Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2024 Exécuté par Jean Jacques (administrateur) sur ACER-ASPIRE3 (Acer Aspire A315-54K) (23-09-2024 11:12:40) Exécuté depuis C:\Users\Jean Jacques\Desktop\FRST64.exe Profils chargés: Jean Jacques Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4780 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24081.102.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.24081.102.0_x64__8wekyb3d8bbwe\YourPhoneAppProxy.exe (DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxEM.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <25> (explorer.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2403.21001.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Jean Jacques\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe (explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24061.40.0_x64__cw5n1h2txyewy\CrossDeviceService.exe (explorer.exe ->) (the sz development) [Fichier non signé] C:\Users\Jean Jacques\AppData\Local\Howard\Howard.exe (PrintCtrl.exe ->) (ActMask Group Co.,Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe <2> (services.exe ->) (ActMask Group Co., Ltd -> ActMask Co.,Ltd - hxxp://WWW.ALL2PDF.COM) C:\Windows\System32\PrintCtrl.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_405d2b89ed51239d\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_b2aff6fd6fd828e2\IntelCpHDCPSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe (services.exe ->) (Xp-Zed.com) [Fichier non signé] C:\Program Files\xp-zed\hddb\Hddb_Srv.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2434.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [PrintDisp] => C:\Windows\system32\PrintDisp.exe [609296 2022-06-29] (ActMask Group Co.,Ltd -> ActMask Co.,Ltd - hxxp://www.all2pdf.com) HKLM\...\Policies\Explorer: [NoThumbnailCache] 0 HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4919352 2024-09-10] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [Microsoft Edge Update] => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\MicrosoftEdgeUpdateCore.exe [268344 2024-09-09] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [Emjysoft Sauvegarde Facile] => C:\Program Files\Emjysoft\Sauvegarde-Facile\usb-tools.exe [1304280 2019-09-12] (Emjysoft -> Emjysoft) HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [HotBin] => "D:\Divers\HotBIN\HotBin-2.9.0.0-x64.exe" (Pas de fichier) HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [MicrosoftEdgeAutoLaunch_7DC9D029A103C53B17DFE8649BF7A3AD] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-07-11] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Run: [BingWallpaperApp] => C:\Users\Jean Jacques\AppData\Local\Microsoft\BingWallpaperApp\BingWallpaperApp.exe [14092840 2024-08-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Policies\Explorer: [NoThumbnailCache] 0 HKU\S-1-5-21-781171050-1149277943-1776734086-1001\...\Policies\Explorer: [DisableThumbnailCache] 0 HKLM\...\Windows x64\Print Processors\ActMaskR: C:\Windows\System32\spool\prtprocs\x64\ActPrint.dll [54304 2021-10-03] (ActMask Group Co.,Ltd -> ActMask Co.,Ltd) HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [399392 2023-10-04] (HP Inc. -> HP Inc.) HKLM\...\Print\Monitors\PDF-XChange5: C:\Windows\system32\pxc50pm.dll [57056 2016-01-18] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\Windows\system32\PEPrinterMonitor.dll [408304 2024-07-11] (Wondershare Technology Group Co.,Ltd -> Wondershare Software) HKLM\Software\...\AppCompatFlags\Custom\creamodele.exe: [{0ac8999f-3635-4d40-a73e-6776b132ea1c}.sdb] -> Database CDIP HKLM\Software\...\AppCompatFlags\InstalledSDB\{0ac8999f-3635-4d40-a73e-6776b132ea1c}: [DatabasePath] -> C:\Windows\AppPatch\CustomSDB\{0ac8999f-3635-4d40-a73e-6776b132ea1c}.sdb [2013-12-27] HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\128.0.6613.138\Installer\chrmstp.exe [2024-09-13] (Google LLC -> Google LLC) Startup: C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Howard.lnk [2024-07-03] ShortcutTarget: Howard.lnk -> C:\Users\Jean Jacques\AppData\Local\Howard\Howard.exe (the sz development) [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEScreenshot.lnk [2024-08-17] ShortcutTarget: Wondershare PEScreenshot.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Pas de fichier) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wondershare PEToolbox.lnk [2024-08-17] ShortcutTarget: Wondershare PEToolbox.lnk -> C:\Program Files\Wondershare\PDFelement11\PENotify.exe (Pas de fichier) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {2B49525E-2D4A-415A-8526-589D51869D6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1563080 2024-07-31] (Adobe Inc. -> Adobe Inc.) Task: {AE3FE8FE-0ED5-4CFC-8FCF-9315C2F3AEF0} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_238_pepper.exe -check pepperplugin (Pas de fichier) Task: {FC31C31B-7F46-4353-8F2D-08D4C9CBA35D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Pas de fichier) Task: {E47CFED4-7FBA-4C9A-BDAB-A6A37796D42B} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5774088 2024-08-10] (Microsoft Windows -> Microsoft Corporation) Task: {C30AEA66-B3D0-408A-AF29-3661C10766DA} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem130.0.6679.0{7C3BF2E1-86CD-4FDB-8783-13DD244C2CF9} => C:\Program Files (x86)\Google\GoogleUpdater\130.0.6679.0\updater.exe [4884584 2024-08-26] (Google LLC -> Google LLC) Task: {4D35F646-8CD1-4B5D-867F-4FF768E5D819} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core{4BB74F5C-32D6-458F-9465-F19BA1A89744} => C:\Users\Jean Jacques\AppData\Local\Google\Update\GoogleUpdate.exe /c (Pas de fichier) Task: {7BA1215F-BD69-498F-BBD0-0CC477E3A157} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA{14704039-A7B9-47D4-AC0B-4C744064FCE9} => C:\Users\Jean Jacques\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler (Pas de fichier) Task: {88276D57-918C-49CC-8C60-B81FBB13B8AA} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Jean_20Jacques => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe /AUTORUN (Pas de fichier) Task: {DA0D8B90-5F72-4832-ADA6-7A45BFEFAFA1} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [6439584 2021-11-15] (HP Inc. -> HP Inc.) Task: {E670198A-FEC8-48B5-9365-080F06684EEA} - System32\Tasks\Meta\Messenger-SL-Helper-S-1-5-21-781171050-1149277943-1776734086-1001 => C:\Users\Jean Jacques\AppData\Local\Programs\Messenger\MessengerHelper.exe --lassie (Pas de fichier) Task: {02CD993D-0BE8-481B-8316-75FD9C5E1584} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {0030C90E-47EF-4EAA-98F1-2B479B58E64F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28583648 2024-08-10] (Microsoft Corporation -> Microsoft Corporation) Task: {BA375825-4C11-455D-A3B4-FFE5228025E0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-20] (Microsoft Corporation -> Microsoft Corporation) Task: {259976A5-4DD7-4AA8-93D3-EA6CA06ABA61} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312416 2024-08-20] (Microsoft Corporation -> Microsoft Corporation) Task: {B1E2DE04-A530-40AB-A1FC-E887D47CE8DF} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [182240 2024-08-20] (Microsoft Corporation -> Microsoft Corporation) Task: {0364BEF9-ACFF-48D4-899E-505CFC9FDEEB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AE8880D5-4BD0-4787-9935-27870F319800} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {684570D0-ADA0-411E-A8C9-8F17C4476552} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {C79D28EF-4B75-455C-8F76-5E5432A6E40E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpCmdRun.exe [1687320 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {27722EC3-2113-4DAF-933D-CC47C0B76437} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-09-01] (Microsoft Corporation -> Microsoft Corporation) Task: {B5A7998F-7690-4CE9-AD16-DF0E295D6865} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA => C:\Users\Jean Jacques\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-09-01] (Microsoft Corporation -> Microsoft Corporation) Task: {7F7373FE-96C2-457A-BA9C-D29C948897A3} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-10] (Microsoft Corporation -> Microsoft Corporation) Task: {17C3D5C6-572D-4C4F-81FD-27F6440BF64B} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-781171050-1149277943-1776734086-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209208 2024-09-10] (Microsoft Corporation -> Microsoft Corporation) Task: {03D0F53D-53FE-4F2D-9266-8610FF30D60B} - System32\Tasks\Opera scheduled Autoupdate 1659543425 => C:\Users\Jean Jacques\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.56.92 Tcpip\..\Interfaces\{0bc4c280-8b53-453b-bd08-6c3f6d3a8153}: [DhcpNameServer] 192.168.252.220 Tcpip\..\Interfaces\{0bc4c280-8b53-453b-bd08-6c3f6d3a8153}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222 Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}: [DhcpNameServer] 192.168.220.2 Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\05569727F6574756474373: [DhcpNameServer] 192.168.62.119 Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\3414E44514C414F4554454: [DhcpNameServer] 172.20.0.1 Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\35F64796164756: [DhcpNameServer] 192.168.58.211 Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D223332363: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D223332363: [DhcpDomain] home Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D264233414: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{33d4d051-49ce-42bc-af51-6771da276c41}\C496675626F687D264233414: [DhcpDomain] home Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}: [DhcpNameServer] 192.168.43.1 Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\2496D626F602D45646961675966496: [DhcpNameServer] 8.8.8.8 8.8.4.4 Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\2496D626F602D45646961675966496: [DhcpDomain] iwibox.info Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\759664960274271647579647022496D626F6: [DhcpNameServer] 5.135.52.178 54.37.54.178 Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\759664960274271647579647022496D626F6: [DhcpDomain] iwibox.info Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D43644F6E616C646723702642716E63656: [DhcpNameServer] 178.32.119.52 178.32.122.78 Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D43644F6E616C646723702642716E63656: [DhcpDomain] hotspotwifimcdo.fr Tcpip\..\Interfaces\{3766a448-cb45-4cc2-bb8f-89aee24d1a94}\D4943425F44554B4F54374: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}: [DhcpNameServer] 192.168.56.92 Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}\255646D69602E4F64756021323020527F6B2025374: [DhcpNameServer] 192.168.165.91 Tcpip\..\Interfaces\{8db8cb91-96e1-43b9-993e-89d36691499a}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222 Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}: [DhcpNameServer] 192.168.175.179 Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\3414E44514C414F4554454: [DhcpNameServer] 1.1.1.1 208.67.222.222 Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\C496675626F687D223332363: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{d13ee740-f628-48cd-be63-ddd430bc94b0}\C496675626F687D223332363: [DhcpDomain] home Edge: ======= Edge Profile: C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default [2024-09-23] Edge HomePage: Default -> hxxps://www.google.fr/ Edge DefaultSearchURL: Default -> hxxps://searchsafe.norton.com/search?omnisearch=yes&q={searchTerms} Edge DefaultSearchKeyword: Default -> nortonsafe Edge DefaultSuggestURL: Default -> hxxps://ss-sym.search.ask.com/ss?limit=10&li=ff&hl=fr&q={searchTerms} Edge Extension: (Norton Safe Web) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bdaafgjhhjkdplpffldcncdignokfkbo [2024-07-12] Edge Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-12-27] Edge Extension: (QueChoisir - Oqif) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\efbibldnjenfgnpiabghamemilpbkegn [2023-12-27] Edge Extension: (Convertio) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2023-12-31] Edge Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2024-09-19] Edge Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-15] Edge Extension: (Google Mail Checker) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\glbpkcehjkihaknkjifkehdpjfngbdga [2023-12-27] Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2024-09-11] Edge Extension: (Pas de nom) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hokifickgkhplphjiodbggjmoafhignh [2024-09-19] Edge Extension: (HP Network Check Launcher) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2023-12-31] Edge Extension: (Edge relevant text changes) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (Norton Password Manager) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lcccdlklhahfmobgpnilndimkankpnkg [2024-08-12] Edge Extension: (Norton Home Page) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mhffmephdchhhbfjmdpoaldedhhdanbn [2024-08-23] Edge Extension: (Vérificateur de messages Google) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-01] Edge Extension: (Norton Safe) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mpnlkmlkncncpgnnkmkgoobfpnjmblnk [2024-07-25] Edge Extension: (Signal Spam) - C:\Users\Jean Jacques\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2024-09-19] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier] FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [Pas de fichier] FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-11-08] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-09-07] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default [2024-09-23] CHR Notifications: Default -> hxxps://captchaverifier.top; hxxps://ccm.net; hxxps://central.bitdefender.com; hxxps://forum.zebulon.fr; hxxps://fr.quicklyexplore.com; hxxps://geneatique.cdn.pagesense.io; hxxps://mail.google.com; hxxps://my.norton.com; hxxps://quelle-demarche.com; hxxps://smsmms.orange.fr; hxxps://wp.aliexpress.com; hxxps://www.123pneus.fr; hxxps://www.atlasformen.fr; hxxps://www.blancheporte.fr; hxxps://www.boulanger.com; hxxps://www.castorama.fr; hxxps://www.commentcamarche.net; hxxps://www.daxon.fr; hxxps://www.facebook.com; hxxps://www.francoisesaget.com; hxxps://www.instagram.com; hxxps://www.joueclub.fr; hxxps://www.michelin.fr; hxxps://www.samsung.com; hxxps://www.sephora.fr; hxxps://www.tf1.fr; hxxps://www.votreconfirmation-123.com; hxxps://www.zebulon.fr CHR HomePage: Default -> hxxps://www.google.fr/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-09-12] CHR Extension: (Convertisseur de fichiers - Par Online-Convert.com) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\dicgkflojhbopmagcacdklcpdfdcnhko [2023-06-20] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-09-03] CHR Extension: (QueChoisir - Oqif) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\efbibldnjenfgnpiabghamemilpbkegn [2022-06-08] CHR Extension: (Convertio) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppjkefeiehhflmgkhdooajgbkkegpcl [2022-06-29] CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-30] CHR Extension: (Pas de nom) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpaiobkfhnonedkhhfjpmhdalgeoebfa [2024-04-25] CHR Extension: (HP Network Check Launcher) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2021-09-11] CHR Extension: (Vérificateur de messages Google) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-07-31] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-22] CHR Extension: (Signal Spam) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Default\Extensions\npkncdihipibabapnailakhpajlglbfk [2024-09-19] CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-01] CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-08-23] CHR HomePage: Profile 1 -> orange.fr CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-08-08] CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-17] CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hkecabaloghleaicfhefejdijblljpco [2024-08-08] CHR Extension: (Connecteur Antidote) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2024-08-08] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-07] CHR Extension: (Orange page d'accueil) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2023-05-08] CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2 [2024-01-03] CHR HomePage: Profile 2 -> orange.fr CHR DefaultSearchURL: Profile 2 -> hxxps://www.bing.com/search?EID=MBSC&form=BGGCMF&pc=__PARAM__BG02&q={searchTerms} CHR DefaultSuggestURL: Profile 2 -> hxxps://www.bing.com/osjson.aspx?form=BGGCSS&pc=__PARAM__BG02&query={searchTerms} CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-12-22] CHR Extension: (Google Docs hors connexion) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-22] CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hkecabaloghleaicfhefejdijblljpco [2023-12-22] CHR Extension: (Connecteur Antidote) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmbopdiikkamfphhgcckcjhojnokgfeo [2023-12-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-22] CHR Extension: (Orange page d'accueil) - C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2023-12-22] CHR Profile: C:\Users\Jean Jacques\AppData\Local\Google\Chrome\User Data\System Profile [2023-06-10] CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hkecabaloghleaicfhefejdijblljpco] CHR HKU\S-1-5-21-781171050-1149277943-1776734086-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmbopdiikkamfphhgcckcjhojnokgfeo] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-07-31] (Adobe Inc. -> Adobe Inc.) S3 becldr5Service; C:\Program Files (x86)\BCL Technologies\easyConverter SDK 5\Common\becldr.exe [259448 2019-03-13] (BCL Technologies -> BCL Technologies, Inc.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13995704 2024-08-10] (Microsoft Corporation -> Microsoft Corporation) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\FileSyncHelper.exe [3523112 2024-09-10] (Microsoft Corporation -> Microsoft Corporation) R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [Fichier non signé] R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-05-25] (HP Inc. -> HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8965728 2024-08-06] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-26] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MpDefenderCoreService.exe [1427024 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.166.0818.0003\OneDriveUpdaterService.exe [3863984 2024-09-10] (Microsoft Corporation -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\NisSrv.exe [3199648 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24070.5-0\MsMpEng.exe [133704 2024-08-11] (Microsoft Windows Publisher -> Microsoft Corporation) S2 TeraCopyService.exe; "C:\Program Files\TeraCopy\TeraCopyService.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) S3 clwvd10; C:\Windows\System32\drivers\clwvd10.sys [61104 2022-06-13] (CyberLink Corp. -> CyberLink Corporation) S3 EnigmaFileMonDriver; C:\Windows\system32\Drivers\EnigmaFileMonDriver.sys [76744 2022-08-03] (EnigmaSoft Limited -> EnigmaSoft Limited) S3 HWiNFO_190; C:\Users\Jean Jacques\AppData\Local\Temp\HWiNFO64A_190.SYS [57936 2024-01-27] (Microsoft Windows Hardware Compatibility Publisher -> REALiX) <==== ATTENTION R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [231504 2024-09-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2023-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 MpKsl75ce6a4b; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85CED705-3AF4-4AAC-A2C7-8FA09E177A34}\MpKslDrv.sys [271640 2024-09-16] (Microsoft Windows -> Microsoft Corporation) R3 MpKsl7804509e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85CED705-3AF4-4AAC-A2C7-8FA09E177A34}\MpKslDrv.sys [271640 2024-09-16] (Microsoft Windows -> Microsoft Corporation) S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22080 2024-08-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\Windows\System32\drivers\wdcsam64.sys [25704 2022-10-03] (WDKTestCert user,132375440089837053 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [602504 2024-08-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105864 2024-08-11] (Microsoft Windows -> Microsoft Corporation) S2 WCMVCAM; \SystemRoot\System32\drivers\wcmvcam64.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-09-23 11:12 - 2024-09-23 11:13 - 000033988 _____ C:\Users\Jean Jacques\Desktop\FRST.txt 2024-09-23 11:11 - 2024-09-23 11:13 - 000000000 ____D C:\FRST 2024-09-23 11:10 - 2024-09-23 11:10 - 002397696 _____ (Farbar) C:\Users\Jean Jacques\Desktop\FRST64.exe 2024-09-20 17:35 - 2024-09-20 17:35 - 000279800 _____ C:\Users\Jean Jacques\Downloads\0749---affiche-travaux-fermeture-BADGES.pdf 2024-09-20 16:58 - 2024-09-20 16:58 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2024-09-20 16:58 - 2024-09-20 16:58 - 000002047 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-09-20 12:21 - 2024-09-20 14:46 - 000000442 _____ C:\Users\Jean Jacques\Desktop\Photos CEWE.url 2024-09-20 12:15 - 2024-09-20 14:48 - 000000444 _____ C:\Users\Jean Jacques\Desktop\Décès.url 2024-09-20 11:13 - 2024-09-20 11:14 - 000001800 _____ C:\Users\Jean Jacques\Downloads\signature.cer 2024-09-14 22:51 - 2024-09-14 22:51 - 000000000 ___HD C:\$WinREAgent 2024-09-14 17:08 - 2024-09-14 17:26 - 000000000 ____D C:\Users\Jean Jacques\Downloads\Discussion WhatsApp avec +33 6 86 32 64 51 2024-09-12 17:50 - 2024-09-12 17:50 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\CEWE 2024-09-12 17:49 - 2024-09-12 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logiciel de création PHOTO E.Leclerc 2024-09-12 17:46 - 2024-09-12 17:46 - 000000000 ____D C:\Program Files\PHOTO E Leclerc 2024-09-12 17:45 - 2024-09-12 17:45 - 008429456 _____ C:\Users\Jean Jacques\Downloads\setup_Logiciel_de_creation_PHOTO_E_Leclerc.exe 2024-09-10 16:09 - 2024-09-10 16:09 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2024-09-10 16:09 - 2024-09-10 16:09 - 000002142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-09-02 16:17 - 2024-09-02 16:17 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bing Wallpaper 2024-09-02 16:12 - 2024-09-02 16:12 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\WinScan2PDF 2024-09-02 16:11 - 2024-09-02 16:12 - 000194061 _____ C:\Users\Jean Jacques\Downloads\WinScan2PDF.zip 2024-08-24 11:59 - 2024-08-24 11:59 - 000074140 _____ C:\Users\Jean Jacques\Downloads\Importation dans Généatique des Relevés de Recensements au format Nimègue V3.zip 2024-08-24 11:59 - 2024-08-24 11:59 - 000000000 ____D C:\Users\Jean Jacques\Downloads\Importation dans Généatique des Relevés de Recensements au format Nimègue V3 ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-09-23 11:12 - 2023-05-22 17:33 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Malwarebytes 2024-09-23 11:08 - 2021-08-20 16:07 - 000004190 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{436DB08A-76B1-4544-AEAD-F14017E2C537} 2024-09-23 10:55 - 2021-08-19 17:30 - 001911778 _____ C:\Windows\system32\PerfStringBackup.INI 2024-09-23 10:55 - 2019-12-07 16:49 - 000843350 _____ C:\Windows\system32\perfh00C.dat 2024-09-23 10:55 - 2019-12-07 16:49 - 000168692 _____ C:\Windows\system32\perfc00C.dat 2024-09-23 10:55 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF 2024-09-23 10:51 - 2021-08-19 17:49 - 000000000 __SHD C:\Users\Jean Jacques\IntelGraphicsProfiles 2024-09-23 10:49 - 2024-06-16 14:13 - 000008192 ___SH C:\DumpStack.log.tmp 2024-09-23 10:49 - 2021-08-19 17:24 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-09-23 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-09-22 23:07 - 2021-08-20 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\SolSuite 2024-09-22 23:07 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI 2024-09-22 21:28 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp 2024-09-22 17:53 - 2021-08-25 14:22 - 000000000 ___RD C:\Mes Données 2024-09-22 17:53 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques 2024-09-22 17:14 - 2021-08-20 14:18 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Excel 2024-09-22 15:34 - 2021-08-20 14:09 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Microsoft\Word 2024-09-22 15:15 - 2024-02-16 17:34 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\MoneyManagerEx 2024-09-21 18:48 - 2021-08-20 16:01 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Généalogie 2024-09-21 18:47 - 2021-08-20 16:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSD Concept 2024-09-21 18:47 - 2021-08-20 16:25 - 000000000 ____D C:\Program Files (x86)\BSD Concept 2024-09-21 18:46 - 2021-08-20 10:18 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\D3DSCache 2024-09-21 18:45 - 2021-08-20 15:41 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\BSD Concept 2024-09-21 17:52 - 2021-08-19 17:24 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-09-20 17:50 - 2021-08-26 11:55 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\CrashDumps 2024-09-20 17:49 - 2022-09-11 21:11 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\com.adobe.dunamis 2024-09-20 17:49 - 2021-10-28 11:39 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Adobe 2024-09-20 17:49 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\Adobe 2024-09-20 17:38 - 2021-08-19 17:30 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\Packages 2024-09-20 16:31 - 2024-06-17 15:45 - 000002494 _____ C:\Users\Jean Jacques\Desktop\Valenciennes N.lnk 2024-09-20 11:14 - 2021-08-19 17:30 - 000000000 ___SD C:\Users\Jean Jacques\AppData\Roaming\Microsoft\SystemCertificates 2024-09-19 21:12 - 2021-09-13 16:57 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Divers 2024-09-18 11:21 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness 2024-09-17 17:35 - 2021-08-20 17:19 - 000000000 ____D C:\ProgramData\Package Cache 2024-09-14 21:32 - 2023-07-01 16:57 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\SYNDIC 2024-09-13 17:20 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-09-13 10:44 - 2021-12-18 19:40 - 000000000 ____D C:\Windows\SystemTemp 2024-09-12 21:59 - 2021-08-20 16:01 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Utilitaires 2024-09-10 21:14 - 2021-09-12 14:28 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2024-09-10 16:09 - 2021-12-13 16:26 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-781171050-1149277943-1776734086-1001 2024-09-09 11:39 - 2022-09-15 16:54 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-09-09 11:39 - 2022-09-15 16:54 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-09-09 11:01 - 2022-09-01 11:40 - 000003964 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001UA 2024-09-09 11:01 - 2022-09-01 11:40 - 000003914 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-781171050-1149277943-1776734086-1001Core 2024-09-08 18:48 - 2021-08-20 16:54 - 000000000 ___RD C:\Users\Jean Jacques\Desktop\Jeux 2024-09-07 15:19 - 2021-08-21 14:56 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\ElevatedDiagnostics 2024-09-06 16:51 - 2022-10-19 11:54 - 000000000 ____D C:\Users\Jean Jacques\AppData\Roaming\TeamViewer 2024-09-05 11:32 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF 2024-09-05 11:15 - 2021-08-21 18:40 - 000000444 _____ C:\Windows\system32\Drivers\etc\hosts.ics 2024-09-02 22:12 - 2022-04-25 23:02 - 000000000 ____D C:\Users\Jean Jacques\AppData\Local\WDSetup 2024-08-29 17:22 - 2022-04-25 23:02 - 000000000 ____D C:\Program Files\Common Files\PC SOFT 2024-08-25 15:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\PrintDialog 2024-08-25 15:20 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel ==================== Fichiers à la racine de certains dossiers ======== 2021-10-28 21:28 - 2021-10-28 21:29 - 001269816 _____ () C:\Users\Jean Jacques\acdseeultimate.exe 2022-06-24 17:30 - 2017-11-19 13:51 - 000004286 _____ () C:\Program Files (x86)\FalcoGo.ico 2022-06-24 17:30 - 2017-11-19 13:53 - 000000044 _____ () C:\Program Files (x86)\FalcoGo.url 2022-06-24 17:30 - 2016-01-05 13:37 - 000004286 _____ () C:\Program Files (x86)\FalconLine.ico 2022-06-24 17:30 - 2016-01-05 13:25 - 000000047 _____ () C:\Program Files (x86)\FalconLine.url 2022-06-24 17:30 - 2016-12-21 01:39 - 000004286 _____ () C:\Program Files (x86)\FalcoSpace.ico 2022-06-24 17:30 - 2016-12-21 01:36 - 000000047 _____ () C:\Program Files (x86)\FalcoSpace.url 2021-08-28 18:14 - 2021-09-19 17:46 - 000000338 _____ () C:\Users\Jean Jacques\AppData\Roaming\.openyahtzee 2023-02-21 11:51 - 2023-02-21 12:03 - 000091466 _____ () C:\Users\Jean Jacques\AppData\Local\23221-105116-CLCSIWriter.txt 2023-01-18 15:43 - 2023-01-18 15:46 - 000000128 _____ () C:\Users\Jean Jacques\AppData\Local\PUTTY.RND 2021-08-21 21:19 - 2021-08-21 21:19 - 000007597 _____ () C:\Users\Jean Jacques\AppData\Local\Resmon.ResmonCfg 2022-04-16 17:49 - 2022-04-16 17:49 - 000000448 _____ () C:\Users\Jean Jacques\AppData\Local\rtb.log ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================