Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-12-2020 Exécuté par jcld1950 (administrateur) sur JCLD (Dell Inc. Inspiron 3721) (04-01-2021 10:23:11) Exécuté depuis C:\Users\jcld1950\Desktop Profils chargés: jcld1950 Platform: Windows 10 Home Version 2004 19041.685 (X64) Langue: Français (France) Navigateur par défaut: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --single-argument %1 Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\dolibarr\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Apache Software Foundation) [Fichier non signé] C:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe <2> (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler64.exe (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe (bookingDesktopApp.) [Fichier non signé] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe (Compal Electronics, Inc. -> Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe (CyberLink -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe (Gadwin, Ltd. -> Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.52\GoogleCrashHandler64.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (IBM -> IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe <2> (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (INTERNET PROJECT LLC -> ) C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12008.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\HelpPane.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (Nicolas Coolman -> Nicolas Coolman) [Fichier non signé] C:\Users\jcld1950\AppData\Roaming\ZHP\ZHPSuite.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\ws.exe (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8512760 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1411320 2015-08-04] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [CNAP2 Launcher] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [226784 2010-10-14] (CANON INC. -> CANON INC.) HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5762408 2013-03-05] (Compal Electronics, Inc. -> Dell Inc.) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2013-12-12] (Greenshot) [Fichier non signé] HKLM\...\Run: [VDownloader] => C:\Program Files (x86)\VDownloader\VDownloader.exe [3017216 2014-09-24] (Vitzo) [Fichier non signé] HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] (RealNetworks, Inc. -> ) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [888440 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [204272 2018-03-27] (INTERNET PROJECT LLC -> ) HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [493776 2012-05-13] (Gadwin, Ltd. -> Gadwin Systems, Inc) HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [VDownloader] => C:\Program Files (x86)\VDownloader\VDownloader.exe [3017216 2014-09-24] (Vitzo) [Fichier non signé] HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony Mobile Communications AB -> Sony) [Fichier non signé] HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Dexpot] => C:\Program Files (x86)\Dexpot\dexpot.exe [1847816 2019-07-08] (Sebastian Brands und Patrick Dubbert (Dexpot GbR) -> Dexpot GbR) HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10203648 2019-01-30] (FreeDownloadManager.org) [Fichier non signé] HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32414392 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\...\MountPoints2: {6b6e2683-0607-11e4-bea0-74867a17dd33} - "E:\LaunchU3.exe" HKLM\...\Windows x64\Print Processors\RXEG2IPPR: C:\Windows\System32\spool\prtprocs\x64\RXEG2IPPR.dll [77312 2013-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Monotype Imaging Inc.) HKLM\...\Print\Monitors\CNAP2 Monitor: C:\WINDOWS\system32\CNAP2LMD.DLL [486400 2012-09-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\HP a011 Status Monitor: C:\WINDOWS\system32\hpinkstsa011LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 3050A J611 series): C:\WINDOWS\system32\HPDiscoPMa011.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [115592 2015-06-04] (pdfforge GmbH -> pdfforge GmbH) HKLM\...\Print\Monitors\RXEG2 PJL Monitor: C:\WINDOWS\system32\RXEG2LMON.dll [73728 2013-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Teco Image Systems Co., Ltd.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-08] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\Installer\chrmstp.exe [2020-12-03] (Avast Software s.r.o. -> AVAST Software) HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> IFEO\DisplaySwitch.exe: [Debugger] IFEO\taskmgr.exe: [Debugger] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-12-19] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc. -> McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-03-17] ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.) Startup: C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - .lnk [2017-05-26] ShortcutAndArgument: Alertes de surveillance de l'encre - .lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2BJ1CPBC05WK;CONNECTION=NW;MONITOR=1; Startup: C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series (réseau).lnk [2017-10-16] ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series (réseau).lnk -> C:\WINDOWS\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN2BJ1CPBC05WK;CONNECTION=NW;MONITOR=1; GroupPolicy: Restriction - Chrome <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {00F257A2-5C54-47C4-B90A-9AE173F78C27} - System32\Tasks\IObitSelfCheckTask => C:\Program Files (x86)\IObit\Smart Defrag\IObitSelfCheck.exe Task: {02168C5B-2B33-41F0-A65A-AA5BFCEF4B53} - \WPD\SqmUpload_S-1-5-21-2238367292-1815982713-3710956016-1001 -> Pas de fichier <==== ATTENTION Task: {0F044DF0-EEF6-4628-901F-F80EF72A75FE} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé] Task: {11A2B6AF-EB19-49C3-ACA3-482BE08D3D1E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION Task: {1893E5D8-9F5A-4E78-81A8-29A2F234870C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software) Task: {1D856D78-076D-4F8A-BD5D-81544F77CEB3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION Task: {2170B4E2-FF15-4823-A8E3-2FB516564344} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software) Task: {22BE57B2-7F9F-4965-A297-66535EA23A0F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software) Task: {262FE211-F0FA-4A2C-ACA2-FAC5C418C896} - System32\Tasks\Toolbox.exe_{5EBA4948-0308-412A-9F1F-4F7A2A77CCD5} => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\Toolbox.exe Task: {27111F30-EFDD-48A9-8C3B-7AC668682CC8} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-18] (Adobe Inc. -> Adobe) Task: {27402B59-B5AF-453D-82B5-3ACBE6E3ABE7} - System32\Tasks\EuroFortune UpdateCasino => C:\Program Files (x86)\EuroFortune\UpdateCasino.exe Task: {278C92B3-59FC-48A7-9CE1-4EDEB007A218} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [Fichier non signé] Task: {2D43C9D7-97A3-4107-B83C-12DFA0BEFFA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe Task: {2E1C2555-9048-4CBF-A078-ADBFDF790616} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111136 2012-12-03] (CyberLink Corp. -> CyberLink) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {36D04A15-757E-4F32-9FC1-72A843D44839} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.) Task: {41894A5D-BFBE-45D8-A7B0-EEE56B4D7EB7} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [340000 2012-12-03] (CyberLink Corp. -> CyberLink Corp.) Task: {41C8901D-C451-48FD-91A6-2D910540C7F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {467ECF30-0354-42C2-9A57-FF9AF3DDDDEC} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {48200742-89B3-4D34-B516-C51A23855E43} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION Task: {4ABED8FA-4103-4673-ACBB-7469A4FB5E62} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION Task: {4C633324-E65F-474C-B65D-51EF98AF3732} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693456 2020-12-24] (Mozilla Corporation -> Mozilla Foundation) Task: {4CAF4C99-25B6-47E0-888A-48316DEB59EE} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {538D823A-6FA1-4B52-A075-3BBF713D842B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {53981729-5845-4D6D-9028-409024BC07DF} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé] Task: {5676C4AA-A6CC-4898-86D0-99526074CC6E} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {59504D44-302A-4884-AFFC-C30D00E1B371} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION Task: {5B7FFC06-F391-46B1-B5FE-7E8D424B7807} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {5DFE1E75-1F01-417A-979A-0610168CED88} - System32\Tasks\Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask => C:\WINDOWS\System32\GWX\GWXUXWorker.exe Task: {5F659184-CCA9-4E13-B4FF-237C1B694600} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Task: {70CD78AF-D740-4317-BB3F-1162FFF233A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {710C1752-B9A0-4B30-BF77-E8CA6257BBDB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-18] (Adobe Inc. -> Adobe) Task: {7293E8A4-521B-4758-A2D4-05ED823FE4ED} - System32\Tasks\HPCeeScheduleForjcld1950 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [96568 2015-06-16] (Hewlett-Packard Company -> Hewlett-Packard) Task: {736E001D-74C9-4A21-BDD2-E1D5FFAE91E4} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4167080 2018-09-26] (Synaptics Incorporated -> Synaptics Incorporated) Task: {7F4B285F-3DC8-4971-819E-1BC9E6DACF5F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {80D54EE3-A934-4B62-AB30-9C1444B43ED8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION Task: {83DD5D49-49AA-4464-8F51-984B6CE06B7B} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [2118392 2020-11-12] (Avast Software s.r.o. -> AVAST Software) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE} Task: {96152FC1-A060-43E9-BBD8-05F7728C54CD} - System32\Tasks\HP AR Program Upload - b010e8a9657649c3b397d3205160d369eed7498a36ef4b978da765dceba6630c => C:\Program Files\HP\HP Deskjet 3050A J611 series\bin\HPRewards.exe Task: {A0FDB83E-A1F9-4476-88A9-CB4E7897BF24} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {A3B0DABB-937A-4BF9-8FD6-5538F7318A4E} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [18392 2018-05-11] (Dell Inc. -> Dell Inc.) Task: {AC5B9580-6887-4A39-B52C-F44BE2CDAFF3} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe Task: {B4BA238E-FBE5-4495-8B53-35BB5C6DE10E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION Task: {B9572196-4809-43F4-A916-B7C22120DD63} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION Task: {BAAFFABC-35D8-40B2-9614-6C5118881619} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {BFB65097-EDE0-46C5-A9AB-67DBB97E0232} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Task: {C0037819-BF77-412E-BD6A-A60FC0E6DE1D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {C0E7FCC1-8257-4FED-8EFA-EF23A894EAB3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION Task: {C844C5F6-02A0-4167-9F2E-229B78A4EB08} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [120680 2017-06-22] (HP Inc. -> HP Inc.) Task: {CBAD5D4B-217A-414C-AC58-A7BFD8C897BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.) Task: {CD63DEE5-B5A4-4492-90B4-75A74696618C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {CD6FC605-AACA-4B5E-8605-F29C80541BB9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1741416 2020-09-18] (Avast Software s.r.o. -> Avast Software) Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {D4690CA2-3BBB-4D7C-A5C9-534ABE2E2F3D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION Task: {DA5CC24F-CC7F-4AA8-B62C-CF8BB5BE0ED8} - \StartMenuAutoupdate -> Pas de fichier <==== ATTENTION Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Acrobat Update Task" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\CLMLSvc_P2G8" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\CLVDLauncher" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\CreateChoiceProcessTask" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\Dell SupportAssistAgent AutoUpdate" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\FreeDownloadManagerNetworkMonitor" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\HP AR Program Upload - b010e8a9657649c3b397d3205160d369eed7498a36ef4b978da765dceba6630c" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\HPCeeScheduleForjcld1950" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\HPCustParticipation HP Deskjet 3050A J611 series" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\IObitSelfCheckTask" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2238367292-1815982713-3710956016-1001" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater Check Driver Update" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater for JCLD@jcld1950(logon)" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(20): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater Schedule" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(21): schtasks.exe -> /Change /TN "\Start WinZip Driver Updater Update" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(22): schtasks.exe -> /Change /TN "\Start WinZip Registry Optimizer with delay for JCLD@jcld1950" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(23): schtasks.exe -> /Change /TN "\Synaptics TouchPad Enhancements" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(24): schtasks.exe -> /Change /TN "\Toolbox.exe_{5EBA4948-0308-412A-9F1F-4F7A2A77CCD5}" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(25): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{19F1BCE8-C355-423E-824F-8A05371EF1A9}" /ENABLE Task: {DEF90D25-4E83-4FEC-BB83-6986C81EB1E7} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(26): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE Task: {DFFB0B7D-58AB-4650-84D2-39796AC02812} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd) Task: {E1597750-1AC4-414A-9772-7FADD4D17956} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe Task: {E5BEEB4E-0D67-4F0E-8136-966AE0DB6749} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA} Task: {EBCD9D2A-4321-412F-9658-DDF02DF435AC} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION Task: {EE0F68BE-7CA0-4C85-9B31-02147DE69C3E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION Task: {EEF3E126-39B1-4753-8F76-0F96711EB32F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.) Task: {F5EC8B89-13C2-4A74-A23C-9A039448A3BD} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe Task: {F9425C1F-16F5-41D1-8183-A29457797F6B} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\HPCeeScheduleForjcld1950.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{0b1dc53f-1475-4c0b-9712-ed444928c7cb}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{1df35de9-5b5e-4d4b-808a-76c445f8c427}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{2c180796-43d5-406d-85d3-5d906165dd33}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{836329de-a1cd-451b-b9ad-bfce9575b321}: [DhcpNameServer] 192.168.0.254 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION Edge: ====== DownloadDir: C:\Users\jcld1950\Downloads Edge HomeButtonPage: HKU\S-1-5-21-2238367292-1815982713-3710956016-1001 -> hxxp://www.google.com Edge DefaultProfile: Default Edge Profile: C:\Users\jcld1950\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-04] Edge HomePage: Default -> hxxp://www.ourluckysites.com/?type=hp&ts=1492590830&z=ed5ce4c98dec182fdb1fc77g9zetbo3w7tdefb8cbo&from=che0812&uid=ST500LT012-9WS142_W0V9JFHYXXXXW0V9JFHY Edge StartupUrls: Default -> "hxxp://www.ourluckysites.com/?type=hp&ts=1492590830&z=ed5ce4c98dec182fdb1fc77g9zetbo3w7tdefb8cbo&from=che0812&uid=ST500LT012-9WS142_W0V9JFHYXXXXW0V9JFHY" Edge DefaultSearchURL: Default -> hxxps://www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?} Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jcld1950\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-01-01] Edge Extension: (IBM Security Rapport) - C:\Users\jcld1950\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kajikgogckeajjplomldcempamhidmcc [2020-10-19] Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Edge HKLM-x32\...\Edge\Extension: [kajikgogckeajjplomldcempamhidmcc] FireFox: ======== FF DefaultProfile: huxsr9vs.default-1512899888846 FF ProfilePath: C:\Users\jcld1950\AppData\Roaming\Mozilla\Sunbird\Profiles\xli5zvnz.default [2019-11-22] FF Extension: (IBM Security Rapport) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com (1).xpi [2018-03-29] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (IBM Security Rapport) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\rapportext@trusteer.com.xpi [2020-04-28] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx] FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Mozilla Sunbird\extensions\calendar-timezones@mozilla.org [2019-08-26] [] [non signé] FF Extension: (Lightning stub extension for Sunbird) - C:\Program Files (x86)\Mozilla Sunbird\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103} [2019-08-26] [] [non signé] FF ProfilePath: C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 [2021-01-04] FF Homepage: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> moz-extension://c2cbff4c-b950-4fb2-ae56-a36c86e7315b/dynamicHomePage.html FF NewTab: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> hxxp://www.bing.com/?pc=COS2&ptag=D091119-N0600A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016 FF Notifications: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> hxxps://phonandroid.os.tc; hxxps://www.facebook.com; hxxps://forum.frandroid.com; hxxps://pagesjaunes-by.accengage.net; hxxps://www.miniinthebox.com; hxxps://fedae.by.wonderpush.com; hxxps://www.facture.net; hxxps://www.psabanque.fr; hxxps://crm.zoho.eu; hxxps://www.commentcamarche.net; hxxps://www.hubspot.fr; hxxps://www.fnac.com; hxxps://www.federation-auto-entrepreneur.fr; hxxps://www.metal-interface.com; hxxps://www.lesnumeriques.com; hxxps://www.papergeek.fr; hxxps://www.legifiscal.fr; hxxps://www.linecoaching.com; hxxps://www.cnetfrance.fr; hxxps://mail.google.com; hxxps://www.1formatik.com; hxxps://www.monpetitforfait.com; hxxps://www.imyfone.com; hxxps://fr.shein.com; hxxps://worldissmall.fr; hxxps://www.backmarket.fr; hxxps://www.toutvendre.fr; hxxps://www.teleservice-depannage.com; hxxps://www.gentside.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _dxMembers_@www.download-freemaps.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: qwantcomforfirefox@jetpack FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _euMembers_@free.filesendsuite.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _ftMembers_@free.mytelevisionhq.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _65Members_@download.fromdoctopdf.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dbMembers_@free.getformsonline.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _b7Members_@free.mytransitguide.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _64Members_@www.televisionfanatic.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dqMembers_@www.downspeedtest.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _39Members_@www.mapsgalaxy.com FF HomepageOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _e5Members_@www.productivityboss.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _dxMembers_@www.download-freemaps.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _euMembers_@free.filesendsuite.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _ftMembers_@free.mytelevisionhq.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _65Members_@download.fromdoctopdf.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dbMembers_@free.getformsonline.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _b7Members_@free.mytransitguide.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _64Members_@www.televisionfanatic.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _dqMembers_@www.downspeedtest.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _39Members_@www.mapsgalaxy.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Disabled: _e5Members_@www.productivityboss.com FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: qwantcomforfirefox@jetpack FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: wikipedia@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: qwant@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: ebay@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: ddg@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: amazon@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: bing@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: google@search.mozilla.org FF NewTabOverride: Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846 -> Enabled: _j5Members_@ext.ask.com FF Extension: (Pas de nom) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\qwantcomforfirefox@jetpack.xpi [2020-10-12] FF Extension: (Avast Online Security) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\wrc@avast.com.xpi [2020-06-18] FF Extension: (Malwarebytes Browser Guard) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-12-30] FF Extension: (Le Coin Raccourcis) - C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\Extensions\{bca9c941-df28-4e08-98d9-35870277de34}.xpi [2020-08-14] FF SearchPlugin: C:\Users\jcld1950\AppData\Roaming\Mozilla\Firefox\Profiles\huxsr9vs.default-1512899888846\searchplugins\bing-lavasoft-ff59.xml [2019-09-11] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-12-17] [] [non signé] FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-09-25] [] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-18] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-18] (Adobe Inc. -> ) FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-11] (bookingDesktopApp.) [Fichier non signé] FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-09-11] (bookingDesktopApp.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2020-09-23] (Avast Software s.r.o. -> AVAST Software) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\adslTV\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-12-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH -> pdfforge GmbH) FF Plugin HKU\S-1-5-21-2238367292-1815982713-3710956016-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC) [Fichier non signé] Chrome: ======= CHR Profile: C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default [2020-12-29] CHR Notifications: Default -> hxxps://www.facebook.com CHR Extension: (Slides) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-11] CHR Extension: (Docs) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-11] CHR Extension: (Google Drive) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-18] CHR Extension: (YouTube) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-18] CHR Extension: (Sheets) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-11] CHR Extension: (Farmville2 X-Press) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbgjpdhhnbgmnafojckjmjogcpoinlim [2019-09-11] CHR Extension: (Google Docs hors connexion) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-09-11] CHR Extension: (Avast Online Security) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-09-11] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-09-11] CHR Extension: (Gmail) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-11] CHR Extension: (Chrome Media Router) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-11] CHR Extension: (Download une image) - C:\Users\jcld1950\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkkboomagahhdmhndlkfeeplhpdaidgl [2019-09-11] CHR HKLM\...\Chrome\Extension: [hkhkiakolggnnicallabhkobalpeplpi] - CHR HKU\S-1-5-21-2238367292-1815982713-3710956016-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.) S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-18] (Adobe Inc. -> Adobe) R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [323152 2015-06-29] (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) [Fichier non signé] S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software) S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2020-09-23] (Avast Software s.r.o. -> AVAST Software) S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\86.1.6938.199\elevation_service.exe [1348304 2020-11-12] (Avast Software s.r.o. -> AVAST Software) S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé] S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-09-11] (bookingDesktopApp.) [Fichier non signé] S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [822904 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Dropbox, Inc.) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [208792 2018-02-10] (Dell Inc -> Dell Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3346320 2018-02-10] (Dell Inc -> Dell Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217488 2018-02-10] (Dell Inc -> Dell Inc.) S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-06-23] (Techporch Incorporated -> Dell Inc.) R2 doliwampapache; c:\dolibarr\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [Fichier non signé] R2 doliwampmysqld; c:\dolibarr\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe [5730304 2007-07-06] () [Fichier non signé] S3 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [97776 2018-03-27] (INTERNET PROJECT LLC -> Freemake) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc. -> HP Inc.) S2 hshld_10.9.9; C:\Program Files (x86)\Hotspot Shield\10.9.9\bin\cmw_srv.exe [224760 2020-10-26] (Pango Inc. -> Pango Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-08-23] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé] S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit Information Technology -> IObit) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-01] (Malwarebytes Inc -> Malwarebytes) R2 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH -> pdfforge GmbH) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [3008896 2020-08-18] (IBM -> IBM Corp.) S4 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-03-17] (RealNetworks, Inc. -> RealNetworks, Inc.) S4 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1095440 2016-03-17] (RealNetworks, Inc. -> RealNetworks, Inc.) S3 ReflectService; C:\Program Files (x86)\NCH Software\Reflect\reflect.exe [1148448 2018-10-17] (NCH Software Pty Ltd -> NCH Software) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] (CyberLink -> ) S4 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155520 2015-06-10] (Sony Mobile Communications AB -> Avanquest Software) [Fichier non signé] R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [43480 2018-05-11] (Dell Inc. -> Dell Inc.) S3 wampmysqld64; c:\wamp64\bin\mysql\mysql5.7.14\bin\mysqld.exe [39885824 2016-07-12] () [Fichier non signé] S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\NisSrv.exe [2491880 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2011.6-0\MsMpEng.exe [128376 2020-12-30] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 Apowersoft_AudioDevice; C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare) S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems) R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink) R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-07-27] (Techporch Incorporated -> Dell Inc.) R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-07-27] (Techporch Incorporated -> Dell Computer Corporation) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-01] (Malwarebytes Corporation -> Malwarebytes) S3 massfilter; C:\WINDOWS\System32\drivers\massfilter.sys [11776 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> MBB Incorporated) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-01] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197792 2021-01-01] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-01-01] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2021-01-01] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [139424 2021-01-01] (Malwarebytes Inc -> Malwarebytes) R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.) R1 pango_netfilter2; C:\WINDOWS\System32\drivers\pango_netfilter2.sys [94080 2020-10-26] (Pango Inc. -> Pango Inc) R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [450240 2020-08-18] (IBM -> IBM Corp.) R1 RapportCerberus_2004080; c:\programdata\trusteer\rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_2004080.sys [1460480 2020-09-29] (IBM -> IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [546056 2020-08-18] (IBM -> IBM Corp.) R0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [398984 2020-08-18] (IBM -> IBM Corp.) R0 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [448904 2020-08-18] (IBM -> IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [564928 2020-08-18] (IBM -> IBM Corp.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-12-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [429296 2020-12-30] (Microsoft Windows -> Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [70896 2020-12-30] (Microsoft Windows -> Microsoft Corporation) S3 ZTEusbmdm6k; C:\WINDOWS\system32\DRIVERS\ZTEusbmdm6k.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated) S3 ZTEusbnmea; C:\WINDOWS\system32\DRIVERS\ZTEusbnmea.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated) S3 ZTEusbser6k; C:\WINDOWS\system32\DRIVERS\ZTEusbser6k.sys [123520 2011-03-08] (Microsoft Windows Hardware Compatibility Publisher -> ZTE Incorporated) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-04 10:23 - 2021-01-04 10:29 - 000056395 _____ C:\Users\jcld1950\Desktop\FRST.txt 2021-01-04 10:22 - 2020-12-29 23:40 - 002286592 _____ (Farbar) C:\Users\jcld1950\Desktop\FRST64(1).exe 2021-01-04 09:15 - 2021-01-04 09:58 - 000476636 _____ C:\Users\jcld1950\Desktop\ZHPDiag.txt 2021-01-04 09:15 - 2021-01-04 09:15 - 000590239 _____ C:\Users\jcld1950\Desktop\ZHPDiag.html 2021-01-04 08:35 - 2021-01-04 09:21 - 000000906 _____ C:\Users\jcld1950\Desktop\ZHPSuite.lnk 2021-01-04 08:35 - 2021-01-04 08:35 - 000000000 ____D C:\Users\jcld1950\AppData\Local\ZHP 2021-01-04 08:16 - 2021-01-04 08:17 - 003479176 _____ (Nicolas Coolman) C:\Users\jcld1950\Downloads\ZHPSuite.exe 2021-01-03 12:07 - 2021-01-03 12:07 - 000146894 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201110(2).pdf 2021-01-03 11:49 - 2021-01-03 11:49 - 000154962 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210(3).pdf 2021-01-03 11:48 - 2021-01-03 11:48 - 000154962 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210(2).pdf 2021-01-03 11:46 - 2021-01-03 11:46 - 000154964 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210(1).pdf 2021-01-03 11:46 - 2021-01-03 11:46 - 000154952 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201210.pdf 2021-01-02 11:52 - 2021-01-02 11:52 - 000000000 ____H C:\Users\jcld1950\Documents\Default.rdp 2021-01-01 20:03 - 2021-01-01 20:03 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-01-01 20:03 - 2021-01-01 20:03 - 000001983 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-01-01 20:02 - 2021-01-01 20:02 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-01-01 20:02 - 2021-01-01 20:02 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-01-01 20:02 - 2021-01-01 20:02 - 000197792 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-01-01 20:02 - 2021-01-01 20:02 - 000139424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-01-01 19:58 - 2021-01-01 19:57 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-01-01 19:58 - 2021-01-01 19:57 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-01-01 17:07 - 2021-01-01 17:07 - 000000000 ____D C:\WINDOWS\SysWOW64\store 2021-01-01 14:04 - 2021-01-01 14:04 - 000000000 ____D C:\Users\jcld1950\AppData\Local\mbam 2021-01-01 14:03 - 2021-01-01 20:03 - 000001995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-01-01 13:56 - 2021-01-01 13:56 - 002086424 _____ (Malwarebytes) C:\Users\jcld1950\Downloads\MBSetup(2).exe 2021-01-01 09:15 - 2021-01-01 13:41 - 000000000 ____D C:\KVRT_Data 2021-01-01 09:06 - 2021-01-01 09:13 - 190178672 _____ (AO Kaspersky Lab) C:\Users\jcld1950\Downloads\KVRT(1).exe 2021-01-01 09:05 - 2021-01-01 09:12 - 190178672 _____ (AO Kaspersky Lab) C:\Users\jcld1950\Downloads\KVRT.exe 2020-12-30 21:42 - 2020-12-30 21:42 - 000668076 _____ C:\Users\jcld1950\Downloads\CourrierDeVotreCaisse(3).pdf 2020-12-30 21:40 - 2020-12-30 21:40 - 000668076 _____ C:\Users\jcld1950\Downloads\CourrierDeVotreCaisse(2).pdf 2020-12-30 21:38 - 2020-12-30 21:38 - 000668076 _____ C:\Users\jcld1950\Downloads\CourrierDeVotreCaisse(1).pdf 2020-12-30 21:11 - 2020-12-30 21:11 - 000147131 _____ C:\Users\jcld1950\Downloads\Avis_d_impot_2020_sur_les_revenus_2019(3).pdf 2020-12-30 21:11 - 2020-12-30 21:11 - 000098537 _____ C:\Users\jcld1950\Downloads\Avis_d_impot_2019_sur_les_revenus_2018(2).pdf 2020-12-30 21:10 - 2020-12-30 21:10 - 000147131 _____ C:\Users\jcld1950\Downloads\Avis_d_impot_2020_sur_les_revenus_2019(2).pdf 2020-12-30 14:31 - 2021-01-04 02:56 - 000000000 ____D C:\Users\jcld1950\AppData\LocalLow\IGDump 2020-12-30 14:09 - 2020-12-30 14:09 - 000000000 ____D C:\Program Files\Malwarebytes 2020-12-30 13:50 - 2020-12-30 14:16 - 002086424 _____ (Malwarebytes) C:\Users\jcld1950\Downloads\MBSetup(1).exe 2020-12-30 13:50 - 2020-12-30 13:50 - 002086424 _____ (Malwarebytes) C:\Users\jcld1950\Downloads\MBSetup.exe 2020-12-30 13:09 - 2020-12-30 13:09 - 000000000 ____D C:\CCE_Quarantine 2020-12-30 13:09 - 2019-09-15 01:13 - 000002130 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ccebak 2020-12-29 23:39 - 2020-12-29 23:40 - 002286592 _____ (Farbar) C:\Users\jcld1950\Downloads\FRST64(1).exe 2020-12-29 22:41 - 2020-12-29 22:41 - 000001266 _____ C:\Users\jcld1950\Desktop\Multi Virus Cleaner 2020.lnk 2020-12-29 22:41 - 2020-12-29 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Multi Virus Cleaner 2020 2020-12-29 22:41 - 2020-12-29 22:41 - 000000000 ____D C:\Program Files (x86)\AxBx 2020-12-29 22:32 - 2020-12-29 22:33 - 020463256 _____ (AxBx ) C:\Users\jcld1950\Downloads\setup.exe 2020-12-29 16:49 - 2020-12-29 16:49 - 000030252 _____ C:\WINDOWS\system32\servers.def.lkg 2020-12-29 16:49 - 2020-12-29 16:49 - 000030252 _____ C:\WINDOWS\system32\servers.def 2020-12-29 16:49 - 2020-12-29 16:49 - 000003313 _____ C:\WINDOWS\system32\servers.def.vpx 2020-12-29 15:16 - 2020-12-29 15:16 - 000259728 _____ (AVG Technologies CZ, s.r.o.) C:\Users\jcld1950\Downloads\avg_antivirus_free_setup.exe 2020-12-29 14:30 - 2021-01-01 19:03 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\WiperSoft 2020-12-29 14:20 - 2020-12-29 14:21 - 002527040 _____ (Wiper Software, UAB) C:\Users\jcld1950\Downloads\WiperSoft-installer.exe 2020-12-29 14:20 - 2020-12-29 14:20 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\IsolatedStorage 2020-12-29 14:20 - 2020-12-29 14:20 - 000000000 ____D C:\Users\jcld1950\AppData\Local\Solvusoft_Corporation 2020-12-29 14:20 - 2020-12-29 14:20 - 000000000 ____D C:\ProgramData\IsolatedStorage 2020-12-29 14:16 - 2020-12-29 14:43 - 000000000 ____D C:\ProgramData\WinThruster 2020-12-29 14:14 - 2020-12-29 14:14 - 001344192 _____ (Solvusoft Corporation) C:\Users\jcld1950\Downloads\Setup_FileViewPro_2020.exe 2020-12-29 14:07 - 2020-12-29 14:08 - 000229858 _____ C:\Users\jcld1950\Downloads\watch[1] (3) 2020-12-29 14:07 - 2020-12-29 14:07 - 000229858 _____ C:\Users\jcld1950\Downloads\watch[1] (2) 2020-12-29 14:07 - 2020-12-29 14:07 - 000229858 _____ C:\Users\jcld1950\Downloads\watch[1] (1) 2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(7).pdf 2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(6).pdf 2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(5).pdf 2020-12-29 10:15 - 2020-12-29 10:15 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(4).pdf 2020-12-29 10:14 - 2020-12-29 10:14 - 000231808 _____ C:\Users\jcld1950\Downloads\watch[1](1) 2020-12-29 10:14 - 2020-12-29 10:14 - 000231808 _____ C:\Users\jcld1950\Downloads\watch[1] 2020-12-29 10:14 - 2020-12-29 10:14 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(3).pdf 2020-12-29 10:13 - 2020-12-29 10:13 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(2).pdf 2020-12-29 09:38 - 2020-12-29 09:38 - 000214924 _____ C:\Users\jcld1950\Desktop\DE00000372_ Nexson group(4).pdf 2020-12-29 09:31 - 2020-12-29 09:32 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(4).pdf 2020-12-29 09:03 - 2020-12-29 09:03 - 000000155 _____ C:\Users\jcld1950\Desktop\KrrassVidéoCGQG12K.url 2020-12-29 08:54 - 2020-12-29 08:55 - 000000133 _____ C:\Users\jcld1950\Desktop\KrrassVidéoAtelierFabrication.url 2020-12-29 08:40 - 2020-12-29 08:41 - 000000150 _____ C:\Users\jcld1950\Desktop\KrrassVidéoPPHWC67K.url 2020-12-29 08:26 - 2020-12-29 08:26 - 000826999 _____ C:\Users\jcld1950\Downloads\product_4980da62.pdf 2020-12-29 08:26 - 2020-12-29 08:26 - 000826999 _____ C:\Users\jcld1950\Downloads\product_4980da62(1).pdf 2020-12-28 11:37 - 2020-12-28 11:37 - 000000148 _____ C:\Users\jcld1950\Desktop\KrrassWC67K.url 2020-12-25 17:04 - 2020-12-25 17:04 - 000087097 _____ C:\Users\jcld1950\Downloads\ACFrOgBUidc12Pncw93bAZuLShS3rgVDL3UaxOMlhCNP0SSs0FxVrtQ2OuTYdWhLq8vCNtdhKoYqvLPYOpcf7QhtZt8N7i3T_BAVIv1k6kHe2VKNoyyPyG6anMlIENQ=(1).pdf 2020-12-25 16:58 - 2020-12-25 16:58 - 000087097 _____ C:\Users\jcld1950\Downloads\ACFrOgBUidc12Pncw93bAZuLShS3rgVDL3UaxOMlhCNP0SSs0FxVrtQ2OuTYdWhLq8vCNtdhKoYqvLPYOpcf7QhtZt8N7i3T_BAVIv1k6kHe2VKNoyyPyG6anMlIENQ=.pdf 2020-12-24 14:22 - 2020-12-24 14:23 - 000000133 _____ C:\Users\jcld1950\Desktop\Ethanol + potar.url 2020-12-24 14:15 - 2020-12-24 14:15 - 000000133 _____ C:\Users\jcld1950\Desktop\Bioethanol modif.url 2020-12-24 13:04 - 2020-12-24 13:04 - 000000196 _____ C:\Users\jcld1950\Desktop\AssuranceAuto.url 2020-12-24 12:54 - 2020-12-24 12:54 - 000201878 _____ C:\Users\jcld1950\Downloads\ACFrOgB5ofI9VrsLOkHytxD-arPFTK7iXDQ216_Rbo48c-i9dtsx_cJ3_HBueN-zeUYfx5jxoptnZI41qIFS-ecP1NBaGdUbVCA49Hnv9dGh34UCv3uF2GJHEuy2Vmo=(1).pdf 2020-12-24 12:53 - 2020-12-24 12:53 - 000201878 _____ C:\Users\jcld1950\Downloads\ACFrOgB5ofI9VrsLOkHytxD-arPFTK7iXDQ216_Rbo48c-i9dtsx_cJ3_HBueN-zeUYfx5jxoptnZI41qIFS-ecP1NBaGdUbVCA49Hnv9dGh34UCv3uF2GJHEuy2Vmo=.pdf 2020-12-24 12:35 - 2020-12-24 12:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-12-24 12:30 - 2020-12-24 12:30 - 000000933 _____ C:\Users\jcld1950\Desktop\Nouveau dossier - Raccourci.lnk 2020-12-24 12:29 - 2020-12-24 12:34 - 000080526 _____ C:\Users\jcld1950\Desktop\PERMISDECONDUIRE RV.PDF 2020-12-24 09:30 - 2020-12-29 09:42 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-12-23 15:16 - 2020-12-23 15:16 - 000671637 _____ C:\Users\jcld1950\Downloads\7dee99_6c5881f8ef2549a889efd7072133fcfa.pdf 2020-12-23 15:16 - 2020-12-23 15:16 - 000671637 _____ C:\Users\jcld1950\Downloads\7dee99_6c5881f8ef2549a889efd7072133fcfa(2).pdf 2020-12-23 15:16 - 2020-12-23 15:16 - 000671637 _____ C:\Users\jcld1950\Downloads\7dee99_6c5881f8ef2549a889efd7072133fcfa(1).pdf 2020-12-23 10:55 - 2020-12-23 10:55 - 000000193 _____ C:\Users\jcld1950\Desktop\40%Amortissement.url 2020-12-23 08:29 - 2020-12-23 08:29 - 000024269 _____ C:\Users\jcld1950\Downloads\ACFrOgAnPbt9dBjCqPioPwQ3ny627fJ39eh8U6MuY5Dhgt_9pYwiB-mKxIINpYeRjTl3igOP4hDlcNqLigldazpDL6yWPx4O5TV87pnNZUm14tqsicOMTAYMCsDPIMU=.pdf 2020-12-22 18:36 - 2020-12-22 18:39 - 000000000 ____D C:\Users\jcld1950\Desktop\Pret COVID LBP 2020-12-22 18:14 - 2020-12-22 18:14 - 000024729 _____ C:\Users\jcld1950\Downloads\379333206_8501_EXTRAIT_RCS.pdf 2020-12-22 16:33 - 2020-12-22 16:33 - 000042065 _____ C:\Users\jcld1950\Downloads\Demande_de_Pret_garanti_par_letat_2020_DYN.pdf 2020-12-18 19:48 - 2020-12-18 19:48 - 000211314 _____ C:\Users\jcld1950\Downloads\ACFrOgALiwg6agOXkFUTDO_Wu5Ot1a4571KBYNB5KTIeidXMPllqS7mrZWV0Wuvqc3o03WTdFakCr3jJeTVIS1vf_hnT_zuNk7Mz3_Yr-2AaQZ3tRG5mGSiTnrZcoTE=.pdf 2020-12-18 16:06 - 2020-12-18 16:06 - 000214924 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3)(1).pdf 2020-12-18 16:04 - 2020-12-18 16:04 - 000214924 _____ C:\Users\jcld1950\Desktop\DE00000372_ Nexson group(3).pdf 2020-12-18 16:03 - 2020-12-18 16:03 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(3).pdf 2020-12-18 16:02 - 2020-12-18 16:02 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(2).pdf 2020-12-18 16:02 - 2020-12-18 16:02 - 000211630 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group(1).pdf 2020-12-18 14:23 - 2018-10-14 14:35 - 000000000 ____D C:\Users\jcld1950\Desktop\AE 2020-12-18 12:05 - 2020-12-18 12:06 - 000194902 _____ C:\Users\jcld1950\Downloads\guide-suramortissement-transformation-numerique(1).pdf 2020-12-18 11:48 - 2020-12-18 11:48 - 000210921 _____ C:\Users\jcld1950\Downloads\ACFrOgDJekU-qt71194DfpWZr4W5vVCL7GjJoJLS2HW5IVTisO-1Y5V811vIwdAtiYuKKvWncKxtEl1pEEHKf2ZQQr9c32WzSiMTKpOiXfhdkmc56SMCaWd1-Y8iEuk= 2020-12-18 11:45 - 2020-12-18 11:45 - 000211237 _____ C:\Users\jcld1950\Downloads\DE00000372_ Nexson group.pdf 2020-12-17 19:04 - 2020-12-17 19:04 - 000829603 _____ C:\Users\jcld1950\Downloads\ACFrOgD-251Win6ZXGmqnOIw4DtkX9EwyjQZfpIlypqv4U0xDvizOyzLhhCYzn2eHCc9_7xb3NX2U78TZpF0YIxiHN4-WFunbev0okvmLoWsFfAdEwrfPUAgl7GVm14= 2020-12-17 18:53 - 2020-12-17 18:54 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU=(3) 2020-12-17 18:53 - 2020-12-17 18:53 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU=(2) 2020-12-17 11:14 - 2020-12-17 11:14 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU=(1) 2020-12-17 11:13 - 2020-12-17 11:13 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgAwBMS5Pm3NYPoo3RByfPwTV3eaogrl1G8UM0-WRzhzbuiXBY6TvMi6dbo03UBud4jXEgZdH5ggSFBhvu30CKvNYTJUCRqxW_0iKb7MsRCP3qdnv2mfssgWYrU= 2020-12-17 08:43 - 2020-12-17 08:43 - 000091601 _____ C:\Users\jcld1950\Downloads\ACFrOgA6iZt27U6R2wrpolpSxIQPTRDJ-TMx9GsLunP4Jc8h8CH0zc4L3qRYEWckOCRC3gN_OKB_GVWk5_LDK17WjUboaCIqLiWaSDiJg4sxCe4AXV-LdAJwhJITZD8= 2020-12-16 09:38 - 2020-12-16 09:38 - 000000000 ____D C:\Users\jcld1950\Desktop\NEX PPH +CG COLLY 2020-12-16 06:57 - 2021-01-01 15:40 - 000000000 ____D C:\Users\jcld1950\Desktop\KEEAFF Photos 2020-12-15 20:04 - 2020-12-15 20:04 - 000147599 _____ C:\Users\jcld1950\Downloads\devis(1) 2020-12-15 20:04 - 2020-12-15 20:04 - 000147599 _____ C:\Users\jcld1950\Downloads\devis 2020-12-14 11:50 - 2020-12-14 11:50 - 000146900 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201110(1).pdf 2020-12-14 11:49 - 2020-12-14 11:49 - 000146894 _____ C:\Users\jcld1950\Downloads\releve_CCP1896705F026_20201110.pdf 2020-12-14 11:41 - 2020-12-14 11:41 - 000102955 _____ C:\Users\jcld1950\Downloads\Avis_de_taxe_d_habitation_CAP_2020(1).pdf 2020-12-13 18:50 - 2020-12-13 18:52 - 000000133 _____ C:\Users\jcld1950\Desktop\PCF Q35 20 KRRASS YOUTUBE.url 2020-12-11 11:36 - 2020-12-11 11:36 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4=(3) 2020-12-11 11:16 - 2020-12-11 11:16 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4=(2) 2020-12-11 11:13 - 2020-12-11 11:14 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4=(1) 2020-12-11 08:47 - 2020-12-11 08:48 - 023003849 _____ C:\Users\jcld1950\Downloads\ACFrOgCkREZMAfzI9Zb6qbA7DhylwqIXVT9YT8IN_0T5HGwNDOQnRc_ZU3o-RBkADn4ntOz4vMIDYwAexG_HryovTlULteLG8UF7eycOQX5WBeamv7yY3SYbQvUPvX4= 2020-12-10 15:06 - 2020-12-10 15:06 - 000000000 _____ C:\Users\jcld1950\AppData\Local\{487A7B74-9924-48DE-8F29-5BEA5A3DE8FF} 2020-12-10 08:35 - 2020-12-10 08:35 - 008129352 _____ C:\Users\jcld1950\Downloads\Canal-51-doubles-pages-cd-ppjp-ssl.pdf 2020-12-09 19:38 - 2020-12-09 19:38 - 000002126 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2020-12-09 05:24 - 2020-12-09 05:24 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2020-12-09 05:23 - 2020-12-09 05:23 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2020-12-09 05:22 - 2020-12-09 05:22 - 001333248 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll 2020-12-09 05:22 - 2020-12-09 05:22 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-09 05:22 - 2020-12-09 05:22 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncpa.cpl 2020-12-09 05:22 - 2020-12-09 05:22 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2020-12-09 05:22 - 2020-12-09 05:22 - 000010912 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2020-12-09 05:21 - 2020-12-09 05:21 - 000240640 _____ C:\WINDOWS\SysWOW64\CoreMas.dll 2020-12-09 05:21 - 2020-12-09 05:21 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncpa.cpl 2020-12-09 05:21 - 2020-12-09 05:21 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2020-12-09 05:21 - 2020-12-09 05:21 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2020-12-09 05:21 - 2020-12-09 05:21 - 000010752 _____ C:\WINDOWS\SysWOW64\agentactivationruntimestarter.exe 2020-12-09 05:20 - 2020-12-09 05:20 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2020-12-09 05:20 - 2020-12-09 05:20 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2020-12-09 05:20 - 2020-12-09 05:20 - 000001370 _____ C:\WINDOWS\system32\ThirdPartyNoticesBySHS.txt 2020-12-09 05:18 - 2020-12-09 05:18 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll 2020-12-09 05:18 - 2020-12-09 05:18 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll 2020-12-09 05:18 - 2020-12-09 05:18 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll 2020-12-09 05:18 - 2020-12-09 05:18 - 000165376 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2020-12-09 05:18 - 2020-12-09 05:18 - 000089088 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.proxystub.dll 2020-12-09 05:18 - 2020-12-09 05:18 - 000073216 _____ C:\WINDOWS\system32\windows.applicationmodel.conversationalagent.internal.proxystub.dll 2020-12-09 05:18 - 2020-12-09 05:18 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2020-12-08 17:27 - 2020-12-08 17:28 - 006694294 _____ C:\Users\jcld1950\Downloads\catalog.pdf 2020-12-08 15:11 - 2020-12-08 15:11 - 000733028 _____ C:\Users\jcld1950\Downloads\VIMERCATI-200312_Catalogo_Prodotti_Cesoie_compressed-2.pdf 2020-12-08 14:56 - 2020-12-08 14:56 - 002145309 _____ C:\Users\jcld1950\Downloads\VIMERCATI-Catalogo_Prodotti_PRESSE_compressed.pdf 2020-12-07 11:58 - 2020-12-07 11:59 - 000000133 _____ C:\Users\jcld1950\Desktop\machine plasma.url 2020-12-06 16:24 - 2020-12-06 16:24 - 000361236 _____ C:\Users\jcld1950\Downloads\0RLM3403082001.PDF 2020-12-06 16:09 - 2020-12-06 16:09 - 000379773 _____ C:\Users\jcld1950\Downloads\0RSA3400522001.PDF 2020-12-06 16:08 - 2020-12-06 16:08 - 000357685 _____ C:\Users\jcld1950\Downloads\0RSA3400522002.PDF ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-01-04 10:26 - 2015-08-05 08:39 - 000000000 ____D C:\FRST 2021-01-04 10:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-01-04 10:08 - 2017-03-17 17:46 - 000000000 ____D C:\Program Files\CCleaner 2021-01-04 09:58 - 2015-03-29 16:13 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\ZHP 2021-01-04 09:49 - 2020-08-22 19:11 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-01-04 04:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-01-04 04:22 - 2014-05-21 15:35 - 000000000 ____D C:\Users\jcld1950\AppData\Local\CrashDumps 2021-01-03 16:34 - 2019-09-16 12:57 - 000000000 ____D C:\Users\jcld1950\AppData\Local\Free Download Manager 2021-01-01 20:03 - 2017-04-17 20:15 - 000000000 ____D C:\Users\jcld1950\AppData\LocalLow\Mozilla 2021-01-01 19:58 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-01-01 19:57 - 2013-12-18 11:47 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-01-01 19:56 - 2016-03-12 10:52 - 000000000 __SHD C:\Users\jcld1950\IntelGraphicsProfiles 2021-01-01 19:54 - 2020-08-22 20:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-01-01 19:54 - 2020-08-22 19:11 - 000008192 ___SH C:\DumpStack.log.tmp 2021-01-01 19:09 - 2018-08-17 10:37 - 000000354 _____ C:\WINDOWS\Tasks\HPCeeScheduleForjcld1950.job 2021-01-01 19:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2021-01-01 19:02 - 2014-01-11 21:05 - 000000000 ____D C:\Program Files (x86)\7-Zip 2021-01-01 18:57 - 2020-08-22 20:18 - 000003258 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForjcld1950 2021-01-01 18:56 - 2014-01-09 13:28 - 000000000 ____D C:\Users\jcld1950\Documents\PrintScreen Files 2021-01-01 17:06 - 2020-08-22 19:18 - 000000000 ____D C:\Users\jcld1950 2021-01-01 13:43 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2021-01-01 09:33 - 2018-01-12 17:20 - 000000000 ____D C:\Users\jcld1950\AppData\Local\PlaceholderTileLogoFolder 2021-01-01 09:32 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-01-01 09:32 - 2018-06-13 17:53 - 000000000 ____D C:\ProgramData\Packages 2021-01-01 09:32 - 2017-12-27 14:26 - 000000000 ____D C:\Users\jcld1950\AppData\Local\Packages 2020-12-30 13:10 - 2019-08-29 18:04 - 000000000 ____D C:\Users\jcld1950\AppData\Roaming\Dexpot 2020-12-30 07:45 - 2018-02-28 09:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2020-12-29 22:15 - 2019-09-11 10:01 - 000000000 ____D C:\ProgramData\BlueStacksSetup 2020-12-29 16:59 - 2020-08-22 19:45 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-12-29 16:59 - 2019-12-07 15:49 - 000792836 _____ C:\WINDOWS\system32\perfh00C.dat 2020-12-29 16:59 - 2019-12-07 15:49 - 000149966 _____ C:\WINDOWS\system32\perfc00C.dat 2020-12-29 16:59 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2020-12-29 16:46 - 2013-11-30 21:28 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-12-29 16:38 - 2020-08-09 18:36 - 000000000 ___DC C:\WINDOWS\Panther 2020-12-29 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2020-12-29 16:37 - 2019-09-11 10:41 - 000000000 ____D C:\ProgramData\AVAST Software 2020-12-29 16:09 - 2014-05-02 13:30 - 000000000 ____D C:\temp 2020-12-29 15:17 - 2017-01-01 17:41 - 000000000 ____D C:\ProgramData\Avg 2020-12-29 10:29 - 2020-09-23 09:02 - 000000000 ____D C:\Users\jcld1950\AppData\Local\AVAST Software 2020-12-29 09:44 - 2020-08-22 20:18 - 000003304 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{19F1BCE8-C355-423E-824F-8A05371EF1A9} 2020-12-29 09:44 - 2020-08-22 20:18 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2238367292-1815982713-3710956016-1001 2020-12-29 09:44 - 2020-08-22 20:18 - 000002040 _____ C:\WINDOWS\system32\Tasks\Synaptics TouchPad Enhancements 2020-12-29 09:44 - 2020-08-22 20:18 - 000001968 _____ C:\WINDOWS\system32\Tasks\Toolbox.exe_{5EBA4948-0308-412A-9F1F-4F7A2A77CCD5} 2020-12-29 09:43 - 2020-08-22 20:18 - 000003562 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2020-12-29 09:43 - 2020-08-22 20:18 - 000003516 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA 2020-12-29 09:43 - 2020-08-22 20:18 - 000003338 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2020-12-29 09:43 - 2020-08-22 20:18 - 000003292 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore 2020-12-29 09:43 - 2020-08-22 20:18 - 000003256 _____ C:\WINDOWS\system32\Tasks\Dell SupportAssistAgent AutoUpdate 2020-12-29 09:43 - 2020-08-22 20:18 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2020-12-29 09:43 - 2020-08-22 20:18 - 000002764 _____ C:\WINDOWS\system32\Tasks\HP AR Program Upload - b010e8a9657649c3b397d3205160d369eed7498a36ef4b978da765dceba6630c 2020-12-29 09:43 - 2020-08-22 20:18 - 000002514 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series 2020-12-29 09:43 - 2020-08-22 20:18 - 000002456 _____ C:\WINDOWS\system32\Tasks\IObitSelfCheckTask 2020-12-29 09:43 - 2020-08-22 20:18 - 000002350 _____ C:\WINDOWS\system32\Tasks\CLVDLauncher 2020-12-29 09:43 - 2020-08-22 20:18 - 000002350 _____ C:\WINDOWS\system32\Tasks\CLMLSvc_P2G8 2020-12-29 09:43 - 2020-08-22 20:18 - 000002318 _____ C:\WINDOWS\system32\Tasks\CreateChoiceProcessTask 2020-12-29 09:43 - 2020-08-22 20:18 - 000002220 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC 2020-12-29 09:43 - 2020-08-22 20:18 - 000001944 _____ C:\WINDOWS\system32\Tasks\FreeDownloadManagerNetworkMonitor 2020-12-29 09:42 - 2020-08-22 20:18 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2020-12-29 09:42 - 2013-11-29 20:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-12-29 08:30 - 2020-08-22 20:18 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2020-12-28 11:22 - 2020-07-03 10:37 - 000000000 ____D C:\Users\jcld1950\Desktop\Guide de l’utilisateur de l’iPhone - Assistance Apple_fichiers 2020-12-24 12:35 - 2017-09-04 09:46 - 000000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-12-23 15:36 - 2020-09-02 14:32 - 000000000 ____D C:\Users\jcld1950\Desktop\Re Visa Partner _ 04527031 - jcld1950@gmail.com - Gmail_fichiers 2020-12-20 11:41 - 2018-09-16 15:14 - 000000000 ____D C:\Users\jcld1950\Desktop\MicroEntreprise 2018 2020-12-19 10:56 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-12-19 01:29 - 2020-04-13 23:40 - 000002427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2020-12-17 15:53 - 2020-08-22 19:18 - 000002452 _____ C:\Users\jcld1950\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-12-17 15:53 - 2013-11-30 20:14 - 000000000 ___RD C:\Users\jcld1950\SkyDrive 2020-12-16 16:32 - 2020-08-07 15:03 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2020-12-09 19:38 - 2017-04-12 16:59 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2020-12-09 15:39 - 2020-08-22 19:11 - 000480264 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz 2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2020-12-09 15:35 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender ==================== Fichiers à la racine de certains dossiers ======== 2020-10-26 16:06 - 2020-10-26 16:06 - 000000000 ____D () C:\ProgramData\DUNotifier.exe 2015-05-21 16:15 - 2015-08-04 11:40 - 001872384 _____ () C:\Users\jcld1950\ZHPCleaner.exe 2013-12-17 21:22 - 2013-12-17 21:22 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.6284.dll 2014-10-08 09:25 - 2010-01-26 17:11 - 000444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe 2015-03-28 10:29 - 2015-03-28 10:30 - 000000005 _____ () C:\Users\jcld1950\AppData\Roaming\dossier.txt 2019-08-29 16:13 - 2019-08-29 16:13 - 000000000 _____ () C:\Users\jcld1950\AppData\Roaming\Meihua2_Selected_Device.ini 2016-11-04 13:52 - 2016-10-25 17:30 - 000000043 _____ () C:\Users\jcld1950\AppData\Roaming\pdfdrawcodec.dll 2016-04-03 15:56 - 2016-11-25 18:04 - 000000098 _____ () C:\Users\jcld1950\AppData\Roaming\SDC_Path_Meihua2_U.ini 2014-01-09 14:29 - 2014-03-31 00:29 - 000000140 _____ () C:\Users\jcld1950\AppData\Roaming\WB.CFG 2015-08-04 16:02 - 2015-08-04 16:02 - 000120948 _____ () C:\Users\jcld1950\AppData\Local\ars.cache 2015-08-04 19:43 - 2015-08-04 19:43 - 000328122 _____ () C:\Users\jcld1950\AppData\Local\census.cache 2015-08-04 15:31 - 2015-08-04 15:31 - 000000036 _____ () C:\Users\jcld1950\AppData\Local\housecall.guid.cache 2015-03-27 11:02 - 2015-03-27 11:02 - 000011788 _____ () C:\Users\jcld1950\AppData\Local\Temp-log.txt 2020-04-28 10:09 - 2020-04-28 10:09 - 000000000 _____ () C:\Users\jcld1950\AppData\Local\{2E122C8C-7D5F-415B-ACFA-78A493B6DE45} 2020-12-10 15:06 - 2020-12-10 15:06 - 000000000 _____ () C:\Users\jcld1950\AppData\Local\{487A7B74-9924-48DE-8F29-5BEA5A3DE8FF} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================