Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-12-2021
Exécuté par MAJINN BUU (administrateur) sur WYLLIAM-PC (Dell Inc. Inspiron 15-3552) (05-12-2021 02:59:08)
Exécuté depuis C:\Users\MAJINN BUU\Desktop
Profils chargés: MAJINN BUU
Plate-forme: Microsoft Windows 10 Famille Unilingue Version 1709 16299.15 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AutoIt Team) [Fichier non signé] C:\Users\MAJINN BUU\tccguy\qxejedmw.exe
(FastStone Soft) [Fichier non signé] C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\temp\DPTF\esif_assist_64.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Mega Limited -> Mega Limited) C:\Users\MAJINN BUU\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MAJINN BUU\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NeoSmart Technologies -> NeoSmart Technologies) C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Power Software Limited -> Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(SFX TEAM) [Fichier non signé] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
(Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe
(Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(WebToGo GmbH -> ) C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe
(WebToGo GmbH -> ) C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [InternetEverywhere_InternetEverywhere_Launcher.exe] => C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe [965392 2014-12-19] (WebToGo GmbH -> )
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-01-26] (voidtools -> )
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [418952 2016-02-10] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2018-01-17] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [57904 2017-05-05] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [7864296 2019-10-02] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-01] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [SuperCopier2.exe] => C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM) [Fichier non signé]
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5469696 2021-03-05] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-01] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [620032 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Windows\System32\osk.exe [620032 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [620032 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [226816 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon11.dll [31944 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-12-28]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NetWorx 6.0.4.lnk [2020-11-11]
ShortcutTarget: NetWorx 6.0.4.lnk -> C:\Program Files (x86)\NetWorx 6.0.4 x32 Bits\NetWorx 6.0.4.exe (SOFTPERFECT PTY. LTD. -> SoftPerfect)
Startup: C:\Users\MAJINN BUU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2021-01-05]
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe (FastStone Soft) [Fichier non signé]
Startup: C:\Users\MAJINN BUU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-11-09]
ShortcutTarget: MEGAsync.lnk -> C:\Users\MAJINN BUU\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02B9C93E-A313-4322-BB33-4AE7370D6E35} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [Fichier non signé]
Task: {08DCF645-5177-45AF-B8AB-BEF0F75EB5AB} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {0B5FC74A-E479-480F-960A-AF4498B31DF8} - System32\Tasks\tccguy => C:\Users\MAJINN BUU\tccguy\qxejedmw.exe [940032 2016-10-09] (AutoIt Team) [Fichier non signé] -> C:\Users\MAJINN~1\tccguy\mmvz.nbm
Task: {18821A11-3470-4611-93C8-70AE65908CD9} - System32\Tasks\RegCure Pro => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [4699952 2012-02-09] (ParetoLogic Inc. -> ParetoLogic, Inc.) [Fichier non signé] <==== ATTENTION
Task: {2E25434A-EBC9-4A93-B879-1130CD55FCA6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E8D9315-0126-4A65-B582-CF67AF1435C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {39E8DF6D-716C-44C8-A501-601FE541AB6E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {39F8F552-2592-4B24-8042-501DC0C3124B} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [222720 2011-11-25] (ParetoLogic Inc.) [Fichier non signé] <==== ATTENTION
Task: {4548D227-D4A9-4184-A53D-A512BA9CCDAB} - System32\Tasks\SafeZone scheduled Autoupdate 1583508457 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate (Pas de fichier)
Task: {479F68DB-4147-4ABA-A6AA-7E3FD0C05369} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {4C48DEE2-AA33-4260-9D13-1DFB9065F727} - System32\Tasks\Uninstaller_SkipUac_MAJINN_BUU => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5367056 2018-06-21] (IObit Information Technology -> IObit)
Task: {4FF8BB5B-3ECB-415C-9B28-6886474B6105} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)
Task: {6599FF7D-2C41-43B2-95EA-A2935F8EE291} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7813588-81D7-4150-8AC3-6AD014E5FCB0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-825289967-3368091839-1224303908-1001 => C:\Users\MAJINN BUU\AppData\Local\MEGAsync\MEGAupdater.exe [1820848 2021-11-27] (Mega Limited -> Mega Limited)
Task: {B161E207-8B67-4B14-833F-3E645F2A3778} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B33C5B20-5C57-4626-A87C-3B7C6095391A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9A272F4-58CA-41E2-84D5-02FA5AB55090} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7972528 2017-12-01] (Piriform Ltd -> Piriform Ltd)
Task: {C08C2C05-5BC9-41D8-96B7-607132DB7359} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {C1DAF7FD-5278-4021-896C-0CE70633DE46} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier)
Task: {CD0F0798-58A5-4B79-8635-7039B94E7EBF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CF033728-F8E1-437F-AFBB-305A7699BD7B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0AF39BB-C11A-43C3-B327-B08B2738FA35} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DD8FECE4-137C-471D-96C3-41DA2F592D08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E034DCEC-B6E7-4B23-BE22-9ADB61A4B194} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-11-24] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6DC7BDD-A0F9-470D-817D-5C0519864F62} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => rundll32.exe C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{0ABC3D78-8244-4051-B2F0-1912A42F42C1}: [NameServer] 8.8.8.8 41.202.217.2
Tcpip\..\Interfaces\{98b00918-09b3-44f5-8a44-799da9ba7450}: [DhcpNameServer] 192.168.8.1 192.168.8.1
FireFox:
========
FF DefaultProfile: c8b6d1o6.default-1615768968289
FF ProfilePath: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289 [2021-12-05]
FF user.js: detected! => C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\user.js [2019-09-10]
FF Session Restore: Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289 -> hxxps://mail.google.com; hxxps://cdn.films-regarder.tv; hxxps://mail.yahoo.com; hxxps://www.nutaku.net; hxxps://mugenarchive.com; hxxps://twitter.com
FF Extension: (AIO Search) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\ASToolbar@aiosearch.com.xpi [2021-03-15]
FF Extension: (ZenMate VPN Gratuit – Meilleur VPN) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\firefox-webext@zenmate.com.xpi [2020-03-14]
FF Extension: (SaveFrom.net Helper) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\helper@savefrom.net.xpi [2021-12-05]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi [2021-09-21]
FF Extension: (To Google Translate) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-08-12]
FF Extension: (Pas de nom) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2021-12-05]
FF Extension: (Save Image In Folder) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\save-image-in-folder@revertron.com.xpi [2021-03-15]
FF Extension: (Save Page WE) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\savepage-we@DW-dev.xpi [2021-11-27]
FF Extension: (uBlock Origin) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\uBlock0@raymondhill.net.xpi [2021-11-27]
FF Extension: (User-Agent Switcher) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2020-12-15]
FF Extension: (Flagfox) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2021-11-27]
FF Extension: (Mystery of Stonehenge by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{1b1c0a36-e3ea-46a5-8540-962275689a7d}.xpi [2021-11-27]
FF Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2021-03-04]
FF Extension: (Calm Sunrise by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{389b9555-dbf1-4ac0-b302-336ff129fc63}.xpi [2021-08-12]
FF Extension: (Utopia Bright by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{4a679229-1e54-40e8-bedd-24704fd9d6b1}.xpi [2020-01-16]
FF Extension: (SingleFile) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2021-12-05]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2021-03-04] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Save Page As PDF) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{682a0676-858c-2019-a8c2-a28f872a9329}.xpi [2021-03-15]
FF Extension: (Country Flags & IP Whois) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{802a552e-13d1-4683-a40a-1e5325fba4bb}.xpi [2021-09-21]
FF Extension: (Spring Rain Drops by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{8a668b18-72e2-4be7-a663-ce55c6e18a31}.xpi [2021-08-12]
FF Extension: (Weather) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{a79a9c4c-9c3f-4bf4-9e58-6574cc0b7ecb}.xpi [2021-09-21]
FF Extension: (Fall Painting by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{b93bf253-3488-4a08-ae45-784b32b210b4}.xpi [2021-08-12]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-27]
FF Extension: (Running Foxes by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi [2021-08-12]
FF SearchPlugin: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\searchplugins\AdTrustMediaComodo Dragon.xml [2020-03-21]
FF SearchPlugin: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\searchplugins\babylon.xml [2019-09-30]
FF SearchPlugin: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\searchplugins\yandex.ru-131621.xml [2016-08-05]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => non trouvé(e)
FF HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MAJINN BUU\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MAJINN BUU\AppData\Roaming\IDM\idmmzcc5 [2021-10-06] [] [non signé]
FF HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2017-03-09] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-03]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743984 2021-10-06] (philandro Software GmbH -> philandro Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853384 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22304 2018-01-17] (Intel(R) Driver & Support Assistant -> Intel)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [5840360 2019-10-02] (GlassWire -> SecureMix LLC)
R2 InternetEverywhere_Service; C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe [536848 2014-12-19] (WebToGo GmbH -> )
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit Information Technology -> IObit)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2017-03-09] (Nitro Software, Inc. -> )
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [323632 2017-05-05] (Locktime Software s.r.o. -> Locktime Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [71880 2017-03-09] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\KeepVid\KeepVid Pro\DriverInstall.exe [109688 2018-01-09] (WONBO TECHNOLOGY Co.,LIMITED -> Wondershare)
S2 Sage100GP Scheduler; "C:\Program Files (x86)\Sage\Gestion de Production 100c\Scheduler.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2020-03-06] (AVAST Software a.s. -> The OpenVPN Project)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit Information Technology -> IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit Information Technology -> IObit.com)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [149880 2017-05-05] (Locktime Software s.r.o. -> Locktime Software)
S3 phantomtap; C:\Windows\System32\drivers\phantomtap.sys [45056 2018-08-14] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SCDModem; C:\Windows\system32\DRIVERS\SCDModem.sys [25600 2014-07-31] (Microsoft Windows Hardware Compatibility Publisher -> SCD-MBB Device)
S3 SCDSerials; C:\Windows\system32\DRIVERS\SCDSerials.sys [25600 2014-07-31] (Microsoft Windows Hardware Compatibility Publisher -> SCD-MBB Device)
S3 SCDUsbHub; C:\Windows\System32\drivers\SCDUsbHub.sys [18600 2014-07-31] (Spreadtrum Communications(Shanghai) Co.Ltd. -> DriverCoding Incorporated.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [35784 2017-02-03] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237376 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-05 03:00 - 2021-12-05 03:00 - 000743820 _____ C:\Users\MAJINN BUU\Downloads\Supprimer les virus et désinfecter son PC - malekal.com.html
2021-12-05 02:59 - 2021-12-05 03:01 - 000032374 _____ C:\Users\MAJINN BUU\Desktop\FRST.txt
2021-12-05 02:56 - 2021-12-05 02:56 - 000000000 ____D C:\Users\MAJINN BUU\Desktop\FRST-OlderVersion
2021-12-05 02:44 - 2021-12-05 02:45 - 000004943 _____ C:\Windows\system32\default_error_stack-000017-000000.txt
2021-12-04 14:04 - 2021-09-10 09:36 - 000002303 _____ C:\777.txt
2021-12-04 12:25 - 2021-12-04 12:26 - 000000000 ____D C:\10
2021-12-04 12:12 - 2021-12-04 12:12 - 000000000 ____D C:\001
2021-12-01 18:39 - 2021-12-01 18:39 - 000045056 _____ C:\Users\MAJINN BUU\Documents\Sauvegarde EasyBCD (2021-12-01).bcd
2021-12-01 01:14 - 2017-09-29 14:41 - 000397752 __RSH C:\bootmgr
2021-12-01 01:14 - 2017-09-29 14:41 - 000000001 ___SH C:\BOOTNXT
2021-12-01 01:09 - 2021-12-04 07:24 - 000000000 ____D C:\EFI
2021-12-01 00:56 - 2021-12-01 00:56 - 000004943 _____ C:\Windows\system32\default_error_stack-000016-000000.txt
2021-11-30 15:34 - 2021-12-03 22:45 - 000877262 _____ C:\Windows\ntbtlog.txt
2021-11-30 03:13 - 2021-11-30 03:14 - 000004943 _____ C:\Windows\system32\default_error_stack-000015-000000.txt
2021-11-30 02:54 - 2021-11-30 02:54 - 000004943 _____ C:\Windows\system32\default_error_stack-000014-000000.txt
2021-11-30 02:00 - 2021-11-30 02:00 - 000036864 _____ C:\Users\MAJINN BUU\Documents\Sauvegarde EasyBCD (2021-11-30).bcd
2021-11-29 12:00 - 2021-11-29 12:02 - 000408576 _____ C:\Windows\system32\UserMgrLog.etl
2021-11-29 12:00 - 2021-11-29 12:02 - 000021504 _____ C:\Windows\system32\umstartup.etl
2021-11-27 04:24 - 2021-11-27 04:24 - 000004943 _____ C:\Windows\system32\default_error_stack-000013-000000.txt
2021-11-14 00:09 - 2021-11-14 00:09 - 000032768 _____ C:\Users\MAJINN BUU\Documents\EasyBCD (2021-11-14).bcd
2021-11-13 23:45 - 2021-11-13 23:45 - 000004943 _____ C:\Windows\system32\default_error_stack-000012-000000.txt
2021-11-13 23:32 - 2021-11-13 23:32 - 000004943 _____ C:\Windows\system32\default_error_stack-000011-000000.txt
2021-11-13 22:41 - 2021-11-13 22:41 - 000004943 _____ C:\Windows\system32\default_error_stack-000010-000000.txt
2021-11-12 20:37 - 2021-11-12 20:37 - 000000000 _____ C:\Nouveau document texte (2).txt
2021-11-12 19:12 - 2021-11-12 19:12 - 000004943 _____ C:\Windows\system32\default_error_stack-000009-000000.txt
2021-11-12 18:39 - 2021-12-04 21:22 - 000000000 ____D C:\15
2021-11-10 08:20 - 2021-11-10 08:21 - 000004943 _____ C:\Windows\system32\default_error_stack-000008-000000.txt
2021-11-09 15:25 - 2021-11-09 15:25 - 000000000 ____D C:\Users\MAJINN BUU\Documents\MEGA
2021-11-09 15:22 - 2021-11-27 04:23 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\MEGAsync
2021-11-09 15:22 - 2021-11-09 15:22 - 000001192 _____ C:\Users\MAJINN BUU\Desktop\MEGAsync.lnk
2021-11-09 15:22 - 2021-11-09 15:22 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2021-11-09 15:22 - 2021-11-09 15:22 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2021-11-09 15:22 - 2021-11-09 15:22 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\Mega Limited
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-05 03:00 - 2021-10-09 01:45 - 000000000 ____D C:\FRST
2021-12-05 02:57 - 2020-03-14 03:34 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\CrashDumps
2021-12-05 02:56 - 2021-10-09 01:29 - 002311680 _____ (Farbar) C:\Users\MAJINN BUU\Desktop\FRST64.exe
2021-12-05 02:46 - 2020-03-14 03:50 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-12-05 02:45 - 2021-02-21 09:27 - 000004176 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{486DF789-AC3D-4766-8083-9F7FF5CC2AA6}
2021-12-05 02:43 - 2021-09-12 10:49 - 000000000 ____D C:\Program Files (x86)\NetWorx 6.0.4 x32 Bits
2021-12-05 02:43 - 2020-12-19 08:10 - 000000000 ____D C:\ProgramData\ProductData
2021-12-05 02:42 - 2020-03-07 11:41 - 000000000 ____D C:\Users\MAJINN BUU\AppData\LocalLow\Mozilla
2021-12-05 02:41 - 2019-09-16 18:40 - 000000000 __SHD C:\Users\MAJINN BUU\IntelGraphicsProfiles
2021-12-05 02:41 - 2019-09-16 16:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-04 07:21 - 2020-05-15 22:25 - 000000000 ____D C:\Cache Adobe
2021-12-03 22:48 - 2017-09-29 09:45 - 000786432 _____ C:\Windows\system32\config\BBI
2021-12-03 15:17 - 2020-12-15 05:22 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\DMCache
2021-12-03 15:07 - 2020-11-11 17:06 - 000004212 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-12-03 14:33 - 2019-09-16 18:45 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\vlc
2021-12-03 14:11 - 2019-09-16 16:52 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-01 18:32 - 2017-09-29 14:46 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-12-01 00:50 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2021-11-30 22:45 - 2021-04-16 06:14 - 000172032 _____ C:\Users\MAJINN BUU\Documents\Sauvegarde EasyBCD (2021-04-16).bcd
2021-11-30 22:43 - 2019-09-16 17:04 - 004955640 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-30 22:43 - 2017-09-30 15:41 - 002435288 _____ C:\Windows\system32\perfh00C.dat
2021-11-30 22:43 - 2017-09-30 15:41 - 000627312 _____ C:\Windows\system32\perfc00C.dat
2021-11-30 22:42 - 2020-12-19 15:06 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-11-29 12:01 - 2019-09-16 18:34 - 000000000 ____D C:\Windows\pss
2021-11-27 04:40 - 2020-03-07 12:41 - 000000000 ____D C:\Users\MAJINN BUU\Downloads\Compressed
2021-11-27 04:38 - 2020-03-07 12:41 - 000000000 ____D C:\Users\MAJINN BUU\Downloads\Video
2021-11-13 19:53 - 2017-09-29 14:44 - 000000000 ____D C:\Windows\INF
2021-11-09 15:50 - 2020-11-11 21:28 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\Everything
2021-11-09 15:50 - 2020-11-11 17:02 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\Everything
2021-11-09 15:32 - 2020-03-14 03:50 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
==================== Fichiers à la racine de certains dossiers ========
2021-03-28 20:06 - 2019-03-28 10:11 - 000045248 ___SH (Microsoft Corporation) C:\Users\MAJINN BUU\RegSvcs.exe
2021-03-23 15:26 - 2021-03-23 15:27 - 070615865 _____ () C:\Program Files (x86)\Video Editor Pro.rar
2021-02-24 10:15 - 2021-02-24 10:15 - 000003584 _____ () C:\Users\MAJINN BUU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-11-09 15:15 - 2021-11-09 15:15 - 000000000 _____ () C:\Users\MAJINN BUU\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2021-12-01 00:48
==================== Fin de FRST.txt ========================
Exécuté par MAJINN BUU (administrateur) sur WYLLIAM-PC (Dell Inc. Inspiron 15-3552) (05-12-2021 02:59:08)
Exécuté depuis C:\Users\MAJINN BUU\Desktop
Profils chargés: MAJINN BUU
Plate-forme: Microsoft Windows 10 Famille Unilingue Version 1709 16299.15 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(AutoIt Team) [Fichier non signé] C:\Users\MAJINN BUU\tccguy\qxejedmw.exe
(FastStone Soft) [Fichier non signé] C:\Program Files (x86)\FastStone Capture\FSCapture.exe
(FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
(GlassWire -> SecureMix LLC) C:\Program Files (x86)\GlassWire\GWIdlMon.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Driver & Support Assistant -> Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\temp\DPTF\esif_assist_64.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Locktime Software s.r.o. -> Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Mega Limited -> Mega Limited) C:\Users\MAJINN BUU\AppData\Local\MEGAsync\MEGAsync.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MAJINN BUU\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\osk.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <12>
(NeoSmart Technologies -> NeoSmart Technologies) C:\Program Files (x86)\NeoSmart Technologies\EasyBCD\EasyBCD.exe
(Nitro Software, Inc. -> ) C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe
(Nitro Software, Inc. -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro Software, Inc. -> Nitro Software, Inc.) C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe <2>
(Power Software Limited -> Power Software Ltd) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
(SFX TEAM) [Fichier non signé] C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe
(Tonec Inc. -> Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Tonec Inc. -> Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMMsgHost.exe
(Tonec Inc.) [Fichier non signé] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(WebToGo GmbH -> ) C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe
(WebToGo GmbH -> ) C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [InternetEverywhere_InternetEverywhere_Launcher.exe] => C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Launcher.exe [965392 2014-12-19] (WebToGo GmbH -> )
HKLM-x32\...\Run: [Everything] => C:\Program Files (x86)\Everything\Everything.exe [1710880 2019-01-26] (voidtools -> )
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [418952 2016-02-10] (Power Software Limited -> Power Software Ltd)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2018-01-17] (Intel(R) Driver & Support Assistant -> Intel)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.8\bin\EpmNews.exe [2089056 2015-09-16] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) [Fichier non signé]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706288 2021-04-09] (Oracle America, Inc. -> Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [57904 2017-05-05] (Locktime Software s.r.o. -> Locktime Software)
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [GlassWire] => C:\Program Files (x86)\GlassWire\glasswire.exe [7864296 2019-10-02] (GlassWire -> SecureMix LLC)
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-01] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [SuperCopier2.exe] => C:\Program Files (x86)\SuperCopier2\SuperCopier2.exe [955392 2009-08-16] (SFX TEAM) [Fichier non signé]
HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [5469696 2021-03-05] (Tonec Inc.) [Fichier non signé]
HKU\S-1-5-18\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10249048 2017-12-01] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\Windows\System32\osk.exe [620032 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Windows\System32\osk.exe [620032 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Windows\System32\osk.exe [620032 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\IppMon: C:\Windows\system32\IPPMon.dll [226816 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon11.dll [31944 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-12-28]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NetWorx 6.0.4.lnk [2020-11-11]
ShortcutTarget: NetWorx 6.0.4.lnk -> C:\Program Files (x86)\NetWorx 6.0.4 x32 Bits\NetWorx 6.0.4.exe (SOFTPERFECT PTY. LTD. -> SoftPerfect)
Startup: C:\Users\MAJINN BUU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FastStone Capture.lnk [2021-01-05]
ShortcutTarget: FastStone Capture.lnk -> C:\Program Files (x86)\FastStone Capture\FSCapture.exe (FastStone Soft) [Fichier non signé]
Startup: C:\Users\MAJINN BUU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2021-11-09]
ShortcutTarget: MEGAsync.lnk -> C:\Users\MAJINN BUU\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02B9C93E-A313-4322-BB33-4AE7370D6E35} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [Fichier non signé]
Task: {08DCF645-5177-45AF-B8AB-BEF0F75EB5AB} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {0B5FC74A-E479-480F-960A-AF4498B31DF8} - System32\Tasks\tccguy => C:\Users\MAJINN BUU\tccguy\qxejedmw.exe [940032 2016-10-09] (AutoIt Team) [Fichier non signé] -> C:\Users\MAJINN~1\tccguy\mmvz.nbm
Task: {18821A11-3470-4611-93C8-70AE65908CD9} - System32\Tasks\RegCure Pro => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [4699952 2012-02-09] (ParetoLogic Inc. -> ParetoLogic, Inc.) [Fichier non signé] <==== ATTENTION
Task: {2E25434A-EBC9-4A93-B879-1130CD55FCA6} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E8D9315-0126-4A65-B582-CF67AF1435C5} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {39E8DF6D-716C-44C8-A501-601FE541AB6E} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {39F8F552-2592-4B24-8042-501DC0C3124B} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [222720 2011-11-25] (ParetoLogic Inc.) [Fichier non signé] <==== ATTENTION
Task: {4548D227-D4A9-4184-A53D-A512BA9CCDAB} - System32\Tasks\SafeZone scheduled Autoupdate 1583508457 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate (Pas de fichier)
Task: {479F68DB-4147-4ABA-A6AA-7E3FD0C05369} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {4C48DEE2-AA33-4260-9D13-1DFB9065F727} - System32\Tasks\Uninstaller_SkipUac_MAJINN_BUU => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [5367056 2018-06-21] (IObit Information Technology -> IObit)
Task: {4FF8BB5B-3ECB-415C-9B28-6886474B6105} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com)
Task: {6599FF7D-2C41-43B2-95EA-A2935F8EE291} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {A7813588-81D7-4150-8AC3-6AD014E5FCB0} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-825289967-3368091839-1224303908-1001 => C:\Users\MAJINN BUU\AppData\Local\MEGAsync\MEGAupdater.exe [1820848 2021-11-27] (Mega Limited -> Mega Limited)
Task: {B161E207-8B67-4B14-833F-3E645F2A3778} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2020-10-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {B33C5B20-5C57-4626-A87C-3B7C6095391A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {B9A272F4-58CA-41E2-84D5-02FA5AB55090} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7972528 2017-12-01] (Piriform Ltd -> Piriform Ltd)
Task: {C08C2C05-5BC9-41D8-96B7-607132DB7359} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel(R) Software Asset Manager -> Intel Corporation)
Task: {C1DAF7FD-5278-4021-896C-0CE70633DE46} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe --automatic (Pas de fichier)
Task: {CD0F0798-58A5-4B79-8635-7039B94E7EBF} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {CF033728-F8E1-437F-AFBB-305A7699BD7B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {D0AF39BB-C11A-43C3-B327-B08B2738FA35} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {DD8FECE4-137C-471D-96C3-41DA2F592D08} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118128 2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {E034DCEC-B6E7-4B23-BE22-9ADB61A4B194} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2020-11-24] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6DC7BDD-A0F9-470D-817D-5C0519864F62} - System32\Tasks\ParetoLogic Registration3 => C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => rundll32.exe C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\RegCure Pro.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{0ABC3D78-8244-4051-B2F0-1912A42F42C1}: [NameServer] 8.8.8.8 41.202.217.2
Tcpip\..\Interfaces\{98b00918-09b3-44f5-8a44-799da9ba7450}: [DhcpNameServer] 192.168.8.1 192.168.8.1
FireFox:
========
FF DefaultProfile: c8b6d1o6.default-1615768968289
FF ProfilePath: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289 [2021-12-05]
FF user.js: detected! => C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\user.js [2019-09-10]
FF Session Restore: Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289 -> hxxps://mail.google.com; hxxps://cdn.films-regarder.tv; hxxps://mail.yahoo.com; hxxps://www.nutaku.net; hxxps://mugenarchive.com; hxxps://twitter.com
FF Extension: (AIO Search) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\ASToolbar@aiosearch.com.xpi [2021-03-15]
FF Extension: (ZenMate VPN Gratuit – Meilleur VPN) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\firefox-webext@zenmate.com.xpi [2020-03-14]
FF Extension: (SaveFrom.net Helper) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\helper@savefrom.net.xpi [2021-12-05]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (Hola Free VPN Proxy Unblocker) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\jid1-4P0kohSJxU1qGg@jetpack.xpi [2021-09-21]
FF Extension: (To Google Translate) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-08-12]
FF Extension: (Pas de nom) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\mozilla_cc3@internetdownloadmanager.com.xpi [2021-12-05]
FF Extension: (Save Image In Folder) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\save-image-in-folder@revertron.com.xpi [2021-03-15]
FF Extension: (Save Page WE) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\savepage-we@DW-dev.xpi [2021-11-27]
FF Extension: (uBlock Origin) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\uBlock0@raymondhill.net.xpi [2021-11-27]
FF Extension: (User-Agent Switcher) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\user-agent-switcher@ninetailed.ninja.xpi [2020-12-15]
FF Extension: (Flagfox) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2021-11-27]
FF Extension: (Mystery of Stonehenge by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{1b1c0a36-e3ea-46a5-8540-962275689a7d}.xpi [2021-11-27]
FF Extension: (X-notifier (for Gmail™,Hotmail,Yahoo,AOL...)) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2021-03-04]
FF Extension: (Calm Sunrise by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{389b9555-dbf1-4ac0-b302-336ff129fc63}.xpi [2021-08-12]
FF Extension: (Utopia Bright by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{4a679229-1e54-40e8-bedd-24704fd9d6b1}.xpi [2020-01-16]
FF Extension: (SingleFile) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2021-12-05]
FF Extension: (Stay secure with CyberGhost VPN Free Proxy) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2021-03-04] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]
FF Extension: (Save Page As PDF) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{682a0676-858c-2019-a8c2-a28f872a9329}.xpi [2021-03-15]
FF Extension: (Country Flags & IP Whois) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{802a552e-13d1-4683-a40a-1e5325fba4bb}.xpi [2021-09-21]
FF Extension: (Spring Rain Drops by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{8a668b18-72e2-4be7-a663-ce55c6e18a31}.xpi [2021-08-12]
FF Extension: (Weather) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{a79a9c4c-9c3f-4bf4-9e58-6574cc0b7ecb}.xpi [2021-09-21]
FF Extension: (Fall Painting by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{b93bf253-3488-4a08-ae45-784b32b210b4}.xpi [2021-08-12]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-27]
FF Extension: (Running Foxes by MaDonna) - C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi [2021-08-12]
FF SearchPlugin: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\searchplugins\AdTrustMediaComodo Dragon.xml [2020-03-21]
FF SearchPlugin: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\searchplugins\babylon.xml [2019-09-30]
FF SearchPlugin: C:\Users\MAJINN BUU\AppData\Roaming\Mozilla\Firefox\Profiles\c8b6d1o6.default-1615768968289\searchplugins\yandex.ru-131621.xml [2016-08-05]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => non trouvé(e)
FF HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\MAJINN BUU\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\MAJINN BUU\AppData\Roaming\IDM\idmmzcc5 [2021-10-06] [] [non signé]
FF HKU\S-1-5-21-825289967-3368091839-1224303908-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-12-20] []
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files (x86)\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-06-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 11\npnitromozilla.dll [2017-03-09] (Nitro Software, Inc. -> Nitro PDF)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-03]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2021-03-03]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743984 2021-10-06] (philandro Software GmbH -> philandro Software GmbH)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853384 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22304 2018-01-17] (Intel(R) Driver & Support Assistant -> Intel)
R2 GlassWire; C:\Program Files (x86)\GlassWire\GWCtlSrv.exe [5840360 2019-10-02] (GlassWire -> SecureMix LLC)
R2 InternetEverywhere_Service; C:\Program Files (x86)\InternetEverywhere\InternetEverywhere_Service.exe [536848 2014-12-19] (WebToGo GmbH -> )
R2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [206096 2018-01-25] (IObit Information Technology -> IObit)
R2 NitroDriverReadSpool11; C:\Program Files\Nitro\Pro 11\NitroPDFDriverService11x64.exe [327368 2017-03-09] (Nitro Software, Inc. -> Nitro Software, Inc.)
R2 NitroUpdateService; C:\Program Files\Nitro\Pro 11\Nitro_UpdateService.exe [419016 2017-03-09] (Nitro Software, Inc. -> )
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [323632 2017-05-05] (Locktime Software s.r.o. -> Locktime Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [71880 2017-03-09] (Nitro Software, Inc. -> Nalpeiron Ltd.)
S4 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
S3 WsDrvInst; C:\Program Files (x86)\KeepVid\KeepVid Pro\DriverInstall.exe [109688 2018-01-09] (WONBO TECHNOLOGY Co.,LIMITED -> Wondershare)
S2 Sage100GP Scheduler; "C:\Program Files (x86)\Sage\Gestion de Production 100c\Scheduler.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswTap; C:\Windows\System32\drivers\aswTap.sys [44640 2020-03-06] (AVAST Software a.s. -> The OpenVPN Project)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-25] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2014-11-18] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Fichier non signé]
R1 gwdrv; C:\Windows\system32\DRIVERS\gwdrv.sys [33152 2015-05-29] (GlassWire -> SecureMix LLC)
R3 IUFileFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-06-06] (IObit Information Technology -> IObit.com)
R3 IURegProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [40328 2018-01-10] (IObit Information Technology -> IObit.com)
R0 nldrv; C:\Windows\System32\drivers\nldrv.sys [149880 2017-05-05] (Locktime Software s.r.o. -> Locktime Software)
S3 phantomtap; C:\Windows\System32\drivers\phantomtap.sys [45056 2018-08-14] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
S3 SCDModem; C:\Windows\system32\DRIVERS\SCDModem.sys [25600 2014-07-31] (Microsoft Windows Hardware Compatibility Publisher -> SCD-MBB Device)
S3 SCDSerials; C:\Windows\system32\DRIVERS\SCDSerials.sys [25600 2014-07-31] (Microsoft Windows Hardware Compatibility Publisher -> SCD-MBB Device)
S3 SCDUsbHub; C:\Windows\System32\drivers\SCDUsbHub.sys [18600 2014-07-31] (Spreadtrum Communications(Shanghai) Co.Ltd. -> DriverCoding Incorporated.)
S3 tap0901; C:\Windows\System32\drivers\tap0901.sys [35784 2017-02-03] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] (Empty Loop -> )
S3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [237376 2020-07-10] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-05 03:00 - 2021-12-05 03:00 - 000743820 _____ C:\Users\MAJINN BUU\Downloads\Supprimer les virus et désinfecter son PC - malekal.com.html
2021-12-05 02:59 - 2021-12-05 03:01 - 000032374 _____ C:\Users\MAJINN BUU\Desktop\FRST.txt
2021-12-05 02:56 - 2021-12-05 02:56 - 000000000 ____D C:\Users\MAJINN BUU\Desktop\FRST-OlderVersion
2021-12-05 02:44 - 2021-12-05 02:45 - 000004943 _____ C:\Windows\system32\default_error_stack-000017-000000.txt
2021-12-04 14:04 - 2021-09-10 09:36 - 000002303 _____ C:\777.txt
2021-12-04 12:25 - 2021-12-04 12:26 - 000000000 ____D C:\10
2021-12-04 12:12 - 2021-12-04 12:12 - 000000000 ____D C:\001
2021-12-01 18:39 - 2021-12-01 18:39 - 000045056 _____ C:\Users\MAJINN BUU\Documents\Sauvegarde EasyBCD (2021-12-01).bcd
2021-12-01 01:14 - 2017-09-29 14:41 - 000397752 __RSH C:\bootmgr
2021-12-01 01:14 - 2017-09-29 14:41 - 000000001 ___SH C:\BOOTNXT
2021-12-01 01:09 - 2021-12-04 07:24 - 000000000 ____D C:\EFI
2021-12-01 00:56 - 2021-12-01 00:56 - 000004943 _____ C:\Windows\system32\default_error_stack-000016-000000.txt
2021-11-30 15:34 - 2021-12-03 22:45 - 000877262 _____ C:\Windows\ntbtlog.txt
2021-11-30 03:13 - 2021-11-30 03:14 - 000004943 _____ C:\Windows\system32\default_error_stack-000015-000000.txt
2021-11-30 02:54 - 2021-11-30 02:54 - 000004943 _____ C:\Windows\system32\default_error_stack-000014-000000.txt
2021-11-30 02:00 - 2021-11-30 02:00 - 000036864 _____ C:\Users\MAJINN BUU\Documents\Sauvegarde EasyBCD (2021-11-30).bcd
2021-11-29 12:00 - 2021-11-29 12:02 - 000408576 _____ C:\Windows\system32\UserMgrLog.etl
2021-11-29 12:00 - 2021-11-29 12:02 - 000021504 _____ C:\Windows\system32\umstartup.etl
2021-11-27 04:24 - 2021-11-27 04:24 - 000004943 _____ C:\Windows\system32\default_error_stack-000013-000000.txt
2021-11-14 00:09 - 2021-11-14 00:09 - 000032768 _____ C:\Users\MAJINN BUU\Documents\EasyBCD (2021-11-14).bcd
2021-11-13 23:45 - 2021-11-13 23:45 - 000004943 _____ C:\Windows\system32\default_error_stack-000012-000000.txt
2021-11-13 23:32 - 2021-11-13 23:32 - 000004943 _____ C:\Windows\system32\default_error_stack-000011-000000.txt
2021-11-13 22:41 - 2021-11-13 22:41 - 000004943 _____ C:\Windows\system32\default_error_stack-000010-000000.txt
2021-11-12 20:37 - 2021-11-12 20:37 - 000000000 _____ C:\Nouveau document texte (2).txt
2021-11-12 19:12 - 2021-11-12 19:12 - 000004943 _____ C:\Windows\system32\default_error_stack-000009-000000.txt
2021-11-12 18:39 - 2021-12-04 21:22 - 000000000 ____D C:\15
2021-11-10 08:20 - 2021-11-10 08:21 - 000004943 _____ C:\Windows\system32\default_error_stack-000008-000000.txt
2021-11-09 15:25 - 2021-11-09 15:25 - 000000000 ____D C:\Users\MAJINN BUU\Documents\MEGA
2021-11-09 15:22 - 2021-11-27 04:23 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\MEGAsync
2021-11-09 15:22 - 2021-11-09 15:22 - 000001192 _____ C:\Users\MAJINN BUU\Desktop\MEGAsync.lnk
2021-11-09 15:22 - 2021-11-09 15:22 - 000000000 ____D C:\Windows\system32\Tasks\MEGA
2021-11-09 15:22 - 2021-11-09 15:22 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2021-11-09 15:22 - 2021-11-09 15:22 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\Mega Limited
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-05 03:00 - 2021-10-09 01:45 - 000000000 ____D C:\FRST
2021-12-05 02:57 - 2020-03-14 03:34 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\CrashDumps
2021-12-05 02:56 - 2021-10-09 01:29 - 002311680 _____ (Farbar) C:\Users\MAJINN BUU\Desktop\FRST64.exe
2021-12-05 02:46 - 2020-03-14 03:50 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2021-12-05 02:45 - 2021-02-21 09:27 - 000004176 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{486DF789-AC3D-4766-8083-9F7FF5CC2AA6}
2021-12-05 02:43 - 2021-09-12 10:49 - 000000000 ____D C:\Program Files (x86)\NetWorx 6.0.4 x32 Bits
2021-12-05 02:43 - 2020-12-19 08:10 - 000000000 ____D C:\ProgramData\ProductData
2021-12-05 02:42 - 2020-03-07 11:41 - 000000000 ____D C:\Users\MAJINN BUU\AppData\LocalLow\Mozilla
2021-12-05 02:41 - 2019-09-16 18:40 - 000000000 __SHD C:\Users\MAJINN BUU\IntelGraphicsProfiles
2021-12-05 02:41 - 2019-09-16 16:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-12-04 07:21 - 2020-05-15 22:25 - 000000000 ____D C:\Cache Adobe
2021-12-03 22:48 - 2017-09-29 09:45 - 000786432 _____ C:\Windows\system32\config\BBI
2021-12-03 15:17 - 2020-12-15 05:22 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\DMCache
2021-12-03 15:07 - 2020-11-11 17:06 - 000004212 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-12-03 14:33 - 2019-09-16 18:45 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\vlc
2021-12-03 14:11 - 2019-09-16 16:52 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-12-01 18:32 - 2017-09-29 14:46 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2021-12-01 00:50 - 2017-09-29 14:46 - 000000000 ____D C:\Windows\DeliveryOptimization
2021-11-30 22:45 - 2021-04-16 06:14 - 000172032 _____ C:\Users\MAJINN BUU\Documents\Sauvegarde EasyBCD (2021-04-16).bcd
2021-11-30 22:43 - 2019-09-16 17:04 - 004955640 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-30 22:43 - 2017-09-30 15:41 - 002435288 _____ C:\Windows\system32\perfh00C.dat
2021-11-30 22:43 - 2017-09-30 15:41 - 000627312 _____ C:\Windows\system32\perfc00C.dat
2021-11-30 22:42 - 2020-12-19 15:06 - 000003834 _____ C:\Windows\system32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2021-11-29 12:01 - 2019-09-16 18:34 - 000000000 ____D C:\Windows\pss
2021-11-27 04:40 - 2020-03-07 12:41 - 000000000 ____D C:\Users\MAJINN BUU\Downloads\Compressed
2021-11-27 04:38 - 2020-03-07 12:41 - 000000000 ____D C:\Users\MAJINN BUU\Downloads\Video
2021-11-13 19:53 - 2017-09-29 14:44 - 000000000 ____D C:\Windows\INF
2021-11-09 15:50 - 2020-11-11 21:28 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Local\Everything
2021-11-09 15:50 - 2020-11-11 17:02 - 000000000 ____D C:\Users\MAJINN BUU\AppData\Roaming\Everything
2021-11-09 15:32 - 2020-03-14 03:50 - 000003522 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
==================== Fichiers à la racine de certains dossiers ========
2021-03-28 20:06 - 2019-03-28 10:11 - 000045248 ___SH (Microsoft Corporation) C:\Users\MAJINN BUU\RegSvcs.exe
2021-03-23 15:26 - 2021-03-23 15:27 - 070615865 _____ () C:\Program Files (x86)\Video Editor Pro.rar
2021-02-24 10:15 - 2021-02-24 10:15 - 000003584 _____ () C:\Users\MAJINN BUU\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-11-09 15:15 - 2021-11-09 15:15 - 000000000 _____ () C:\Users\MAJINN BUU\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2021-12-01 00:48
==================== Fin de FRST.txt ========================