Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2022
Exécuté par cathe (administrateur) sur LAPTOP-8CAOSK7H (HP HP Laptop 17-ca1xxx) (29-06-2022 18:28:17)
Exécuté depuis C:\Users\cathe\Downloads
Profils chargés: cathe & MSSQL$EBP & SQLTELEMETRY$EBP
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1766 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe ->) (Reaction Software Limited -> Weather Zero) C:\Program Files (x86)\WeatherZero\WeatherZero.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(DriverStore\FileRepository\u0373104.inf_amd64_beb660c61c852a40\B373048\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373104.inf_amd64_beb660c61c852a40\B373048\atieclxx.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Gaijin Network LTD -> Gaijin) C:\Users\cathe\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373104.inf_amd64_beb660c61c852a40\B373048\atiesrxx.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (lemongeekscorp -> lemongeeks corp) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\AmonMasterKW\AmonMasterKW.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Reaction Software Limited -> Weather Information Service) C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1082144 2020-04-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2019-11-01] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ClientPCSpeedup] => C:\Program Files (x86)\ClientPCSpeedup\ClientPCSpeedup.exe [32382568 2022-06-28] (ClientPCSpeedupCorp -> ) [Fichier non signé]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-09] (HP Inc.) [Fichier non signé]
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [Gaijin.Net Updater] => C:\Users\cathe\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-06-08] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32656336 2022-06-22] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [MicrosoftEdgeAutoLaunch_9EB8807FAE66E8905A21B08F1CF5846F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-80-3474501146-2690987104-1058319931-3814775573-4026506562\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-09] (HP Inc.) [Fichier non signé]
HKU\S-1-5-80-804047122-2987657544-4052196017-4258511231-3780409120\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-09] (HP Inc.) [Fichier non signé]
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\WINDOWS\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-10] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01EA0451-7BCE-4F1D-AC6B-AC70D8642D8C} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {0D49FE3C-8F9D-4CAE-8546-CC2D604B517F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {0FFA8E35-92EF-49DF-9BED-140BB77198B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {1DD1C802-DE54-41B7-B4E6-C24B5BADD4B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D109FD5-2EB6-473F-BA67-5CF1C1307A94} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-31] (HP Inc. -> HP Inc.)
Task: {381B77C0-5121-4D5A-9771-93420CCFD18A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-31] (HP Inc. -> HP Inc.)
Task: {438493AF-87C5-476C-9342-51A948DCE841} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-05-31] (HP Inc. -> HP Inc.)
Task: {6F7A3C90-DF15-442D-B846-965FE10D9071} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {90D88F3F-150D-4A0E-87A3-86AD10A2D8E9} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {B4360386-0D9E-47B4-9D24-E363DA5EE5AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [411280 2022-05-31] (HP Inc. -> HP Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f2b7a9b2-61e8-44bc-b1b1-0177a262af54}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{f2b7a9b2-61e8-44bc-b1b1-0177a262af54}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\cathe\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-29]
Edge Extension: (Kaspersky Protection) - C:\Users\cathe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-05-20]
Edge HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-3474501146-2690987104-1058319931-3814775573-4026506562\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-804047122-2987657544-4052196017-4258511231-3780409120\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: bfqk8qc5.default
FF ProfilePath: C:\Users\cathe\AppData\Roaming\Mozilla\Firefox\Profiles\bfqk8qc5.default [2021-09-11]
FF ProfilePath: C:\Users\cathe\AppData\Roaming\Mozilla\Firefox\Profiles\4sia4vns.default-release [2022-06-10]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Default [2022-06-29]
CHR Notifications: Default -> hxxps://gamehag.com; hxxps://mail.google.com; hxxps://rblxearn.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.jeuxvideo.com; hxxps://www.netflix.com; hxxps://www.pinterest.fr; hxxps://www.rustica.fr; hxxps://www.tiktok.com
CHR Extension: (Google Docs hors connexion) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-29]
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-06-29]
CHR Notifications: Profile 4 -> hxxps://mail.google.com; hxxps://mystake.com; hxxps://www.youtube.com
CHR Extension: (Kaspersky Protection) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-05-20]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-06-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-21]
CHR Extension: (MetaMask) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-06-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-12]
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-29]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
"AmonMasterKW" => service a été déverrouillé. <==== ATTENTION
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960 2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AmonMasterKW; C:\Program Files (x86)\AmonMasterKW\AmonMasterKW.exe [4195384 2022-06-17] (lemongeekscorp -> lemongeeks corp) [Fichier non signé] [Fichier en cours d'utilisation]
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-21] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-11-01] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe [765016 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe [763480 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe [760408 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe [763976 2022-05-26] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe [489696 2022-05-26] (HP Inc. -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] (Canon Inc. -> )
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351424 2020-09-23] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-06-23] (McAfee, LLC -> McAfee, LLC)
R2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2020-10-30] () [Fichier non signé]
S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$EBP; C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WeatherZeroSvc; C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe [3256744 2022-06-12] (Reaction Software Limited -> Weather Information Service)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1642744 2021-03-15] (WildTangent Inc -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-05-13] (Alcorlink Corp. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2019-11-01] (ExprsVPN LLC -> ExpressVPN)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [694056 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1571680 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [188848 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [357136 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [187200 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [267824 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S4 RsFx0500; C:\WINDOWS\System32\DRIVERS\RsFx0500.sys [261848 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2019-11-01] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420072 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
U3 aspnet_state; pas de ImagePath
U3 aswbdisk; pas de ImagePath
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-29 18:28 - 2022-06-29 18:29 - 000030839 _____ C:\Users\cathe\Downloads\FRST.txt
2022-06-29 18:27 - 2022-06-29 18:28 - 000000000 ___DC C:\FRST
2022-06-29 18:27 - 2022-06-29 18:27 - 000000000 ____D C:\Users\cathe\Downloads\FRST-OlderVersion
2022-06-29 09:25 - 2022-06-29 09:25 - 000000000 ____D C:\ProgramData\VS Revo Group
2022-06-29 09:24 - 2022-06-29 09:24 - 000000000 ____D C:\Program Files\VS Revo Group
2022-06-29 09:10 - 2022-06-29 18:27 - 002369024 ____C (Farbar) C:\Users\cathe\Downloads\FRST64.exe
2022-06-29 08:13 - 2022-06-29 08:13 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-06-29 08:12 - 2022-06-29 08:12 - 000000000 ____D C:\Users\cathe\AppData\Local\Gh
2022-06-29 08:11 - 2022-06-29 08:11 - 000000000 ____D C:\WINDOWS\pss
2022-06-28 21:44 - 2022-06-28 21:44 - 000016438 _____ C:\Users\cathe\AppData\Local\partner.bmp
2022-06-28 21:43 - 2022-06-29 08:11 - 000000000 ____D C:\ProgramData\ClientPCSpeedup
2022-06-28 21:43 - 2022-06-28 21:43 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-06-28 21:43 - 2022-06-28 21:43 - 000000000 ____D C:\Users\cathe\AppData\Local\HealthyVOYAGEvafTool
2022-06-28 21:43 - 2022-06-28 21:43 - 000000000 ____D C:\Users\cathe\AppData\Local\ClientPCSpeedup
2022-06-28 21:42 - 2022-06-28 21:43 - 000000000 ____D C:\Program Files (x86)\ClientPCSpeedup
2022-06-28 21:42 - 2022-06-28 21:42 - 000000000 ____D C:\Users\cathe\AppData\Roaming\WeatherZero
2022-06-28 21:42 - 2022-06-28 21:42 - 000000000 ____D C:\Program Files (x86)\WeatherZero
2022-06-28 21:41 - 2022-06-28 21:41 - 000000000 ____D C:\Program Files (x86)\AmonMasterKW
2022-06-28 21:41 - 2022-06-28 21:41 - 000000000 _____ C:\WINDOWS\ElevatioEmbarrass.INI
2022-06-28 21:07 - 2022-06-28 21:07 - 000000329 _____ C:\Users\cathe\Desktop\Fortnite.url
2022-06-28 12:58 - 2022-06-28 13:31 - 3939408500 _____ C:\Users\cathe\Downloads\The.Cloverfield.Paradox.2018.FRENCH.720p.BluRay.x264.AC3-Wawacity.ec.mkv
2022-06-28 11:26 - 2022-06-28 11:50 - 2862631453 _____ C:\Users\cathe\Downloads\Cloverfield.mkv
2022-06-20 18:30 - 2022-06-20 18:31 - 000000000 ____D C:\Users\cathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2022-06-20 18:30 - 2022-06-20 18:31 - 000000000 ____D C:\Users\cathe\AppData\Roaming\.minecraft
2022-06-20 18:29 - 2022-06-20 18:29 - 000000000 ____D C:\Users\cathe\AppData\Roaming\OfficialHawk
2022-06-20 16:00 - 2022-06-20 16:00 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-06-20 15:59 - 2022-06-20 18:35 - 000267824 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-06-20 15:59 - 2022-06-20 15:59 - 000376920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-06-20 15:59 - 2022-06-20 15:59 - 000187200 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-06-17 07:17 - 2022-06-17 07:17 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-17 07:17 - 2022-06-17 07:17 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-17 07:16 - 2022-06-17 07:16 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-17 07:16 - 2022-06-17 07:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 07:16 - 2022-06-17 07:16 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-17 07:05 - 2022-06-17 07:05 - 000000000 __HDC C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-29 18:00 - 2021-04-04 09:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-29 18:00 - 2020-10-28 19:32 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-29 16:50 - 2021-04-04 09:57 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E0C74695-FFFD-44B9-A58A-926AFEE1A320}
2022-06-29 13:08 - 2021-04-04 09:55 - 002004394 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-29 13:08 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-06-29 13:08 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-06-29 13:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-29 13:03 - 2022-04-30 17:17 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-29 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-29 13:01 - 2021-04-04 09:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-29 13:01 - 2021-04-04 09:48 - 000000000 ____D C:\Users\cathe
2022-06-29 13:01 - 2021-04-04 09:47 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-29 13:01 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-06-29 12:21 - 2020-10-28 19:14 - 000000000 ____D C:\Users\cathe\AppData\Local\D3DSCache
2022-06-29 11:32 - 2021-05-28 15:05 - 000000000 ____D C:\Users\cathe\Desktop\Jeux Théo
2022-06-29 11:17 - 2020-11-26 19:16 - 000000000 ____D C:\Users\cathe\AppData\Local\WarThunder
2022-06-29 10:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-29 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-29 08:12 - 2020-10-29 11:04 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-06-29 07:46 - 2021-03-22 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-06-29 07:46 - 2021-03-22 16:48 - 000000000 ____D C:\Program Files\Wondershare
2022-06-29 07:40 - 2020-10-29 09:30 - 000000000 ____D C:\Users\cathe\AppData\Roaming\vlc
2022-06-29 07:39 - 2022-03-05 12:33 - 000000000 ____D C:\Users\cathe\AppData\Roaming\Notepad++
2022-06-29 07:39 - 2022-03-05 12:33 - 000000000 ____D C:\Program Files\Notepad++
2022-06-29 07:39 - 2021-03-09 11:25 - 000000000 ____D C:\ProgramData\EBP
2022-06-29 07:39 - 2021-03-09 11:25 - 000000000 ____D C:\Program Files\EBP
2022-06-29 07:35 - 2021-06-29 20:57 - 000000000 ____D C:\ProgramData\Avast Software
2022-06-28 21:59 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-06-28 17:09 - 2021-05-18 14:33 - 000000000 ____D C:\Program Files\Epic Games
2022-06-28 09:28 - 2021-12-11 22:48 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1887221315-2337962912-2828387260-1001
2022-06-28 09:28 - 2021-04-04 09:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1887221315-2337962912-2828387260-1001
2022-06-28 09:28 - 2021-04-04 09:48 - 000002428 _____ C:\Users\cathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-26 20:51 - 2020-10-28 19:14 - 000000000 ____D C:\Users\cathe\AppData\Local\Packages
2022-06-25 09:02 - 2020-11-06 01:19 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-22 06:51 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-06-21 06:03 - 2020-10-30 12:06 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-06-18 10:12 - 2021-04-04 09:47 - 000553616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-18 10:11 - 2021-04-04 10:15 - 000000000 ____D C:\WINDOWS\HoloShell
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-18 10:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-17 07:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-17 07:16 - 2021-04-04 09:50 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-16 06:35 - 2020-10-28 19:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-16 06:20 - 2020-10-28 19:53 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-13 08:39 - 2021-04-04 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-06-10 06:23 - 2020-10-28 19:33 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-08 08:56 - 2021-04-08 06:56 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d729277c448d80
2022-06-08 08:56 - 2021-04-04 09:57 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-03 07:10 - 2020-06-16 12:46 - 000000000 ____D C:\ProgramData\McAfee
2022-06-01 15:35 - 2020-06-16 12:38 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2020-10-28 20:03 - 2020-10-28 20:03 - 000000384 _____ () C:\Users\cathe\AppData\Roaming\SaraBat.bat
2020-10-28 20:03 - 2020-10-28 20:03 - 000196984 _____ (Microsoft Corporation) C:\Users\cathe\AppData\Roaming\SetupProd_OfficeInstall.exe
2022-06-28 21:44 - 2022-06-28 21:44 - 000016438 _____ () C:\Users\cathe\AppData\Local\partner.bmp
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par cathe (administrateur) sur LAPTOP-8CAOSK7H (HP HP Laptop 17-ca1xxx) (29-06-2022 18:28:17)
Exécuté depuis C:\Users\cathe\Downloads
Profils chargés: cathe & MSSQL$EBP & SQLTELEMETRY$EBP
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1766 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE ->) (Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Engine\Binaries\Win64\EpicWebHelper.exe <2>
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe ->) (Reaction Software Limited -> Weather Zero) C:\Program Files (x86)\WeatherZero\WeatherZero.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\ProgramData\myCANAL\nssm.exe ->) (Groupe Canal+ -> ) C:\ProgramData\myCANAL\myCANAL.Service.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(DriverStore\FileRepository\u0373104.inf_amd64_beb660c61c852a40\B373048\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373104.inf_amd64_beb660c61c852a40\B373048\atieclxx.exe
(ETDCtrl.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(explorer.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(explorer.exe ->) (Epic Games Inc. -> Epic Games, Inc.) C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe
(explorer.exe ->) (Gaijin Network LTD -> Gaijin) C:\Users\cathe\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <29>
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(services.exe ->) () [Fichier non signé] C:\ProgramData\myCANAL\nssm.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0373104.inf_amd64_beb660c61c852a40\B373048\atiesrxx.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (lemongeekscorp -> lemongeeks corp) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\AmonMasterKW\AmonMasterKW.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlceip.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlservr.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Reaction Software Limited -> Weather Information Service) C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1082144 2020-04-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [471432 2019-11-01] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [ClientPCSpeedup] => C:\Program Files (x86)\ClientPCSpeedup\ClientPCSpeedup.exe [32382568 2022-06-28] (ClientPCSpeedupCorp -> ) [Fichier non signé]
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-09] (HP Inc.) [Fichier non signé]
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [Gaijin.Net Updater] => C:\Users\cathe\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2793016 2022-06-08] (Gaijin Network LTD -> Gaijin)
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [EpicGamesLauncher] => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32656336 2022-06-22] (Epic Games Inc. -> Epic Games, Inc.)
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4282328 2022-06-07] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\...\Run: [MicrosoftEdgeAutoLaunch_9EB8807FAE66E8905A21B08F1CF5846F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-06-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-80-3474501146-2690987104-1058319931-3814775573-4026506562\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-09] (HP Inc.) [Fichier non signé]
HKU\S-1-5-80-804047122-2987657544-4052196017-4258511231-3780409120\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [525312 2021-08-09] (HP Inc.) [Fichier non signé]
HKLM\...\Windows x64\Print Processors\Canon MG5300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAT.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5300 series: C:\WINDOWS\system32\CNMLMAT.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-10] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01EA0451-7BCE-4F1D-AC6B-AC70D8642D8C} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {0D49FE3C-8F9D-4CAE-8546-CC2D604B517F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {0FFA8E35-92EF-49DF-9BED-140BB77198B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155592 2020-10-28] (Google LLC -> Google LLC)
Task: {1DD1C802-DE54-41B7-B4E6-C24B5BADD4B2} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {2D109FD5-2EB6-473F-BA67-5CF1C1307A94} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-31] (HP Inc. -> HP Inc.)
Task: {381B77C0-5121-4D5A-9771-93420CCFD18A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1148048 2022-05-31] (HP Inc. -> HP Inc.)
Task: {438493AF-87C5-476C-9342-51A948DCE841} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-05-31] (HP Inc. -> HP Inc.)
Task: {6F7A3C90-DF15-442D-B846-965FE10D9071} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [973744 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {90D88F3F-150D-4A0E-87A3-86AD10A2D8E9} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {B4360386-0D9E-47B4-9D24-E363DA5EE5AB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [411280 2022-05-31] (HP Inc. -> HP Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f2b7a9b2-61e8-44bc-b1b1-0177a262af54}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{f2b7a9b2-61e8-44bc-b1b1-0177a262af54}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\cathe\AppData\Local\Microsoft\Edge\User Data\Default [2022-06-29]
Edge Extension: (Kaspersky Protection) - C:\Users\cathe\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-05-20]
Edge HKU\S-1-5-21-1887221315-2337962912-2828387260-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-3474501146-2690987104-1058319931-3814775573-4026506562\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKU\S-1-5-80-804047122-2987657544-4052196017-4258511231-3780409120\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: bfqk8qc5.default
FF ProfilePath: C:\Users\cathe\AppData\Roaming\Mozilla\Firefox\Profiles\bfqk8qc5.default [2021-09-11]
FF ProfilePath: C:\Users\cathe\AppData\Roaming\Mozilla\Firefox\Profiles\4sia4vns.default-release [2022-06-10]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2020-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Default [2022-06-29]
CHR Notifications: Default -> hxxps://gamehag.com; hxxps://mail.google.com; hxxps://rblxearn.com; hxxps://www.facebook.com; hxxps://www.instagram.com; hxxps://www.jeuxvideo.com; hxxps://www.netflix.com; hxxps://www.pinterest.fr; hxxps://www.rustica.fr; hxxps://www.tiktok.com
CHR Extension: (Google Docs hors connexion) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-06-29]
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4 [2022-06-29]
CHR Notifications: Profile 4 -> hxxps://mail.google.com; hxxps://mystake.com; hxxps://www.youtube.com
CHR Extension: (Kaspersky Protection) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-05-20]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-06-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-21]
CHR Extension: (MetaMask) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2022-06-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\cathe\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-12]
CHR Profile: C:\Users\cathe\AppData\Local\Google\Chrome\User Data\System Profile [2022-06-29]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
"AmonMasterKW" => service a été déverrouillé. <==== ATTENTION
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960 2012-07-27] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AmonMasterKW; C:\Program Files (x86)\AmonMasterKW\AmonMasterKW.exe [4195384 2022-06-17] (lemongeekscorp -> lemongeeks corp) [Fichier non signé] [Fichier en cours d'utilisation]
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8885112 2022-05-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3054520 2022-04-28] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [812520 2022-01-21] (EasyAntiCheat Oy -> Epic Games, Inc)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [438664 2019-11-01] (Express Vpn LLC -> ExpressVPN)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\AppHelperCap.exe [765016 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\DiagsCap.exe [763480 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\NetworkCap.exe [760408 2022-05-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_b7ebf8cfcf460a6c\x64\SysInfoCap.exe [763976 2022-05-26] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_29c6c876bdaf5af9\x64\TouchpointAnalyticsClientService.exe [489696 2022-05-26] (HP Inc. -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] (Canon Inc. -> )
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [351424 2020-09-23] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-18] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-06-23] (McAfee, LLC -> McAfee, LLC)
R2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlservr.exe [485048 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 myCANAL Server; C:\ProgramData\myCANAL\nssm.exe [294912 2020-10-30] () [Fichier non signé]
S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\SQLAGENT.EXE [578744 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SQLTELEMETRY$EBP; C:\Program Files\Microsoft SQL Server\MSSQL14.EBP\MSSQL\Binn\sqlceip.exe [246968 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WeatherZeroSvc; C:\Program Files (x86)\WeatherZero\WeatherZeroService.exe [3256744 2022-06-12] (Reaction Software Limited -> Weather Information Service)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1642744 2021-03-15] (WildTangent Inc -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-04-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStorU.sys [127936 2019-05-13] (Alcorlink Corp. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [28440 2019-11-01] (ExprsVPN LLC -> ExpressVPN)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [694056 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1571680 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [188848 2022-06-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [90896 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [357136 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [187200 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [267824 2022-06-20] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S4 RsFx0500; C:\WINDOWS\System32\DRIVERS\RsFx0500.sys [261848 2017-08-22] (Microsoft Corporation -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [44304 2019-11-01] (ExprsVPN LLC -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [420072 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-04-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
U3 aspnet_state; pas de ImagePath
U3 aswbdisk; pas de ImagePath
S3 rsDwf; \SystemRoot\system32\DRIVERS\rsDwf.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-29 18:28 - 2022-06-29 18:29 - 000030839 _____ C:\Users\cathe\Downloads\FRST.txt
2022-06-29 18:27 - 2022-06-29 18:28 - 000000000 ___DC C:\FRST
2022-06-29 18:27 - 2022-06-29 18:27 - 000000000 ____D C:\Users\cathe\Downloads\FRST-OlderVersion
2022-06-29 09:25 - 2022-06-29 09:25 - 000000000 ____D C:\ProgramData\VS Revo Group
2022-06-29 09:24 - 2022-06-29 09:24 - 000000000 ____D C:\Program Files\VS Revo Group
2022-06-29 09:10 - 2022-06-29 18:27 - 002369024 ____C (Farbar) C:\Users\cathe\Downloads\FRST64.exe
2022-06-29 08:13 - 2022-06-29 08:13 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2022-06-29 08:12 - 2022-06-29 08:12 - 000000000 ____D C:\Users\cathe\AppData\Local\Gh
2022-06-29 08:11 - 2022-06-29 08:11 - 000000000 ____D C:\WINDOWS\pss
2022-06-28 21:44 - 2022-06-28 21:44 - 000016438 _____ C:\Users\cathe\AppData\Local\partner.bmp
2022-06-28 21:43 - 2022-06-29 08:11 - 000000000 ____D C:\ProgramData\ClientPCSpeedup
2022-06-28 21:43 - 2022-06-28 21:43 - 000005016 _____ C:\ProgramData\rsEngine.config.backup
2022-06-28 21:43 - 2022-06-28 21:43 - 000000000 ____D C:\Users\cathe\AppData\Local\HealthyVOYAGEvafTool
2022-06-28 21:43 - 2022-06-28 21:43 - 000000000 ____D C:\Users\cathe\AppData\Local\ClientPCSpeedup
2022-06-28 21:42 - 2022-06-28 21:43 - 000000000 ____D C:\Program Files (x86)\ClientPCSpeedup
2022-06-28 21:42 - 2022-06-28 21:42 - 000000000 ____D C:\Users\cathe\AppData\Roaming\WeatherZero
2022-06-28 21:42 - 2022-06-28 21:42 - 000000000 ____D C:\Program Files (x86)\WeatherZero
2022-06-28 21:41 - 2022-06-28 21:41 - 000000000 ____D C:\Program Files (x86)\AmonMasterKW
2022-06-28 21:41 - 2022-06-28 21:41 - 000000000 _____ C:\WINDOWS\ElevatioEmbarrass.INI
2022-06-28 21:07 - 2022-06-28 21:07 - 000000329 _____ C:\Users\cathe\Desktop\Fortnite.url
2022-06-28 12:58 - 2022-06-28 13:31 - 3939408500 _____ C:\Users\cathe\Downloads\The.Cloverfield.Paradox.2018.FRENCH.720p.BluRay.x264.AC3-Wawacity.ec.mkv
2022-06-28 11:26 - 2022-06-28 11:50 - 2862631453 _____ C:\Users\cathe\Downloads\Cloverfield.mkv
2022-06-20 18:30 - 2022-06-20 18:31 - 000000000 ____D C:\Users\cathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft
2022-06-20 18:30 - 2022-06-20 18:31 - 000000000 ____D C:\Users\cathe\AppData\Roaming\.minecraft
2022-06-20 18:29 - 2022-06-20 18:29 - 000000000 ____D C:\Users\cathe\AppData\Roaming\OfficialHawk
2022-06-20 16:00 - 2022-06-20 16:00 - 000357136 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-06-20 15:59 - 2022-06-20 18:35 - 000267824 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-06-20 15:59 - 2022-06-20 15:59 - 000376920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-06-20 15:59 - 2022-06-20 15:59 - 000187200 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-06-17 07:17 - 2022-06-17 07:17 - 000104448 _____ C:\WINDOWS\system32\nettraceex.dll
2022-06-17 07:17 - 2022-06-17 07:17 - 000011787 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-17 07:16 - 2022-06-17 07:16 - 002260480 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-17 07:16 - 2022-06-17 07:16 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2022-06-17 07:16 - 2022-06-17 07:16 - 000232288 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2022-06-17 07:05 - 2022-06-17 07:05 - 000000000 __HDC C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-06-29 18:00 - 2021-04-04 09:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-29 18:00 - 2020-10-28 19:32 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-29 16:50 - 2021-04-04 09:57 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E0C74695-FFFD-44B9-A58A-926AFEE1A320}
2022-06-29 13:08 - 2021-04-04 09:55 - 002004394 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-29 13:08 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2022-06-29 13:08 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2022-06-29 13:08 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-06-29 13:03 - 2022-04-30 17:17 - 000000000 ____D C:\Program Files (x86)\Steam
2022-06-29 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-29 13:01 - 2021-04-04 09:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-29 13:01 - 2021-04-04 09:48 - 000000000 ____D C:\Users\cathe
2022-06-29 13:01 - 2021-04-04 09:47 - 000008192 ___SH C:\DumpStack.log.tmp
2022-06-29 13:01 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-06-29 12:21 - 2020-10-28 19:14 - 000000000 ____D C:\Users\cathe\AppData\Local\D3DSCache
2022-06-29 11:32 - 2021-05-28 15:05 - 000000000 ____D C:\Users\cathe\Desktop\Jeux Théo
2022-06-29 11:17 - 2020-11-26 19:16 - 000000000 ____D C:\Users\cathe\AppData\Local\WarThunder
2022-06-29 10:34 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-29 10:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-29 08:12 - 2020-10-29 11:04 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-06-29 07:46 - 2021-03-22 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2022-06-29 07:46 - 2021-03-22 16:48 - 000000000 ____D C:\Program Files\Wondershare
2022-06-29 07:40 - 2020-10-29 09:30 - 000000000 ____D C:\Users\cathe\AppData\Roaming\vlc
2022-06-29 07:39 - 2022-03-05 12:33 - 000000000 ____D C:\Users\cathe\AppData\Roaming\Notepad++
2022-06-29 07:39 - 2022-03-05 12:33 - 000000000 ____D C:\Program Files\Notepad++
2022-06-29 07:39 - 2021-03-09 11:25 - 000000000 ____D C:\ProgramData\EBP
2022-06-29 07:39 - 2021-03-09 11:25 - 000000000 ____D C:\Program Files\EBP
2022-06-29 07:35 - 2021-06-29 20:57 - 000000000 ____D C:\ProgramData\Avast Software
2022-06-28 21:59 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2022-06-28 17:09 - 2021-05-18 14:33 - 000000000 ____D C:\Program Files\Epic Games
2022-06-28 09:28 - 2021-12-11 22:48 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1887221315-2337962912-2828387260-1001
2022-06-28 09:28 - 2021-04-04 09:57 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1887221315-2337962912-2828387260-1001
2022-06-28 09:28 - 2021-04-04 09:48 - 000002428 _____ C:\Users\cathe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-26 20:51 - 2020-10-28 19:14 - 000000000 ____D C:\Users\cathe\AppData\Local\Packages
2022-06-25 09:02 - 2020-11-06 01:19 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-22 06:51 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-06-21 06:03 - 2020-10-30 12:06 - 000000000 ____D C:\Program Files\Microsoft Office 15
2022-06-18 10:12 - 2021-04-04 09:47 - 000553616 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-18 10:11 - 2021-04-04 10:15 - 000000000 ____D C:\WINDOWS\HoloShell
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-18 10:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-18 10:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2022-06-17 07:19 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-17 07:16 - 2021-04-04 09:50 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-16 06:35 - 2020-10-28 19:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-16 06:20 - 2020-10-28 19:53 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-13 08:39 - 2021-04-04 09:57 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-06-10 06:23 - 2020-10-28 19:33 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-08 08:56 - 2021-04-08 06:56 - 000003596 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d729277c448d80
2022-06-08 08:56 - 2021-04-04 09:57 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-03 07:10 - 2020-06-16 12:46 - 000000000 ____D C:\ProgramData\McAfee
2022-06-01 15:35 - 2020-06-16 12:38 - 000000000 ____D C:\ProgramData\Packages
==================== Fichiers à la racine de certains dossiers ========
2020-10-28 20:03 - 2020-10-28 20:03 - 000000384 _____ () C:\Users\cathe\AppData\Roaming\SaraBat.bat
2020-10-28 20:03 - 2020-10-28 20:03 - 000196984 _____ (Microsoft Corporation) C:\Users\cathe\AppData\Roaming\SetupProd_OfficeInstall.exe
2022-06-28 21:44 - 2022-06-28 21:44 - 000016438 _____ () C:\Users\cathe\AppData\Local\partner.bmp
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================