Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024
Exécuté par Jean Jacques (administrateur) sur ACER-ASPIRE3 (Acer Aspire A315-54K) (23-09-2024 11:12:40)
Exécuté depuis C:\Users\Jean Jacques\Desktop\FRST64.exe
Profils chargés: Jean Jacques
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4780 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24081.102.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24081.102.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jean Jacques\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24061.40.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(explorer.exe ->) (the sz development) [Fichier non signé] C:\Users\Jean Jacques\AppData\Local\Howard\Howard.exe
(PrintCtrl.exe ->) (ActMask Group Co.,Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2>
(services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2aff6fd6fd828e2\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (Xp-Zed.com) [Fichier non signé] C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2434.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [609296 2022-06-29] (ActMask Group Co.,Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 0
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [Microsoft Edge Update] => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateCore.exe [268344 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [Emjysoft Sauvegarde Facile] => C:\Program Files\Emjysoft\Sauvegarde-Facile\usb-tools.exe [1304280 2019-09-12] (Emjysoft -> Emjysoft)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [HotBin] => "D:\Divers\HotBIN\HotBin-2.9.0.0-x64.exe" (Pas de fichier)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [MicrosoftEdgeAutoLaunch_7DC9D029A103C53B17DFE8649BF7A3AD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [BingWallpaperApp] => C:\Users\Jean Jacques\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [14092840 2024-08-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Policies\Explorer: [DisableThumbnailCache] 0
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [54304 2021-10-03] (ActMask Group Co.,Ltd -> ActMask Co.,Ltd)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [399392 2023-10-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange5: C:\Windows\system32\pxc50pm.dll [57056 2016-01-18] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [408304 2024-07-11] (Wondershare Technology Group Co.,Ltd -> Wondershare Software)
HKLM\Software\...\AppCompatFlags\Custom\creamodele.exe: [{0ac8999f-3635-4d40-a73e-6776b132ea1c}.sdb] -> Database CDIP
HKLM\Software\...\AppCompatFlags\InstalledSDB\{0ac8999f-3635-4d40-a73e-6776b132ea1c}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{0ac8999f-3635-4d40-a73e-6776b132ea1c}.sdb [2013-12-27]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-13] (Google LLC -> Google LLC)
Startup: C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Howard.lnk [2024-07-03]
ShortcutTarget: Howard.lnk -> C:\Users\Jean Jacques\AppData\Local\Howard\Howard.exe (the sz development) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEScreenshot.lnk [2024-08-17]
ShortcutTarget: Wondershare PEScreenshot.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEToolbox.lnk [2024-08-17]
ShortcutTarget: Wondershare PEToolbox.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2B49525E-2D4A-415A-8526-589D51869D6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {AE3FE8FE-0ED5-4CFC-8FCF-9315C2F3AEF0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe -check pepperplugin (Pas de fichier)
Task: {FC31C31B-7F46-4353-8F2D-08D4C9CBA35D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Pas de fichier)
Task: {E47CFED4-7FBA-4C9A-BDAB-A6A37796D42B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5774088 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {C30AEA66-B3D0-408A-AF29-3661C10766DA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{7C3BF2E1-86CD-4FDB-8783-13DD244C2CF9} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {4D35F646-8CD1-4B5D-867F-4FF768E5D819} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core{4BB74F5C-32D6-458F-9465-F19BA1A89744} => C:\Users\Jean Jacques\AppData\Local\Google\Update\GoogleUpdate.exe /c (Pas de fichier)
Task: {7BA1215F-BD69-498F-BBD0-0CC477E3A157} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA{14704039-A7B9-47D4-AC0B-4C744064FCE9} => C:\Users\Jean Jacques\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {88276D57-918C-49CC-8C60-B81FBB13B8AA} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Jean_20Jacques => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (Pas de fichier)
Task: {DA0D8B90-5F72-4832-ADA6-7A45BFEFAFA1} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6439584 2021-11-15] (HP Inc. -> HP Inc.)
Task: {E670198A-FEC8-48B5-9365-080F06684EEA} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-781171050-1149277943-1776734086-1001 => C:\Users\Jean Jacques\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (Pas de fichier)
Task: {02CD993D-0BE8-481B-8316-75FD9C5E1584} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0030C90E-47EF-4EAA-98F1-2B479B58E64F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA375825-4C11-455D-A3B4-FFE5228025E0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {259976A5-4DD7-4AA8-93D3-EA6CA06ABA61} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1E2DE04-A530-40AB-A1FC-E887D47CE8DF} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {0364BEF9-ACFF-48D4-899E-505CFC9FDEEB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE8880D5-4BD0-4787-9935-27870F319800} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {684570D0-ADA0-411E-A8C9-8F17C4476552} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C79D28EF-4B75-455C-8F76-5E5432A6E40E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27722EC3-2113-4DAF-933D-CC47C0B76437} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5A7998F-7690-4CE9-AD16-DF0E295D6865} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F7373FE-96C2-457A-BA9C-D29C948897A3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {17C3D5C6-572D-4C4F-81FD-27F6440BF64B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-781171050-1149277943-1776734086-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {03D0F53D-53FE-4F2D-9266-8610FF30D60B} - System32\Tasks\Opera scheduled Autoupdate 1659543425 => C:\Users\Jean Jacques\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.56.92
Tcpip\..\Interfaces\{0bc4c280-8b53-453b-bd08-6c3f6d3a8153}: [DhcpNameServer] 192.168.252.220
Tcpip\..\Interfaces\{0bc4c280-8b53-453b-bd08-6c3f6d3a8153}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}: [DhcpNameServer] 192.168.220.2
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\05569727F6574756474373: [DhcpNameServer] 192.168.62.119
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\3414E44514C414F4554454: [DhcpNameServer] 172.20.0.1
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\35F64796164756: [DhcpNameServer] 192.168.58.211
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D223332363: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D223332363: [DhcpDomain] home
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D264233414: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D264233414: [DhcpDomain] home
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\2496D626F602D45646961675966496: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\2496D626F602D45646961675966496: [DhcpDomain] iwibox.info
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\759664960274271647579647022496D626F6: [DhcpNameServer] 5.135.52.178 54.37.54.178
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\759664960274271647579647022496D626F6: [DhcpDomain] iwibox.info
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D43644F6E616C646723702642716E63656: [DhcpNameServer] 178.32.119.52 178.32.122.78
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D43644F6E616C646723702642716E63656: [DhcpDomain] hotspotwifimcdo.fr
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D4943425F44554B4F54374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}: [DhcpNameServer] 192.168.56.92
Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}\255646D69602E4F64756021323020527F6B2025374: [DhcpNameServer] 192.168.165.91
Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}: [DhcpNameServer] 192.168.175.179
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\C496675626F687D223332363: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\C496675626F687D223332363: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-23]
Edge HomePage: Default -> hxxps://www.google.fr/
Edge DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
Edge DefaultSearchKeyword: Default -> nortonsafe
Edge DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=fr&q={searchTerms}
Edge Extension: (Norton Safe Web) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2024-07-12]
Edge Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-12-27]
Edge Extension: (QueChoisir - Oqif) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\efbibldnjenfgnpiabghamemilpbkegn [2023-12-27]
Edge Extension: (Convertio) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2023-12-31]
Edge Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2024-09-19]
Edge Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-15]
Edge Extension: (Google Mail Checker) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\glbpkcehjkihaknkjifkehdpjfngbdga [2023-12-27]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-09-11]
Edge Extension: (Pas de nom) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-09-19]
Edge Extension: (HP Network Check Launcher) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2023-12-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Norton Password Manager) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg [2024-08-12]
Edge Extension: (Norton Home Page) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2024-08-23]
Edge Extension: (Vérificateur de messages Google) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-01]
Edge Extension: (Norton Safe) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2024-07-25]
Edge Extension: (Signal Spam) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2024-09-19]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default [2024-09-23]
CHR Notifications: Default -> hxxps://captchaverifier.top; hxxps://ccm.net; hxxps://central.bitdefender.com; hxxps://forum.zebulon.fr; hxxps://fr.quicklyexplore.com; hxxps://geneatique.cdn.pagesense.io; hxxps://mail.google.com; hxxps://my.norton.com; hxxps://quelle-demarche.com; hxxps://smsmms.orange.fr; hxxps://wp.aliexpress.com; hxxps://www.123pneus.fr; hxxps://www.atlasformen.fr; hxxps://www.blancheporte.fr; hxxps://www.boulanger.com; hxxps://www.castorama.fr; hxxps://www.commentcamarche.net; hxxps://www.daxon.fr; hxxps://www.facebook.com; hxxps://www.francoisesaget.com; hxxps://www.instagram.com; hxxps://www.joueclub.fr; hxxps://www.michelin.fr; hxxps://www.samsung.com; hxxps://www.sephora.fr; hxxps://www.tf1.fr; hxxps://www.votreconfirmation-123.com; hxxps://www.zebulon.fr
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-09-12]
CHR Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-06-20]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-03]
CHR Extension: (QueChoisir - Oqif) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbibldnjenfgnpiabghamemilpbkegn [2022-06-08]
CHR Extension: (Convertio) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2022-06-29]
CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-30]
CHR Extension: (Pas de nom) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2024-04-25]
CHR Extension: (HP Network Check Launcher) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-09-11]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-07-31]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-22]
CHR Extension: (Signal Spam) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2024-09-19]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-01]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-23]
CHR HomePage: Profile 1 -> orange.fr
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-08-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-17]
CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hkecabaloghleaicfhefejdijblljpco [2024-08-08]
CHR Extension: (Connecteur Antidote) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2024-08-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-07]
CHR Extension: (Orange page d'accueil) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2023-05-08]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-01-03]
CHR HomePage: Profile 2 -> orange.fr
CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?EID=MBSC&form=BGGCMF&pc=__PARAM__BG02&q={searchTerms}
CHR DefaultSuggestURL: Profile 2 -> hxxps://www.bing.com/osjson.aspx?form=BGGCSS&pc=__PARAM__BG02&query={searchTerms}
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-22]
CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hkecabaloghleaicfhefejdijblljpco [2023-12-22]
CHR Extension: (Connecteur Antidote) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2023-12-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-22]
CHR Extension: (Orange page d'accueil) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2023-12-22]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-10]
CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]
CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S3 becldr5Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 5\Common\becldr.exe [259448 2019-03-13] (BCL Technologies -> BCL Technologies, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995704 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\FileSyncHelper.exe [3523112 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [Fichier non signé]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-25] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-06] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-26] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\OneDriveUpdaterService.exe [3863984 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 TeraCopyService.exe; "C:\Program Files\TeraCopy\TeraCopyService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 clwvd10; C:\Windows\System32\drivers\clwvd10.sys [61104 2022-06-13] (CyberLink Corp. -> CyberLink Corporation)
S3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-08-03] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 HWiNFO_190; C:\Users\Jean Jacques\AppData\Local\Temp\HWiNFO64A_190.SYS [57936 2024-01-27] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2024-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MpKsl75ce6a4b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85CED705-3AF4-4AAC-A2C7-8FA09E177A34}\MpKslDrv.sys [271640 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl7804509e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85CED705-3AF4-4AAC-A2C7-8FA09E177A34}\MpKslDrv.sys [271640 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [25704 2022-10-03] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602504 2024-08-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-11] (Microsoft Windows -> Microsoft Corporation)
S2 WCMVCAM; \SystemRoot\System32\drivers\wcmvcam64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 11:12 - 2024-09-23 11:13 - 000033988 _____ C:\Users\Jean Jacques\Desktop\FRST.txt
2024-09-23 11:11 - 2024-09-23 11:13 - 000000000 ____D C:\FRST
2024-09-23 11:10 - 2024-09-23 11:10 - 002397696 _____ (Farbar) C:\Users\Jean Jacques\Desktop\FRST64.exe
2024-09-20 17:35 - 2024-09-20 17:35 - 000279800 _____ C:\Users\Jean Jacques\Downloads\0749---affiche-travaux-fermeture-BADGES.pdf
2024-09-20 16:58 - 2024-09-20 16:58 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-09-20 16:58 - 2024-09-20 16:58 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-09-20 12:21 - 2024-09-20 14:46 - 000000442 _____ C:\Users\Jean Jacques\Desktop\Photos CEWE.url
2024-09-20 12:15 - 2024-09-20 14:48 - 000000444 _____ C:\Users\Jean Jacques\Desktop\Décès.url
2024-09-20 11:13 - 2024-09-20 11:14 - 000001800 _____ C:\Users\Jean Jacques\Downloads\signature.cer
2024-09-14 22:51 - 2024-09-14 22:51 - 000000000 ___HD C:\$WinREAgent
2024-09-14 17:08 - 2024-09-14 17:26 - 000000000 ____D C:\Users\Jean Jacques\Downloads\Discussion WhatsApp avec +33 6 86 32 64 51
2024-09-12 17:50 - 2024-09-12 17:50 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\CEWE
2024-09-12 17:49 - 2024-09-12 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création PHOTO E.Leclerc
2024-09-12 17:46 - 2024-09-12 17:46 - 000000000 ____D C:\Program Files\PHOTO E Leclerc
2024-09-12 17:45 - 2024-09-12 17:45 - 008429456 _____ C:\Users\Jean Jacques\Downloads\setup_Logiciel_de_creation_PHOTO_E_Leclerc.exe
2024-09-10 16:09 - 2024-09-10 16:09 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-09-10 16:09 - 2024-09-10 16:09 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-02 16:17 - 2024-09-02 16:17 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper
2024-09-02 16:12 - 2024-09-02 16:12 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\WinScan2PDF
2024-09-02 16:11 - 2024-09-02 16:12 - 000194061 _____ C:\Users\Jean Jacques\Downloads\WinScan2PDF.zip
2024-08-24 11:59 - 2024-08-24 11:59 - 000074140 _____ C:\Users\Jean Jacques\Downloads\Importation dans Généatique des Relevés de Recensements au format Nimègue V3.zip
2024-08-24 11:59 - 2024-08-24 11:59 - 000000000 ____D C:\Users\Jean Jacques\Downloads\Importation dans Généatique des Relevés de Recensements au format Nimègue V3
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 11:12 - 2023-05-22 17:33 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Malwarebytes
2024-09-23 11:08 - 2021-08-20 16:07 - 000004190 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{436DB08A-76B1-4544-AEAD-F14017E2C537}
2024-09-23 10:55 - 2021-08-19 17:30 - 001911778 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-23 10:55 - 2019-12-07 16:49 - 000843350 _____ C:\Windows\system32\perfh00C.dat
2024-09-23 10:55 - 2019-12-07 16:49 - 000168692 _____ C:\Windows\system32\perfc00C.dat
2024-09-23 10:55 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-09-23 10:51 - 2021-08-19 17:49 - 000000000 __SHD C:\Users\Jean Jacques\IntelGraphicsProfiles
2024-09-23 10:49 - 2024-06-16 14:13 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-23 10:49 - 2021-08-19 17:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-23 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-22 23:07 - 2021-08-20 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\SolSuite
2024-09-22 23:07 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-09-22 21:28 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-09-22 17:53 - 2021-08-25 14:22 - 000000000 ___RD C:\Mes Données
2024-09-22 17:53 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques
2024-09-22 17:14 - 2021-08-20 14:18 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Excel
2024-09-22 15:34 - 2021-08-20 14:09 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Word
2024-09-22 15:15 - 2024-02-16 17:34 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\MoneyManagerEx
2024-09-21 18:48 - 2021-08-20 16:01 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Généalogie
2024-09-21 18:47 - 2021-08-20 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSD Concept
2024-09-21 18:47 - 2021-08-20 16:25 - 000000000 ____D C:\Program Files (x86)\BSD Concept
2024-09-21 18:46 - 2021-08-20 10:18 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\D3DSCache
2024-09-21 18:45 - 2021-08-20 15:41 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\BSD Concept
2024-09-21 17:52 - 2021-08-19 17:24 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-09-20 17:50 - 2021-08-26 11:55 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\CrashDumps
2024-09-20 17:49 - 2022-09-11 21:11 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\com.adobe.dunamis
2024-09-20 17:49 - 2021-10-28 11:39 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Adobe
2024-09-20 17:49 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Adobe
2024-09-20 17:38 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Packages
2024-09-20 16:31 - 2024-06-17 15:45 - 000002494 _____ C:\Users\Jean Jacques\Desktop\Valenciennes N.lnk
2024-09-20 11:14 - 2021-08-19 17:30 - 000000000 ___SD C:\Users\Jean Jacques\AppData\Roaming\Microsoft\SystemCertificates
2024-09-19 21:12 - 2021-09-13 16:57 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Divers
2024-09-18 11:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-09-17 17:35 - 2021-08-20 17:19 - 000000000 ____D C:\ProgramData\Package Cache
2024-09-14 21:32 - 2023-07-01 16:57 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\SYNDIC
2024-09-13 17:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-13 10:44 - 2021-12-18 19:40 - 000000000 ____D C:\Windows\SystemTemp
2024-09-12 21:59 - 2021-08-20 16:01 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Utilitaires
2024-09-10 21:14 - 2021-09-12 14:28 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-09-10 16:09 - 2021-12-13 16:26 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-781171050-1149277943-1776734086-1001
2024-09-09 11:39 - 2022-09-15 16:54 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 11:39 - 2022-09-15 16:54 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-09 11:01 - 2022-09-01 11:40 - 000003964 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA
2024-09-09 11:01 - 2022-09-01 11:40 - 000003914 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core
2024-09-08 18:48 - 2021-08-20 16:54 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Jeux
2024-09-07 15:19 - 2021-08-21 14:56 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\ElevatedDiagnostics
2024-09-06 16:51 - 2022-10-19 11:54 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\TeamViewer
2024-09-05 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2024-09-05 11:15 - 2021-08-21 18:40 - 000000444 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2024-09-02 22:12 - 2022-04-25 23:02 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\WDSetup
2024-08-29 17:22 - 2022-04-25 23:02 - 000000000 ____D C:\Program Files\Common Files\PC SOFT
2024-08-25 15:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-08-25 15:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
==================== Fichiers à la racine de certains dossiers ========
2021-10-28 21:28 - 2021-10-28 21:29 - 001269816 _____ () C:\Users\Jean Jacques\acdseeultimate.exe
2022-06-24 17:30 - 2017-11-19 13:51 - 000004286 _____ () C:\Program Files (x86)\FalcoGo.ico
2022-06-24 17:30 - 2017-11-19 13:53 - 000000044 _____ () C:\Program Files (x86)\FalcoGo.url
2022-06-24 17:30 - 2016-01-05 13:37 - 000004286 _____ () C:\Program Files (x86)\FalconLine.ico
2022-06-24 17:30 - 2016-01-05 13:25 - 000000047 _____ () C:\Program Files (x86)\FalconLine.url
2022-06-24 17:30 - 2016-12-21 01:39 - 000004286 _____ () C:\Program Files (x86)\FalcoSpace.ico
2022-06-24 17:30 - 2016-12-21 01:36 - 000000047 _____ () C:\Program Files (x86)\FalcoSpace.url
2021-08-28 18:14 - 2021-09-19 17:46 - 000000338 _____ () C:\Users\Jean Jacques\AppData\Roaming\.openyahtzee
2023-02-21 11:51 - 2023-02-21 12:03 - 000091466 _____ () C:\Users\Jean Jacques\AppData\Local\23221-105116-CLCSIWriter.txt
2023-01-18 15:43 - 2023-01-18 15:46 - 000000128 _____ () C:\Users\Jean Jacques\AppData\Local\PUTTY.RND
2021-08-21 21:19 - 2021-08-21 21:19 - 000007597 _____ () C:\Users\Jean Jacques\AppData\Local\Resmon.ResmonCfg
2022-04-16 17:49 - 2022-04-16 17:49 - 000000448 _____ () C:\Users\Jean Jacques\AppData\Local\rtb.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Jean Jacques (administrateur) sur ACER-ASPIRE3 (Acer Aspire A315-54K) (23-09-2024 11:12:40)
Exécuté depuis C:\Users\Jean Jacques\Desktop\FRST64.exe
Profils chargés: Jean Jacques
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4780 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24081.102.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24081.102.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25>
(explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jean Jacques\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24061.40.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(explorer.exe ->) (the sz development) [Fichier non signé] C:\Users\Jean Jacques\AppData\Local\Howard\Howard.exe
(PrintCtrl.exe ->) (ActMask Group Co.,Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2>
(services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2aff6fd6fd828e2\IntelCpHDCPSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe
(services.exe ->) (Xp-Zed.com) [Fichier non signé] C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2434.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [609296 2022-06-29] (ActMask Group Co.,Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Policies\Explorer: [NoThumbnailCache] 0
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [Microsoft Edge Update] => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateCore.exe [268344 2024-09-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [Emjysoft Sauvegarde Facile] => C:\Program Files\Emjysoft\Sauvegarde-Facile\usb-tools.exe [1304280 2019-09-12] (Emjysoft -> Emjysoft)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [HotBin] => "D:\Divers\HotBIN\HotBin-2.9.0.0-x64.exe" (Pas de fichier)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [MicrosoftEdgeAutoLaunch_7DC9D029A103C53B17DFE8649BF7A3AD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-07-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [BingWallpaperApp] => C:\Users\Jean Jacques\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [14092840 2024-08-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Policies\Explorer: [NoThumbnailCache] 0
HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Policies\Explorer: [DisableThumbnailCache] 0
HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [54304 2021-10-03] (ActMask Group Co.,Ltd -> ActMask Co.,Ltd)
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [399392 2023-10-04] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange5: C:\Windows\system32\pxc50pm.dll [57056 2016-01-18] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [408304 2024-07-11] (Wondershare Technology Group Co.,Ltd -> Wondershare Software)
HKLM\Software\...\AppCompatFlags\Custom\creamodele.exe: [{0ac8999f-3635-4d40-a73e-6776b132ea1c}.sdb] -> Database CDIP
HKLM\Software\...\AppCompatFlags\InstalledSDB\{0ac8999f-3635-4d40-a73e-6776b132ea1c}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{0ac8999f-3635-4d40-a73e-6776b132ea1c}.sdb [2013-12-27]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-13] (Google LLC -> Google LLC)
Startup: C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Howard.lnk [2024-07-03]
ShortcutTarget: Howard.lnk -> C:\Users\Jean Jacques\AppData\Local\Howard\Howard.exe (the sz development) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEScreenshot.lnk [2024-08-17]
ShortcutTarget: Wondershare PEScreenshot.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Pas de fichier)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEToolbox.lnk [2024-08-17]
ShortcutTarget: Wondershare PEToolbox.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Pas de fichier)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {2B49525E-2D4A-415A-8526-589D51869D6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.)
Task: {AE3FE8FE-0ED5-4CFC-8FCF-9315C2F3AEF0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe -check pepperplugin (Pas de fichier)
Task: {FC31C31B-7F46-4353-8F2D-08D4C9CBA35D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Pas de fichier)
Task: {E47CFED4-7FBA-4C9A-BDAB-A6A37796D42B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5774088 2024-08-10] (Microsoft Windows -> Microsoft Corporation)
Task: {C30AEA66-B3D0-408A-AF29-3661C10766DA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{7C3BF2E1-86CD-4FDB-8783-13DD244C2CF9} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC)
Task: {4D35F646-8CD1-4B5D-867F-4FF768E5D819} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core{4BB74F5C-32D6-458F-9465-F19BA1A89744} => C:\Users\Jean Jacques\AppData\Local\Google\Update\GoogleUpdate.exe /c (Pas de fichier)
Task: {7BA1215F-BD69-498F-BBD0-0CC477E3A157} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA{14704039-A7B9-47D4-AC0B-4C744064FCE9} => C:\Users\Jean Jacques\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {88276D57-918C-49CC-8C60-B81FBB13B8AA} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Jean_20Jacques => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (Pas de fichier)
Task: {DA0D8B90-5F72-4832-ADA6-7A45BFEFAFA1} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6439584 2021-11-15] (HP Inc. -> HP Inc.)
Task: {E670198A-FEC8-48B5-9365-080F06684EEA} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-781171050-1149277943-1776734086-1001 => C:\Users\Jean Jacques\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (Pas de fichier)
Task: {02CD993D-0BE8-481B-8316-75FD9C5E1584} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {0030C90E-47EF-4EAA-98F1-2B479B58E64F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BA375825-4C11-455D-A3B4-FFE5228025E0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {259976A5-4DD7-4AA8-93D3-EA6CA06ABA61} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1E2DE04-A530-40AB-A1FC-E887D47CE8DF} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {0364BEF9-ACFF-48D4-899E-505CFC9FDEEB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AE8880D5-4BD0-4787-9935-27870F319800} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {684570D0-ADA0-411E-A8C9-8F17C4476552} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C79D28EF-4B75-455C-8F76-5E5432A6E40E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27722EC3-2113-4DAF-933D-CC47C0B76437} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5A7998F-7690-4CE9-AD16-DF0E295D6865} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F7373FE-96C2-457A-BA9C-D29C948897A3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {17C3D5C6-572D-4C4F-81FD-27F6440BF64B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-781171050-1149277943-1776734086-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {03D0F53D-53FE-4F2D-9266-8610FF30D60B} - System32\Tasks\Opera scheduled Autoupdate 1659543425 => C:\Users\Jean Jacques\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.56.92
Tcpip\..\Interfaces\{0bc4c280-8b53-453b-bd08-6c3f6d3a8153}: [DhcpNameServer] 192.168.252.220
Tcpip\..\Interfaces\{0bc4c280-8b53-453b-bd08-6c3f6d3a8153}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}: [DhcpNameServer] 192.168.220.2
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\05569727F6574756474373: [DhcpNameServer] 192.168.62.119
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\3414E44514C414F4554454: [DhcpNameServer] 172.20.0.1
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\35F64796164756: [DhcpNameServer] 192.168.58.211
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D223332363: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D223332363: [DhcpDomain] home
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D264233414: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D264233414: [DhcpDomain] home
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\2496D626F602D45646961675966496: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\2496D626F602D45646961675966496: [DhcpDomain] iwibox.info
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\759664960274271647579647022496D626F6: [DhcpNameServer] 5.135.52.178 54.37.54.178
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\759664960274271647579647022496D626F6: [DhcpDomain] iwibox.info
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D43644F6E616C646723702642716E63656: [DhcpNameServer] 178.32.119.52 178.32.122.78
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D43644F6E616C646723702642716E63656: [DhcpDomain] hotspotwifimcdo.fr
Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D4943425F44554B4F54374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}: [DhcpNameServer] 192.168.56.92
Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}\255646D69602E4F64756021323020527F6B2025374: [DhcpNameServer] 192.168.165.91
Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}: [DhcpNameServer] 192.168.175.179
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\C496675626F687D223332363: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\C496675626F687D223332363: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-23]
Edge HomePage: Default -> hxxps://www.google.fr/
Edge DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms}
Edge DefaultSearchKeyword: Default -> nortonsafe
Edge DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=fr&q={searchTerms}
Edge Extension: (Norton Safe Web) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2024-07-12]
Edge Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-12-27]
Edge Extension: (QueChoisir - Oqif) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\efbibldnjenfgnpiabghamemilpbkegn [2023-12-27]
Edge Extension: (Convertio) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2023-12-31]
Edge Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2024-09-19]
Edge Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-15]
Edge Extension: (Google Mail Checker) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\glbpkcehjkihaknkjifkehdpjfngbdga [2023-12-27]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-09-11]
Edge Extension: (Pas de nom) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-09-19]
Edge Extension: (HP Network Check Launcher) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2023-12-31]
Edge Extension: (Edge relevant text changes) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Norton Password Manager) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg [2024-08-12]
Edge Extension: (Norton Home Page) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2024-08-23]
Edge Extension: (Vérificateur de messages Google) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-01]
Edge Extension: (Norton Safe) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2024-07-25]
Edge Extension: (Signal Spam) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2024-09-19]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier]
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default [2024-09-23]
CHR Notifications: Default -> hxxps://captchaverifier.top; hxxps://ccm.net; hxxps://central.bitdefender.com; hxxps://forum.zebulon.fr; hxxps://fr.quicklyexplore.com; hxxps://geneatique.cdn.pagesense.io; hxxps://mail.google.com; hxxps://my.norton.com; hxxps://quelle-demarche.com; hxxps://smsmms.orange.fr; hxxps://wp.aliexpress.com; hxxps://www.123pneus.fr; hxxps://www.atlasformen.fr; hxxps://www.blancheporte.fr; hxxps://www.boulanger.com; hxxps://www.castorama.fr; hxxps://www.commentcamarche.net; hxxps://www.daxon.fr; hxxps://www.facebook.com; hxxps://www.francoisesaget.com; hxxps://www.instagram.com; hxxps://www.joueclub.fr; hxxps://www.michelin.fr; hxxps://www.samsung.com; hxxps://www.sephora.fr; hxxps://www.tf1.fr; hxxps://www.votreconfirmation-123.com; hxxps://www.zebulon.fr
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-09-12]
CHR Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-06-20]
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-03]
CHR Extension: (QueChoisir - Oqif) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbibldnjenfgnpiabghamemilpbkegn [2022-06-08]
CHR Extension: (Convertio) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2022-06-29]
CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-30]
CHR Extension: (Pas de nom) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2024-04-25]
CHR Extension: (HP Network Check Launcher) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-09-11]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-07-31]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-22]
CHR Extension: (Signal Spam) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2024-09-19]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-01]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-23]
CHR HomePage: Profile 1 -> orange.fr
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-08-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-17]
CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hkecabaloghleaicfhefejdijblljpco [2024-08-08]
CHR Extension: (Connecteur Antidote) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2024-08-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-07]
CHR Extension: (Orange page d'accueil) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2023-05-08]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-01-03]
CHR HomePage: Profile 2 -> orange.fr
CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?EID=MBSC&form=BGGCMF&pc=__PARAM__BG02&q={searchTerms}
CHR DefaultSuggestURL: Profile 2 -> hxxps://www.bing.com/osjson.aspx?form=BGGCSS&pc=__PARAM__BG02&query={searchTerms}
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-22]
CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-22]
CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hkecabaloghleaicfhefejdijblljpco [2023-12-22]
CHR Extension: (Connecteur Antidote) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2023-12-22]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-22]
CHR Extension: (Orange page d'accueil) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2023-12-22]
CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-10]
CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco]
CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.)
S3 becldr5Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 5\Common\becldr.exe [259448 2019-03-13] (BCL Technologies -> BCL Technologies, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995704 2024-08-10] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\FileSyncHelper.exe [3523112 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [Fichier non signé]
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-25] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-06] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-26] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\OneDriveUpdaterService.exe [3863984 2024-09-10] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 TeraCopyService.exe; "C:\Program Files\TeraCopy\TeraCopyService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 clwvd10; C:\Windows\System32\drivers\clwvd10.sys [61104 2022-06-13] (CyberLink Corp. -> CyberLink Corporation)
S3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-08-03] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 HWiNFO_190; C:\Users\Jean Jacques\AppData\Local\Temp\HWiNFO64A_190.SYS [57936 2024-01-27] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2024-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MpKsl75ce6a4b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85CED705-3AF4-4AAC-A2C7-8FA09E177A34}\MpKslDrv.sys [271640 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
R3 MpKsl7804509e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85CED705-3AF4-4AAC-A2C7-8FA09E177A34}\MpKslDrv.sys [271640 2024-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [25704 2022-10-03] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602504 2024-08-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-11] (Microsoft Windows -> Microsoft Corporation)
S2 WCMVCAM; \SystemRoot\System32\drivers\wcmvcam64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 11:12 - 2024-09-23 11:13 - 000033988 _____ C:\Users\Jean Jacques\Desktop\FRST.txt
2024-09-23 11:11 - 2024-09-23 11:13 - 000000000 ____D C:\FRST
2024-09-23 11:10 - 2024-09-23 11:10 - 002397696 _____ (Farbar) C:\Users\Jean Jacques\Desktop\FRST64.exe
2024-09-20 17:35 - 2024-09-20 17:35 - 000279800 _____ C:\Users\Jean Jacques\Downloads\0749---affiche-travaux-fermeture-BADGES.pdf
2024-09-20 16:58 - 2024-09-20 16:58 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-09-20 16:58 - 2024-09-20 16:58 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-09-20 12:21 - 2024-09-20 14:46 - 000000442 _____ C:\Users\Jean Jacques\Desktop\Photos CEWE.url
2024-09-20 12:15 - 2024-09-20 14:48 - 000000444 _____ C:\Users\Jean Jacques\Desktop\Décès.url
2024-09-20 11:13 - 2024-09-20 11:14 - 000001800 _____ C:\Users\Jean Jacques\Downloads\signature.cer
2024-09-14 22:51 - 2024-09-14 22:51 - 000000000 ___HD C:\$WinREAgent
2024-09-14 17:08 - 2024-09-14 17:26 - 000000000 ____D C:\Users\Jean Jacques\Downloads\Discussion WhatsApp avec +33 6 86 32 64 51
2024-09-12 17:50 - 2024-09-12 17:50 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\CEWE
2024-09-12 17:49 - 2024-09-12 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création PHOTO E.Leclerc
2024-09-12 17:46 - 2024-09-12 17:46 - 000000000 ____D C:\Program Files\PHOTO E Leclerc
2024-09-12 17:45 - 2024-09-12 17:45 - 008429456 _____ C:\Users\Jean Jacques\Downloads\setup_Logiciel_de_creation_PHOTO_E_Leclerc.exe
2024-09-10 16:09 - 2024-09-10 16:09 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2024-09-10 16:09 - 2024-09-10 16:09 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-09-02 16:17 - 2024-09-02 16:17 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper
2024-09-02 16:12 - 2024-09-02 16:12 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\WinScan2PDF
2024-09-02 16:11 - 2024-09-02 16:12 - 000194061 _____ C:\Users\Jean Jacques\Downloads\WinScan2PDF.zip
2024-08-24 11:59 - 2024-08-24 11:59 - 000074140 _____ C:\Users\Jean Jacques\Downloads\Importation dans Généatique des Relevés de Recensements au format Nimègue V3.zip
2024-08-24 11:59 - 2024-08-24 11:59 - 000000000 ____D C:\Users\Jean Jacques\Downloads\Importation dans Généatique des Relevés de Recensements au format Nimègue V3
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-09-23 11:12 - 2023-05-22 17:33 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Malwarebytes
2024-09-23 11:08 - 2021-08-20 16:07 - 000004190 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{436DB08A-76B1-4544-AEAD-F14017E2C537}
2024-09-23 10:55 - 2021-08-19 17:30 - 001911778 _____ C:\Windows\system32\PerfStringBackup.INI
2024-09-23 10:55 - 2019-12-07 16:49 - 000843350 _____ C:\Windows\system32\perfh00C.dat
2024-09-23 10:55 - 2019-12-07 16:49 - 000168692 _____ C:\Windows\system32\perfc00C.dat
2024-09-23 10:55 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2024-09-23 10:51 - 2021-08-19 17:49 - 000000000 __SHD C:\Users\Jean Jacques\IntelGraphicsProfiles
2024-09-23 10:49 - 2024-06-16 14:13 - 000008192 ___SH C:\DumpStack.log.tmp
2024-09-23 10:49 - 2021-08-19 17:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-09-23 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-09-22 23:07 - 2021-08-20 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\SolSuite
2024-09-22 23:07 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2024-09-22 21:28 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2024-09-22 17:53 - 2021-08-25 14:22 - 000000000 ___RD C:\Mes Données
2024-09-22 17:53 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques
2024-09-22 17:14 - 2021-08-20 14:18 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Excel
2024-09-22 15:34 - 2021-08-20 14:09 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Word
2024-09-22 15:15 - 2024-02-16 17:34 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\MoneyManagerEx
2024-09-21 18:48 - 2021-08-20 16:01 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Généalogie
2024-09-21 18:47 - 2021-08-20 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSD Concept
2024-09-21 18:47 - 2021-08-20 16:25 - 000000000 ____D C:\Program Files (x86)\BSD Concept
2024-09-21 18:46 - 2021-08-20 10:18 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\D3DSCache
2024-09-21 18:45 - 2021-08-20 15:41 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\BSD Concept
2024-09-21 17:52 - 2021-08-19 17:24 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-09-20 17:50 - 2021-08-26 11:55 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\CrashDumps
2024-09-20 17:49 - 2022-09-11 21:11 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\com.adobe.dunamis
2024-09-20 17:49 - 2021-10-28 11:39 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Adobe
2024-09-20 17:49 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Adobe
2024-09-20 17:38 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Packages
2024-09-20 16:31 - 2024-06-17 15:45 - 000002494 _____ C:\Users\Jean Jacques\Desktop\Valenciennes N.lnk
2024-09-20 11:14 - 2021-08-19 17:30 - 000000000 ___SD C:\Users\Jean Jacques\AppData\Roaming\Microsoft\SystemCertificates
2024-09-19 21:12 - 2021-09-13 16:57 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Divers
2024-09-18 11:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2024-09-17 17:35 - 2021-08-20 17:19 - 000000000 ____D C:\ProgramData\Package Cache
2024-09-14 21:32 - 2023-07-01 16:57 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\SYNDIC
2024-09-13 17:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-09-13 10:44 - 2021-12-18 19:40 - 000000000 ____D C:\Windows\SystemTemp
2024-09-12 21:59 - 2021-08-20 16:01 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Utilitaires
2024-09-10 21:14 - 2021-09-12 14:28 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2024-09-10 16:09 - 2021-12-13 16:26 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-781171050-1149277943-1776734086-1001
2024-09-09 11:39 - 2022-09-15 16:54 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-09-09 11:39 - 2022-09-15 16:54 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-09-09 11:01 - 2022-09-01 11:40 - 000003964 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA
2024-09-09 11:01 - 2022-09-01 11:40 - 000003914 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core
2024-09-08 18:48 - 2021-08-20 16:54 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Jeux
2024-09-07 15:19 - 2021-08-21 14:56 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\ElevatedDiagnostics
2024-09-06 16:51 - 2022-10-19 11:54 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\TeamViewer
2024-09-05 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2024-09-05 11:15 - 2021-08-21 18:40 - 000000444 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2024-09-02 22:12 - 2022-04-25 23:02 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\WDSetup
2024-08-29 17:22 - 2022-04-25 23:02 - 000000000 ____D C:\Program Files\Common Files\PC SOFT
2024-08-25 15:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog
2024-08-25 15:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
==================== Fichiers à la racine de certains dossiers ========
2021-10-28 21:28 - 2021-10-28 21:29 - 001269816 _____ () C:\Users\Jean Jacques\acdseeultimate.exe
2022-06-24 17:30 - 2017-11-19 13:51 - 000004286 _____ () C:\Program Files (x86)\FalcoGo.ico
2022-06-24 17:30 - 2017-11-19 13:53 - 000000044 _____ () C:\Program Files (x86)\FalcoGo.url
2022-06-24 17:30 - 2016-01-05 13:37 - 000004286 _____ () C:\Program Files (x86)\FalconLine.ico
2022-06-24 17:30 - 2016-01-05 13:25 - 000000047 _____ () C:\Program Files (x86)\FalconLine.url
2022-06-24 17:30 - 2016-12-21 01:39 - 000004286 _____ () C:\Program Files (x86)\FalcoSpace.ico
2022-06-24 17:30 - 2016-12-21 01:36 - 000000047 _____ () C:\Program Files (x86)\FalcoSpace.url
2021-08-28 18:14 - 2021-09-19 17:46 - 000000338 _____ () C:\Users\Jean Jacques\AppData\Roaming\.openyahtzee
2023-02-21 11:51 - 2023-02-21 12:03 - 000091466 _____ () C:\Users\Jean Jacques\AppData\Local\23221-105116-CLCSIWriter.txt
2023-01-18 15:43 - 2023-01-18 15:46 - 000000128 _____ () C:\Users\Jean Jacques\AppData\Local\PUTTY.RND
2021-08-21 21:19 - 2021-08-21 21:19 - 000007597 _____ () C:\Users\Jean Jacques\AppData\Local\Resmon.ResmonCfg
2022-04-16 17:49 - 2022-04-16 17:49 - 000000448 _____ () C:\Users\Jean Jacques\AppData\Local\rtb.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================