Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-04-2022 01
Exécuté par xavier (administrateur) sur DESKTOP-5K64NCA (Micro-Star International Co., Ltd. MS-7C08) (14-04-2022 22:45:32)
Exécuté depuis C:\Users\xavier\Desktop
Profils chargés: xavier
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1645 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atieclxx.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Winamp SA -> Winamp SA) C:\Program Files (x86)\Winamp\winampa.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-12-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9336528 2022-02-15] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [86696 2018-10-19] (Winamp SA -> Winamp SA)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44416 2022-02-13] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC -> PeerBlock, LLC)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [Discord] => C:\Users\xavier\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\MountPoints2: {df9589af-90d7-11ec-b192-806e6f6e6963} - "F:\setup.exe"
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0DDDA2EC-81CA-418F-8A10-7179A447D083} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {38D23327-C4FC-4BA0-B3A3-82B04F2DE933} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-07-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {ACF6CD7A-2804-4DBB-8EF1-A4F2F74EFE4D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {C0112CB6-591C-44B2-A5F8-05B52220A0CC} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-07-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C632B3AD-BEEB-4CE5-8ACE-CB8248E8E804} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {C9DF23E6-B849-4068-B0C6-9F9D013885B7} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [825264 2021-09-07] (Intel Corporation -> Intel(R) Corporation)
Task: {FBE04F96-DEE7-40F0-AFF5-3FCE33D7B1A9} - System32\Tasks\CCleanerSkipUAC - xavier => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2c105a0d-f0c0-4538-a412-dbac2d9b39f5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d28a4db6-cefa-4a2f-b812-e5ff47786ea4}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\xavier\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-14]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\xavier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
Edge HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: tee8ary6.default
FF ProfilePath: C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\tee8ary6.default [2021-12-25]
FF ProfilePath: C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release [2022-04-14]
FF Session Restore: Mozilla\Firefox\Profiles\c2m307vx.default-release -> est activé.
FF Extension: (Kaspersky Protection) - C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2022-04-14]
FF Extension: (uBlock Origin) - C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-04-12]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-04-14]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3476372505-2215522309-3414687571-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-04-14] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-04-14] <==== ATTENTION
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-03-24] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [878464 2022-02-13] (Glarysoft LTD -> Glarysoft Ltd)
R2 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [65408 2022-02-13] (Glarysoft LTD -> Glarysoft Ltd)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [374920 2022-01-27] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [10722832 2022-02-15] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [115816 2021-11-15] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-11-15] (Proton Technologies AG -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-10-05] (Intel Corporation -> Intel Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [30720 2021-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [687936 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1542440 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [290600 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [309272 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [319176 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116008 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [227664 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 mtinvme; C:\Windows\System32\drivers\mtinvme.sys [184744 2021-03-12] (Micron Technology, Inc. -> Micron Technology, Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2021-12-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-14 22:22 - 2022-04-14 22:45 - 000021568 _____ C:\Users\xavier\Desktop\FRST.txt
2022-04-14 22:22 - 2022-04-14 22:45 - 000000000 ____D C:\FRST
2022-04-14 22:20 - 2022-04-14 22:20 - 002365952 _____ (Farbar) C:\Users\xavier\Desktop\FRST64.exe
2022-04-14 20:35 - 2022-04-14 21:06 - 000000000 ____D C:\Users\xavier\AppData\Roaming\ZHP
2022-04-14 20:35 - 2022-04-14 20:35 - 003482312 _____ (Nicolas Coolman) C:\Users\xavier\Downloads\ZHPSuite.exe
2022-04-14 20:35 - 2022-04-14 20:35 - 000000911 _____ C:\Users\xavier\Desktop\ZHPSuite.lnk
2022-04-14 20:35 - 2022-04-14 20:35 - 000000000 ____D C:\Users\xavier\AppData\Local\ZHP
2022-04-14 12:49 - 2022-04-14 12:56 - 000179252 _____ C:\Windows\ntbtlog.txt
2022-04-14 12:49 - 2022-04-14 12:49 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2022-04-14 12:27 - 2022-04-14 12:27 - 000319176 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2022-04-14 12:27 - 2022-04-14 12:27 - 000309272 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2022-04-14 12:27 - 2022-04-14 12:27 - 000227664 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2022-04-14 12:27 - 2022-04-14 12:27 - 000116008 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2022-04-14 12:26 - 2022-04-14 12:26 - 000002327 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000002195 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000001375 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000001291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000001161 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2022-04-14 12:26 - 2022-04-14 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2022-04-14 12:26 - 2022-04-14 12:26 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-14 12:26 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2022-04-14 12:25 - 2022-04-14 12:26 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-14 12:25 - 2022-04-14 12:26 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-04-14 12:25 - 2022-02-17 02:41 - 001049864 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2022-04-14 12:25 - 2022-02-17 02:41 - 000522504 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2022-04-14 12:14 - 2022-04-14 12:14 - 002766672 _____ (Kaspersky) C:\Users\xavier\Downloads\kis21.3.10.391abfr_27529.exe
2022-04-14 12:14 - 2022-04-14 12:14 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2022-04-13 23:09 - 2022-04-13 23:09 - 000000000 ____D C:\Users\xavier\AppData\Local\mbam
2022-04-13 22:57 - 2022-04-13 22:57 - 002443448 _____ (Malwarebytes) C:\Users\xavier\Downloads\MBSetup.exe
2022-04-13 22:35 - 2022-04-13 22:35 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3476372505-2215522309-3414687571-1001
2022-04-13 22:35 - 2022-04-13 22:35 - 000000000 ____D C:\Users\xavier\AppData\Local\OneDrive
2022-04-13 19:04 - 2022-04-13 19:04 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-04-13 19:04 - 2022-04-13 19:04 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-04-13 19:04 - 2022-04-13 19:04 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-04-13 19:04 - 2022-04-13 19:04 - 000011803 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-04-13 19:00 - 2022-04-13 19:00 - 000000000 ___HD C:\$WinREAgent
2022-04-12 16:21 - 2022-04-12 16:21 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Icecream
2022-04-12 16:05 - 2022-04-12 16:05 - 022565512 _____ (Icecream Apps ) C:\Users\xavier\Downloads\pdf_editor_setup.exe
2022-04-12 16:05 - 2022-04-12 16:05 - 000001177 _____ C:\Users\Public\Desktop\Icecream PDF Editor.lnk
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Users\xavier\AppData\Local\Icecream
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Users\xavier\AppData\Local\CrashRpt
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Users\xavier\.Icecream PDF Editor
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Editor
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Program Files (x86)\Icecream PDF Editor
2022-04-12 15:54 - 2022-04-12 15:54 - 002326656 _____ C:\Windows\cadkasdeinst01.exe
2022-04-12 15:54 - 2022-04-12 15:54 - 000001110 _____ C:\Users\xavier\Desktop\PDF Editeur 5.0.lnk
2022-04-12 15:54 - 2022-04-12 15:54 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Editeur 5.0
2022-04-12 15:54 - 2022-04-12 15:54 - 000000000 ____D C:\Users\xavier\AppData\Roaming\CAD-KAS
2022-04-12 15:54 - 2022-04-12 15:54 - 000000000 ____D C:\Program Files (x86)\PDF Editeur 5
2022-04-12 15:53 - 2022-04-12 15:53 - 009584968 _____ C:\Users\xavier\Downloads\pdf-editor_5-0_fr_169748.exe
2022-04-12 15:48 - 2022-04-12 15:48 - 000000000 ____D C:\Users\xavier\Documents\Image-Line
2022-04-05 12:15 - 2022-04-05 12:15 - 000000000 ____D C:\Users\xavier\AppData\Roaming\CreamAPI
2022-04-05 12:15 - 2022-04-05 12:15 - 000000000 ____D C:\Users\xavier\AppData\LocalLow\SKS
2022-04-05 12:11 - 2022-04-05 12:11 - 000000000 ____D C:\Users\xavier\Downloads\The Forest v1.12
2022-04-05 12:11 - 2022-04-05 12:08 - 3873993061 ____R C:\Users\xavier\Downloads\The Forest v1.12.rar
2022-04-05 12:09 - 2022-04-05 12:09 - 000000000 ____D C:\Users\xavier\Downloads\TheForest_Steam_Fix
2022-04-05 11:10 - 2022-04-05 11:10 - 000000000 ____D C:\Users\xavier\AppData\Roaming\WinRAR
2022-04-05 11:10 - 2022-04-05 11:10 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-05 11:10 - 2022-04-05 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-05 11:09 - 2022-04-05 11:10 - 000000000 ____D C:\Program Files\WinRAR
2022-04-05 11:09 - 2022-04-05 11:09 - 003581328 _____ (Alexander Roshal) C:\Users\xavier\Downloads\winrar-x64-611fr.exe
2022-04-05 10:36 - 2022-04-05 10:38 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Incredibox
2022-04-05 04:46 - 2022-04-05 04:46 - 000000219 _____ C:\Users\xavier\Desktop\Counter-Strike Global Offensive.url
2022-03-26 00:51 - 2022-03-26 00:51 - 000000223 _____ C:\Users\xavier\Desktop\Incredibox.url
2022-03-16 21:00 - 2022-03-16 21:06 - 434302976 _____ C:\Users\xavier\Downloads\Win10_1709_French_x64.iso
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-14 22:45 - 2022-02-12 14:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-14 22:45 - 2021-12-25 20:37 - 000000000 ____D C:\Users\xavier\AppData\LocalLow\Mozilla
2022-04-14 22:42 - 2022-02-23 22:24 - 000000000 ____D C:\Program Files (x86)\Steam
2022-04-14 21:58 - 2021-12-25 18:40 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-04-14 20:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-14 19:40 - 2021-12-27 19:44 - 000000000 ____D C:\Users\xavier\AppData\Roaming\vlc
2022-04-14 15:25 - 2021-12-25 20:32 - 000000000 ____D C:\Program Files\CCleaner
2022-04-14 14:58 - 2022-03-05 17:01 - 000000000 ____D C:\Users\xavier\AppData\Roaming\discord
2022-04-14 14:58 - 2022-03-05 17:01 - 000000000 ____D C:\Users\xavier\AppData\Local\Discord
2022-04-14 14:25 - 2021-12-25 20:32 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-04-14 14:25 - 2021-12-25 18:46 - 001684792 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-14 14:25 - 2019-12-07 16:50 - 000756282 _____ C:\Windows\system32\perfh00C.dat
2022-04-14 14:25 - 2019-12-07 16:50 - 000142586 _____ C:\Windows\system32\perfc00C.dat
2022-04-14 14:25 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-04-14 14:18 - 2021-12-25 18:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-14 14:18 - 2021-12-25 18:40 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-14 14:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-04-14 14:17 - 2021-12-25 18:45 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-04-14 14:17 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-04-14 12:29 - 2022-02-17 17:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-14 12:26 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-04-14 12:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-04-14 12:17 - 2021-12-25 18:40 - 000458448 _____ C:\Windows\system32\FNTCACHE.DAT
2022-04-14 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-04-14 12:15 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-04-13 23:11 - 2021-12-25 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2022-04-13 23:11 - 2021-12-25 19:38 - 000000000 ____D C:\Program Files (x86)\Auslogics
2022-04-13 19:06 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-04-13 18:51 - 2021-12-25 18:47 - 000000000 ____D C:\Windows\system32\MRT
2022-04-13 18:50 - 2021-12-25 18:47 - 143823848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-04-12 19:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-12 16:16 - 2022-02-24 21:50 - 000000000 ____D C:\ProgramData\HP
2022-04-12 16:05 - 2021-12-25 18:45 - 000000000 ____D C:\Users\xavier
2022-04-12 16:01 - 2021-12-29 22:37 - 000000000 ____D C:\Users\xavier\AppData\Local\CrashDumps
2022-04-12 15:09 - 2021-12-25 18:40 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-10 03:39 - 2021-12-25 18:40 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-10 03:39 - 2021-12-25 18:40 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-08 02:16 - 2021-12-25 18:40 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-04-07 05:18 - 2021-12-25 19:08 - 000000000 ____D C:\Users\xavier\AppData\Local\AMD_Common
2022-04-05 23:54 - 2021-12-25 18:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-05 04:46 - 2022-02-23 22:30 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-04-02 20:14 - 2022-02-23 23:01 - 000000000 ____D C:\Users\xavier\AppData\Local\Persona
2022-03-26 00:34 - 2022-03-05 22:05 - 000000000 ____D C:\Users\xavier\AppData\Roaming\TS3Client
2022-03-23 21:13 - 2021-12-25 18:49 - 000601432 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2022-03-23 21:12 - 2021-12-25 18:49 - 000483664 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2022-03-21 21:50 - 2021-12-25 18:50 - 000000000 ____D C:\Users\xavier\AppData\Local\NVIDIA Corporation
2022-03-20 22:44 - 2021-12-25 18:50 - 000001524 _____ C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2022-03-20 22:44 - 2021-12-25 18:50 - 000001516 _____ C:\Users\xavier\Desktop\NVIDIA GeForce NOW.lnk
2022-03-18 19:48 - 2021-12-25 18:45 - 000000000 ____D C:\Users\xavier\AppData\Local\Packages
2022-03-18 19:47 - 2021-12-25 21:35 - 000000000 ____D C:\Users\xavier\AppData\Local\ElevatedDiagnostics
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par xavier (administrateur) sur DESKTOP-5K64NCA (Micro-Star International Co., Ltd. MS-7C08) (14-04-2022 22:45:32)
Exécuté depuis C:\Users\xavier\Desktop
Profils chargés: xavier
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.1645 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atieclxx.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(explorer.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0366524.inf_amd64_09ec4a1cc3957750\B369435\atiesrxx.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe
(services.exe ->) (Glarysoft LTD -> Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe <2>
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20858.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Winamp SA -> Winamp SA) C:\Program Files (x86)\Winamp\winampa.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d92d7bec4b020758\RtkAudUService64.exe [1372264 2021-12-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-09-26] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Reflect UI] => C:\Program Files\Macrium\Common\ReflectUI.exe [9336528 2022-02-15] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [86696 2018-10-19] (Winamp SA -> Winamp SA)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [44416 2022-02-13] (Glarysoft LTD -> Glarysoft Ltd)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35888256 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC -> PeerBlock, LLC)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4279208 2022-03-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\Run: [Discord] => C:\Users\xavier\AppData\Local\Discord\Update.exe [1512616 2022-02-17] (Discord Inc. -> GitHub)
HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\...\MountPoints2: {df9589af-90d7-11ec-b192-806e6f6e6963} - "F:\setup.exe"
HKLM\...\Print\Monitors\HP E311 Status Monitor: C:\Windows\system32\hpinkstsE311LM.dll [392200 2019-03-15] (HP Inc -> HP Inc.)
BootExecute: autocheck autochk *
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0DDDA2EC-81CA-418F-8A10-7179A447D083} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-03-10] (Piriform Software Ltd -> Piriform)
Task: {38D23327-C4FC-4BA0-B3A3-82B04F2DE933} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [63448 2021-07-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {ACF6CD7A-2804-4DBB-8EF1-A4F2F74EFE4D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NoUACCheck
Task: {C0112CB6-591C-44B2-A5F8-05B52220A0CC} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [269272 2021-07-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {C632B3AD-BEEB-4CE5-8ACE-CB8248E8E804} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {C9DF23E6-B849-4068-B0C6-9F9D013885B7} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [825264 2021-09-07] (Intel Corporation -> Intel(R) Corporation)
Task: {FBE04F96-DEE7-40F0-AFF5-3FCE33D7B1A9} - System32\Tasks\CCleanerSkipUAC - xavier => C:\Program Files\CCleaner\CCleaner.exe [30053504 2022-03-10] (Piriform Software Ltd -> Piriform Software Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job => C:\Windows\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2c105a0d-f0c0-4538-a412-dbac2d9b39f5}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d28a4db6-cefa-4a2f-b812-e5ff47786ea4}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\xavier\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-14]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\xavier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-13]
Edge HKU\S-1-5-21-3476372505-2215522309-3414687571-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: tee8ary6.default
FF ProfilePath: C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\tee8ary6.default [2021-12-25]
FF ProfilePath: C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release [2022-04-14]
FF Session Restore: Mozilla\Firefox\Profiles\c2m307vx.default-release -> est activé.
FF Extension: (Kaspersky Protection) - C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release\Extensions\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com.xpi [2022-04-14]
FF Extension: (uBlock Origin) - C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release\Extensions\uBlock0@raymondhill.net.xpi [2022-04-12]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\xavier\AppData\Roaming\Mozilla\Firefox\Profiles\c2m307vx.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2022-04-14]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-3476372505-2215522309-3414687571-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-12-13] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2022-04-14] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2022-04-14] <==== ATTENTION
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-03-24] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [878464 2022-02-13] (Glarysoft LTD -> Glarysoft Ltd)
R2 GUPMService; C:\Program Files (x86)\Glary Utilities 5\GUPMService.exe [65408 2022-02-13] (Glarysoft LTD -> Glarysoft Ltd)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [374920 2022-01-27] (AO Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [10722832 2022-02-15] (PARAMOUNT SOFTWARE UK LIMITED -> Paramount Software UK Ltd)
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [115816 2021-11-15] (Proton Technologies AG -> )
S3 ProtonVPN Update Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.UpdateService.exe [65128 2021-11-15] (Proton Technologies AG -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WMIRegistrationService; C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe [538736 2021-10-05] (Intel Corporation -> Intel Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_8e2568524f674315\amdsafd.sys [100768 2021-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [35760 2016-12-27] (CHENGDU AOMEI Tech Co., Ltd. -> )
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [30720 2021-12-25] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [687936 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1542440 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [290600 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [309272 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [319176 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [116008 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [227664 2022-04-14] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 mtinvme; C:\Windows\System32\drivers\mtinvme.sys [184744 2021-03-12] (Micron Technology, Inc. -> Micron Technology, Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [179416 2019-02-15] (Paramount Software UK Ltd -> Windows (R) Win 7 DDK provider)
R3 tapprotonvpn; C:\Windows\System32\drivers\tapprotonvpn.sys [49024 2021-05-28] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\Windows\system32\DRIVERS\wintun.sys [29680 2021-12-25] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-14 22:22 - 2022-04-14 22:45 - 000021568 _____ C:\Users\xavier\Desktop\FRST.txt
2022-04-14 22:22 - 2022-04-14 22:45 - 000000000 ____D C:\FRST
2022-04-14 22:20 - 2022-04-14 22:20 - 002365952 _____ (Farbar) C:\Users\xavier\Desktop\FRST64.exe
2022-04-14 20:35 - 2022-04-14 21:06 - 000000000 ____D C:\Users\xavier\AppData\Roaming\ZHP
2022-04-14 20:35 - 2022-04-14 20:35 - 003482312 _____ (Nicolas Coolman) C:\Users\xavier\Downloads\ZHPSuite.exe
2022-04-14 20:35 - 2022-04-14 20:35 - 000000911 _____ C:\Users\xavier\Desktop\ZHPSuite.lnk
2022-04-14 20:35 - 2022-04-14 20:35 - 000000000 ____D C:\Users\xavier\AppData\Local\ZHP
2022-04-14 12:49 - 2022-04-14 12:56 - 000179252 _____ C:\Windows\ntbtlog.txt
2022-04-14 12:49 - 2022-04-14 12:49 - 000000214 _____ C:\Windows\Tasks\CreateExplorerShellUnelevatedTask.job
2022-04-14 12:27 - 2022-04-14 12:27 - 000319176 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2022-04-14 12:27 - 2022-04-14 12:27 - 000309272 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2022-04-14 12:27 - 2022-04-14 12:27 - 000227664 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2022-04-14 12:27 - 2022-04-14 12:27 - 000116008 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2022-04-14 12:26 - 2022-04-14 12:26 - 000002327 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000002195 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000001375 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000001291 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000001161 _____ C:\Users\Public\Desktop\Kaspersky VPN.lnk
2022-04-14 12:26 - 2022-04-14 12:26 - 000000000 ____D C:\Users\Default\AppData\Local\Kaspersky Lab
2022-04-14 12:26 - 2022-04-14 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2022-04-14 12:26 - 2022-04-14 12:26 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-14 12:26 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2022-04-14 12:25 - 2022-04-14 12:26 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-14 12:25 - 2022-04-14 12:26 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-04-14 12:25 - 2022-02-17 02:41 - 001049864 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2022-04-14 12:25 - 2022-02-17 02:41 - 000522504 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2022-04-14 12:14 - 2022-04-14 12:14 - 002766672 _____ (Kaspersky) C:\Users\xavier\Downloads\kis21.3.10.391abfr_27529.exe
2022-04-14 12:14 - 2022-04-14 12:14 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2022-04-13 23:09 - 2022-04-13 23:09 - 000000000 ____D C:\Users\xavier\AppData\Local\mbam
2022-04-13 22:57 - 2022-04-13 22:57 - 002443448 _____ (Malwarebytes) C:\Users\xavier\Downloads\MBSetup.exe
2022-04-13 22:35 - 2022-04-13 22:35 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3476372505-2215522309-3414687571-1001
2022-04-13 22:35 - 2022-04-13 22:35 - 000000000 ____D C:\Users\xavier\AppData\Local\OneDrive
2022-04-13 19:04 - 2022-04-13 19:04 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2022-04-13 19:04 - 2022-04-13 19:04 - 000048640 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2022-04-13 19:04 - 2022-04-13 19:04 - 000039936 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2022-04-13 19:04 - 2022-04-13 19:04 - 000011803 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-04-13 19:00 - 2022-04-13 19:00 - 000000000 ___HD C:\$WinREAgent
2022-04-12 16:21 - 2022-04-12 16:21 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Icecream
2022-04-12 16:05 - 2022-04-12 16:05 - 022565512 _____ (Icecream Apps ) C:\Users\xavier\Downloads\pdf_editor_setup.exe
2022-04-12 16:05 - 2022-04-12 16:05 - 000001177 _____ C:\Users\Public\Desktop\Icecream PDF Editor.lnk
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Users\xavier\AppData\Local\Icecream
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Users\xavier\AppData\Local\CrashRpt
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Users\xavier\.Icecream PDF Editor
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Editor
2022-04-12 16:05 - 2022-04-12 16:05 - 000000000 ____D C:\Program Files (x86)\Icecream PDF Editor
2022-04-12 15:54 - 2022-04-12 15:54 - 002326656 _____ C:\Windows\cadkasdeinst01.exe
2022-04-12 15:54 - 2022-04-12 15:54 - 000001110 _____ C:\Users\xavier\Desktop\PDF Editeur 5.0.lnk
2022-04-12 15:54 - 2022-04-12 15:54 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PDF Editeur 5.0
2022-04-12 15:54 - 2022-04-12 15:54 - 000000000 ____D C:\Users\xavier\AppData\Roaming\CAD-KAS
2022-04-12 15:54 - 2022-04-12 15:54 - 000000000 ____D C:\Program Files (x86)\PDF Editeur 5
2022-04-12 15:53 - 2022-04-12 15:53 - 009584968 _____ C:\Users\xavier\Downloads\pdf-editor_5-0_fr_169748.exe
2022-04-12 15:48 - 2022-04-12 15:48 - 000000000 ____D C:\Users\xavier\Documents\Image-Line
2022-04-05 12:15 - 2022-04-05 12:15 - 000000000 ____D C:\Users\xavier\AppData\Roaming\CreamAPI
2022-04-05 12:15 - 2022-04-05 12:15 - 000000000 ____D C:\Users\xavier\AppData\LocalLow\SKS
2022-04-05 12:11 - 2022-04-05 12:11 - 000000000 ____D C:\Users\xavier\Downloads\The Forest v1.12
2022-04-05 12:11 - 2022-04-05 12:08 - 3873993061 ____R C:\Users\xavier\Downloads\The Forest v1.12.rar
2022-04-05 12:09 - 2022-04-05 12:09 - 000000000 ____D C:\Users\xavier\Downloads\TheForest_Steam_Fix
2022-04-05 11:10 - 2022-04-05 11:10 - 000000000 ____D C:\Users\xavier\AppData\Roaming\WinRAR
2022-04-05 11:10 - 2022-04-05 11:10 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-05 11:10 - 2022-04-05 11:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2022-04-05 11:09 - 2022-04-05 11:10 - 000000000 ____D C:\Program Files\WinRAR
2022-04-05 11:09 - 2022-04-05 11:09 - 003581328 _____ (Alexander Roshal) C:\Users\xavier\Downloads\winrar-x64-611fr.exe
2022-04-05 10:36 - 2022-04-05 10:38 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Incredibox
2022-04-05 04:46 - 2022-04-05 04:46 - 000000219 _____ C:\Users\xavier\Desktop\Counter-Strike Global Offensive.url
2022-03-26 00:51 - 2022-03-26 00:51 - 000000223 _____ C:\Users\xavier\Desktop\Incredibox.url
2022-03-16 21:00 - 2022-03-16 21:06 - 434302976 _____ C:\Users\xavier\Downloads\Win10_1709_French_x64.iso
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-14 22:45 - 2022-02-12 14:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-14 22:45 - 2021-12-25 20:37 - 000000000 ____D C:\Users\xavier\AppData\LocalLow\Mozilla
2022-04-14 22:42 - 2022-02-23 22:24 - 000000000 ____D C:\Program Files (x86)\Steam
2022-04-14 21:58 - 2021-12-25 18:40 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-04-14 20:35 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-14 19:40 - 2021-12-27 19:44 - 000000000 ____D C:\Users\xavier\AppData\Roaming\vlc
2022-04-14 15:25 - 2021-12-25 20:32 - 000000000 ____D C:\Program Files\CCleaner
2022-04-14 14:58 - 2022-03-05 17:01 - 000000000 ____D C:\Users\xavier\AppData\Roaming\discord
2022-04-14 14:58 - 2022-03-05 17:01 - 000000000 ____D C:\Users\xavier\AppData\Local\Discord
2022-04-14 14:25 - 2021-12-25 20:32 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2022-04-14 14:25 - 2021-12-25 18:46 - 001684792 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-14 14:25 - 2019-12-07 16:50 - 000756282 _____ C:\Windows\system32\perfh00C.dat
2022-04-14 14:25 - 2019-12-07 16:50 - 000142586 _____ C:\Windows\system32\perfc00C.dat
2022-04-14 14:25 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-04-14 14:18 - 2021-12-25 18:40 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-14 14:18 - 2021-12-25 18:40 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-14 14:18 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2022-04-14 14:17 - 2021-12-25 18:45 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2022-04-14 14:17 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-04-14 12:29 - 2022-02-17 17:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-14 12:26 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-04-14 12:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-04-14 12:17 - 2021-12-25 18:40 - 000458448 _____ C:\Windows\system32\FNTCACHE.DAT
2022-04-14 12:17 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-04-14 12:15 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellExperiences
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2022-04-14 12:15 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-04-13 23:11 - 2021-12-25 19:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2022-04-13 23:11 - 2021-12-25 19:38 - 000000000 ____D C:\Program Files (x86)\Auslogics
2022-04-13 19:06 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-04-13 18:51 - 2021-12-25 18:47 - 000000000 ____D C:\Windows\system32\MRT
2022-04-13 18:50 - 2021-12-25 18:47 - 143823848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-04-12 19:09 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-12 16:16 - 2022-02-24 21:50 - 000000000 ____D C:\ProgramData\HP
2022-04-12 16:05 - 2021-12-25 18:45 - 000000000 ____D C:\Users\xavier
2022-04-12 16:01 - 2021-12-29 22:37 - 000000000 ____D C:\Users\xavier\AppData\Local\CrashDumps
2022-04-12 15:09 - 2021-12-25 18:40 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-10 03:39 - 2021-12-25 18:40 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-10 03:39 - 2021-12-25 18:40 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-08 02:16 - 2021-12-25 18:40 - 000000000 ____D C:\Windows\system32\Drivers\wd
2022-04-07 05:18 - 2021-12-25 19:08 - 000000000 ____D C:\Users\xavier\AppData\Local\AMD_Common
2022-04-05 23:54 - 2021-12-25 18:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-05 04:46 - 2022-02-23 22:30 - 000000000 ____D C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-04-02 20:14 - 2022-02-23 23:01 - 000000000 ____D C:\Users\xavier\AppData\Local\Persona
2022-03-26 00:34 - 2022-03-05 22:05 - 000000000 ____D C:\Users\xavier\AppData\Roaming\TS3Client
2022-03-23 21:13 - 2021-12-25 18:49 - 000601432 _____ (Microsoft Corporation) C:\Windows\system32\sedplugins.dll
2022-03-23 21:12 - 2021-12-25 18:49 - 000483664 _____ (Microsoft Corporation) C:\Windows\system32\QualityUpdateAssistant.dll
2022-03-21 21:50 - 2021-12-25 18:50 - 000000000 ____D C:\Users\xavier\AppData\Local\NVIDIA Corporation
2022-03-20 22:44 - 2021-12-25 18:50 - 000001524 _____ C:\Users\xavier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NVIDIA GeForce NOW.lnk
2022-03-20 22:44 - 2021-12-25 18:50 - 000001516 _____ C:\Users\xavier\Desktop\NVIDIA GeForce NOW.lnk
2022-03-18 19:48 - 2021-12-25 18:45 - 000000000 ____D C:\Users\xavier\AppData\Local\Packages
2022-03-18 19:47 - 2021-12-25 21:35 - 000000000 ____D C:\Users\xavier\AppData\Local\ElevatedDiagnostics
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================