Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020
Exécuté par jcld1950 (administrateur) sur JCLD (Dell Inc. Inspiron 3721) (04-01-2021 10:23:11)
Exécuté depuis C:\Users\jcld1950\Desktop
Profils chargés: jcld1950
Platform: Windows 10 Home Version 2004 19041.685 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\dolibarr\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apache Software Foundation) [Fichier non signé] C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe
(Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(bookingDesktopApp.) [Fichier non signé] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(Gadwin, Ltd. -> Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2>
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(INTERNET PROJECT LLC -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\jcld1950\AppData\Roaming\ZHP\ZHPSuite.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC. -> CANON INC.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Compal Electronics, Inc. -> Dell Inc.)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) [Fichier non signé]
HKLM\...\Run: [VDownloader] => C:\Program Files (x86)\VDownloader\VDownloader.exe [3017216 2014-09-24] (Vitzo) [Fichier non signé]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] (RealNetworks, Inc. -> )
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888440 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [204272 2018-03-27] (INTERNET PROJECT LLC -> )
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [493776 2012-05-13] (Gadwin, Ltd. -> Gadwin Systems, Inc)
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [VDownloader] => C:\Program Files (x86)\VDownloader\VDownloader.exe [3017216 2014-09-24] (Vitzo) [Fichier non signé]
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony Mobile Communications AB -> Sony) [Fichier non signé]
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Dexpot] => C:\Program Files (x86)\Dexpot\dexpot.exe [1847816 2019-07-08] (Sebastian Brands und Patrick Dubbert (Dexpot GbR) -> Dexpot GbR)
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10203648 2019-01-30] (FreeDownloadManager.org) [Fichier non signé]
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\MountPoints2: {6b6e2683-0607-11e4-bea0-74867a17dd33} - "E:\LaunchU3.exe"
HKLM\...\Windows x64\Print Processors\RXEG2IPPR: C:\Windows\System32\spool\prtprocs\x64\RXEG2IPPR.dll [77312 2013-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.)
HKLM\...\Print\Monitors\CNAP2 Monitor: C:\WINDOWS\system32\CNAP2LMD.DLL [486400 2012-09-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\WINDOWS\system32\hpinkstsa011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050A J611 series): C:\WINDOWS\system32\HPDiscoPMa011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [115592 2015-06-04] (pdfforge GmbH -> pdfforge GmbH)
HKLM\...\Print\Monitors\RXEG2 PJL Monitor: C:\WINDOWS\system32\RXEG2LMON.dll [73728 2013-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Teco Image Systems Co., Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-12-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] ->
IFEO\DisplaySwitch.exe: [Debugger]
IFEO\taskmgr.exe: [Debugger]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-12-19]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-03-17]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2017-05-26]
ShortcutAndArgument: Alertes de surveillance de l'encre - .lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2BJ1CPBC05WK;CONNECTION=NW;MONITOR=1;
Startup: C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series (réseau).lnk [2017-10-16]
ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series (réseau).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2BJ1CPBC05WK;CONNECTION=NW;MONITOR=1;
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {00F257A2-5C54-47C4-B90A-9AE173F78C27} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe
Task: {02168C5B-2B33-41F0-A65A-AA5BFCEF4B53} - \WPD\SqmUpload_S-1-5-21-2238367292-1815982713-3710956016-1001 -> Pas de fichier <==== ATTENTION
Task: {0F044DF0-EEF6-4628-901F-F80EF72A75FE} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé]
Task: {11A2B6AF-EB19-49C3-ACA3-482BE08D3D1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {1893E5D8-9F5A-4E78-81A8-29A2F234870C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
Task: {1D856D78-076D-4F8A-BD5D-81544F77CEB3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {2170B4E2-FF15-4823-A8E3-2FB516564344} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
Task: {22BE57B2-7F9F-4965-A297-66535EA23A0F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {262FE211-F0FA-4A2C-ACA2-FAC5C418C896} - System32\Tasks\Toolbox.exe_{5EBA4948-0308-412A-9F1F-4F7A2A77CCD5} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe
Task: {27111F30-EFDD-48A9-8C3B-7AC668682CC8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-18] (Adobe Inc. -> Adobe)
Task: {27402B59-B5AF-453D-82B5-3ACBE6E3ABE7} - System32\Tasks\EuroFortune UpdateCasino => C:\Program Files (x86)\EuroFortune\UpdateCasino.exe
Task: {278C92B3-59FC-48A7-9CE1-4EDEB007A218} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [Fichier non signé]
Task: {2D43C9D7-97A3-4107-B83C-12DFA0BEFFA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {2E1C2555-9048-4CBF-A078-ADBFDF790616} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-12-03] (CyberLink Corp. -> CyberLink)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36D04A15-757E-4F32-9FC1-72A843D44839} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {41894A5D-BFBE-45D8-A7B0-EEE56B4D7EB7} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340000 2012-12-03] (CyberLink Corp. -> CyberLink Corp.)
Task: {41C8901D-C451-48FD-91A6-2D910540C7F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {467ECF30-0354-42C2-9A57-FF9AF3DDDDEC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {48200742-89B3-4D34-B516-C51A23855E43} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {4ABED8FA-4103-4673-ACBB-7469A4FB5E62} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {4C633324-E65F-474C-B65D-51EF98AF3732} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-24] (Mozilla Corporation -> Mozilla Foundation)
Task: {4CAF4C99-25B6-47E0-888A-48316DEB59EE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {538D823A-6FA1-4B52-A075-3BBF713D842B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {53981729-5845-4D6D-9028-409024BC07DF} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé]
Task: {5676C4AA-A6CC-4898-86D0-99526074CC6E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {59504D44-302A-4884-AFFC-C30D00E1B371} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {5B7FFC06-F391-46B1-B5FE-7E8D424B7807} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {5DFE1E75-1F01-417A-979A-0610168CED88} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe
Task: {5F659184-CCA9-4E13-B4FF-237C1B694600} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70CD78AF-D740-4317-BB3F-1162FFF233A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {710C1752-B9A0-4B30-BF77-E8CA6257BBDB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-18] (Adobe Inc. -> Adobe)
Task: {7293E8A4-521B-4758-A2D4-05ED823FE4ED} - System32\Tasks\HPCeeScheduleForjcld1950 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {736E001D-74C9-4A21-BDD2-E1D5FFAE91E4} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4167080 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {7F4B285F-3DC8-4971-819E-1BC9E6DACF5F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {80D54EE3-A934-4B62-AB30-9C1444B43ED8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {83DD5D49-49AA-4464-8F51-984B6CE06B7B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {96152FC1-A060-43E9-BBD8-05F7728C54CD} - System32\Tasks\HP AR Program Upload - b010e8a9657649c3b397d3205160d369eed7498a36ef4b978da765dceba6630c => C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPRewards.exe
Task: {A0FDB83E-A1F9-4476-88A9-CB4E7897BF24} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A3B0DABB-937A-4BF9-8FD6-5538F7318A4E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [18392 2018-05-11] (Dell Inc. -> Dell Inc.)
Task: {AC5B9580-6887-4A39-B52C-F44BE2CDAFF3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe
Task: {B4BA238E-FBE5-4495-8B53-35BB5C6DE10E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {B9572196-4809-43F4-A916-B7C22120DD63} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {BAAFFABC-35D8-40B2-9614-6C5118881619} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {BFB65097-EDE0-46C5-A9AB-67DBB97E0232} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {C0037819-BF77-412E-BD6A-A60FC0E6DE1D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {C0E7FCC1-8257-4FED-8EFA-EF23A894EAB3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {C844C5F6-02A0-4167-9F2E-229B78A4EB08} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.)
Task: {CBAD5D4B-217A-414C-AC58-A7BFD8C897BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {CD63DEE5-B5A4-4492-90B4-75A74696618C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CD6FC605-AACA-4B5E-8605-F29C80541BB9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D4690CA2-3BBB-4D7C-A5C9-534ABE2E2F3D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {DA5CC24F-CC7F-4AA8-B62C-CF8BB5BE0ED8} - \StartMenuAutoupdate -> Pas de fichier <==== ATTENTION
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CLMLSvc_P2G8" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CLVDLauncher" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CreateChoiceProcessTask" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Dell SupportAssistAgent AutoUpdate" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\FreeDownloadManagerNetworkMonitor" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\HP AR Program Upload - b010e8a9657649c3b397d3205160d369eed7498a36ef4b978da765dceba6630c" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\HPCeeScheduleForjcld1950" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\HPCustParticipation HP Deskjet 3050A J611 series" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\IObitSelfCheckTask" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2238367292-1815982713-3710956016-1001" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater Check Driver Update" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater for JCLD@jcld1950(logon)" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater Schedule" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater Update" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\Start WinZip Registry Optimizer with delay for JCLD@jcld1950" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\Synaptics TouchPad Enhancements" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\Toolbox.exe_{5EBA4948-0308-412A-9F1F-4F7A2A77CCD5}" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{19F1BCE8-C355-423E-824F-8A05371EF1A9}" /ENABLE
Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(26): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {DFFB0B7D-58AB-4650-84D2-39796AC02812} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E1597750-1AC4-414A-9772-7FADD4D17956} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {E5BEEB4E-0D67-4F0E-8136-966AE0DB6749} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {EBCD9D2A-4321-412F-9658-DDF02DF435AC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {EE0F68BE-7CA0-4C85-9B31-02147DE69C3E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {EEF3E126-39B1-4753-8F76-0F96711EB32F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {F5EC8B89-13C2-4A74-A23C-9A039448A3BD} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {F9425C1F-16F5-41D1-8183-A29457797F6B} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForjcld1950.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0b1dc53f-1475-4c0b-9712-ed444928c7cb}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{1df35de9-5b5e-4d4b-808a-76c445f8c427}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2c180796-43d5-406d-85d3-5d906165dd33}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{836329de-a1cd-451b-b9ad-bfce9575b321}: [DhcpNameServer] 192.168.0.254
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
======
DownloadDir: C:\Users\jcld1950\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2238367292-1815982713-3710956016-1001 -> hxxp://www.google.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\jcld1950\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-04]
Edge HomePage: Default -> hxxp://www.ourluckysites.com/?type=hp&ts=1492590830&z=ed5ce4c98dec182fdb1fc77g9zetbo3w7tdefb8cbo&from=che0812&uid=ST500LT012-9WS142_W0V9JFHYXXXXW0V9JFHY
Edge StartupUrls: Default -> "hxxp://www.ourluckysites.com/?type=hp&ts=1492590830&z=ed5ce4c98dec182fdb1fc77g9zetbo3w7tdefb8cbo&from=che0812&uid=ST500LT012-9WS142_W0V9JFHYXXXXW0V9JFHY"
Edge DefaultSearchURL: Default -> hxxps://www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jcld1950\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-01-01]
Edge Extension: (IBM Security Rapport) - C:\Users\jcld1950\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2020-10-19]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc]
FireFox:
========
FF DefaultProfile: huxsr9vs.default-1512899888846
FF ProfilePath: C:\Users\jcld1950\AppData\Roaming\Mozilla\Sunbird\Profiles\xli5zvnz.default [2019-11-22]
FF Extension: (IBM Security Rapport) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com (1).xpi [2018-03-29] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (IBM Security Rapport) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-04-28] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org [2019-08-26] [] [non signé]
FF Extension: (Lightning stub extension for Sunbird) - C:\Program Files (x86)\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2019-08-26] [] [non signé]
FF ProfilePath: C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 [2021-01-04]
FF Homepage: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> moz-extension://c2cbff4c-b950-4fb2-ae56-a36c86e7315b/dynamicHomePage.html
FF NewTab: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> hxxp://www.bing.com/?pc=COS2&ptag=D091119-N0600A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016
FF Notifications: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> hxxps://phonandroid.os.tc; hxxps://www.facebook.com; hxxps://forum.frandroid.com; hxxps://pagesjaunes-by.accengage.net; hxxps://www.miniinthebox.com; hxxps://fedae.by.wonderpush.com; hxxps://www.facture.net; hxxps://www.psabanque.fr; hxxps://crm.zoho.eu; hxxps://www.commentcamarche.net; hxxps://www.hubspot.fr; hxxps://www.fnac.com; hxxps://www.federation-auto-entrepreneur.fr; hxxps://www.metal-interface.com; hxxps://www.lesnumeriques.com; hxxps://www.papergeek.fr; hxxps://www.legifiscal.fr; hxxps://www.linecoaching.com; hxxps://www.cnetfrance.fr; hxxps://mail.google.com; hxxps://www.1formatik.com; hxxps://www.monpetitforfait.com; hxxps://www.imyfone.com; hxxps://fr.shein.com; hxxps://worldissmall.fr; hxxps://www.backmarket.fr; hxxps://www.toutvendre.fr; hxxps://www.teleservice-depannage.com; hxxps://www.gentside.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _dxMembers_@www.download-freemaps.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: qwantcomforfirefox@jetpack
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _euMembers_@free.filesendsuite.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _ftMembers_@free.mytelevisionhq.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _65Members_@download.fromdoctopdf.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dbMembers_@free.getformsonline.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _b7Members_@free.mytransitguide.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _64Members_@www.televisionfanatic.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dqMembers_@www.downspeedtest.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _39Members_@www.mapsgalaxy.com
FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _e5Members_@www.productivityboss.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _dxMembers_@www.download-freemaps.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _euMembers_@free.filesendsuite.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _ftMembers_@free.mytelevisionhq.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _65Members_@download.fromdoctopdf.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dbMembers_@free.getformsonline.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _b7Members_@free.mytransitguide.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _64Members_@www.televisionfanatic.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dqMembers_@www.downspeedtest.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _39Members_@www.mapsgalaxy.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _e5Members_@www.productivityboss.com
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: qwantcomforfirefox@jetpack
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: wikipedia@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: qwant@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: ebay@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: ddg@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: amazon@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: bing@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: google@search.mozilla.org
FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _j5Members_@ext.ask.com
FF Extension: (Pas de nom) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-12]
FF Extension: (Avast Online Security) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\wrc@avast.com.xpi [2020-06-18]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-12-30]
FF Extension: (Le Coin Raccourcis) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\{bca9c941-df28-4e08-98d9-35870277de34}.xpi [2020-08-14]
FF SearchPlugin: C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\searchplugins\bing-lavasoft-ff59.xml [2019-09-11]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-12-17] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-25] [] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-18] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-18] (Adobe Inc. -> )
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-11] (bookingDesktopApp.) [Fichier non signé]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-11] (bookingDesktopApp.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
FF Plugin HKU\S-1-5-21-2238367292-1815982713-3710956016-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC) [Fichier non signé]
Chrome:
=======
CHR Profile: C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default [2020-12-29]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Slides) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-11]
CHR Extension: (Docs) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-11]
CHR Extension: (Google Drive) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-18]
CHR Extension: (YouTube) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-18]
CHR Extension: (Sheets) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-11]
CHR Extension: (Farmville2 X-Press) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbgjpdhhnbgmnafojckjmjogcpoinlim [2019-09-11]
CHR Extension: (Google Docs hors connexion) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-11]
CHR Extension: (Avast Online Security) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-11]
CHR Extension: (Gmail) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11]
CHR Extension: (Download une image) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkkboomagahhdmhndlkfeeplhpdaidgl [2019-09-11]
CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - <pas de Path/update_url>
CHR HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-18] (Adobe Inc. -> Adobe)
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé]
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc -> Dell Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Techporch Incorporated -> Dell Inc.)
R2 doliwampapache; c:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [Fichier non signé]
R2 doliwampmysqld; c:\dolibarr\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe [5730304 2007-07-06] () [Fichier non signé]
S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [97776 2018-03-27] (INTERNET PROJECT LLC -> Freemake)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc. -> HP Inc.)
S2 hshld_10.9.9; C:\Program Files (x86)\Hotspot Shield\10.9.9\bin\cmw_srv.exe [224760 2020-10-26] (Pango Inc. -> Pango Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit Information Technology -> IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R2 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH -> pdfforge GmbH)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3008896 2020-08-18] (IBM -> IBM Corp.)
S4 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-03-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
S4 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1095440 2016-03-17] (RealNetworks, Inc. -> RealNetworks, Inc.)
S3 ReflectService; C:\Program Files (x86)\NCH Software\Reflect\reflect.exe [1148448 2018-10-17] (NCH Software Pty Ltd -> NCH Software)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] (CyberLink -> )
S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [Fichier non signé]
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [43480 2018-05-11] (Dell Inc. -> Dell Inc.)
S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [Fichier non signé]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-07-27] (Techporch Incorporated -> Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-07-27] (Techporch Incorporated -> Dell Computer Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-01] (Malwarebytes Corporation -> Malwarebytes)
S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [11776 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-01] (Malwarebytes Inc -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R1 pango_netfilter2; C:\WINDOWS\System32\drivers\pango_netfilter2.sys [94080 2020-10-26] (Pango Inc. -> Pango Inc)
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [450240 2020-08-18] (IBM -> IBM Corp.)
R1 RapportCerberus_2004080; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [1460480 2020-09-29] (IBM -> IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [546056 2020-08-18] (IBM -> IBM Corp.)
R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398984 2020-08-18] (IBM -> IBM Corp.)
R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448904 2020-08-18] (IBM -> IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [564928 2020-08-18] (IBM -> IBM Corp.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-30] (Microsoft Windows -> Microsoft Corporation)
S3 ZTEusbmdm6k; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbnmea; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
S3 ZTEusbser6k; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-01-04 10:23 - 2021-01-04 10:29 - 000056395 _____ C:\Users\jcld1950\Desktop\FRST.txt
2021-01-04 10:22 - 2020-12-29 23:40 - 002286592 _____ (Farbar) C:\Users\jcld1950\Desktop\FRST64(1).exe
2021-01-04 09:15 - 2021-01-04 09:58 - 000476636 _____ C:\Users\jcld1950\Desktop\ZHPDiag.txt
2021-01-04 09:15 - 2021-01-04 09:15 - 000590239 _____ C:\Users\jcld1950\Desktop\ZHPDiag.html
2021-01-04 08:35 - 2021-01-04 09:21 - 000000906 _____ C:\Users\jcld1950\Desktop\ZHPSuite.lnk
2021-01-04 08:35 - 2021-01-04 08:35 - 000000000 ____D C:\Users\jcld1950\AppData\Local\ZHP
2021-01-04 08:16 - 2021-01-04 08:17 - 003479176 _____ (Nicolas Coolman) C:\Users\jcld1950\Downloads\ZHPSuite.exe
2021-01-03 12:07 - 2021-01-03 12:07 - 000146894 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201110(2).pdf
2021-01-03 11:49 - 2021-01-03 11:49 - 000154962 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210(3).pdf
2021-01-03 11:48 - 2021-01-03 11:48 - 000154962 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210(2).pdf
2021-01-03 11:46 - 2021-01-03 11:46 - 000154964 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210(1).pdf
2021-01-03 11:46 - 2021-01-03 11:46 - 000154952 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210.pdf
2021-01-02 11:52 - 2021-01-02 11:52 - 000000000 ____H C:\Users\jcld1950\Documents\Default.rdp
2021-01-01 20:03 - 2021-01-01 20:03 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-01-01 20:03 - 2021-01-01 20:03 - 000001983 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-01-01 20:02 - 2021-01-01 20:02 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-01-01 20:02 - 2021-01-01 20:02 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-01-01 20:02 - 2021-01-01 20:02 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-01-01 20:02 - 2021-01-01 20:02 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-01-01 19:58 - 2021-01-01 19:57 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-01-01 19:58 - 2021-01-01 19:57 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-01-01 17:07 - 2021-01-01 17:07 - 000000000 ____D C:\WINDOWS\SysWOW64\store
2021-01-01 14:04 - 2021-01-01 14:04 - 000000000 ____D C:\Users\jcld1950\AppData\Local\mbam
2021-01-01 14:03 - 2021-01-01 20:03 - 000001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-01-01 13:56 - 2021-01-01 13:56 - 002086424 _____ (Malwarebytes) C:\Users\jcld1950\Downloads\MBSetup(2).exe
2021-01-01 09:15 - 2021-01-01 13:41 - 000000000 ____D C:\KVRT_Data
2021-01-01 09:06 - 2021-01-01 09:13 - 190178672 _____ (AO Kaspersky Lab) C:\Users\jcld1950\Downloads\KVRT(1).exe
2021-01-01 09:05 - 2021-01-01 09:12 - 190178672 _____ (AO Kaspersky Lab) C:\Users\jcld1950\Downloads\KVRT.exe
2020-12-30 21:42 - 2020-12-30 21:42 - 000668076 _____ C:\Users\jcld1950\Downloads\CourrierDeVotreCaisse(3).pdf
2020-12-30 21:40 - 2020-12-30 21:40 - 000668076 _____ C:\Users\jcld1950\Downloads\CourrierDeVotreCaisse(2).pdf
2020-12-30 21:38 - 2020-12-30 21:38 - 000668076 _____ C:\Users\jcld1950\Downloads\CourrierDeVotreCaisse(1).pdf
2020-12-30 21:11 - 2020-12-30 21:11 - 000147131 _____ C:\Users\jcld1950\Downloads\Avis_d_impot_2020_sur_les_revenus_2019(3).pdf
2020-12-30 21:11 - 2020-12-30 21:11 - 000098537 _____ C:\Users\jcld1950\Downloads\Avis_d_impot_2019_sur_les_revenus_2018(2).pdf
2020-12-30 21:10 - 2020-12-30 21:10 - 000147131 _____ C:\Users\jcld1950\Downloads\Avis_d_impot_2020_sur_les_revenus_2019(2).pdf
2020-12-30 14:31 - 2021-01-04 02:56 - 000000000 ____D C:\Users\jcld1950\AppData\LocalLow\IGDump
2020-12-30 14:09 - 2020-12-30 14:09 - 000000000 ____D C:\Program Files\Malwarebytes
2020-12-30 13:50 - 2020-12-30 14:16 - 002086424 _____ (Malwarebytes) C:\Users\jcld1950\Downloads\MBSetup(1).exe
2020-12-30 13:50 - 2020-12-30 13:50 - 002086424 _____ (Malwarebytes) C:\Users\jcld1950\Downloads\MBSetup.exe
2020-12-30 13:09 - 2020-12-30 13:09 - 000000000 ____D C:\CCE_Quarantine
2020-12-30 13:09 - 2019-09-15 01:13 - 000002130 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ccebak
2020-12-29 23:39 - 2020-12-29 23:40 - 002286592 _____ (Farbar) C:\Users\jcld1950\Downloads\FRST64(1).exe
2020-12-29 22:41 - 2020-12-29 22:41 - 000001266 _____ C:\Users\jcld1950\Desktop\Multi Virus Cleaner 2020.lnk
2020-12-29 22:41 - 2020-12-29 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2020
2020-12-29 22:41 - 2020-12-29 22:41 - 000000000 ____D C:\Program Files (x86)\AxBx
2020-12-29 22:32 - 2020-12-29 22:33 - 020463256 _____ (AxBx ) C:\Users\jcld1950\Downloads\setup.exe
2020-12-29 16:49 - 2020-12-29 16:49 - 000030252 _____ C:\WINDOWS\system32\servers.def.lkg
2020-12-29 16:49 - 2020-12-29 16:49 - 000030252 _____ C:\WINDOWS\system32\servers.def
2020-12-29 16:49 - 2020-12-29 16:49 - 000003313 _____ C:\WINDOWS\system32\servers.def.vpx
2020-12-29 15:16 - 2020-12-29 15:16 - 000259728 _____ (AVG Technologies CZ, s.r.o.) C:\Users\jcld1950\Downloads\avg_antivirus_free_setup.exe
2020-12-29 14:30 - 2021-01-01 19:03 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\WiperSoft
2020-12-29 14:20 - 2020-12-29 14:21 - 002527040 _____ (Wiper Software, UAB) C:\Users\jcld1950\Downloads\WiperSoft-installer.exe
2020-12-29 14:20 - 2020-12-29 14:20 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\IsolatedStorage
2020-12-29 14:20 - 2020-12-29 14:20 - 000000000 ____D C:\Users\jcld1950\AppData\Local\Solvusoft_Corporation
2020-12-29 14:20 - 2020-12-29 14:20 - 000000000 ____D C:\ProgramData\IsolatedStorage
2020-12-29 14:16 - 2020-12-29 14:43 - 000000000 ____D C:\ProgramData\WinThruster
2020-12-29 14:14 - 2020-12-29 14:14 - 001344192 _____ (Solvusoft Corporation) C:\Users\jcld1950\Downloads\Setup_FileViewPro_2020.exe
2020-12-29 14:07 - 2020-12-29 14:08 - 000229858 _____ C:\Users\jcld1950\Downloads\watch[1] (3)
2020-12-29 14:07 - 2020-12-29 14:07 - 000229858 _____ C:\Users\jcld1950\Downloads\watch[1] (2)
2020-12-29 14:07 - 2020-12-29 14:07 - 000229858 _____ C:\Users\jcld1950\Downloads\watch[1] (1)
2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(7).pdf
2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(6).pdf
2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(5).pdf
2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(4).pdf
2020-12-29 10:14 - 2020-12-29 10:14 - 000231808 _____ C:\Users\jcld1950\Downloads\watch[1](1)
2020-12-29 10:14 - 2020-12-29 10:14 - 000231808 _____ C:\Users\jcld1950\Downloads\watch[1]
2020-12-29 10:14 - 2020-12-29 10:14 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(3).pdf
2020-12-29 10:13 - 2020-12-29 10:13 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(2).pdf
2020-12-29 09:38 - 2020-12-29 09:38 - 000214924 _____ C:\Users\jcld1950\Desktop\DE00000372_ Nexson group(4).pdf
2020-12-29 09:31 - 2020-12-29 09:32 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(4).pdf
2020-12-29 09:03 - 2020-12-29 09:03 - 000000155 _____ C:\Users\jcld1950\Desktop\KrrassVidéoCGQG12K.url
2020-12-29 08:54 - 2020-12-29 08:55 - 000000133 _____ C:\Users\jcld1950\Desktop\KrrassVidéoAtelierFabrication.url
2020-12-29 08:40 - 2020-12-29 08:41 - 000000150 _____ C:\Users\jcld1950\Desktop\KrrassVidéoPPHWC67K.url
2020-12-29 08:26 - 2020-12-29 08:26 - 000826999 _____ C:\Users\jcld1950\Downloads\product_4980da62.pdf
2020-12-29 08:26 - 2020-12-29 08:26 - 000826999 _____ C:\Users\jcld1950\Downloads\product_4980da62(1).pdf
2020-12-28 11:37 - 2020-12-28 11:37 - 000000148 _____ C:\Users\jcld1950\Desktop\KrrassWC67K.url
2020-12-25 17:04 - 2020-12-25 17:04 - 000087097 _____ C:\Users\jcld1950\Downloads\ACFrOgBUidc12Pncw93bAZuLShS3rgVDL3UaxOMlhCNP0SSs0FxVrtQ2OuTYdWhLq8vCNtdhKoYqvLPYOpcf7QhtZt8N7i3T_BAVIv1k6kHe2VKNoyyPyG6anMlIENQ=(1).pdf
2020-12-25 16:58 - 2020-12-25 16:58 - 000087097 _____ C:\Users\jcld1950\Downloads\ACFrOgBUidc12Pncw93bAZuLShS3rgVDL3UaxOMlhCNP0SSs0FxVrtQ2OuTYdWhLq8vCNtdhKoYqvLPYOpcf7QhtZt8N7i3T_BAVIv1k6kHe2VKNoyyPyG6anMlIENQ=.pdf
2020-12-24 14:22 - 2020-12-24 14:23 - 000000133 _____ C:\Users\jcld1950\Desktop\Ethanol + potar.url
2020-12-24 14:15 - 2020-12-24 14:15 - 000000133 _____ C:\Users\jcld1950\Desktop\Bioethanol modif.url
2020-12-24 13:04 - 2020-12-24 13:04 - 000000196 _____ C:\Users\jcld1950\Desktop\AssuranceAuto.url
2020-12-24 12:54 - 2020-12-24 12:54 - 000201878 _____ C:\Users\jcld1950\Downloads\ACFrOgB5ofI9VrsLOkHytxD-arPFTK7iXDQ216_Rbo48c-i9dtsx_cJ3_HBueN-zeUYfx5jxoptnZI41qIFS-ecP1NBaGdUbVCA49Hnv9dGh34UCv3uF2GJHEuy2Vmo=(1).pdf
2020-12-24 12:53 - 2020-12-24 12:53 - 000201878 _____ C:\Users\jcld1950\Downloads\ACFrOgB5ofI9VrsLOkHytxD-arPFTK7iXDQ216_Rbo48c-i9dtsx_cJ3_HBueN-zeUYfx5jxoptnZI41qIFS-ecP1NBaGdUbVCA49Hnv9dGh34UCv3uF2GJHEuy2Vmo=.pdf
2020-12-24 12:35 - 2020-12-24 12:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-24 12:30 - 2020-12-24 12:30 - 000000933 _____ C:\Users\jcld1950\Desktop\Nouveau dossier - Raccourci.lnk
2020-12-24 12:29 - 2020-12-24 12:34 - 000080526 _____ C:\Users\jcld1950\Desktop\PERMISDECONDUIRE RV.PDF
2020-12-24 09:30 - 2020-12-29 09:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-12-23 15:16 - 2020-12-23 15:16 - 000671637 _____ C:\Users\jcld1950\Downloads\7dee99_6c5881f8ef2549a889efd7072133fcfa.pdf
2020-12-23 15:16 - 2020-12-23 15:16 - 000671637 _____ C:\Users\jcld1950\Downloads\7dee99_6c5881f8ef2549a889efd7072133fcfa(2).pdf
2020-12-23 15:16 - 2020-12-23 15:16 - 000671637 _____ C:\Users\jcld1950\Downloads\7dee99_6c5881f8ef2549a889efd7072133fcfa(1).pdf
2020-12-23 10:55 - 2020-12-23 10:55 - 000000193 _____ C:\Users\jcld1950\Desktop\40%Amortissement.url
2020-12-23 08:29 - 2020-12-23 08:29 - 000024269 _____ C:\Users\jcld1950\Downloads\ACFrOgAnPbt9dBjCqPioPwQ3ny627fJ39eh8U6MuY5Dhgt_9pYwiB-mKxIINpYeRjTl3igOP4hDlcNqLigldazpDL6yWPx4O5TV87pnNZUm14tqsicOMTAYMCsDPIMU=.pdf
2020-12-22 18:36 - 2020-12-22 18:39 - 000000000 ____D C:\Users\jcld1950\Desktop\Pret COVID LBP
2020-12-22 18:14 - 2020-12-22 18:14 - 000024729 _____ C:\Users\jcld1950\Downloads\379333206_8501_EXTRAIT_RCS.pdf
2020-12-22 16:33 - 2020-12-22 16:33 - 000042065 _____ C:\Users\jcld1950\Downloads\Demande_de_Pret_garanti_par_letat_2020_DYN.pdf
2020-12-18 19:48 - 2020-12-18 19:48 - 000211314 _____ C:\Users\jcld1950\Downloads\ACFrOgALiwg6agOXkFUTDO_Wu5Ot1a4571KBYNB5KTIeidXMPllqS7mrZWV0Wuvqc3o03WTdFakCr3jJeTVIS1vf_hnT_zuNk7Mz3_Yr-2AaQZ3tRG5mGSiTnrZcoTE=.pdf
2020-12-18 16:06 - 2020-12-18 16:06 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(1).pdf
2020-12-18 16:04 - 2020-12-18 16:04 - 000214924 _____ C:\Users\jcld1950\Desktop\DE00000372_ Nexson group(3).pdf
2020-12-18 16:03 - 2020-12-18 16:03 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3).pdf
2020-12-18 16:02 - 2020-12-18 16:02 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(2).pdf
2020-12-18 16:02 - 2020-12-18 16:02 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(1).pdf
2020-12-18 14:23 - 2018-10-14 14:35 - 000000000 ____D C:\Users\jcld1950\Desktop\AE
2020-12-18 12:05 - 2020-12-18 12:06 - 000194902 _____ C:\Users\jcld1950\Downloads\guide-suramortissement-transformation-numerique(1).pdf
2020-12-18 11:48 - 2020-12-18 11:48 - 000210921 _____ C:\Users\jcld1950\Downloads\ACFrOgDJekU-qt71194DfpWZr4W5vVCL7GjJoJLS2HW5IVTisO-1Y5V811vIwdAtiYuKKvWncKxtEl1pEEHKf2ZQQr9c32WzSiMTKpOiXfhdkmc56SMCaWd1-Y8iEuk=
2020-12-18 11:45 - 2020-12-18 11:45 - 000211237 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group.pdf
2020-12-17 19:04 - 2020-12-17 19:04 - 000829603 _____ C:\Users\jcld1950\Downloads\ACFrOgD-251Win6ZXGmqnOIw4DtkX9EwyjQZfpIlypqv4U0xDvizOyzLhhCYzn2eHCc9_7xb3NX2U78TZpF0YIxiHN4-WFunbev0okvmLoWsFfAdEwrfPUAgl7GVm14=
2020-12-17 18:53 - 2020-12-17 18:54 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU=(3)
2020-12-17 18:53 - 2020-12-17 18:53 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU=(2)
2020-12-17 11:14 - 2020-12-17 11:14 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU=(1)
2020-12-17 11:13 - 2020-12-17 11:13 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU=
2020-12-17 08:43 - 2020-12-17 08:43 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgA6iZt27U6R2wrpolpSxIQPTRDJ-TMx9GsLunP4Jc8h8CH0zc4L3qRYEWckOCRC3gN_OKB_GVWk5_LDK17WjUboaCIqLiWaSDiJg4sxCe4AXV-LdAJwhJITZD8=
2020-12-16 09:38 - 2020-12-16 09:38 - 000000000 ____D C:\Users\jcld1950\Desktop\NEX PPH +CG COLLY
2020-12-16 06:57 - 2021-01-01 15:40 - 000000000 ____D C:\Users\jcld1950\Desktop\KEEAFF Photos
2020-12-15 20:04 - 2020-12-15 20:04 - 000147599 _____ C:\Users\jcld1950\Downloads\devis(1)
2020-12-15 20:04 - 2020-12-15 20:04 - 000147599 _____ C:\Users\jcld1950\Downloads\devis
2020-12-14 11:50 - 2020-12-14 11:50 - 000146900 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201110(1).pdf
2020-12-14 11:49 - 2020-12-14 11:49 - 000146894 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201110.pdf
2020-12-14 11:41 - 2020-12-14 11:41 - 000102955 _____ C:\Users\jcld1950\Downloads\Avis_de_taxe_d_habitation_CAP_2020(1).pdf
2020-12-13 18:50 - 2020-12-13 18:52 - 000000133 _____ C:\Users\jcld1950\Desktop\PCF Q35 20 KRRASS YOUTUBE.url
2020-12-11 11:36 - 2020-12-11 11:36 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4=(3)
2020-12-11 11:16 - 2020-12-11 11:16 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4=(2)
2020-12-11 11:13 - 2020-12-11 11:14 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4=(1)
2020-12-11 08:47 - 2020-12-11 08:48 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4=
2020-12-10 15:06 - 2020-12-10 15:06 - 000000000 _____ C:\Users\jcld1950\AppData\Local\{487A7B74-9924-48DE-8F29-5BEA5A3DE8FF}
2020-12-10 08:35 - 2020-12-10 08:35 - 008129352 _____ C:\Users\jcld1950\Downloads\Canal-51-doubles-pages-cd-ppjp-ssl.pdf
2020-12-09 19:38 - 2020-12-09 19:38 - 000002126 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2020-12-09 05:24 - 2020-12-09 05:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-12-09 05:23 - 2020-12-09 05:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-12-09 05:22 - 2020-12-09 05:22 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2020-12-09 05:22 - 2020-12-09 05:22 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 05:22 - 2020-12-09 05:22 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl
2020-12-09 05:22 - 2020-12-09 05:22 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2020-12-09 05:22 - 2020-12-09 05:22 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-12-09 05:21 - 2020-12-09 05:21 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll
2020-12-09 05:21 - 2020-12-09 05:21 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl
2020-12-09 05:21 - 2020-12-09 05:21 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2020-12-09 05:21 - 2020-12-09 05:21 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2020-12-09 05:21 - 2020-12-09 05:21 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe
2020-12-09 05:20 - 2020-12-09 05:20 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-12-09 05:20 - 2020-12-09 05:20 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-12-09 05:20 - 2020-12-09 05:20 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt
2020-12-09 05:18 - 2020-12-09 05:18 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2020-12-09 05:18 - 2020-12-09 05:18 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-12-09 05:18 - 2020-12-09 05:18 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2020-12-09 05:18 - 2020-12-09 05:18 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2020-12-09 05:18 - 2020-12-09 05:18 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll
2020-12-09 05:18 - 2020-12-09 05:18 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll
2020-12-09 05:18 - 2020-12-09 05:18 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-12-08 17:27 - 2020-12-08 17:28 - 006694294 _____ C:\Users\jcld1950\Downloads\catalog.pdf
2020-12-08 15:11 - 2020-12-08 15:11 - 000733028 _____ C:\Users\jcld1950\Downloads\VIMERCATI-200312_Catalogo_Prodotti_Cesoie_compressed-2.pdf
2020-12-08 14:56 - 2020-12-08 14:56 - 002145309 _____ C:\Users\jcld1950\Downloads\VIMERCATI-Catalogo_Prodotti_PRESSE_compressed.pdf
2020-12-07 11:58 - 2020-12-07 11:59 - 000000133 _____ C:\Users\jcld1950\Desktop\machine plasma.url
2020-12-06 16:24 - 2020-12-06 16:24 - 000361236 _____ C:\Users\jcld1950\Downloads\0RLM3403082001.PDF
2020-12-06 16:09 - 2020-12-06 16:09 - 000379773 _____ C:\Users\jcld1950\Downloads\0RSA3400522001.PDF
2020-12-06 16:08 - 2020-12-06 16:08 - 000357685 _____ C:\Users\jcld1950\Downloads\0RSA3400522002.PDF
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-01-04 10:26 - 2015-08-05 08:39 - 000000000 ____D C:\FRST
2021-01-04 10:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-04 10:08 - 2017-03-17 17:46 - 000000000 ____D C:\Program Files\CCleaner
2021-01-04 09:58 - 2015-03-29 16:13 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\ZHP
2021-01-04 09:49 - 2020-08-22 19:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-04 04:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-04 04:22 - 2014-05-21 15:35 - 000000000 ____D C:\Users\jcld1950\AppData\Local\CrashDumps
2021-01-03 16:34 - 2019-09-16 12:57 - 000000000 ____D C:\Users\jcld1950\AppData\Local\Free Download Manager
2021-01-01 20:03 - 2017-04-17 20:15 - 000000000 ____D C:\Users\jcld1950\AppData\LocalLow\Mozilla
2021-01-01 19:58 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-01-01 19:57 - 2013-12-18 11:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-01-01 19:56 - 2016-03-12 10:52 - 000000000 __SHD C:\Users\jcld1950\IntelGraphicsProfiles
2021-01-01 19:54 - 2020-08-22 20:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-01 19:54 - 2020-08-22 19:11 - 000008192 ___SH C:\DumpStack.log.tmp
2021-01-01 19:09 - 2018-08-17 10:37 - 000000354 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjcld1950.job
2021-01-01 19:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-01-01 19:02 - 2014-01-11 21:05 - 000000000 ____D C:\Program Files (x86)\7-Zip
2021-01-01 18:57 - 2020-08-22 20:18 - 000003258 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForjcld1950
2021-01-01 18:56 - 2014-01-09 13:28 - 000000000 ____D C:\Users\jcld1950\Documents\PrintScreen Files
2021-01-01 17:06 - 2020-08-22 19:18 - 000000000 ____D C:\Users\jcld1950
2021-01-01 13:43 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-01 09:33 - 2018-01-12 17:20 - 000000000 ____D C:\Users\jcld1950\AppData\Local\PlaceholderTileLogoFolder
2021-01-01 09:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-01 09:32 - 2018-06-13 17:53 - 000000000 ____D C:\ProgramData\Packages
2021-01-01 09:32 - 2017-12-27 14:26 - 000000000 ____D C:\Users\jcld1950\AppData\Local\Packages
2020-12-30 13:10 - 2019-08-29 18:04 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\Dexpot
2020-12-30 07:45 - 2018-02-28 09:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-12-29 22:15 - 2019-09-11 10:01 - 000000000 ____D C:\ProgramData\BlueStacksSetup
2020-12-29 16:59 - 2020-08-22 19:45 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-29 16:59 - 2019-12-07 15:49 - 000792836 _____ C:\WINDOWS\system32\perfh00C.dat
2020-12-29 16:59 - 2019-12-07 15:49 - 000149966 _____ C:\WINDOWS\system32\perfc00C.dat
2020-12-29 16:59 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-29 16:46 - 2013-11-30 21:28 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-29 16:38 - 2020-08-09 18:36 - 000000000 ___DC C:\WINDOWS\Panther
2020-12-29 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-12-29 16:37 - 2019-09-11 10:41 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-29 16:09 - 2014-05-02 13:30 - 000000000 ____D C:\temp
2020-12-29 15:17 - 2017-01-01 17:41 - 000000000 ____D C:\ProgramData\Avg
2020-12-29 10:29 - 2020-09-23 09:02 - 000000000 ____D C:\Users\jcld1950\AppData\Local\AVAST Software
2020-12-29 09:44 - 2020-08-22 20:18 - 000003304 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{19F1BCE8-C355-423E-824F-8A05371EF1A9}
2020-12-29 09:44 - 2020-08-22 20:18 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2238367292-1815982713-3710956016-1001
2020-12-29 09:44 - 2020-08-22 20:18 - 000002040 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements
2020-12-29 09:44 - 2020-08-22 20:18 - 000001968 _____ C:\WINDOWS\system32\Tasks\Toolbox.exe_{5EBA4948-0308-412A-9F1F-4F7A2A77CCD5}
2020-12-29 09:43 - 2020-08-22 20:18 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-12-29 09:43 - 2020-08-22 20:18 - 000003516 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-29 09:43 - 2020-08-22 20:18 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-12-29 09:43 - 2020-08-22 20:18 - 000003292 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-29 09:43 - 2020-08-22 20:18 - 000003256 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate
2020-12-29 09:43 - 2020-08-22 20:18 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-12-29 09:43 - 2020-08-22 20:18 - 000002764 _____ C:\WINDOWS\system32\Tasks\HP AR Program Upload - b010e8a9657649c3b397d3205160d369eed7498a36ef4b978da765dceba6630c
2020-12-29 09:43 - 2020-08-22 20:18 - 000002514 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series
2020-12-29 09:43 - 2020-08-22 20:18 - 000002456 _____ C:\WINDOWS\system32\Tasks\IObitSelfCheckTask
2020-12-29 09:43 - 2020-08-22 20:18 - 000002350 _____ C:\WINDOWS\system32\Tasks\CLVDLauncher
2020-12-29 09:43 - 2020-08-22 20:18 - 000002350 _____ C:\WINDOWS\system32\Tasks\CLMLSvc_P2G8
2020-12-29 09:43 - 2020-08-22 20:18 - 000002318 _____ C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask
2020-12-29 09:43 - 2020-08-22 20:18 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2020-12-29 09:43 - 2020-08-22 20:18 - 000001944 _____ C:\WINDOWS\system32\Tasks\FreeDownloadManagerNetworkMonitor
2020-12-29 09:42 - 2020-08-22 20:18 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-12-29 09:42 - 2013-11-29 20:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-29 08:30 - 2020-08-22 20:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2020-12-28 11:22 - 2020-07-03 10:37 - 000000000 ____D C:\Users\jcld1950\Desktop\Guide de l’utilisateur de l’iPhone - Assistance Apple_fichiers
2020-12-24 12:35 - 2017-09-04 09:46 - 000000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-23 15:36 - 2020-09-02 14:32 - 000000000 ____D C:\Users\jcld1950\Desktop\Re Visa Partner _ 04527031 - jcld1950@gmail.com - Gmail_fichiers
2020-12-20 11:41 - 2018-09-16 15:14 - 000000000 ____D C:\Users\jcld1950\Desktop\MicroEntreprise 2018
2020-12-19 10:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-19 01:29 - 2020-04-13 23:40 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-17 15:53 - 2020-08-22 19:18 - 000002452 _____ C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-12-17 15:53 - 2013-11-30 20:14 - 000000000 ___RD C:\Users\jcld1950\SkyDrive
2020-12-16 16:32 - 2020-08-07 15:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2020-12-09 19:38 - 2017-04-12 16:59 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-12-09 15:39 - 2020-08-22 19:11 - 000480264 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
==================== Fichiers à la racine de certains dossiers ========
2020-10-26 16:06 - 2020-10-26 16:06 - 000000000 ____D () C:\ProgramData\DUNotifier.exe
2015-05-21 16:15 - 2015-08-04 11:40 - 001872384 _____ () C:\Users\jcld1950\ZHPCleaner.exe
2013-12-17 21:22 - 2013-12-17 21:22 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.6284.dll
2014-10-08 09:25 - 2010-01-26 17:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe
2015-03-28 10:29 - 2015-03-28 10:30 - 000000005 _____ () C:\Users\jcld1950\AppData\Roaming\dossier.txt
2019-08-29 16:13 - 2019-08-29 16:13 - 000000000 _____ () C:\Users\jcld1950\AppData\Roaming\Meihua2_Selected_Device.ini
2016-11-04 13:52 - 2016-10-25 17:30 - 000000043 _____ () C:\Users\jcld1950\AppData\Roaming\pdfdrawcodec.dll
2016-04-03 15:56 - 2016-11-25 18:04 - 000000098 _____ () C:\Users\jcld1950\AppData\Roaming\SDC_Path_Meihua2_U.ini
2014-01-09 14:29 - 2014-03-31 00:29 - 000000140 _____ () C:\Users\jcld1950\AppData\Roaming\WB.CFG
2015-08-04 16:02 - 2015-08-04 16:02 - 000120948 _____ () C:\Users\jcld1950\AppData\Local\ars.cache
2015-08-04 19:43 - 2015-08-04 19:43 - 000328122 _____ () C:\Users\jcld1950\AppData\Local\census.cache
2015-08-04 15:31 - 2015-08-04 15:31 - 000000036 _____ () C:\Users\jcld1950\AppData\Local\housecall.guid.cache
2015-03-27 11:02 - 2015-03-27 11:02 - 000011788 _____ () C:\Users\jcld1950\AppData\Local\Temp-log.txt
2020-04-28 10:09 - 2020-04-28 10:09 - 000000000 _____ () C:\Users\jcld1950\AppData\Local\{2E122C8C-7D5F-415B-ACFA-78A493B6DE45}
2020-12-10 15:06 - 2020-12-10 15:06 - 000000000 _____ () C:\Users\jcld1950\AppData\Local\{487A7B74-9924-48DE-8F29-5BEA5A3DE8FF}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================