Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2021
Exécuté par JPG (administrateur) sur LAPTOP-F89CC33C (Acer Aspire E5-575) (10-12-2021 18:12:41)
Exécuté depuis C:\Users\JPG\Desktop
Profils chargés: JPG
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1348 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Ransomware Protection\Service\arp-application-service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Rene.E Laboratory Co., Ltd. -> Rene.E Laboratory) C:\Program Files (x86)\Rene.E Laboratory\Becca\x64\bcservice.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2020-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2020-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Acronis Ransomware Protection] => C:\Program Files (x86)\Acronis\Ransomware Protection\ARPTray.exe [670736 2018-12-14] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3311696 2019-05-01] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [FreeYouTubeDownloader] => C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe [1004544 2018-06-14] (Vitzo Ltd.) [Fichier non signé]
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [110018944 2021-06-07] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\EPSON XP-322 323 325 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBNEE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-04-17] (pdfforge GmbH) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01CA47D9-57F3-466D-8A35-D7909F257153} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {206A6E77-03F8-4A3D-8CFE-DF2AA1C07138} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-30] (Google Inc -> Google Inc.)
Task: {3E43E1EE-4CF8-4E2C-B290-FA92247A14E1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {406B3A4F-EF07-48FF-98F4-901D117C361E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C4D21DE-0B5D-4EC3-A01D-AFCCD481842D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {576BC47C-EC6F-4F2F-B8FD-C76EF55F3983} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
Task: {6058F644-1BA3-4785-BC50-B280D1FD10C2} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32696 2019-11-15] (Microsoft Corporation -> Microsoft)
Task: {6678C269-0834-4FD4-9C29-6646AE073742} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {698DCEAA-6B91-4C4A-9240-6B3E710358F7} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C31BBDA-6297-428C-A063-EAF7BF5DD900} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C57AE04-E3B8-46C6-87F2-3858210F5D4F} - System32\Tasks\CCleanerSkipUAC - JPG => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76BDEA8A-1E70-404F-A201-945A5FF1F157} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8349AD3F-5246-4972-9E39-FAA38213020A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88AF4459-8A96-4B3D-BC76-89F28584B886} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2177464 2019-11-15] (Microsoft Corporation -> Microsoft)
Task: {8A46CDD6-065A-4AB9-AD31-6C9887AB8DCD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {95C7CF78-5843-4248-845F-3D5F7FFBF7AE} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {9B2EFA91-055C-4295-A407-924544C37819} - System32\Tasks\EPSON XP-322 323 325 Series Update {104D0024-0296-4BE9-8DFC-44B1FB77D678} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {9BFCA748-BA14-437B-8217-4C6B91FDDB0D} - System32\Tasks\EPSON XP-322 323 325 Series Update {0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {9E4CDDB8-9BC2-41E7-993E-ABDD154F2C3A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1170832 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1213314-E05E-455F-AA7E-8CDE8B51BF04} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {A6343A6C-8519-4C42-A9F8-F297C7B71A62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-30] (Google Inc -> Google Inc.)
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\EPSON XP-322 323 325 Series Update {0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F}" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\EPSON XP-322 323 325 Series Update {104D0024-0296-4BE9-8DFC-44B1FB77D678}" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\FubToolByPLD" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ceip.exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ipoint.exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_itype.exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2005153464-3247899628-2303397517-1001" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Software Update Application" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\TrackerAutoUpdate" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {B7922693-A8F9-4197-95B1-1D2B7C052BF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C298CE50-355E-4B1E-AF9B-D7311C941F0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2F7A48B-5B9C-4D8E-BF23-5235F5D1E57A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {E9AC9E07-7A60-422C-B60B-D01F405ADDAA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4258A42-BBBD-46C2-AF6C-15DA8D969018} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE:/EXE:{0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F} /F:UpdateWORKGROUP\LAPTOP-F89CC33C$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {104D0024-0296-4BE9-8DFC-44B1FB77D678}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE:/EXE:{104D0024-0296-4BE9-8DFC-44B1FB77D678} /F:UpdateWORKGROUP\LAPTOP-F89CC33C$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{153bb5fa-b8bf-481d-85c6-b6ccd619d82c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{184eb532-a3ac-4132-8710-e9177dc522c0}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4db6cd75-9396-40e3-9ffa-8ca2ff7d413d}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d2787763-18a2-411f-ade3-98946922ae91}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{dddedc6c-5be9-4fdb-bff3-26936a73b911}: [DhcpNameServer] 192.168.1.254
Edge:
=======
DownloadDir: C:\Users\JPG\Downloads
Edge Notifications: HKU\S-1-5-21-2005153464-3247899628-2303397517-1001 -> hxxps://web.skype.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\JPG\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-06]
FireFox:
========
FF DefaultProfile: rh7cy8qe.default-1604653337398
FF ProfilePath: C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\j9iy1lwg.default-release [2021-12-06]
FF user.js: detected! => C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\j9iy1lwg.default-release\user.js [2020-02-14]
FF ProfilePath: C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398 [2021-12-10]
FF DownloadDir: C:\Users\JPG\Documents\PDF Architect\Downloads
FF Homepage: Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398 -> hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1466281096&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=hxxps:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1036&id=64855&mkt=fr-FR&cbcxt=mai
FF Session Restore: Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398 -> est activé.
FF Extension: (Facebook Container) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\@contain-facebook.xpi [2021-08-03]
FF Extension: (Dismoi) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\@lmem.xpi [2021-11-05]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\firefox@ghostery.com.xpi [2021-06-30]
FF Extension: (Privacy Badger) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-30]
FF Extension: (Lilo) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\jid1-zmgYgiQPXJtjNA@jetpack.xpi [2020-11-06]
FF Extension: (Lettres Gratuites) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\lettres-gratuites-2021@lettres-gratuites.com.xpi [2021-09-23]
FF Extension: (Pas de nom) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\qwantcomforfirefox@jetpack.xpi [2020-11-06]
FF Extension: (Pas de nom) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\support@shoptimate.com.xpi [2020-11-06]
FF Extension: (uBlock Origin) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\uBlock0@raymondhill.net.xpi [2021-12-04]
FF Extension: (Lilo Moteur et Solidaire (v2-s)) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{3004c9c0-ac9c-4ae2-9ac8-c59948bdd021}.xpi [2021-10-06]
FF Extension: (Bitwarden) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-12-10]
FF Extension: (Japanese Tattoo) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{4d7820bd-9fec-45f5-82db-92fd03cf7fc2}.xpi [2020-11-06]
FF Extension: (Colombian Firefox) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{64dcccca-a9cb-4459-97ba-c5723b1d0824}.xpi [2020-11-06]
FF Extension: (Adobe Flash) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{abf6a41a-5038-4dd9-abef-b66ae700fe88}.xpi [2020-11-06]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-11-23]
FF Extension: (Video DownloadHelper) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02]
FF Extension: () - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{c8934291-7998-4094-84fa-a352e8bd3aad}.xpi [2020-11-06]
FF Extension: (FranceVerif) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{cac6293f-5570-4186-a217-c8985fd59228}.xpi [2021-12-08]
FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2020-11-06]
FF Extension: (Flash Video Player for Facebook™) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{d0bfdcce-52c7-4b32-bb45-948f62db8d3f}.xpi [2020-11-06]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24]
FF Extension: (Ranfox) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{dfe49622-a99f-4571-9129-b06f6bbc9ba9}.xpi [2020-11-06]
FF Extension: (Katana 006) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{ff035bbc-2dc7-4c97-8630-0b6e96c70930}.xpi [2020-11-06]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-10-27] [] [non signé]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2005153464-3247899628-2303397517-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\JPG\AppData\Local\Google\Chrome\User Data\Default [2021-02-24]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc]
Vivaldi:
=======
VIV Profile: C:\Users\JPG\AppData\Local\Vivaldi\User Data\Default [2021-12-06]
VIV DefaultSearchURL: Default -> hxxps://search.totalav.com/search/web?fcoid=417&fcop=topnav&fpid=27&q={searchTerms}
VIV DefaultSearchKeyword: Default -> safesearch
VIV Extension: (Chrome Media Router) - C:\Users\JPG\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-31]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-12-04] (Acronis International GmbH -> Acronis International GmbH)
R2 ARPApplicationService; C:\Program Files (x86)\Acronis\Ransomware Protection\Service\arp-cloudusage.exe [25104 2018-12-14] (Acronis International GmbH -> )
R2 Becca Service; C:\Program Files (x86)\Rene.E Laboratory\Becca\x64\bcservice.exe [79344 2017-06-20] (Rene.E Laboratory Co., Ltd. -> Rene.E Laboratory)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
S3 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [25224 2021-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-27] (Malwarebytes Inc -> Malwarebytes)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
S3 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [413832 2017-11-01] (Geek Software GmbH -> Geek Software GmbH)
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-08] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-10-14] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [X]
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2018-12-21] (Acronis International GmbH -> Acronis International GmbH)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-12-03] (Martin Malik - REALiX -> REALiX(tm))
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129232 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-25] (Malwarebytes Inc -> Malwarebytes)
S3 MpKsl36839272; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [130296 2021-12-05] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl410ec00b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6EFE1A34-485C-4FF3-A7C2-97F4388048E6}\MpKslDrv.sys [134376 2021-12-10] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-02-01] (TEFINCOM S.A. -> )
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-01-30] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-10-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 cmdGuard; system32\DRIVERS\cmdguard.sys [X]
S1 cmdhlp; \SystemRoot\system32\DRIVERS\cmdhlp.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-10 18:12 - 2021-12-10 18:14 - 000036408 _____ C:\Users\JPG\Desktop\FRST.txt
2021-12-10 18:12 - 2021-12-10 18:13 - 000000000 ____D C:\FRST
2021-12-10 18:11 - 2021-12-10 18:10 - 002311168 _____ (Farbar) C:\Users\JPG\Desktop\FRST64.exe
2021-12-09 22:34 - 2021-12-10 07:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-12-08 18:00 - 2021-12-09 16:45 - 000000000 ____D C:\Users\JPG\AppData\Local\Aiseesoft Studio
2021-12-08 15:46 - 2021-12-08 23:10 - 000000000 ____D C:\Program Files (x86)\EaseUS
2021-12-08 15:46 - 2021-12-08 15:46 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-12-08 15:46 - 2021-12-08 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2021-12-08 15:45 - 2021-12-08 15:45 - 000000000 ____D C:\Users\JPG\AppData\Roaming\EaseUS
2021-12-08 15:45 - 2021-12-08 15:45 - 000000000 ____D C:\Program Files\EaseUS
2021-12-08 15:04 - 2021-12-08 15:04 - 000000000 ____D C:\Users\JPG\AppData\Local\FonePaw
2021-12-08 15:03 - 2021-12-08 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FonePaw
2021-12-08 15:03 - 2021-12-08 15:03 - 000000000 ____D C:\ProgramData\FonePaw
2021-12-08 15:03 - 2021-12-08 15:03 - 000000000 ____D C:\Program Files (x86)\FonePaw
2021-12-08 14:59 - 2021-12-08 14:59 - 000000000 ____D C:\Users\JPG\AppData\Roaming\TSMonitor
2021-12-08 14:59 - 2021-12-08 14:59 - 000000000 ____D C:\Tenorshare
2021-12-08 14:59 - 2021-12-08 14:59 - 000000000 ____D C:\Program Files\DIFX
2021-12-08 14:58 - 2021-12-06 14:33 - 001730952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2021-12-08 14:58 - 2021-12-06 14:33 - 001012112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2021-12-08 14:57 - 2021-12-08 14:57 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2021-12-08 14:32 - 2021-12-08 18:14 - 000000000 ____D C:\Users\JPG\.android
2021-12-08 14:32 - 2021-12-08 14:32 - 000000016 _____ C:\ProgramData\mntemp
2021-12-08 14:31 - 2021-12-08 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-12-08 14:30 - 2021-12-08 22:58 - 000000000 ____D C:\Users\JPG\AppData\Roaming\Wondershare
2021-12-08 14:30 - 2021-12-08 22:58 - 000000000 ____D C:\ProgramData\Wondershare
2021-12-08 14:29 - 2021-12-08 18:13 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-12-08 14:10 - 2021-12-08 14:10 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2005153464-3247899628-2303397517-1001
2021-12-08 14:10 - 2021-12-08 14:10 - 000002464 _____ C:\Users\JPG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-06 14:16 - 2021-12-06 14:39 - 000000000 ____D C:\Users\JPG\Documents\passwordfox-x64
2021-12-05 22:36 - 2021-12-10 07:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-05 09:48 - 2021-12-05 09:48 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2021-11-17 09:12 - 2021-12-09 08:38 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-10 18:12 - 2017-08-22 16:16 - 000000000 ____D C:\Users\JPG\AppData\LocalLow\Mozilla
2021-12-10 18:09 - 2017-08-26 11:07 - 000000000 ____D C:\Users\JPG\AppData\Roaming\KeePass
2021-12-10 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-10 18:07 - 2018-09-30 21:14 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-10 17:46 - 2020-10-29 12:44 - 000000000 ____D C:\Users\JPG\AppData\Local\Deployment
2021-12-10 16:42 - 2020-10-26 20:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-10 10:52 - 2017-01-09 13:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-10 09:53 - 2017-09-25 18:06 - 000000000 ____D C:\Program Files\CCleaner
2021-12-10 07:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-10 07:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-10 07:36 - 2020-10-26 21:00 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-10 07:36 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-10 07:36 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-10 07:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-10 07:36 - 2017-08-22 13:32 - 000000000 ____D C:\Users\JPG\AppData\Local\CrashDumps
2021-12-10 07:33 - 2019-02-04 22:33 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-10 07:32 - 2020-10-26 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-10 07:32 - 2017-01-09 15:01 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-10 07:32 - 2017-01-09 15:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-10 07:29 - 2017-08-22 13:30 - 000000000 __SHD C:\Users\JPG\IntelGraphicsProfiles
2021-12-10 07:28 - 2020-10-26 21:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-09 22:45 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-12-09 09:11 - 2020-11-25 18:07 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-09 09:11 - 2020-11-25 18:07 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-08 17:45 - 2017-08-22 13:32 - 000000000 ___RD C:\Users\JPG\OneDrive
2021-12-08 16:48 - 2020-10-26 20:50 - 000629840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-08 14:32 - 2020-10-26 20:52 - 000000000 ____D C:\Users\JPG
2021-12-06 22:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-12-06 22:40 - 2017-11-30 19:31 - 000000000 ____D C:\Users\JPG\AppData\Local\ElevatedDiagnostics
2021-12-06 14:30 - 2021-02-25 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-12-06 10:45 - 2021-01-09 08:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-04 09:50 - 2020-11-25 18:08 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-24 20:17 - 2021-07-05 10:11 - 000000000 ____D C:\Users\JPG\AppData\Roaming\Peugeot Update
2021-11-20 08:55 - 2018-07-02 18:49 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 09:07 - 2017-11-30 20:21 - 000000000 ____D C:\Users\JPG\AppData\Local\Packages
2021-11-11 22:16 - 2018-06-20 10:31 - 000000000 ____D C:\Users\JPG\AppData\Local\D3DSCache
2021-11-10 23:28 - 2021-01-30 10:58 - 000000000 ____D C:\Users\JPG\AppData\Local\NordVPN
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-10 08:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-10 08:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-10 08:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 08:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
==================== Fichiers à la racine de certains dossiers ========
2021-01-09 16:37 - 2021-01-09 16:38 - 000000716 ____H () C:\Users\JPG\AppData\Roaming\{D46AE71A-BB85-7E6C-830E-306C7380A1D1}
2018-11-15 19:42 - 2018-11-15 19:42 - 000014185 _____ () C:\Users\JPG\AppData\Local\recently-used.xbel
2021-09-08 11:16 - 2021-09-08 11:18 - 000007605 _____ () C:\Users\JPG\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par JPG (administrateur) sur LAPTOP-F89CC33C (Acer Aspire E5-575) (10-12-2021 18:12:41)
Exécuté depuis C:\Users\JPG\Desktop
Profils chargés: JPG
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1348 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Acronis\Ransomware Protection\Service\arp-application-service.exe
(Acronis International GmbH -> Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
(CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_c52b34f1b30918c5\RstMwService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\MKCHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.12013.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\NordVPN.exe
(nordvpn s.a. -> TEFINCOM S.A.) C:\Program Files\NordVPN\nordvpn-service.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Rene.E Laboratory Co., Ltd. -> Rene.E Laboratory) C:\Program Files (x86)\Rene.E Laboratory\Becca\x64\bcservice.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-08-18] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2020-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2020-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [Acronis Ransomware Protection] => C:\Program Files (x86)\Acronis\Ransomware Protection\ARPTray.exe [670736 2018-12-14] (Acronis International GmbH -> Acronis International GmbH)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3311696 2019-05-01] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [FreeYouTubeDownloader] => C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe [1004544 2018-06-14] (Vitzo Ltd.) [Fichier non signé]
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [110018944 2021-06-07] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2005153464-3247899628-2303397517-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKLM\...\Print\Monitors\EPSON XP-322 323 325 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBNEE.DLL [179712 2013-12-06] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [117248 2018-04-17] (pdfforge GmbH) [Fichier non signé]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01CA47D9-57F3-466D-8A35-D7909F257153} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {206A6E77-03F8-4A3D-8CFE-DF2AA1C07138} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-30] (Google Inc -> Google Inc.)
Task: {3E43E1EE-4CF8-4E2C-B290-FA92247A14E1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {406B3A4F-EF07-48FF-98F4-901D117C361E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C4D21DE-0B5D-4EC3-A01D-AFCCD481842D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {576BC47C-EC6F-4F2F-B8FD-C76EF55F3983} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
Task: {6058F644-1BA3-4785-BC50-B280D1FD10C2} - System32\Tasks\Microsoft_MKC_Logon_Task_ceip.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ceip.exe [32696 2019-11-15] (Microsoft Corporation -> Microsoft)
Task: {6678C269-0834-4FD4-9C29-6646AE073742} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {698DCEAA-6B91-4C4A-9240-6B3E710358F7} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C31BBDA-6297-428C-A063-EAF7BF5DD900} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22799320 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C57AE04-E3B8-46C6-87F2-3858210F5D4F} - System32\Tasks\CCleanerSkipUAC - JPG => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {76BDEA8A-1E70-404F-A201-945A5FF1F157} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2646152 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {8349AD3F-5246-4972-9E39-FAA38213020A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88AF4459-8A96-4B3D-BC76-89F28584B886} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2177464 2019-11-15] (Microsoft Corporation -> Microsoft)
Task: {8A46CDD6-065A-4AB9-AD31-6C9887AB8DCD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [111032 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {95C7CF78-5843-4248-845F-3D5F7FFBF7AE} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {9B2EFA91-055C-4295-A407-924544C37819} - System32\Tasks\EPSON XP-322 323 325 Series Update {104D0024-0296-4BE9-8DFC-44B1FB77D678} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {9BFCA748-BA14-437B-8217-4C6B91FDDB0D} - System32\Tasks\EPSON XP-322 323 325 Series Update {0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {9E4CDDB8-9BC2-41E7-993E-ABDD154F2C3A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1170832 2021-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {A1213314-E05E-455F-AA7E-8CDE8B51BF04} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task
Task: {A6343A6C-8519-4C42-A9F8-F297C7B71A62} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-09-30] (Google Inc -> Google Inc.)
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\CCleaner Update" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\CCleanerSkipUAC" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\EPSON XP-322 323 325 Series Update {0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F}" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\EPSON XP-322 323 325 Series Update {104D0024-0296-4BE9-8DFC-44B1FB77D678}" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\FubToolByPLD" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineCore" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\MicrosoftEdgeUpdateTaskMachineUA" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_ipoint_exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_itype_exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(12): schtasks.exe -> /Change /TN "\Microsoft_Hardware_Launch_mousekeyboardcenter_exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(13): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ceip.exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(14): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_ipoint.exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(15): schtasks.exe -> /Change /TN "\Microsoft_MKC_Logon_Task_itype.exe" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(16): schtasks.exe -> /Change /TN "\OneDrive Standalone Update Task-S-1-5-21-2005153464-3247899628-2303397517-1001" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(17): schtasks.exe -> /Change /TN "\Software Update Application" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(18): schtasks.exe -> /Change /TN "\TrackerAutoUpdate" /ENABLE
Task: {B01FBFE1-5F4B-4FCD-8F7B-3ECD410D7112} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(19): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {B7922693-A8F9-4197-95B1-1D2B7C052BF3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C298CE50-355E-4B1E-AF9B-D7311C941F0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E2F7A48B-5B9C-4D8E-BF23-5235F5D1E57A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {E9AC9E07-7A60-422C-B60B-D01F405ADDAA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2043016 2019-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4258A42-BBBD-46C2-AF6C-15DA8D969018} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4475136 2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE:/EXE:{0B26A87A-7152-48DA-B60B-C4F8E3ADCF0F} /F:UpdateWORKGROUP\LAPTOP-F89CC33C$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-322 323 325 Series Update {104D0024-0296-4BE9-8DFC-44B1FB77D678}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE:/EXE:{104D0024-0296-4BE9-8DFC-44B1FB77D678} /F:UpdateWORKGROUP\LAPTOP-F89CC33C$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{153bb5fa-b8bf-481d-85c6-b6ccd619d82c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{184eb532-a3ac-4132-8710-e9177dc522c0}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4db6cd75-9396-40e3-9ffa-8ca2ff7d413d}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d2787763-18a2-411f-ade3-98946922ae91}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{dddedc6c-5be9-4fdb-bff3-26936a73b911}: [DhcpNameServer] 192.168.1.254
Edge:
=======
DownloadDir: C:\Users\JPG\Downloads
Edge Notifications: HKU\S-1-5-21-2005153464-3247899628-2303397517-1001 -> hxxps://web.skype.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\JPG\AppData\Local\Microsoft\Edge\User Data\Default [2021-12-06]
FireFox:
========
FF DefaultProfile: rh7cy8qe.default-1604653337398
FF ProfilePath: C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\j9iy1lwg.default-release [2021-12-06]
FF user.js: detected! => C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\j9iy1lwg.default-release\user.js [2020-02-14]
FF ProfilePath: C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398 [2021-12-10]
FF DownloadDir: C:\Users\JPG\Documents\PDF Architect\Downloads
FF Homepage: Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398 -> hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=12&ct=1466281096&rver=6.4.6456.0&wp=MBI_SSL_SHARED&wreply=hxxps:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1036&id=64855&mkt=fr-FR&cbcxt=mai
FF Session Restore: Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398 -> est activé.
FF Extension: (Facebook Container) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\@contain-facebook.xpi [2021-08-03]
FF Extension: (Dismoi) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\@lmem.xpi [2021-11-05]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\firefox@ghostery.com.xpi [2021-06-30]
FF Extension: (Privacy Badger) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2021-11-30]
FF Extension: (Lilo) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\jid1-zmgYgiQPXJtjNA@jetpack.xpi [2020-11-06]
FF Extension: (Lettres Gratuites) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\lettres-gratuites-2021@lettres-gratuites.com.xpi [2021-09-23]
FF Extension: (Pas de nom) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\qwantcomforfirefox@jetpack.xpi [2020-11-06]
FF Extension: (Pas de nom) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\support@shoptimate.com.xpi [2020-11-06]
FF Extension: (uBlock Origin) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\uBlock0@raymondhill.net.xpi [2021-12-04]
FF Extension: (Lilo Moteur et Solidaire (v2-s)) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{3004c9c0-ac9c-4ae2-9ac8-c59948bdd021}.xpi [2021-10-06]
FF Extension: (Bitwarden) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2021-12-10]
FF Extension: (Japanese Tattoo) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{4d7820bd-9fec-45f5-82db-92fd03cf7fc2}.xpi [2020-11-06]
FF Extension: (Colombian Firefox) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{64dcccca-a9cb-4459-97ba-c5723b1d0824}.xpi [2020-11-06]
FF Extension: (Adobe Flash) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{abf6a41a-5038-4dd9-abef-b66ae700fe88}.xpi [2020-11-06]
FF Extension: (Easy Youtube Video Downloader Express) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2021-11-23]
FF Extension: (Video DownloadHelper) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-02]
FF Extension: () - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{c8934291-7998-4094-84fa-a352e8bd3aad}.xpi [2020-11-06]
FF Extension: (FranceVerif) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{cac6293f-5570-4186-a217-c8985fd59228}.xpi [2021-12-08]
FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2020-11-06]
FF Extension: (Flash Video Player for Facebook™) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{d0bfdcce-52c7-4b32-bb45-948f62db8d3f}.xpi [2020-11-06]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-24]
FF Extension: (Ranfox) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{dfe49622-a99f-4571-9129-b06f6bbc9ba9}.xpi [2020-11-06]
FF Extension: (Katana 006) - C:\Users\JPG\AppData\Roaming\Mozilla\Firefox\Profiles\rh7cy8qe.default-1604653337398\Extensions\{ff035bbc-2dc7-4c97-8630-0b6e96c70930}.xpi [2020-11-06]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-10-27] [] [non signé]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-2005153464-3247899628-2303397517-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR Profile: C:\Users\JPG\AppData\Local\Google\Chrome\User Data\Default [2021-02-24]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR HKLM\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc]
Vivaldi:
=======
VIV Profile: C:\Users\JPG\AppData\Local\Vivaldi\User Data\Default [2021-12-06]
VIV DefaultSearchURL: Default -> hxxps://search.totalav.com/search/web?fcoid=417&fcop=topnav&fpid=27&q={searchTerms}
VIV DefaultSearchKeyword: Default -> safesearch
VIV Extension: (Chrome Media Router) - C:\Users\JPG\AppData\Local\Vivaldi\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-31]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [4380176 2018-12-04] (Acronis International GmbH -> Acronis International GmbH)
R2 ARPApplicationService; C:\Program Files (x86)\Acronis\Ransomware Protection\Service\arp-cloudusage.exe [25104 2018-12-14] (Acronis International GmbH -> )
R2 Becca Service; C:\Program Files (x86)\Rene.E Laboratory\Becca\x64\bcservice.exe [79344 2017-06-20] (Rene.E Laboratory Co., Ltd. -> Rene.E Laboratory)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12129160 2021-12-02] (Microsoft Corporation -> Microsoft Corporation)
S3 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [83992 2017-08-23] (Dashlane -> Dashlane, Inc.)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [25224 2021-08-30] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-02-05] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-02-05] (Intel Corporation) [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2020-12-27] (Malwarebytes Inc -> Malwarebytes)
S3 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [280440 2021-06-06] (nordvpn s.a. -> TEFINCOM S.A.)
S3 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [413832 2017-11-01] (Geek Software GmbH -> Geek Software GmbH)
R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-08] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-10-14] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 DFWSIDService; C:\Program Files (x86)\Wondershare\drfone\WsidService.exe [X]
S2 ElevationService; C:\Program Files (x86)\Wondershare\drfone\Addins\Recovery\ElevationService.exe [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159600 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 file_protector; C:\WINDOWS\System32\DRIVERS\file_protector.sys [667144 2018-12-21] (Acronis International GmbH -> Acronis International GmbH)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-12-03] (Martin Malik - REALiX -> REALiX(tm))
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [129232 2020-12-24] (Comodo Security Solutions, Inc. -> COMODO)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2021-01-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-25] (Malwarebytes Inc -> Malwarebytes)
S3 MpKsl36839272; C:\WINDOWS\system32\MpEngineStore\MpKslDrv.sys [130296 2021-12-05] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl410ec00b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6EFE1A34-485C-4FF3-A7C2-97F4388048E6}\MpKslDrv.sys [134376 2021-12-10] (Microsoft Windows -> Microsoft Corporation)
R2 NDivert; C:\WINDOWS\System32\drivers\NDivert.sys [105184 2021-02-01] (TEFINCOM S.A. -> )
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-01-30] (TEFINCOM S.A. -> WireGuard LLC)
R1 nordlwf; C:\WINDOWS\system32\DRIVERS\nordlwf.sys [38608 2020-12-14] (TEFINCOM S.A. -> TEFINCOM S.A.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-03] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2021-10-06] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S1 cmdGuard; system32\DRIVERS\cmdguard.sys [X]
S1 cmdhlp; \SystemRoot\system32\DRIVERS\cmdhlp.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-10 18:12 - 2021-12-10 18:14 - 000036408 _____ C:\Users\JPG\Desktop\FRST.txt
2021-12-10 18:12 - 2021-12-10 18:13 - 000000000 ____D C:\FRST
2021-12-10 18:11 - 2021-12-10 18:10 - 002311168 _____ (Farbar) C:\Users\JPG\Desktop\FRST64.exe
2021-12-09 22:34 - 2021-12-10 07:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-12-08 18:00 - 2021-12-09 16:45 - 000000000 ____D C:\Users\JPG\AppData\Local\Aiseesoft Studio
2021-12-08 15:46 - 2021-12-08 23:10 - 000000000 ____D C:\Program Files (x86)\EaseUS
2021-12-08 15:46 - 2021-12-08 15:46 - 000000000 ____D C:\ProgramData\SystemAcCrux
2021-12-08 15:46 - 2021-12-08 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2021-12-08 15:45 - 2021-12-08 15:45 - 000000000 ____D C:\Users\JPG\AppData\Roaming\EaseUS
2021-12-08 15:45 - 2021-12-08 15:45 - 000000000 ____D C:\Program Files\EaseUS
2021-12-08 15:04 - 2021-12-08 15:04 - 000000000 ____D C:\Users\JPG\AppData\Local\FonePaw
2021-12-08 15:03 - 2021-12-08 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FonePaw
2021-12-08 15:03 - 2021-12-08 15:03 - 000000000 ____D C:\ProgramData\FonePaw
2021-12-08 15:03 - 2021-12-08 15:03 - 000000000 ____D C:\Program Files (x86)\FonePaw
2021-12-08 14:59 - 2021-12-08 14:59 - 000000000 ____D C:\Users\JPG\AppData\Roaming\TSMonitor
2021-12-08 14:59 - 2021-12-08 14:59 - 000000000 ____D C:\Tenorshare
2021-12-08 14:59 - 2021-12-08 14:59 - 000000000 ____D C:\Program Files\DIFX
2021-12-08 14:58 - 2021-12-06 14:33 - 001730952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2021-12-08 14:58 - 2021-12-06 14:33 - 001012112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2021-12-08 14:57 - 2021-12-08 14:57 - 000000000 ____D C:\Program Files (x86)\Tenorshare
2021-12-08 14:32 - 2021-12-08 18:14 - 000000000 ____D C:\Users\JPG\.android
2021-12-08 14:32 - 2021-12-08 14:32 - 000000016 _____ C:\ProgramData\mntemp
2021-12-08 14:31 - 2021-12-08 22:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2021-12-08 14:30 - 2021-12-08 22:58 - 000000000 ____D C:\Users\JPG\AppData\Roaming\Wondershare
2021-12-08 14:30 - 2021-12-08 22:58 - 000000000 ____D C:\ProgramData\Wondershare
2021-12-08 14:29 - 2021-12-08 18:13 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2021-12-08 14:10 - 2021-12-08 14:10 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2005153464-3247899628-2303397517-1001
2021-12-08 14:10 - 2021-12-08 14:10 - 000002464 _____ C:\Users\JPG\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-12-06 14:16 - 2021-12-06 14:39 - 000000000 ____D C:\Users\JPG\Documents\passwordfox-x64
2021-12-05 22:36 - 2021-12-10 07:28 - 000008192 ___SH C:\DumpStack.log.tmp
2021-12-05 09:48 - 2021-12-05 09:48 - 000000000 ____D C:\WINDOWS\system32\MpEngineStore
2021-11-17 09:12 - 2021-12-09 08:38 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-12-10 18:12 - 2017-08-22 16:16 - 000000000 ____D C:\Users\JPG\AppData\LocalLow\Mozilla
2021-12-10 18:09 - 2017-08-26 11:07 - 000000000 ____D C:\Users\JPG\AppData\Roaming\KeePass
2021-12-10 18:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-12-10 18:07 - 2018-09-30 21:14 - 000000000 ____D C:\Program Files (x86)\Google
2021-12-10 17:46 - 2020-10-29 12:44 - 000000000 ____D C:\Users\JPG\AppData\Local\Deployment
2021-12-10 16:42 - 2020-10-26 20:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-12-10 10:52 - 2017-01-09 13:24 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-12-10 09:53 - 2017-09-25 18:06 - 000000000 ____D C:\Program Files\CCleaner
2021-12-10 07:52 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-12-10 07:52 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-12-10 07:36 - 2020-10-26 21:00 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-12-10 07:36 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2021-12-10 07:36 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2021-12-10 07:36 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-12-10 07:36 - 2017-08-22 13:32 - 000000000 ____D C:\Users\JPG\AppData\Local\CrashDumps
2021-12-10 07:33 - 2019-02-04 22:33 - 000000000 ____D C:\ProgramData\Mozilla
2021-12-10 07:32 - 2020-10-26 21:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-12-10 07:32 - 2017-01-09 15:01 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-12-10 07:32 - 2017-01-09 15:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-12-10 07:29 - 2017-08-22 13:30 - 000000000 __SHD C:\Users\JPG\IntelGraphicsProfiles
2021-12-10 07:28 - 2020-10-26 21:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-12-09 22:45 - 2019-12-07 10:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-12-09 09:11 - 2020-11-25 18:07 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-12-09 09:11 - 2020-11-25 18:07 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-12-08 17:45 - 2017-08-22 13:32 - 000000000 ___RD C:\Users\JPG\OneDrive
2021-12-08 16:48 - 2020-10-26 20:50 - 000629840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-12-08 14:32 - 2020-10-26 20:52 - 000000000 ____D C:\Users\JPG
2021-12-06 22:42 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-12-06 22:40 - 2017-11-30 19:31 - 000000000 ____D C:\Users\JPG\AppData\Local\ElevatedDiagnostics
2021-12-06 14:30 - 2021-02-25 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2021-12-06 10:45 - 2021-01-09 08:40 - 000000000 ____D C:\WINDOWS\Minidump
2021-12-04 09:50 - 2020-11-25 18:08 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-11-24 20:17 - 2021-07-05 10:11 - 000000000 ____D C:\Users\JPG\AppData\Roaming\Peugeot Update
2021-11-20 08:55 - 2018-07-02 18:49 - 000000000 ____D C:\ProgramData\Packages
2021-11-19 09:07 - 2017-11-30 20:21 - 000000000 ____D C:\Users\JPG\AppData\Local\Packages
2021-11-11 22:16 - 2018-06-20 10:31 - 000000000 ____D C:\Users\JPG\AppData\Local\D3DSCache
2021-11-10 23:28 - 2021-01-30 10:58 - 000000000 ____D C:\Users\JPG\AppData\Local\NordVPN
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-11-10 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-11-10 08:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-11-10 08:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-11-10 08:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-11-10 08:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
==================== Fichiers à la racine de certains dossiers ========
2021-01-09 16:37 - 2021-01-09 16:38 - 000000716 ____H () C:\Users\JPG\AppData\Roaming\{D46AE71A-BB85-7E6C-830E-306C7380A1D1}
2018-11-15 19:42 - 2018-11-15 19:42 - 000014185 _____ () C:\Users\JPG\AppData\Local\recently-used.xbel
2021-09-08 11:16 - 2021-09-08 11:18 - 000007605 _____ () C:\Users\JPG\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================