Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2020
Exécuté par sarah (administrateur) sur PCDESARAH (HP HP Notebook) (10-12-2020 13:10:41)
Exécuté depuis C:\Users\sarah\Downloads
Profils chargés: sarah
Platform: Windows 10 Home Version 2004 19041.630 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\sarah\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269112 2020-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2019-03-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-07-31] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-2607025007-2547361613-1905694366-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2607025007-2547361613-1905694366-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [1161440 2020-07-31] (Express Vpn LLC -> ExpressVPN)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0214FACA-913B-4BEF-B9E3-4EB850CA4B5B} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [517480 2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {0F5B1C2C-CBCA-4C5E-B221-2C236BAEB437} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0FB4B138-796C-4ADC-83FF-2FD9BE7AA84B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {18EE8D11-2132-469A-9AEC-421D67072FEC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {1A31DADF-0A07-4DCC-99D2-97369E8A59AE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {33899A7B-1D84-4EAA-9699-CCA8ABC13B57} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp81552.exe <==== ATTENTION
Task: {38DE5F4D-EB04-4F41-8C11-8BC7C23E8A7C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {4783E4C5-9CAB-457E-8E5C-E0525C318EEF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {49AE6E10-DCE6-4304-84AA-E9574A43B47F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4A22E2A0-A5E4-4CC9-93D8-34207B2B3A6E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {510D0797-7FB2-487A-BCB1-462D85D793CB} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {66163C1F-3ED2-4098-A2D2-F742D37FBE65} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {69B56893-D4FC-42F5-9257-6697B8EA4A03} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6BF963DC-36FE-43D3-8DEE-C74F31AF9C1B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {6BFCF0AB-841E-4556-8146-4A76AE2BB8BE} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {7685680E-7932-4739-AB36-475392863247} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {7CBA0770-9E4B-4466-B488-8B9B86E1D95B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {88B1C3F3-4058-4295-9CBD-3176474441F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {88ED9F07-CB96-48CA-AE48-0FAEC1B9F0DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {8A50C553-B605-4B05-BFEC-581B5287984D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sarahandres@hotmail.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {98E2C61C-50B7-4C8F-8B97-98312CD94741} - System32\Tasks\{740A33D4-ABB3-4441-8335-6A0366AEB6C5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.21.0.100/fr/abandoninstall?page=tsProgressBar
Task: {9A875856-59C5-4C52-A196-3B4EC875D67B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-06] (Google Inc -> Google Inc.)
Task: {A0BDC3FF-75A1-4F29-BA6A-D375D3F98F0B} - System32\Tasks\EPSON XP-312 313 315 Series Update {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B8F36A68-711F-4D46-9A98-7755B6A92073} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {BE8AE03F-7B1B-45C5-82C1-7DB388826C6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C20D3530-8A57-4277-AE54-1552EAC0C951} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {C784FEE3-7D6D-4A64-B16B-174518836126} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {D0919D63-4EA2-4E0D-AE97-D4E352F3F36B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D981B401-601A-40B5-8C98-D9C8EE7039BE} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [474472 2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {DE924158-3F19-403C-B26A-36BA2485E609} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {E2189D35-5FAA-4D5A-9114-6DA8735AE410} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E6563FCF-D72D-4CC9-9536-B0C5E7B02D30} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-06] (Google Inc -> Google Inc.)
Task: {E91B541F-0EED-4E0C-B103-6B0E6005ACC6} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-07-01] (CyberLink Corp. -> CyberLink Corp.)
Task: {EA35B218-0E87-4E7F-A55F-68EF334EB696} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {F1F7E1C1-BFB7-4B07-B8AB-8A6DA8B4A36E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{2F0BD40C-0DA1-4234-B6DA-09DABF0752A6} /F:UpdateWORKGROUP\DESKTOP-O7TG80H$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0f4d07fa-b0f2-42ae-bafc-0a54410ff31f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{646650c3-f062-4bd6-9184-06bde2d4b093}: [DhcpNameServer] 10.128.0.1
Tcpip\..\Interfaces\{75d7f2b4-cd17-4aae-b968-97bb8823492d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{af584d87-c5b2-40a8-a640-40417bc90413}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge Profile: C:\Users\sarah\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-10]
FireFox:
========
FF DefaultProfile: trto3hce.default
FF ProfilePath: C:\Users\sarah\AppData\Roaming\Mozilla\Firefox\Profiles\trto3hce.default [2020-12-10]
FF Homepage: Mozilla\Firefox\Profiles\trto3hce.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\trto3hce.default -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\trto3hce.default -> type", 4
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\sarah\AppData\Roaming\Mozilla\Firefox\Profiles\trto3hce.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-27]
FF SearchPlugin: C:\Users\sarah\AppData\Roaming\Mozilla\Firefox\Profiles\trto3hce.default\searchplugins\google-avast.xml [2017-05-25]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [Pas de fichier]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2607025007-2547361613-1905694366-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\sarah\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-21] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default [2020-12-10]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-12-07]
CHR Extension: (uBlock Origin) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09]
CHR Extension: (Privacy Badger) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-10-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2015-09-18] (Realtek Semiconductor Corp -> )
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-07-31] (Express Vpn LLC -> ExpressVPN)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-03] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [31744 2009-09-16] (Google Inc) [Fichier non signé]
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (AVAST Software a.s. -> The OpenVPN Project)
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-07-31] (ExprsVPN LLC -> ExpressVPN)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-10] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-10] (Malwarebytes Inc -> Malwarebytes)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2013-01-16] (QUALCOMM Incorporated) [Fichier non signé]
R1 rsKernelEngine; C:\WINDOWS\System32\DRIVERS\rsKernelEngine.sys [47496 2020-12-09] (Reason Software Company Inc. -> Windows (R) Win 7 DDK provider)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-07-31] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-10 13:07 - 2020-12-10 13:07 - 002288640 _____ (Farbar) C:\Users\sarah\Downloads\FRST64 (2).exe
2020-12-10 13:04 - 2020-12-10 13:04 - 002288640 _____ (Farbar) C:\Users\sarah\Downloads\FRST64 (1).exe
2020-12-10 12:50 - 2020-12-10 12:50 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-10 12:21 - 2020-12-10 12:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-10 12:09 - 2020-12-10 12:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2020-12-10 12:09 - 2020-12-10 12:09 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC
2020-12-10 11:37 - 2020-12-10 11:37 - 012448056 _____ (AVAST Software) C:\Users\sarah\Downloads\avastclear.exe
2020-12-10 01:44 - 2020-12-10 01:44 - 000727063 _____ C:\Users\sarah\Downloads\Des news, pas d'article, 2021... (1).zip
2020-12-10 00:55 - 2020-12-10 00:56 - 038322176 _____ C:\Users\sarah\Downloads\combin_2.7.1_x64.msi
2020-12-09 23:31 - 2020-12-09 23:42 - 000038790 _____ C:\Users\sarah\Downloads\Addition.txt
2020-12-09 23:20 - 2020-12-10 13:14 - 000029324 _____ C:\Users\sarah\Downloads\FRST.txt
2020-12-09 23:19 - 2020-12-10 13:13 - 000000000 ____D C:\FRST
2020-12-09 23:18 - 2020-12-09 23:18 - 002288640 _____ (Farbar) C:\Users\sarah\Downloads\FRST64.exe
2020-12-09 19:54 - 2020-12-09 19:54 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-12-09 19:54 - 2020-12-09 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-12-09 19:53 - 2020-12-09 19:54 - 000000000 ____D C:\Program Files\Speccy
2020-12-09 19:51 - 2020-12-09 19:51 - 008234296 _____ (Piriform Software Ltd) C:\Users\sarah\Downloads\spsetup132.exe
2020-12-09 19:10 - 2020-12-09 19:10 - 000001058 _____ C:\WINDOWS\system32\Reason Antivirus.lnk
2020-12-09 19:07 - 2020-12-09 19:07 - 000047496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\rsKernelEngine.sys
2020-12-09 19:05 - 2020-12-09 19:05 - 000000000 ____D C:\Program Files\Reason
2020-12-09 18:46 - 2020-12-09 18:49 - 009704772 _____ C:\Users\sarah\Downloads\memtest86-usb.zip
2020-12-09 16:31 - 2020-12-09 16:31 - 011312288 _____ (Tim Kosse) C:\Users\sarah\Downloads\FileZilla_3.51.0_win64-setup.exe
2020-12-09 15:49 - 2020-12-09 15:50 - 030469496 _____ (Piriform Software Ltd) C:\Users\sarah\Downloads\ccsetup574.exe
2020-12-09 14:45 - 2020-12-09 14:46 - 008447152 _____ (Malwarebytes) C:\Users\sarah\Downloads\adwcleaner_8.0.8.exe
2020-12-09 14:06 - 2020-12-09 14:07 - 003281280 _____ (Nicolas Coolman) C:\Users\sarah\Downloads\ZHPDiag3.exe
2020-12-09 12:30 - 2020-12-09 12:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-09 12:06 - 2020-12-09 12:07 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-12-07 15:05 - 2020-12-07 15:05 - 000561557 _____ C:\Users\sarah\Downloads\Des news, pas d'article, 2021....zip
2020-12-04 11:28 - 2020-12-04 11:28 - 001248438 _____ C:\Users\sarah\Downloads\Call-for-partners-_TC-Genderalization1.pdf
2020-12-03 15:59 - 2020-12-03 15:59 - 000068268 _____ C:\Users\sarah\Desktop\IMPRIMERBulletin de paie 2020-10.pdf
2020-12-03 15:56 - 2020-12-03 15:56 - 000068268 _____ C:\Users\sarah\Downloads\Bulletin de paie 2020-10.pdf
2020-12-03 14:37 - 2020-12-03 14:37 - 011311200 _____ C:\Users\sarah\Downloads\07075027.wav
2020-12-03 11:06 - 2020-12-10 12:27 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-03 11:06 - 2020-12-03 11:04 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-27 17:08 - 2020-12-10 10:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-11-27 14:33 - 2020-11-27 14:33 - 000005719 _____ C:\Users\sarah\Desktop\justificatif_reglement_avis_33364889529901.pdf
2020-11-25 00:31 - 2020-11-25 00:33 - 000000000 ____D C:\Users\sarah\Desktop\DIFENN
2020-11-25 00:02 - 2020-11-25 00:28 - 1428469672 _____ C:\Users\sarah\Downloads\wetransfer-595a14.zip
2020-11-20 17:13 - 2020-11-20 17:13 - 000021438 _____ C:\Users\sarah\Desktop\Questions Consentement.pdf
2020-11-20 16:02 - 2020-11-20 17:13 - 000000000 ____D C:\Users\sarah\Documents\Zoom
2020-11-20 16:02 - 2020-11-20 16:02 - 003152265 _____ C:\Users\sarah\Desktop\Masculinités corpus.pdf
2020-11-17 22:03 - 2020-11-17 22:03 - 000145838 _____ C:\Users\sarah\Desktop\1562322338131-MW_Typewriter_cr-unknown1964.jpeg
2020-11-17 17:50 - 2020-04-24 02:22 - 000136040 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2020-11-16 23:51 - 2020-11-16 23:51 - 000386979 _____ C:\Users\sarah\Downloads\CR de la réunion générale du 12 novembre 2020.pdf
2020-11-13 14:02 - 2020-11-13 14:02 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-13 14:02 - 2020-11-13 14:02 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-13 14:01 - 2020-11-13 14:01 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-13 14:00 - 2020-11-13 14:00 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-13 13:59 - 2020-11-13 13:59 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-10 13:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-10 12:59 - 2016-01-06 15:08 - 000000000 ___RD C:\Users\sarah\OneDrive
2020-12-10 12:55 - 2019-12-13 11:18 - 000000000 ____D C:\Users\sarah\Documents\YouCam
2020-12-10 12:53 - 2017-05-27 09:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-10 12:53 - 2016-01-06 15:04 - 000000000 __SHD C:\Users\sarah\IntelGraphicsProfiles
2020-12-10 12:50 - 2020-10-07 01:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-10 12:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-10 12:49 - 2020-10-07 00:45 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-10 12:49 - 2016-01-06 15:19 - 000000000 ____D C:\Users\sarah\AppData\Roaming\AVAST Software
2020-12-10 12:49 - 2015-11-05 06:17 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-10 12:48 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-10 12:45 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-12-10 12:45 - 2016-01-11 23:46 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-10 12:37 - 2020-10-07 01:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-10 12:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 12:35 - 2020-10-07 01:11 - 001926190 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-10 12:35 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2020-12-10 12:35 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2020-12-10 12:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-10 12:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-10 12:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-10 11:56 - 2020-10-07 00:45 - 000643912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 11:09 - 2018-04-12 17:36 - 000000000 ____D C:\Users\sarah\AppData\Local\AVAST Software
2020-12-10 10:47 - 2016-01-31 22:10 - 000000000 ____D C:\Users\sarah\AppData\Local\CrashDumps
2020-12-10 10:43 - 2020-10-07 00:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-10 10:28 - 2016-01-06 15:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-09 21:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 20:54 - 2019-11-12 08:44 - 000000000 ____D C:\Users\sarah\AppData\Roaming\ZHP
2020-12-09 19:36 - 2016-11-19 11:55 - 000000000 ____D C:\Users\sarah\AppData\LocalLow\Mozilla
2020-12-09 19:01 - 2019-05-01 11:01 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-09 17:13 - 2020-09-29 11:01 - 000000000 ___HD C:\$WinREAgent
2020-12-09 16:48 - 2016-01-06 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-09 16:37 - 2019-06-13 22:45 - 000000000 ____D C:\ProgramData\EPSON
2020-12-09 16:37 - 2015-11-05 06:07 - 000000000 ____D C:\Program Files\HP
2020-12-09 16:37 - 2015-11-05 05:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2020-12-09 16:32 - 2017-07-27 18:19 - 000000000 ____D C:\Users\sarah\AppData\Local\FileZilla
2020-12-09 16:32 - 2016-02-01 20:33 - 000000000 ____D C:\Users\sarah\AppData\Roaming\FileZilla
2020-12-09 16:32 - 2016-01-29 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2020-12-09 16:32 - 2016-01-29 23:50 - 000000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2020-12-09 16:31 - 2016-01-06 21:30 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-12-09 16:30 - 2016-01-08 00:15 - 000000000 ____D C:\Users\sarah\AppData\Roaming\vlc
2020-12-09 16:28 - 2016-01-06 15:44 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-12-09 14:07 - 2020-10-29 11:07 - 000000000 ____D C:\Users\sarah\AppData\Local\ZHP
2020-12-09 12:34 - 2020-06-21 12:47 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-09 12:30 - 2016-01-06 15:12 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-09 12:06 - 2017-05-27 09:46 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-09 12:06 - 2015-11-05 05:53 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-07 15:04 - 2020-10-08 11:24 - 000000000 ____D C:\Users\sarah\AppData\Roaming\Telegram Desktop
2020-12-07 13:16 - 2016-01-28 17:52 - 000000000 ____D C:\Users\sarah\AppData\Local\ElevatedDiagnostics
2020-12-05 10:41 - 2019-10-04 19:40 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-05 10:41 - 2019-10-04 19:40 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-04 11:11 - 2020-10-07 01:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 11:11 - 2020-10-07 01:41 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 19:51 - 2016-02-06 16:39 - 000000000 ____D C:\Users\sarah\AppData\Roaming\Audacity
2020-12-03 11:06 - 2020-07-27 11:13 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-03 11:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-03 11:06 - 2019-08-07 17:43 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-03 11:04 - 2019-08-07 17:43 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-30 12:41 - 2020-10-07 01:41 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 12:41 - 2020-10-07 01:41 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-26 12:24 - 2020-10-07 01:41 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2607025007-2547361613-1905694366-1001
2020-11-26 12:23 - 2020-10-07 00:54 - 000002412 _____ C:\Users\sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-24 23:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-24 20:41 - 2020-10-07 01:41 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-24 20:39 - 2017-04-17 18:38 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-23 23:52 - 2020-04-15 10:03 - 000000000 ____D C:\Users\sarah\Desktop\LISBETH
2020-11-15 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-15 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-14 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-14 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-13 13:59 - 2020-10-07 00:50 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-10 17:13 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-11-10 17:13 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-10 12:41 - 2020-01-28 19:32 - 000000000 ____D C:\Users\sarah\Desktop\FEMINISME GLOBAL
==================== Fichiers à la racine de certains dossiers ========
2017-01-30 16:10 - 2017-02-07 13:31 - 000000033 _____ () C:\Users\sarah\AppData\Roaming\AdobeWLCMCache.dat
2016-01-06 15:04 - 2020-12-10 12:59 - 006186461 _____ () C:\Users\sarah\AppData\Local\BTServer.log
2017-04-02 16:25 - 2017-04-02 16:25 - 000003072 _____ () C:\Users\sarah\AppData\Local\file__0.localstorage
2017-04-02 16:25 - 2017-04-02 17:17 - 000003072 _____ () C:\Users\sarah\AppData\Local\https_drm.youdagames.com_0.localstorage
2018-09-29 21:38 - 2018-09-29 21:38 - 000000000 _____ () C:\Users\sarah\AppData\Local\oobelibMkey.log
2016-02-01 21:12 - 2019-03-17 20:34 - 000000600 _____ () C:\Users\sarah\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par sarah (administrateur) sur PCDESARAH (HP HP Notebook) (10-12-2020 13:10:41)
Exécuté depuis C:\Users\sarah\Downloads
Profils chargés: sarah
Platform: Windows 10 Home Version 2004 19041.630 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0346830.inf_amd64_35731e557194973d\B345901\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAService.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(IDSA Production signing key -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSAUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel(R) Software Development Products -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\sarah\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\commsapps.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13228.41011.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2009.7-0\NisSrv.exe
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATILFE.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269112 2020-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322120 2019-03-15] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1058512 2018-12-18] (DivX, LLC. -> DivX, LLC)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-07-31] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [285544 2020-12-07] (IDSA Production signing key -> Intel)
HKU\S-1-5-21-2607025007-2547361613-1905694366-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATILFE.EXE [297024 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2607025007-2547361613-1905694366-1001\...\Run: [ExpressVPN4] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPN.exe [1161440 2020-07-31] (Express Vpn LLC -> ExpressVPN)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.88\Installer\chrmstp.exe [2020-12-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0214FACA-913B-4BEF-B9E3-4EB850CA4B5B} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [517480 2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {0F5B1C2C-CBCA-4C5E-B221-2C236BAEB437} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0FB4B138-796C-4ADC-83FF-2FD9BE7AA84B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {18EE8D11-2132-469A-9AEC-421D67072FEC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {1A31DADF-0A07-4DCC-99D2-97369E8A59AE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1349200 2020-11-03] (Adobe Inc. -> Adobe Inc.)
Task: {33899A7B-1D84-4EAA-9699-CCA8ABC13B57} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp81552.exe <==== ATTENTION
Task: {38DE5F4D-EB04-4F41-8C11-8BC7C23E8A7C} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {4783E4C5-9CAB-457E-8E5C-E0525C318EEF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {49AE6E10-DCE6-4304-84AA-E9574A43B47F} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3402832 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {4A22E2A0-A5E4-4CC9-93D8-34207B2B3A6E} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {510D0797-7FB2-487A-BCB1-462D85D793CB} - System32\Tasks\IcarusAvastVpnUpgrade => C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe -> /silent /ShowVpnGui=0 /RestartUpdaterTaskName=IcarusAvastVpnUpgrade /RestartUpdaterAppExe="C:\Program Files\AVAST Software\SecureLine\setup\avast_vpn_online_setup.exe"
Task: {66163C1F-3ED2-4098-A2D2-F742D37FBE65} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [670928 2020-11-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {69B56893-D4FC-42F5-9257-6697B8EA4A03} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {6BF963DC-36FE-43D3-8DEE-C74F31AF9C1B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {6BFCF0AB-841E-4556-8146-4A76AE2BB8BE} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {7685680E-7932-4739-AB36-475392863247} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {7CBA0770-9E4B-4466-B488-8B9B86E1D95B} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {88B1C3F3-4058-4295-9CBD-3176474441F4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {88ED9F07-CB96-48CA-AE48-0FAEC1B9F0DD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {8A50C553-B605-4B05-BFEC-581B5287984D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-sarahandres@hotmail.fr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {98E2C61C-50B7-4C8F-8B97-98312CD94741} - System32\Tasks\{740A33D4-ABB3-4441-8335-6A0366AEB6C5} => "c:\program files (x86)\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/7.21.0.100/fr/abandoninstall?page=tsProgressBar
Task: {9A875856-59C5-4C52-A196-3B4EC875D67B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-06] (Google Inc -> Google Inc.)
Task: {A0BDC3FF-75A1-4F29-BA6A-D375D3F98F0B} - System32\Tasks\EPSON XP-312 313 315 Series Update {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [679488 2014-12-03] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
Task: {B8F36A68-711F-4D46-9A98-7755B6A92073} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {BE8AE03F-7B1B-45C5-82C1-7DB388826C6C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C20D3530-8A57-4277-AE54-1552EAC0C951} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC)
Task: {C784FEE3-7D6D-4A64-B16B-174518836126} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {D0919D63-4EA2-4E0D-AE97-D4E352F3F36B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MpCmdRun.exe [533312 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D981B401-601A-40B5-8C98-D9C8EE7039BE} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [474472 2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {DE924158-3F19-403C-B26A-36BA2485E609} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {E2189D35-5FAA-4D5A-9114-6DA8735AE410} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E6563FCF-D72D-4CC9-9536-B0C5E7B02D30} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-06] (Google Inc -> Google Inc.)
Task: {E91B541F-0EED-4E0C-B103-6B0E6005ACC6} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-07-01] (CyberLink Corp. -> CyberLink Corp.)
Task: {EA35B218-0E87-4E7F-A55F-68EF334EB696} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098928 2020-08-02] (Intel(R) Software Development Products -> Intel Corporation)
Task: {F1F7E1C1-BFB7-4B07-B8AB-8A6DA8B4A36E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Invitation {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-312 313 315 Series Update {2F0BD40C-0DA1-4234-B6DA-09DABF0752A6}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{2F0BD40C-0DA1-4234-B6DA-09DABF0752A6} /F:UpdateWORKGROUP\DESKTOP-O7TG80H$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0f4d07fa-b0f2-42ae-bafc-0a54410ff31f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{646650c3-f062-4bd6-9184-06bde2d4b093}: [DhcpNameServer] 10.128.0.1
Tcpip\..\Interfaces\{75d7f2b4-cd17-4aae-b968-97bb8823492d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{af584d87-c5b2-40a8-a640-40417bc90413}: [DhcpNameServer] 192.168.0.1
Edge:
======
Edge Profile: C:\Users\sarah\AppData\Local\Microsoft\Edge\User Data\Default [2020-12-10]
FireFox:
========
FF DefaultProfile: trto3hce.default
FF ProfilePath: C:\Users\sarah\AppData\Roaming\Mozilla\Firefox\Profiles\trto3hce.default [2020-12-10]
FF Homepage: Mozilla\Firefox\Profiles\trto3hce.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\trto3hce.default -> about:newtab
FF NetworkProxy: Mozilla\Firefox\Profiles\trto3hce.default -> type", 4
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\sarah\AppData\Roaming\Mozilla\Firefox\Profiles\trto3hce.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-27]
FF SearchPlugin: C:\Users\sarah\AppData\Roaming\Mozilla\Firefox\Profiles\trto3hce.default\searchplugins\google-avast.xml [2017-05-25]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-11-21] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [Pas de fichier]
FF Plugin-x32: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files (x86)\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [Pas de fichier]
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-11-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2607025007-2547361613-1905694366-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\sarah\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-21] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default [2020-12-10]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2020-12-07]
CHR Extension: (uBlock Origin) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2020-12-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-10-29]
CHR Extension: (Chrome Media Router) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-12-09]
CHR Extension: (Privacy Badger) - C:\Users\sarah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkehgijcmpdhfbdbbnkijodmdjhbjlgp [2020-10-29]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [170056 2020-11-03] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3739728 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3511376 2020-09-23] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2015-09-18] (Realtek Semiconductor Corp -> )
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-07-31] (Express Vpn LLC -> ExpressVPN)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-11-05] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7269976 2020-12-03] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\NisSrv.exe [2372048 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.7-0\MsMpEng.exe [128376 2020-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [31744 2009-09-16] (Google Inc) [Fichier non signé]
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2014-09-05] (AVAST Software a.s. -> The OpenVPN Project)
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-07-31] (ExprsVPN LLC -> ExpressVPN)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220160 2020-12-10] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-12-10] (Malwarebytes Inc -> Malwarebytes)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [242688 2013-01-16] (QUALCOMM Incorporated) [Fichier non signé]
R1 rsKernelEngine; C:\WINDOWS\System32\DRIVERS\rsKernelEngine.sys [47496 2020-12-09] (Reason Software Company Inc. -> Windows (R) Win 7 DDK provider)
R2 speedfan; C:\WINDOWS\SysWOW64\speedfan.sys [28664 2012-12-29] (SOKNO S.R.L. -> Almico Software)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2020-07-31] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-10-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-10 13:07 - 2020-12-10 13:07 - 002288640 _____ (Farbar) C:\Users\sarah\Downloads\FRST64 (2).exe
2020-12-10 13:04 - 2020-12-10 13:04 - 002288640 _____ (Farbar) C:\Users\sarah\Downloads\FRST64 (1).exe
2020-12-10 12:50 - 2020-12-10 12:50 - 000220160 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-12-10 12:21 - 2020-12-10 12:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-12-10 12:09 - 2020-12-10 12:09 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2020-12-10 12:09 - 2020-12-10 12:09 - 000000000 ___HD C:\ProgramData\Documents\AdobeGC
2020-12-10 11:37 - 2020-12-10 11:37 - 012448056 _____ (AVAST Software) C:\Users\sarah\Downloads\avastclear.exe
2020-12-10 01:44 - 2020-12-10 01:44 - 000727063 _____ C:\Users\sarah\Downloads\Des news, pas d'article, 2021... (1).zip
2020-12-10 00:55 - 2020-12-10 00:56 - 038322176 _____ C:\Users\sarah\Downloads\combin_2.7.1_x64.msi
2020-12-09 23:31 - 2020-12-09 23:42 - 000038790 _____ C:\Users\sarah\Downloads\Addition.txt
2020-12-09 23:20 - 2020-12-10 13:14 - 000029324 _____ C:\Users\sarah\Downloads\FRST.txt
2020-12-09 23:19 - 2020-12-10 13:13 - 000000000 ____D C:\FRST
2020-12-09 23:18 - 2020-12-09 23:18 - 002288640 _____ (Farbar) C:\Users\sarah\Downloads\FRST64.exe
2020-12-09 19:54 - 2020-12-09 19:54 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2020-12-09 19:54 - 2020-12-09 19:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2020-12-09 19:53 - 2020-12-09 19:54 - 000000000 ____D C:\Program Files\Speccy
2020-12-09 19:51 - 2020-12-09 19:51 - 008234296 _____ (Piriform Software Ltd) C:\Users\sarah\Downloads\spsetup132.exe
2020-12-09 19:10 - 2020-12-09 19:10 - 000001058 _____ C:\WINDOWS\system32\Reason Antivirus.lnk
2020-12-09 19:07 - 2020-12-09 19:07 - 000047496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\rsKernelEngine.sys
2020-12-09 19:05 - 2020-12-09 19:05 - 000000000 ____D C:\Program Files\Reason
2020-12-09 18:46 - 2020-12-09 18:49 - 009704772 _____ C:\Users\sarah\Downloads\memtest86-usb.zip
2020-12-09 16:31 - 2020-12-09 16:31 - 011312288 _____ (Tim Kosse) C:\Users\sarah\Downloads\FileZilla_3.51.0_win64-setup.exe
2020-12-09 15:49 - 2020-12-09 15:50 - 030469496 _____ (Piriform Software Ltd) C:\Users\sarah\Downloads\ccsetup574.exe
2020-12-09 14:45 - 2020-12-09 14:46 - 008447152 _____ (Malwarebytes) C:\Users\sarah\Downloads\adwcleaner_8.0.8.exe
2020-12-09 14:06 - 2020-12-09 14:07 - 003281280 _____ (Nicolas Coolman) C:\Users\sarah\Downloads\ZHPDiag3.exe
2020-12-09 12:30 - 2020-12-09 12:30 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2020-12-09 12:06 - 2020-12-09 12:07 - 000001517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2020-12-07 15:05 - 2020-12-07 15:05 - 000561557 _____ C:\Users\sarah\Downloads\Des news, pas d'article, 2021....zip
2020-12-04 11:28 - 2020-12-04 11:28 - 001248438 _____ C:\Users\sarah\Downloads\Call-for-partners-_TC-Genderalization1.pdf
2020-12-03 15:59 - 2020-12-03 15:59 - 000068268 _____ C:\Users\sarah\Desktop\IMPRIMERBulletin de paie 2020-10.pdf
2020-12-03 15:56 - 2020-12-03 15:56 - 000068268 _____ C:\Users\sarah\Downloads\Bulletin de paie 2020-10.pdf
2020-12-03 14:37 - 2020-12-03 14:37 - 011311200 _____ C:\Users\sarah\Downloads\07075027.wav
2020-12-03 11:06 - 2020-12-10 12:27 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-12-03 11:06 - 2020-12-03 11:04 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-11-27 17:08 - 2020-12-10 10:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-11-27 14:33 - 2020-11-27 14:33 - 000005719 _____ C:\Users\sarah\Desktop\justificatif_reglement_avis_33364889529901.pdf
2020-11-25 00:31 - 2020-11-25 00:33 - 000000000 ____D C:\Users\sarah\Desktop\DIFENN
2020-11-25 00:02 - 2020-11-25 00:28 - 1428469672 _____ C:\Users\sarah\Downloads\wetransfer-595a14.zip
2020-11-20 17:13 - 2020-11-20 17:13 - 000021438 _____ C:\Users\sarah\Desktop\Questions Consentement.pdf
2020-11-20 16:02 - 2020-11-20 17:13 - 000000000 ____D C:\Users\sarah\Documents\Zoom
2020-11-20 16:02 - 2020-11-20 16:02 - 003152265 _____ C:\Users\sarah\Desktop\Masculinités corpus.pdf
2020-11-17 22:03 - 2020-11-17 22:03 - 000145838 _____ C:\Users\sarah\Desktop\1562322338131-MW_Typewriter_cr-unknown1964.jpeg
2020-11-17 17:50 - 2020-04-24 02:22 - 000136040 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2020-11-16 23:51 - 2020-11-16 23:51 - 000386979 _____ C:\Users\sarah\Downloads\CR de la réunion générale du 12 novembre 2020.pdf
2020-11-13 14:02 - 2020-11-13 14:02 - 000266240 _____ C:\WINDOWS\SysWOW64\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-13 14:02 - 2020-11-13 14:02 - 000009265 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2020-11-13 14:01 - 2020-11-13 14:01 - 000152576 _____ C:\WINDOWS\system32\EoAExperiences.exe
2020-11-13 14:00 - 2020-11-13 14:00 - 000363520 _____ C:\WINDOWS\system32\Windows.Internal.UI.Shell.WindowTabManager.dll
2020-11-13 13:59 - 2020-11-13 13:59 - 000197632 _____ C:\WINDOWS\system32\IHDS.dll
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-12-10 13:04 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-12-10 12:59 - 2016-01-06 15:08 - 000000000 ___RD C:\Users\sarah\OneDrive
2020-12-10 12:55 - 2019-12-13 11:18 - 000000000 ____D C:\Users\sarah\Documents\YouCam
2020-12-10 12:53 - 2017-05-27 09:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-12-10 12:53 - 2016-01-06 15:04 - 000000000 __SHD C:\Users\sarah\IntelGraphicsProfiles
2020-12-10 12:50 - 2020-10-07 01:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-12-10 12:50 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-12-10 12:49 - 2020-10-07 00:45 - 000008192 ___SH C:\DumpStack.log.tmp
2020-12-10 12:49 - 2016-01-06 15:19 - 000000000 ____D C:\Users\sarah\AppData\Roaming\AVAST Software
2020-12-10 12:49 - 2015-11-05 06:17 - 000000000 ____D C:\ProgramData\AVAST Software
2020-12-10 12:48 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-12-10 12:45 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2020-12-10 12:45 - 2016-01-11 23:46 - 000795000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-12-10 12:37 - 2020-10-07 01:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2020-12-10 12:37 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-12-10 12:35 - 2020-10-07 01:11 - 001926190 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-12-10 12:35 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2020-12-10 12:35 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2020-12-10 12:35 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2020-12-10 12:12 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-12-10 12:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-12-10 11:56 - 2020-10-07 00:45 - 000643912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2020-12-10 11:54 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2020-12-10 11:09 - 2018-04-12 17:36 - 000000000 ____D C:\Users\sarah\AppData\Local\AVAST Software
2020-12-10 10:47 - 2016-01-31 22:10 - 000000000 ____D C:\Users\sarah\AppData\Local\CrashDumps
2020-12-10 10:43 - 2020-10-07 00:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-12-10 10:28 - 2016-01-06 15:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-12-09 21:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-12-09 20:54 - 2019-11-12 08:44 - 000000000 ____D C:\Users\sarah\AppData\Roaming\ZHP
2020-12-09 19:36 - 2016-11-19 11:55 - 000000000 ____D C:\Users\sarah\AppData\LocalLow\Mozilla
2020-12-09 19:01 - 2019-05-01 11:01 - 000000000 ____D C:\ProgramData\Mozilla
2020-12-09 17:13 - 2020-09-29 11:01 - 000000000 ___HD C:\$WinREAgent
2020-12-09 16:48 - 2016-01-06 21:30 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-12-09 16:37 - 2019-06-13 22:45 - 000000000 ____D C:\ProgramData\EPSON
2020-12-09 16:37 - 2015-11-05 06:07 - 000000000 ____D C:\Program Files\HP
2020-12-09 16:37 - 2015-11-05 05:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2020-12-09 16:32 - 2017-07-27 18:19 - 000000000 ____D C:\Users\sarah\AppData\Local\FileZilla
2020-12-09 16:32 - 2016-02-01 20:33 - 000000000 ____D C:\Users\sarah\AppData\Roaming\FileZilla
2020-12-09 16:32 - 2016-01-29 23:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2020-12-09 16:32 - 2016-01-29 23:50 - 000000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2020-12-09 16:31 - 2016-01-06 21:30 - 133736600 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-12-09 16:30 - 2016-01-08 00:15 - 000000000 ____D C:\Users\sarah\AppData\Roaming\vlc
2020-12-09 16:28 - 2016-01-06 15:44 - 000001150 _____ C:\Users\Public\Desktop\VLC media player.lnk
2020-12-09 14:07 - 2020-10-29 11:07 - 000000000 ____D C:\Users\sarah\AppData\Local\ZHP
2020-12-09 12:34 - 2020-06-21 12:47 - 000002432 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-12-09 12:30 - 2016-01-06 15:12 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-12-09 12:06 - 2017-05-27 09:46 - 000000000 ____D C:\Program Files (x86)\Intel
2020-12-09 12:06 - 2015-11-05 05:53 - 000000000 ____D C:\ProgramData\Package Cache
2020-12-07 15:04 - 2020-10-08 11:24 - 000000000 ____D C:\Users\sarah\AppData\Roaming\Telegram Desktop
2020-12-07 13:16 - 2016-01-28 17:52 - 000000000 ____D C:\Users\sarah\AppData\Local\ElevatedDiagnostics
2020-12-05 10:41 - 2019-10-04 19:40 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-12-05 10:41 - 2019-10-04 19:40 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-12-04 11:11 - 2020-10-07 01:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-12-04 11:11 - 2020-10-07 01:41 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-12-03 19:51 - 2016-02-06 16:39 - 000000000 ____D C:\Users\sarah\AppData\Roaming\Audacity
2020-12-03 11:06 - 2020-07-27 11:13 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-12-03 11:06 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-12-03 11:06 - 2019-08-07 17:43 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-12-03 11:04 - 2019-08-07 17:43 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-11-30 12:41 - 2020-10-07 01:41 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-11-30 12:41 - 2020-10-07 01:41 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-11-26 12:24 - 2020-10-07 01:41 - 000003368 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2607025007-2547361613-1905694366-1001
2020-11-26 12:23 - 2020-10-07 00:54 - 000002412 _____ C:\Users\sarah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-11-24 23:56 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-11-24 20:41 - 2020-10-07 01:41 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2020-11-24 20:39 - 2017-04-17 18:38 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-11-23 23:52 - 2020-04-15 10:03 - 000000000 ____D C:\Users\sarah\Desktop\LISBETH
2020-11-15 13:44 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-11-15 13:43 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2020-11-14 13:07 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-11-14 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-11-14 13:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2020-11-13 13:59 - 2020-10-07 00:50 - 002876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-11-10 17:13 - 2019-12-07 10:18 - 000842296 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-11-10 17:13 - 2019-12-07 10:18 - 000175160 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-11-10 12:41 - 2020-01-28 19:32 - 000000000 ____D C:\Users\sarah\Desktop\FEMINISME GLOBAL
==================== Fichiers à la racine de certains dossiers ========
2017-01-30 16:10 - 2017-02-07 13:31 - 000000033 _____ () C:\Users\sarah\AppData\Roaming\AdobeWLCMCache.dat
2016-01-06 15:04 - 2020-12-10 12:59 - 006186461 _____ () C:\Users\sarah\AppData\Local\BTServer.log
2017-04-02 16:25 - 2017-04-02 16:25 - 000003072 _____ () C:\Users\sarah\AppData\Local\file__0.localstorage
2017-04-02 16:25 - 2017-04-02 17:17 - 000003072 _____ () C:\Users\sarah\AppData\Local\https_drm.youdagames.com_0.localstorage
2018-09-29 21:38 - 2018-09-29 21:38 - 000000000 _____ () C:\Users\sarah\AppData\Local\oobelibMkey.log
2016-02-01 21:12 - 2019-03-17 20:34 - 000000600 _____ () C:\Users\sarah\AppData\Local\PUTTY.RND
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================