFree.exe -m "ASUS Martine 2" (Pas de fichier) Task: {91A93222-6D45-452D-BCEA-E63502632079} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {949A15D1-8D21-4D12-A688-A4A35E63C149} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-23] (Google LLC -> Google LLC) Task: {980FD14F-D3F5-4232-89C1-604A36D675A3} - System32\Tasks\2BrightSparks\SyncBackFree\SALON-conta\SyncBackFree ASUS Agath => D:\Logiciel\syncback\SyncBackFree\SyncBackFree.exe -m "ASUS Agath" (Pas de fichier) Task: {9C294B10-0476-4292-8842-8694DBC10744} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION Task: {9D82AD20-D8F7-4977-BCDB-DD02FFEF681D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" Task: {A139B97D-B118-4D9B-BFE0-121A4843BD75} - \Lenovo\ImController\TimeBasedEvents\1febbf1d-fd16-4247-b90b-aaefedde1c0a -> Pas de fichier <==== ATTENTION Task: {A9485EF7-972E-4D84-993D-091901066CD4} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1500095853-800338277-2208543213-500 => C:\Users\conta\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier) Task: {AD2988FD-B069-4DFF-8E2F-93AF6D3F799B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B0521750-A27D-4BD9-A85A-2261F4562415} - \Lenovo\ImController\TimeBasedEvents\110e8ccf-b8d3-421d-8774-fbd5d31600a1 -> Pas de fichier <==== ATTENTION Task: {B2974FDE-3A89-47B9-8B4B-AF77444547EC} - System32\Tasks\Lenovo\Vantage\Schedule\LenovoSystemUpdateAddin_WeeklyTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {B378A575-02A9-4DC9-BC74-BAACE3855177} - System32\Tasks\APTXService_LG => Command(1): rhc.exe -> php.exe include.php Task: {B378A575-02A9-4DC9-BC74-BAACE3855177} - System32\Tasks\APTXService_LG => Command(2): rhc.exe -> php.exe index.php Task: {B66A25BB-A752-48AD-B125-D374452593F6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-12-09] (Piriform Software Ltd -> Piriform) Task: {BD79ADAB-D670-4EDC-9889-BD6E27AAB748} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService Task: {BD874BC1-9B22-4D1F-AA88-4FEEEF470222} - System32\Tasks\VSPXService => C:\Users\conta\AppData\Roaming\YSPX\v3-21\rhc.exe [1536 2022-11-06] () [Fichier non signé] Task: {C186801C-2836-4F92-B969-DFA0558DE8EF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-04-23] (Google LLC -> Google LLC) Task: {C3021B3C-D9EE-4B93-BFCE-7425A3D9F1C2} - System32\Tasks\VSPXService_LG => C:\Users\conta\AppData\Roaming\YSPX\v3-21\WDCloud.exe [66984712 2022-12-12] (APTX Software -> ) [Fichier non signé] Task: {C820F68A-852F-44C0-956A-72A4441D6A13} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {CD00290D-A860-4018-A491-CBDE8DD7EC76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {DADEECBA-DAC3-4502-8FDE-95F4F68E356C} - System32\Tasks\Lenovo\Vantage\Schedule\HeartbeatAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {DE9A3E9C-C5F5-4BCF-BA4B-55B4858CB909} - \Lenovo\ImController\TimeBasedEvents\e9459114-37b8-4869-9e68-d6e187e6b6f9 -> Pas de fichier <==== ATTENTION Task: {DFF2570C-539A-4827-A176-9570C6C47F11} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "59fa560b-dfca-4f2a-a461-450090c4632e" --version "6.07.10191" --silent Task: {E52BEF37-3012-4A4A-93AF-176DBE047995} - System32\Tasks\WD Start Service => C:\Users\conta\AppData\Roaming\Packages\TS.exe [25189248 2022-12-26] (APTX Software -> ) [Fichier non signé] Task: {EB0E586F-64F9-4E7C-B837-76897626D307} - System32\Tasks\Lenovo\Vantage\Schedule\BatteryGaugeAddinDailyScheduleTask => C:\Program Files (x86)\Lenovo\VantageService\3.13.43.0\ScheduleEventAction.exe [28888 2022-11-29] (Lenovo -> Lenovo Group Ltd.) Task: {EDD50881-8E9B-4A62-8A0B-62AFC073DFBF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe /verysilent /update /freq=30 (Pas de fichier) Task: {EE6B8984-1859-4B32-8C45-BB93A455CA2A} - System32\Tasks\LenovoUtility Startup => C:\Windows\explorer.exe lenovo-utility:// Task: {F807F7CA-8097-494A-A146-07B4494185ED} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION Task: {FDAB175E-B141-4373-9024-532B1A0A4BA0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => D:\Logiciel\pdfxchange viewer\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{42d623dd-82c6-4808-aa34-dc43c3efa8e2}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-04] Edge Extension: (Avira Safe Shopping) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caiblelclndcckfafdaggpephhgfpoip [2023-01-02] Edge Extension: (Avira Password Manager) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emgfgdclgfeldebanedpihppahgngnle [2023-01-02] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-25] Edge HKLM-x32\...\Edge\Extension: [caiblelclndcckfafdaggpephhgfpoip] Edge HKLM-x32\...\Edge\Extension: [emgfgdclgfeldebanedpihppahgngnle] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: ozbwyszl.default FF DefaultProfile: zqdex72t.default FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602 [2023-01-04] FF Homepage: Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602 -> hxxps://www.symbaloo.com/home/mix/13eP7083bb FF Extension: (AdGuard AdBlocker) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\adguardadblocker@adguard.com.xpi [2023-01-03] FF Extension: (Save Page WE) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\savepage-we@DW-dev.xpi [2023-01-03] FF Extension: (Google Translator for Firefox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\translator@zoli.bod.xpi [2023-01-03] FF Extension: (uBlock Origin) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\uBlock0@raymondhill.net.xpi [2023-01-03] FF Extension: (Flagfox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2023-01-03] FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2023-01-03] FF Extension: (Firefox Personas) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{566b2b3b-67cd-467f-8dba-e1443e93fb03}.xpi [2023-01-03] FF Extension: (dreamstime death race) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{7356ce0a-450a-4f4d-9538-5ebd1703e396}.xpi [2023-01-03] FF Extension: (rainbow blur) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2023-01-03] FF Extension: (Madjoker of this life) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{886f09cf-2035-40e2-8e71-0a03044f7043}.xpi [2023-01-03] FF Extension: (Just a theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{8ec3a412-28c0-4836-8be4-ece0a02401af}.xpi [2023-01-03] FF Extension: (Mozilla: Firefox OS) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2023-01-03] FF Extension: (Tokisaki Kurumi by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{98abe1c1-a798-4238-93fb-ec2ba3c80bb8}.xpi [2023-01-03] FF Extension: (Persona 4) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{a7aa8cf5-e9bb-4c03-8282-1377938bec4f}.xpi [2023-01-03] FF Extension: (Persona 5 Theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{acaa7837-683e-459b-bd13-7f5a2b896ae1}.xpi [2023-01-03] FF Extension: (Symbaloo Homepage and Search) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{c0674718-842b-4d4c-83f2-0627b7098f12}.xpi [2023-01-03] FF Extension: (multicolor trail by candelora) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{c3d0c72d-ffef-4fa9-b169-4d7a5d171504}.xpi [2023-01-03] FF Extension: (FirefoxClassicalBlue) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2023-01-03] FF Extension: (Megumin by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc58ddef-16a2-4270-8992-aad08be9de60}.xpi [2023-01-03] FF Extension: (Shimakaze by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{dc808bc8-9d03-4559-9cde-c535b154d0d1}.xpi [2023-01-03] FF Extension: (Dark Fox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2023-01-03] FF Extension: (LUNA FOX for Red Themes) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\y7cmwu2g.moun-1672752620602\Extensions\{f70f3915-bbb5-423d-be63-3c4ad9681b09}.xpi [2023-01-03] FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\ozbwyszl.default [2021-09-25] FF ProfilePath: C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 [2023-01-03] FF Homepage: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> hxxps://www.symbaloo.com/ FF HomepageOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Disabled: {c0674718-842b-4d4c-83f2-0627b7098f12} FF NewTabOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Disabled: {c0674718-842b-4d4c-83f2-0627b7098f12} FF NewTabOverride: Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361 -> Enabled: uBlock0@raymondhill.net FF Extension: (Facebook Container) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\@contain-facebook.xpi [2021-10-22] FF Extension: (Save Page WE) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\savepage-we@DW-dev.xpi [2021-10-22] FF Extension: (Google Translator for Firefox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\translator@zoli.bod.xpi [2021-10-22] FF Extension: (uBlock Origin) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\uBlock0@raymondhill.net.xpi [2021-10-22] FF Extension: (Flagfox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2021-10-22] FF Extension: (Fantasy of Lights - N.Lights Series 1) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{1a176495-2247-4217-b1fc-139fc11c4324}.xpi [2021-10-22] FF Extension: (Bitwarden) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-10-22] FF Extension: (Firefox Personas) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{566b2b3b-67cd-467f-8dba-e1443e93fb03}.xpi [2021-10-22] FF Extension: (dreamstime death race) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{7356ce0a-450a-4f4d-9538-5ebd1703e396}.xpi [2021-10-22] FF Extension: (rainbow blur) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{7477cece-5973-41fe-a60e-2d2ffae6d21e}.xpi [2021-10-22] FF Extension: (Madjoker of this life) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{886f09cf-2035-40e2-8e71-0a03044f7043}.xpi [2021-10-22] FF Extension: (Just a theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{8ec3a412-28c0-4836-8be4-ece0a02401af}.xpi [2021-10-22] FF Extension: (Mozilla: Firefox OS) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2021-10-22] FF Extension: (Tokisaki Kurumi by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{98abe1c1-a798-4238-93fb-ec2ba3c80bb8}.xpi [2021-10-22] FF Extension: (Persona 4) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{a7aa8cf5-e9bb-4c03-8282-1377938bec4f}.xpi [2021-10-22] FF Extension: (Persona 5 Theme) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{acaa7837-683e-459b-bd13-7f5a2b896ae1}.xpi [2021-10-22] FF Extension: (Video DownloadHelper) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-10-22] FF Extension: (Symbaloo Homepage and Search) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c0674718-842b-4d4c-83f2-0627b7098f12}.xpi [2021-10-22] FF Extension: (multicolor trail by candelora) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c3d0c72d-ffef-4fa9-b169-4d7a5d171504}.xpi [2021-10-22] FF Extension: () - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{c8934291-7998-4094-84fa-a352e8bd3aad}.xpi [2021-10-22] FF Extension: (FirefoxClassicalBlue) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2021-10-22] FF Extension: (Megumin by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc58ddef-16a2-4270-8992-aad08be9de60}.xpi [2021-10-22] FF Extension: (Shimakaze by Akame Hase) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{dc808bc8-9d03-4559-9cde-c535b154d0d1}.xpi [2021-10-22] FF Extension: (Dark Fox) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{e7fe4ffe-f256-4f85-906d-072fdd698585}.xpi [2021-10-22] FF Extension: (LUNA FOX for Red Themes) - C:\Users\conta\AppData\Roaming\Mozilla\Firefox\Profiles\os3y3gvz.default-release-1634887703361\Extensions\{f70f3915-bbb5-423d-be63-3c4ad9681b09}.xpi [2021-10-22] FF ProfilePath: C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default [2023-01-03] FF DownloadDir: D:\Telechargement FF Homepage: Moonchild Productions\Pale Moon\Profiles\zqdex72t.default -> hxxps://www.symbaloo.com/home/mix/13eP7083bb FF Extension: (French) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\fr-FR@dictionaries.thereisonlyxul.org [2021-08-11] [] [non signé] FF Extension: (Français (FR) Language Pack) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\langpack-fr@palemoon.org.xpi [2021-08-20] [] [non signé] FF Extension: (Pale Moon Locale Switcher) - C:\Users\conta\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\zqdex72t.default\Extensions\pm-localeswitch@palemoon.org.xpi [2021-08-11] [] [non signé] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => non trouvé(e) FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=3.0.14 -> D:\Logiciel\VLC\npvlc.dll [Pas de fichier] FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> D:\Logiciel\Foxit reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> D:\Logiciel\Foxit reader\Foxit Reader\plugins\npFoxitReaderPlugin.dll [Pas de fichier] FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Logiciel\picasa\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> D:\Logiciel\vlc\npvlc.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-1500095853-800338277-2208543213-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> D:\Logiciel\pdfxchange viewer\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2021-12-24] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default [2023-01-03] CHR HomePage: Default -> hxxps://search.yahoo.com/?fr=vmn&type=auslog_yaapp3_hp CHR StartupUrls: Default -> "hxxps://www.symbaloo.com/home/mix/13eP7083bb","hxxps://www.google.com/" CHR Extension: (Google Traduction) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-01] CHR Extension: (Save Page WE) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhpefjklgkmgeafimnjhojgjamoafof [2022-12-30] CHR Extension: (Désactivation de Google Analytics) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2021-07-18] CHR Extension: (Google Docs hors connexion) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-30] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-30] CHR Extension: (WhatFont) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2021-07-18] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2022-01-24] CHR Extension: (Video DownloadHelper) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2022-11-02] CHR Extension: (Save to Pocket) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2022-12-30] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-18] CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-03] CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-01-03] CHR StartupUrls: Profile 1 -> "hxxps://www.symbaloo.com/home/mix/13eP6jdBdd" CHR Extension: (Slides) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-26] CHR Extension: (Docs) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-06-26] CHR Extension: (Google Drive) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-06-26] CHR Extension: (Sheets) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-26] CHR Extension: (Google Docs hors connexion) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-26] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-09] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-26] CHR Extension: (Gmail) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-06-26] CHR Extension: (Chrome Media Router) - C:\Users\conta\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-26] CHR Profile: C:\Users\conta\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-03] CHR HKU\S-1-5-21-1500095853-800338277-2208543213-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= OPR Profile: C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable [2023-01-04] OPR DownloadDir: D:\Telechargement OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding} OPR Extension: (Rich Hints Agent) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-12-01] OPR Extension: (Opera Wallet) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-01-03] OPR Extension: (Amazon Assistant Promotion) - C:\Users\conta\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2022-12-01] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [96056 2020-05-20] (Apple Inc. -> Apple Inc.) R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.5.1\ABService.exe [1024448 2021-05-14] (AOMEI International Network Limited -> AOMEI International Network Limited) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1003344 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [438592 2020-11-06] (Digital Wave Ltd -> Digital Wave Ltd) R2 DolbyDAXAPI; C:\WINDOWS\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> ) R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [359808 2019-08-15] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé] R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\\3.13.43.0\LenovoVantageService.exe [32464 ] (Lenovo -> Lenovo Group Ltd.) R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2022-09-01] () [Fichier non signé] R2 MyMediaForAlexa; C:\Program Files\MyMediaForAlexa\MyMediaForAlexa.exe [3140280 2019-02-18] (bizmodeller Ltd -> bizmodeller Ltd) R2 PDF24; D:\Logiciel portable\pdf xchange viewer\PDF24\pdf24.exe [595640 2022-10-31] (geek software GmbH -> geek software GmbH) S3 QFXUpdateService; C:\Program Files (x86)\KeyScrambler\x64\QFXUpdateService.exe [87184 2020-02-18] (QFX Software Corporation -> ) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation) S2 AviraFallbackUpdater; "C:\Program Files (x86)\Avira\Fallback Updater\Avira.Spotlight.FallbackUpdater.exe" FallbackUpdater=true [X] S3 GoogleChromeElevationService; "C:\Program Files\Google\Chrome\Application\108.0.5359.125\elevation_service.exe" [X] S2 ImControllerService; %SystemRoot%\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2021-06-29] (AOMEI International Network Limited -> ) R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-10-04] (Bluestack Systems, Inc -> Bluestack System Inc.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 KeyScrambler; C:\WINDOWS\System32\drivers\keyscrambler.sys [243800 2018-09-08] (QFX Software Corporation -> QFX Software Corporation) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MpKslb1f3128f; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [214280 2022-12-23] (Microsoft Windows -> Microsoft Corporation) R3 MpKsldf862111; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4E19440A-E264-45A9-A66A-BC10D101CB23}\MpKslDrv.sys [214280 2023-01-04] (Microsoft Windows -> Microsoft Corporation) R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2019-07-16] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.) R1 UimBus; C:\WINDOWS\System32\drivers\UimBus.sys [102664 2014-07-09] (Paragon Software GmbH -> ) R1 Uim_DEVIM; C:\WINDOWS\System32\drivers\uim_devim.sys [25992 2014-07-09] (Paragon Software GmbH -> ) R1 Uim_IM; C:\WINDOWS\System32\drivers\uim_im.sys [700296 2014-07-09] (Paragon Software GmbH -> ) S3 usbscan; C:\WINDOWS\system32\DRIVERS\usbscan.sys [49152 2021-02-27] (Microsoft Corporation) [Fichier non signé] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-01-04 10:45 - 2023-01-04 10:46 - 000049339 _____ C:\Users\conta\Desktop\FRST.txt 2023-01-04 10:44 - 2023-01-04 10:46 - 000000000 ____D C:\FRST 2023-01-04 10:42 - 2023-01-04 10:42 - 002376192 _____ (Farbar) C:\Users\conta\Desktop\FRST64.exe 2023-01-03 10:20 - 2023-01-03 10:21 - 000000000 ____D C:\AdwCleaner 2023-01-03 07:13 - 2023-01-03 07:13 - 000000000 ____D C:\ProgramData\Piriform 2023-01-02 08:31 - 2023-01-02 08:31 - 000000000 ____D C:\Users\Public\Security Sessions 2022-12-31 10:04 - 2022-12-31 10:04 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2022-12-31 10:00 - 2022-12-31 10:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avira 2022-12-31 09:56 - 2022-12-31 09:56 - 000000000 ____D C:\WINDOWS\SysWOW64\statReporter 2022-12-31 09:55 - 2022-12-31 09:56 - 000113696 _____ C:\WINDOWS\system32\rtp.db 2022-12-31 09:54 - 2023-01-02 08:32 - 000000000 ____D C:\Users\conta\AppData\Local\Avira 2022-12-31 09:53 - 2023-01-03 18:36 - 000000000 ____D C:\ProgramData\Avira 2022-12-31 04:40 - 2022-12-31 04:40 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.13 2022-12-31 03:50 - 2023-01-04 08:06 - 000013632 _____ C:\Users\conta\Desktop\EDF GDF 2023.ods 2022-12-30 15:00 - 2023-01-04 10:25 - 000004030 _____ C:\WINDOWS\system32\Tasks\WDDiscovery Service 2022-12-30 14:49 - 2023-01-03 08:00 - 000003636 _____ C:\WINDOWS\system32\Tasks\CreateExplorerShellUnelevatedTask 2022-12-29 14:55 - 2022-12-29 14:55 - 000000112 ___SH C:\bootTel.dat 2022-12-29 14:54 - 2022-12-29 14:54 - 000000000 __SHD C:\found.000 2022-12-29 07:39 - 2022-12-31 10:04 - 000000000 ____D C:\Users\conta\AppData\LocalLow\IGDump 2022-12-29 07:37 - 2022-12-31 10:10 - 000000000 ____D C:\Program Files\Malwarebytes 2022-12-28 12:03 - 2022-12-28 12:03 - 000000000 ____D C:\Users\conta\.fontconfig 2022-12-28 12:02 - 2022-12-28 12:12 - 000000000 ____D C:\Users\conta\AppData\Local\Movavi 2022-12-28 12:02 - 2022-12-28 12:02 - 000012616 _____ C:\ProgramData\sguasgrp.vby 2022-12-28 12:02 - 2022-12-28 12:02 - 000000000 ____D C:\Users\conta\AppData\Local\converter 2022-12-28 12:02 - 2022-12-28 12:02 - 000000000 ____D C:\ProgramData\movavi 2022-12-28 11:42 - 2023-01-03 08:00 - 000000000 ____D C:\Users\conta\AppData\Local\BrightData 2022-12-28 11:42 - 2023-01-03 08:00 - 000000000 ____D C:\ProgramData\BrightData 2022-12-28 11:41 - 2022-12-31 11:10 - 000000000 ____D C:\Users\conta\AppData\Local\Free_Time_Co.,_Ltd 2022-12-27 16:15 - 2023-01-04 05:25 - 000003816 _____ C:\WINDOWS\system32\Tasks\VSPXService 2022-12-27 16:15 - 2022-12-27 16:15 - 000003344 _____ C:\WINDOWS\system32\Tasks\VSPXService_LG 2022-12-27 16:15 - 2022-12-27 16:15 - 000000000 ____D C:\Users\conta\AppData\Roaming\YSPX 2022-12-26 16:16 - 2022-12-26 16:16 - 000000000 ____D C:\Users\conta\AppData\Roaming\UPDX 2022-12-26 16:14 - 2023-01-04 05:24 - 000003804 _____ C:\WINDOWS\system32\Tasks\APTXService 2022-12-26 16:14 - 2022-12-26 16:14 - 000003784 _____ C:\WINDOWS\system32\Tasks\APTXService_LG 2022-12-26 16:14 - 2022-12-26 16:14 - 000000000 ____D C:\Users\conta\AppData\Local\WAAM 2022-12-26 16:12 - 2022-12-26 16:13 - 000004032 _____ C:\WINDOWS\system32\Tasks\WD Start Service 2022-12-26 16:12 - 2022-12-26 16:12 - 000000000 ____D C:\Users\conta\AppData\Roaming\Packages 2022-12-26 16:12 - 2022-12-26 16:12 - 000000000 ____D C:\ProgramData\Western Digital 2022-12-25 09:43 - 2022-12-25 09:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\8GadgetPack 2022-12-25 09:43 - 2022-12-25 09:43 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar 2022-12-23 07:07 - 2022-12-23 07:07 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore 2022-12-22 09:59 - 2022-12-22 09:59 - 000000000 ____D C:\Users\conta\AppData\Local\BuildAGadget Content 2022-12-22 09:23 - 2022-12-23 16:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2022-12-19 10:01 - 2023-01-04 07:30 - 000012335 _____ C:\Users\conta\Desktop\dep 2023.ods 2022-12-19 09:27 - 2022-12-31 09:55 - 000000000 ____D C:\Program Files\Mozilla Firefox 2022-12-15 07:14 - 2022-12-16 09:44 - 000000000 ____D C:\Users\conta\AppData\Roaming\XnViewMP 2022-12-15 07:13 - 2022-12-15 07:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnViewMP 2022-12-09 08:17 - 2022-12-14 10:42 - 000000000 ____D C:\Users\conta\AppData\Roaming\dvdcss 2022-12-01 13:18 - 2022-12-01 13:18 - 000000000 ____D C:\Users\conta\AppData\Roaming\LibreOffice 2022-12-01 13:15 - 2022-12-01 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.4 2022-12-01 13:14 - 2022-12-01 13:15 - 000000000 ____D C:\Program Files\LibreOffice 2022-12-01 07:56 - 2022-12-23 10:27 - 000004172 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1669877784 2022-12-01 07:56 - 2022-12-23 10:27 - 000001452 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2022-12-01 07:56 - 2022-12-01 07:56 - 000000000 ____D C:\Users\conta\AppData\Local\Opera Software 2022-12-01 07:55 - 2022-12-01 07:55 - 000000000 ____D C:\Users\conta\AppData\Roaming\Opera Software 2022-11-27 10:57 - 2022-11-27 10:57 - 000000000 ____D C:\Users\conta\AppData\Local\SolidDocuments 2022-11-27 10:56 - 2022-11-27 10:56 - 000000000 ____D C:\Program Files\Adobe 2022-11-27 10:55 - 2022-11-27 10:56 - 000000000 ____D C:\Program Files\Common Files\Adobe 2022-11-24 06:17 - 2022-11-24 06:17 - 000000000 ____D C:\Users\conta\AppData\Local\MicrosoftEdge 2022-11-24 06:08 - 2022-11-24 06:08 - 000000000 ___HD C:\$WinREAgent 2022-11-18 04:18 - 2022-11-18 04:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 2022-11-15 07:17 - 2022-12-15 06:11 - 000000000 ____D C:\Program Files\dotnet 2022-11-15 07:17 - 2022-11-15 08:16 - 000000000 ____D C:\Users\conta\AppData\Local\Text_Grab 2022-11-15 07:17 - 2022-11-15 07:17 - 000000000 ____D C:\Users\conta\AppData\Local\ToastNotificationManagerCompat 2022-11-11 09:47 - 2022-11-11 09:59 - 000000000 ____D C:\Program Files\Wondershare 2022-11-11 09:47 - 2022-11-11 09:47 - 000000016 _____ C:\ProgramData\mntemp 2022-11-11 07:47 - 2022-12-28 12:05 - 000000000 ____D C:\Users\conta\AppData\Local\cache 2022-11-11 07:46 - 2022-11-11 07:46 - 000000000 ____D C:\Users\conta\AppData\Local\Topaz Labs 2022-11-08 06:18 - 2023-01-01 09:36 - 000000000 ____D C:\Users\conta\Documents\MEGAsync Downloads 2022-11-05 18:21 - 2022-11-05 18:21 - 000000000 ____D C:\Users\conta\Documents\Snapshot 2022-11-05 18:21 - 2022-11-05 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video to Video 2022-11-05 16:14 - 2022-11-05 16:14 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate 2022-11-05 16:13 - 2022-11-11 09:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare 2022-11-05 16:13 - 2022-11-06 07:28 - 000000000 ____D C:\Users\conta\AppData\Roaming\Wondershare 2022-11-05 16:13 - 2022-11-05 16:13 - 000000000 ____D C:\Users\conta\AppData\Local\Wondershare 2022-11-05 16:13 - 2022-11-05 16:13 - 000000000 ____D C:\ProgramData\GraphicsType14 2022-11-05 16:12 - 2022-11-11 09:56 - 000000000 ____D C:\ProgramData\Wondershare 2022-11-05 16:12 - 2022-11-11 09:54 - 000000000 ____D C:\Program Files (x86)\Wondershare 2022-11-05 10:47 - 2022-11-05 10:48 - 000000000 ____D C:\Users\conta\AppData\Local\Sidebar7 2022-11-05 10:47 - 2022-11-05 10:47 - 000000000 ____D C:\Users\conta\AppData\Local\Clipboarder 2022-11-04 06:18 - 2022-11-04 06:18 - 000021323 _____ C:\Users\conta\.pdfbox.cache 2022-11-03 08:57 - 2022-11-03 08:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2022-11-02 07:36 - 2022-12-25 09:45 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2022-11-02 07:36 - 2022-12-23 16:05 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2022-11-02 07:35 - 2022-11-02 07:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2022-10-20 08:21 - 2022-10-20 08:21 - 000000000 ____D C:\Users\conta\AppData\Local\myCANAL 2022-10-20 08:20 - 2022-10-20 08:37 - 000000000 ____D C:\ProgramData\myCANAL 2022-10-20 08:20 - 2022-10-20 08:20 - 000002511 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\myCANAL.lnk 2022-10-20 08:20 - 2022-10-20 08:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2022-10-20 08:20 - 2022-10-20 08:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2022-10-19 06:43 - 2022-10-19 06:43 - 000002239 _____ C:\Users\conta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\Users\conta\AppData\Roaming\lddownloader 2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\Users\conta\AppData\Roaming\ChangZhi2 2022-10-18 06:38 - 2022-10-18 06:38 - 000000000 ____D C:\LDPlayer ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-01-04 10:46 - 2020-05-04 11:17 - 000000000 ____D C:\Users\conta\AppData\LocalLow\Mozilla 2023-01-04 10:42 - 2022-02-09 07:10 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-01-04 10:41 - 2021-02-27 11:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-01-04 10:28 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-01-04 09:53 - 2020-05-07 02:31 - 000000000 ____D C:\Program Files (x86)\Google 2023-01-04 06:46 - 2020-07-19 06:30 - 000000000 ____D C:\Program Files\MyMediaForAlexa 2023-01-04 06:29 - 2020-05-04 11:57 - 000000000 ____D C:\Users\conta\AppData\Roaming\vlc 2023-01-04 06:19 - 2020-09-20 09:37 - 000000000 ____D C:\Users\conta\AppData\Roaming\ObviousIdea 2023-01-04 06:12 - 2022-03-14 10:49 - 000179146 _____ C:\Users\conta\Documents\conso journaliere.ods 2023-01-04 05:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2023-01-04 05:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-01-04 05:28 - 2021-02-27 12:02 - 000004156 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{4FB6E3A9-40EB-4E3E-B014-6812897FD4CA} 2023-01-04 05:27 - 2021-11-08 03:16 - 000000000 ____D C:\Program Files\CCleaner 2023-01-04 05:24 - 2020-05-04 09:38 - 000000000 __SHD C:\Users\conta\IntelGraphicsProfiles 2023-01-03 18:44 - 2021-02-27 12:04 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-01-03 18:44 - 2019-12-07 15:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat 2023-01-03 18:44 - 2019-12-07 15:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat 2023-01-03 18:44 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2023-01-03 18:42 - 2020-05-04 09:43 - 000000000 ____D C:\Users\conta\AppData\Local\Lenovo 2023-01-03 18:37 - 2021-02-27 12:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-01-03 18:37 - 2021-02-27 11:56 - 000008192 ___SH C:\DumpStack.log.tmp 2023-01-03 18:37 - 2020-05-08 07:35 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat 2023-01-03 18:37 - 2020-05-08 07:35 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2023-01-03 18:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2023-01-03 18:37 - 2019-05-16 03:18 - 000000134 _____ C:\WINDOWS\system32\regtest.txt 2023-01-03 18:37 - 2019-05-16 03:17 - 000000000 ___HD C:\Intel 2023-01-03 18:36 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI 2023-01-03 14:30 - 2021-08-29 08:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2023-01-03 12:31 - 2020-05-06 16:38 - 000000000 ____D C:\Users\conta\AppData\Local\D3DSCache 2023-01-03 10:29 - 2020-05-04 09:38 - 000000000 ____D C:\Users\conta\AppData\Local\Packages 2023-01-03 10:21 - 2019-05-16 03:04 - 000000000 ____D C:\ProgramData\Lenovo 2023-01-03 07:29 - 2020-08-18 13:34 - 000000000 ____D C:\Users\conta\AppData\Roaming\ZHP 2023-01-02 15:23 - 2021-04-23 07:56 - 000000000 ____D C:\Program Files\Google 2023-01-01 09:27 - 2021-04-23 07:04 - 000000000 ____D C:\Users\conta\AppData\Local\MEGAsync 2022-12-31 14:23 - 2021-07-04 07:08 - 000000000 ____D C:\WINDOWS\Minidump 2022-12-31 14:23 - 2021-06-16 16:39 - 000000000 ____D C:\Users\conta\AppData\Local\CrashDumps 2022-12-31 09:59 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2022-12-31 09:56 - 2021-02-27 11:56 - 000487544 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2022-12-31 04:40 - 2022-08-06 02:36 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2022-12-30 14:58 - 2021-02-27 11:29 - 000000000 ____D C:\Users\conta 2022-12-30 14:54 - 2020-12-20 09:40 - 000000000 ____D C:\Users\conta\AppData\Roaming\Apowersoft 2022-12-30 14:54 - 2020-12-20 09:39 - 000000000 ____D C:\Users\conta\AppData\Local\Apowersoft 2022-12-27 08:25 - 2021-01-14 07:51 - 000000000 ____D C:\Users\conta\AppData\Local\FileConverter 2022-12-25 10:15 - 2020-05-04 11:41 - 000049513 _____ C:\Users\conta\Desktop\tel 29 dec 2022.ods 2022-12-25 09:43 - 2021-07-02 09:00 - 000000000 ____D C:\Program Files\Windows Sidebar 2022-12-25 09:33 - 2020-05-04 09:42 - 000000000 ____D C:\Users\conta\AppData\Local\PlaceholderTileLogoFolder 2022-12-23 16:05 - 2021-10-13 07:54 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2022-12-23 16:04 - 2021-08-29 08:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2022-12-22 13:40 - 2020-05-04 11:28 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2022-12-19 09:29 - 2021-08-29 08:58 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2022-12-18 10:53 - 2020-05-04 12:16 - 000000000 ____D C:\Users\conta\AppData\Roaming\Molotov 2022-12-17 16:11 - 2020-06-26 05:11 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-12-15 06:11 - 2019-05-16 03:03 - 000000000 ____D C:\ProgramData\Package Cache 2022-12-14 10:54 - 2020-05-04 11:49 - 000000000 ____D C:\WINDOWS\system32\MRT 2022-12-14 10:54 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2022-12-14 10:51 - 2020-05-04 11:49 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2022-12-10 15:29 - 2022-09-22 08:10 - 000000000 ____D C:\Users\conta\AppData\Local\molotov-updater 2022-12-09 06:54 - 2018-09-19 19:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd ==================== Fichiers à la racine de certains dossiers ======== 2021-01-23 04:18 - 2022-10-27 06:15 - 000001520 _____ () C:\Users\conta\AppData\Roaming\FSLog.log 2021-04-28 08:49 - 2021-04-28 08:49 - 000000041 _____ () C:\Users\conta\AppData\Roaming\stsetting.ini 2020-09-05 03:13 - 2021-01-23 03:57 - 000000129 _____ () C:\Users\conta\AppData\Local\ecf81c3ad8bc03595e9e09d117d92c37 2022-07-15 06:58 - 2022-07-15 06:58 - 000001258 _____ () C:\Users\conta\AppData\Local\recently-used.xbel 2020-05-08 05:24 - 2020-05-08 05:24 - 000000017 _____ () C:\Users\conta\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2020-05-10 02:46 - 1998-07-13 01:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CMDLGFR.DLL 2020-05-10 02:46 - 1998-07-13 00:00 - 000015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETFR.DLL 2020-05-10 02:46 - 1998-07-13 02:00 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCIFR.DLL 2020-05-10 02:46 - 1998-07-13 01:00 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCMCFR.DLL 2020-05-10 02:46 - 1998-07-13 00:00 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPIFR.DLL 2020-05-10 02:46 - 2001-08-24 14:00 - 001355776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvbvm50.dll 2007-12-04 16:53 - 2007-12-04 16:53 - 000053248 ____R (PalmSource, Inc) C:\WINDOWS\SysWOW64\PalmDevC.dll 2021-07-12 13:12 - 2019-07-16 17:42 - 000053299 _____ C:\WINDOWS\SysWOW64\pthreadVC.dll 2020-05-10 02:46 - 2000-10-02 02:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 2020-05-10 02:46 - 2000-07-15 02:00 - 000101888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2020-05-10 02:46 - 2005-10-14 10:57 - 000237568 _____ (EnAppSys Ltd) C:\WINDOWS\SysWOW64\vbXML.dll 2020-05-10 02:46 - 2005-10-16 16:34 - 000151552 _____ (EnAppSys Ltd) C:\WINDOWS\SysWOW64\vbXMLRPC.dll 2023-01-04 10:42 - 2023-01-04 10:42 - 002376192 _____ (Farbar) C:\Users\conta\Desktop\FRST64.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de d‚marrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {5dad00f1-77d1-11e9-8ff4-806e6f6e6963} {bootmgr} {5dad00f2-77d1-11e9-8ff4-806e6f6e6963} {5dad00f3-77d1-11e9-8ff4-806e6f6e6963} timeout 0 Gestionnaire de d‚marrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {721fdc6f-bbad-11ea-9cd2-3cf011327b1a} displayorder {current} toolsdisplayorder {memdiag} timeout 0 Application logicielle (101fffff) -------------------------------- identificateur {5dad00f1-77d1-11e9-8ff4-806e6f6e6963} description EFI USB Device Application logicielle (101fffff) -------------------------------- identificateur {5dad00f2-77d1-11e9-8ff4-806e6f6e6963} description EFI DVD/CDROM Application logicielle (101fffff) -------------------------------- identificateur {5dad00f3-77d1-11e9-8ff4-806e6f6e6963} description EFI Network Chargeur de d‚marrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {721fdc72-bbad-11ea-9cd2-3cf011327b1a} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {721fdc6f-bbad-11ea-9cd2-3cf011327b1a} nx OptIn bootmenupolicy Standard Chargeur de d‚marrage Windows ----------------------------- identificateur {721fdc72-bbad-11ea-9cd2-3cf011327b1a} device ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{721fdc73-bbad-11ea-9cd2-3cf011327b1a} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume6]\Recovery\WindowsRE\Winre.wim,{721fdc73-bbad-11ea-9cd2-3cf011327b1a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre … partir de la mise en veille prolong‚e ------------------------------------------------- identificateur {721fdc6f-bbad-11ea-9cd2-3cf011327b1a} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {721fdc72-bbad-11ea-9cd2-3cf011327b1a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de m‚moire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume3 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics m‚moire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes ParamŠtres EMS -------------- identificateur {emssettings} bootems No ParamŠtres du d‚bogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de m‚moire RAM ---------------------- identificateur {badmemory} ParamŠtres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} ParamŠtres du chargeur de d‚marrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} ParamŠtres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 ParamŠtres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de p‚riph‚rique ----------------------- identificateur {721fdc73-bbad-11ea-9cd2-3cf011327b1a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume6 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================