Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021 Exécuté par xav (administrateur) sur MILOU (ASUSTeK COMPUTER INC. X75VD1) (17-04-2021 17:48:23) Exécuté depuis C:\Users\xav\Desktop Profils chargés: xav Platform: Windows 8 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.0.4.229\AsusWSWinService.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\xav\AppData\Roaming\uTorrent\helper\helper.exe (BitTorrent Inc -> BitTorrent Inc.) C:\Users\xav\AppData\Roaming\uTorrent\updates\3.5.5_45231\utorrentie.exe <2> (BitTorrent Inc -> BitTorrent Inc.) C:\Users\xav\AppData\Roaming\uTorrent\uTorrent.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd. -> Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe (Cloud Engines, Inc -> Cloud Engines) C:\Program Files (x86)\B.cloud\dokanmnt.exe (CyberGhost S.R.L. -> CyberGhost S.A.) C:\Program Files\CyberGhost 7\CyberGhost.Service.exe (CyberGhost SRL -> CyberGhost S.A.) C:\Program Files\CyberGhost 6\CyberGhost.Service.exe (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3> (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\120.4.4598\QtWebEngineProcess.exe <3> (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <24> (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security Technical Preview 21.3\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security Technical Preview 21.3\avpui.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security Technical Preview 21.3\plugins_nms.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> ) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\OFFICEVIRT.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe********************************************* [107192 2012-09-11] () [Fichier non signé] HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1580368 2010-11-03] (Logitech -> Logitech, Inc.) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé] HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5264016 2012-08-16] (VIA Technologies Inc. -> VIA) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1527960 2016-10-18] (ABBYY Production LLC -> ABBYY Production LLC.) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2976256 2018-01-19] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.) [Fichier non signé] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-16] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-4198092444-1068901214-1710953190-1002\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] () [Fichier non signé] HKU\S-1-5-21-4198092444-1068901214-1710953190-1002\...\Run: [Pogoplug Backup] => C:\Program Files (x86)\B.cloud\ppbrowser.exe [13007360 2014-11-13] (Cloud Engines, Inc.) [Fichier non signé] HKU\S-1-5-21-4198092444-1068901214-1710953190-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) HKU\S-1-5-21-4198092444-1068901214-1710953190-1002\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [21233264 2021-01-05] (Plex, Inc. -> Plex, Inc.) HKU\S-1-5-21-4198092444-1068901214-1710953190-1002\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe [1498680 2020-11-23] (Adobe Inc. -> Adobe) HKU\S-1-5-21-4198092444-1068901214-1710953190-1002\...\MountPoints2: {d0071e30-1dea-11e3-be85-60a44cd839cc} - "F:\WD SmartWare.exe" autoplay=true HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\Windows\system32\cpwmon64.dll [87152 2012-10-04] (Acro Software Inc -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-02-15] (Adobe Inc. -> Adobe Systems, Inc.) AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [171384 2017-06-28] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [149224 2017-06-28] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2016-09-08] ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass -> LastPass) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-09-08] ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass -> LastPass) Startup: C:\Users\xav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Google Chrome.lnk [2018-10-25] ShortcutTarget: Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) Startup: C:\Users\xav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Firefox.lnk [2016-09-08] ShortcutTarget: Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) Startup: C:\Users\xav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2016-09-08] ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation) Startup: C:\Users\xav\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Live Mail.lnk [2016-09-08] ShortcutTarget: Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Pas de fichier) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {064A07C3-6380-4D73-8B77-0C1B1058D648} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_pepper.exe [1498680 2020-11-23] (Adobe Inc. -> Adobe) Task: {0A1F109F-E13A-4A87-B5BA-A7F29E99BF27} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-01] (Dropbox, Inc -> Dropbox, Inc.) Task: {0CAFD4F7-3532-4751-A808-4E0D9A3536E7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [1124032 2012-09-18] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {1A2B2D74-6537-4125-B04F-C809C8BAD011} - System32\Tasks\klcp_update => CodecTweakTool.exe Task: {1B11B353-A0BA-4BD4-BD73-6F240931B047} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-01] (Dropbox, Inc -> Dropbox, Inc.) Task: {1D9F7B90-6A8A-4728-B0A7-DC0DA5737A0E} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {24A0A6AA-4041-4E6E-BF07-2BDA55B73774} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {2FFE8DEA-B5F1-4F1C-8367-7E2DCCE000ED} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage => {5F074BDF-4BA3-4E68-AE86-2A6B0B5963B0} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation) Task: {451A7242-743B-47EB-8114-FB6EC59FB425} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {5993B4C9-2289-464A-89D8-99948ECA8EB6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {6C949BF9-76B4-41E6-B29E-A8B9F587B846} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_453_Plugin.exe [1502776 2020-11-20] (Adobe Inc. -> Adobe) Task: {74FF5815-F404-4C24-B65B-98B994135100} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [667856 2020-11-06] (Mozilla Corporation -> Mozilla Foundation) Task: {8C5B70CC-22DB-452F-A4B7-F7D0E498FC8C} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68568 2017-08-02] (DivX, LLC -> DivX, LLC) Task: {8F9AA6A5-4B26-4BBB-9CBF-A5328F8469F7} - System32\Tasks\ASUS Patch for VIA Audio => C:\Windows\system32\AsPatchViaAudio.exe [160448 2012-11-07] (ASUSTeK Computer Inc. -> ASUSTek Computer INC.) Task: {9ECF0FE2-0038-4041-B4F3-58AB15A356C4} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask => {0AC1DBCA-7F9F-47FC-A090-34E5FEB291E8} C:\Windows\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation) Task: {A9CF3AEB-9D7E-4DF5-B63A-8ECA689F229D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd) Task: {AD1FDB83-BFE9-4A03-BF00-76E4F617AB4C} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [17792 2012-11-20] (ASUSTeK Computer Inc. -> AsusTek) Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\Windows\system32\SettingSyncInfo.dll [128512 2015-08-04] (Microsoft Windows -> Microsoft Corporation) Task: {BB96A573-632F-4942-9011-11024A316CCD} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {BEBA102A-AA53-442A-92F4-8D1E411C260A} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-4198092444-1068901214-1710953190-1002 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [65024 2012-07-26] (Microsoft Windows -> Microsoft) Task: {C7F6DD55-C4BC-4B2C-97C2-EFD7640DF1AC} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [1559936 2012-08-22] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) Task: {CAE11033-4EEB-4A0C-AA3A-70B350F525EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {CDDA36EC-95D9-4640-9DB0-3EEF0262650B} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) Task: {D949CFCA-B70A-4D88-B15B-B53764898DF9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {EF4F19DC-0669-46D0-9C8A-01EDEC5E8722} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [1018240 2012-08-24] (ASUSTeK Computer Inc. -> ASUS) Task: {F1EA1220-CCD2-4578-9823-CA5B2C014801} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log Task: {FA23A538-3422-4783-BE27-6232FC181BB2} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-14] (NVIDIA Corporation -> NVIDIA Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0ED7DFAA-491E-44B8-9981-E9EABB38C78C}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{35A9C9DB-35BD-4196-9891-93305CAD4AAD}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{ABB4BFFF-DC20-421F-9FF3-9B4CF773984D}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{DA0DAD2E-D6A7-4F78-9AD9-50AD6B2556DD}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{F321E133-63AF-41DC-9CA6-EE5BC53D1A15}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{F6F59DAC-20EE-49B2-856F-EE80C12BD7A5}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{FF82CDCB-257E-467E-A2EA-19154DDB425E}: [DhcpNameServer] 192.168.42.129 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\xav\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-12] Edge HomePage: Default -> about:blank Edge Session Restore: Default -> est activé. Edge HKU\S-1-5-21-4198092444-1068901214-1710953190-1002\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] Edge HKU\S-1-5-21-4198092444-1068901214-1710953190-500\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF DefaultProfile: e4hcn02p.profil test FF ProfilePath: C:\Users\xav\AppData\Roaming\Mozilla\Firefox\Profiles\e4hcn02p.profil test [2021-04-14] FF Homepage: Mozilla\Firefox\Profiles\e4hcn02p.profil test -> hxxps://www.malwarebytes.org/restorebrowser/ FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\xav\AppData\Roaming\Mozilla\Firefox\Profiles\e4hcn02p.profil test\Extensions\firefox@ghostery.com.xpi [2020-12-15] FF ProfilePath: C:\Users\xav\AppData\Roaming\Mozilla\Firefox\Profiles\f4g0fsdp.default [2021-04-14] FF DownloadDir: D:\eBOOKS\serge brussolo FF Homepage: Mozilla\Firefox\Profiles\f4g0fsdp.default -> hxxps://www.malwarebytes.org/restorebrowser/ FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\xav\AppData\Roaming\Mozilla\Firefox\Profiles\f4g0fsdp.default\Extensions\firefox@ghostery.com.xpi [2018-09-23] FF Extension: (NoScript) - C:\Users\xav\AppData\Roaming\Mozilla\Firefox\Profiles\f4g0fsdp.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2018-09-23] FF Extension: (noscript-lite) - C:\Users\xav\AppData\Roaming\Mozilla\Firefox\Profiles\f4g0fsdp.default\Extensions\{86d73a1c-2ec5-4b7a-b249-60cec805dc99}.xpi [2018-05-30] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security Technical Preview 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security Technical Preview 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-20] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-06] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2013-10-01] (LastPass -> LastPass) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-20] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.) [Fichier non signé] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll [2013-10-01] (LastPass -> LastPass) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2011-04-05] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2013-06-25] (Sony Corporation -> Sony Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default [2021-04-17] CHR Notifications: Default -> hxxps://calendar.google.com CHR HomePage: Default -> hxxps://nl.search.yahoo.com/?type=994519&fr=yo-yhp-ch CHR StartupUrls: Default -> "hxxp://www.ebookdz.com/forum/forum.php" CHR NewTab: Default -> Active:"chrome-extension://kcpleigehknabkajbcccdfgflpajfaog/browserAction/newTab/newTab.html" CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=opensearch CHR DefaultSearchKeyword: Default -> qwant.com CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch CHR Session Restore: Default -> est activé. CHR Extension: (Kaspersky Protection) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-04-16] CHR Extension: (Docs) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-07] CHR Extension: (Google Drive) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26] CHR Extension: (YouTube) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05] CHR Extension: (OneTab) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2021-03-08] CHR Extension: (uBlock Origin) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-03-20] CHR Extension: (Recherche Google) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16] CHR Extension: (Tampermonkey) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2021-04-17] CHR Extension: (Blur) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2021-04-06] CHR Extension: (Alerte Bons Plans eBuyClub) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjjddemkcndmbbeeibicagaobbijjgmm [2021-04-16] CHR Extension: (Google Docs hors connexion) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-16] CHR Extension: (Lilo - Achats Solidaires) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghfniojejmhmdkfifaggaehmgjioeifa [2020-01-25] CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-04-13] CHR Extension: (LastPass: Free Password Manager) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-04-16] CHR Extension: (Tabs to the Front) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiembaoomcehoiehhdldabfgnmphappc [2018-06-25] CHR Extension: (Tabs to the front!) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla [2018-04-29] CHR Extension: (Move Your Sub.com) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikicoaebpbaljffokijeadepdckjiaal [2020-08-11] CHR Extension: (Lilo) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcpleigehknabkajbcccdfgflpajfaog [2020-01-25] CHR Extension: (Quick Note) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2015-04-26] CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2021-03-02] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01] CHR Extension: (Auto-Translate) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgoiaeapddkeekbocomnjlckbbfapmk [2016-01-14] CHR Extension: (CyberGhost Cookie Cleaner) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbkgifljdgkhlmlmgbalmcknbhbggmei [2020-02-11] CHR Extension: (Gmail) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23] CHR Extension: (Chrome Media Router) - C:\Users\xav\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13] CHR Profile: C:\Users\xav\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-11-26] CHR Profile: C:\Users\xav\AppData\Local\Google\Chrome\User Data\System Profile [2019-11-26] CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [955520 2016-04-28] (ABBYY Production LLC -> ABBYY Production LLC) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUSTeK Computer Inc. -> ASUS) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.4.229\AsusWSWinService.exe [71680 2013-08-27] (ASUS Cloud Corporation) [Fichier non signé] R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security Technical Preview 21.3\avp.exe [384280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [314368 2018-01-18] (Brother Industries, Ltd.) [Fichier non signé] R2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [204880 2018-06-11] (CyberGhost SRL -> CyberGhost S.A.) R2 CG7Service; C:\Program Files\CyberGhost 7\CyberGhost.Service.exe [89168 2020-08-11] (CyberGhost S.R.L. -> CyberGhost S.A.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-01] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-04-01] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [44272 2021-04-12] (Dropbox, Inc -> Dropbox, Inc.) R2 DokanCEMounter; C:\Program Files (x86)\B.cloud\dokanmnt.exe [115936 2014-11-13] (Cloud Engines, Inc -> Cloud Engines) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security Technical Preview 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-02-17] (Malwarebytes Inc -> Malwarebytes) R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1427568 2021-01-05] (Plex, Inc. -> Plex, Inc.) S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2013-05-23] (Sony Corporation) [Fichier non signé] S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Windows -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (APOWERSOFT LIMITED -> Wondershare) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUSTeK Computer Inc. -> ASUS Corporation) R3 bthav; C:\Windows\system32\drivers\bthav.sys [40448 2008-07-10] (Microsoft Windows Hardware Compatibility Publisher -> CSR, plc) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 DokanCEDriver; C:\Program Files (x86)\B.cloud\xcefs.sys [72968 2014-11-13] (Cloud Engines, Inc -> Cloud Engines) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] (ASUSTeK Computer Inc. -> ) R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657696 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1400600 2021-03-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [96008 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [245752 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 klupd_klif_kimul; C:\Windows\System32\Drivers\klupd_klif_kimul.sys [86656 2021-03-04] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [283144 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [108576 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [216576 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 L1C; C:\Windows\system32\DRIVERS\L1C63x64.sys [110744 2012-07-19] (Atheros Communications Inc. -> Qualcomm Atheros Co., Ltd.) R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-03-25] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-04-16] (Malwarebytes Inc -> Malwarebytes) R3 Sftfs; C:\Windows\system32\DRIVERS\Sftfswin7.sys [767648 2014-10-08] (Microsoft Corporation -> Microsoft Corporation) R3 Sftplay; C:\Windows\system32\DRIVERS\Sftplaywin7.sys [273576 2014-10-08] (Microsoft Corporation -> Microsoft Corporation) R3 Sftredir; C:\Windows\System32\DRIVERS\Sftredirwin7.sys [29864 2014-10-08] (Microsoft Corporation -> Microsoft Corporation) R3 Sftvol; C:\Windows\system32\DRIVERS\Sftvolwin7.sys [23208 2014-10-08] (Microsoft Corporation -> Microsoft Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-08-20] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr)) R3 tap0901; C:\Windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-17 17:48 - 2021-04-17 17:53 - 000040585 _____ C:\Users\xav\Desktop\FRST.txt 2021-04-17 17:48 - 2021-04-17 17:48 - 000000000 ____D C:\Users\xav\Desktop\FRST-OlderVersion 2021-04-17 17:47 - 2021-04-17 17:48 - 002298368 _____ (Farbar) C:\Users\xav\Desktop\FRST64.exe 2021-04-16 20:01 - 2021-04-16 20:02 - 027509504 _____ (IObit ) C:\Users\xav\Desktop\iobituninstaller.exe 2021-04-16 13:39 - 2021-04-17 17:51 - 000000000 ____D C:\Users\xav\Desktop\ANALYSE PC 2021-04-15 10:31 - 2021-04-15 10:31 - 000283144 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys 2021-04-15 10:30 - 2021-04-15 10:30 - 000245752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys 2021-04-15 10:30 - 2021-04-15 10:30 - 000216576 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys 2021-04-15 10:30 - 2021-04-15 10:30 - 000108576 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys 2021-04-15 02:07 - 2021-04-15 02:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2021-04-14 17:47 - 2021-04-14 18:24 - 000000000 ____D C:\ProgramData\SecTaskMan 2021-04-14 17:44 - 2021-04-14 17:44 - 000001164 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spy Protector.lnk 2021-04-14 17:44 - 2021-04-14 17:44 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager.lnk 2021-04-14 17:44 - 2021-04-14 17:44 - 000001141 _____ C:\Users\Public\Desktop\Security Task Manager.lnk 2021-04-14 17:44 - 2021-04-14 17:44 - 000000000 ____D C:\Program Files (x86)\Security Task Manager 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000047600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys 2021-04-12 12:51 - 2021-04-12 12:51 - 000044272 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe 2021-04-07 18:30 - 2021-04-17 17:10 - 000000000 ____D C:\Users\xav\AppData\LocalLow\uTorrent 2021-03-29 20:31 - 2021-04-14 17:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2021-03-25 18:25 - 2021-03-25 18:26 - 000001674 _____ C:\Users\xav\Desktop\DE.txt 2021-03-25 14:56 - 2021-03-25 14:56 - 000220616 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-17 17:57 - 2019-05-12 16:42 - 000000000 ____D C:\Users\xav\AppData\Roaming\uTorrent 2021-04-17 17:52 - 2016-04-01 09:41 - 000001192 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job 2021-04-17 17:51 - 2019-12-13 18:08 - 000000000 ____D C:\FRST 2021-04-17 17:10 - 2020-02-12 02:01 - 000000000 ____D C:\Users\xav\AppData\Local\BitTorrentHelper 2021-04-17 16:52 - 2016-04-01 09:41 - 000001188 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job 2021-04-17 12:25 - 2013-03-20 11:41 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-17 08:12 - 2013-09-08 16:41 - 000000000 ____D C:\Program Files\CCleaner 2021-04-16 22:47 - 2013-09-08 15:15 - 000000000 ___RD C:\Users\xav\Documents\Listes 2021-04-16 20:07 - 2013-09-07 21:20 - 000003600 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4198092444-1068901214-1710953190-1002 2021-04-16 19:27 - 2020-11-06 00:45 - 000002229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-16 19:27 - 2020-11-06 00:45 - 000002188 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2021-04-16 17:01 - 2021-02-17 16:52 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2021-04-16 16:59 - 2013-10-30 02:39 - 000000000 ____D C:\Users\xav\Desktop\outils système 2021-04-16 16:52 - 2021-01-09 20:47 - 000000000 ____D C:\Users\xav\AppData\Local\Plex Media Server 2021-04-16 16:51 - 2012-07-26 09:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2021-04-16 16:30 - 2016-09-15 20:48 - 000000000 ____D C:\Users\xav\AppData\Local\CrashDumps 2021-04-16 16:17 - 2012-07-26 07:26 - 000786432 ___SH C:\Windows\system32\config\BBI 2021-04-16 16:15 - 2016-10-03 17:57 - 000000000 ____D C:\Users\xav\AppData\Roaming\ZHP 2021-04-16 15:31 - 2016-09-02 09:05 - 000000000 ____D C:\Users\xav\AppData\Local\chromium 2021-04-16 15:31 - 2013-09-08 15:36 - 000000000 ____D C:\Users\xav\AppData\Roaming\SoftGrid Client 2021-04-16 15:29 - 2019-05-11 19:08 - 000000000 ____D C:\Users\xav\Documents\uTorrent Downloads 2021-04-16 15:14 - 2012-08-03 01:06 - 000709176 _____ C:\Windows\system32\perfh00C.dat 2021-04-16 15:14 - 2012-08-03 01:06 - 000135722 _____ C:\Windows\system32\perfc00C.dat 2021-04-16 15:14 - 2012-07-26 09:28 - 001577898 _____ C:\Windows\system32\PerfStringBackup.INI 2021-04-16 15:14 - 2012-07-26 07:37 - 000000000 ____D C:\Windows\Inf 2021-04-16 15:09 - 2013-09-08 19:21 - 000000000 ____D C:\Users\xav\AppData\Roaming\Azureus 2021-04-16 14:21 - 2019-05-11 17:33 - 000000000 ____D C:\Program Files (x86)\Chromium 2021-04-16 13:48 - 2013-09-08 16:57 - 000000000 ____D C:\Users\xav\AppData\Roaming\vlc 2021-04-16 13:34 - 2016-08-07 21:56 - 000000996 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk 2021-04-16 13:34 - 2016-08-07 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2021-04-15 20:20 - 2015-11-29 20:09 - 022980608 ___SH C:\Users\xav\Desktop\Thumbs.db 2021-04-15 02:08 - 2016-04-01 09:41 - 000000000 ____D C:\Program Files (x86)\Dropbox 2021-04-15 01:35 - 2013-09-09 10:09 - 000000000 ____D C:\Users\xav\Documents\Bibliothèque calibre 2021-04-15 01:00 - 2017-04-06 15:15 - 000000000 ____D C:\Program Files (x86)\Vistumbler 2021-04-14 21:32 - 2013-09-09 10:09 - 000000962 _____ C:\Users\Public\Desktop\calibre - E-book management.lnk 2021-04-14 21:32 - 2013-09-09 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2021-04-14 21:32 - 2013-09-09 10:09 - 000000000 ____D C:\Program Files (x86)\Calibre2 2021-04-14 19:42 - 2016-11-18 03:00 - 000000000 ____D C:\Users\xav\AppData\LocalLow\Mozilla 2021-04-14 18:36 - 2017-09-21 22:20 - 000000000 ____D C:\Users\xav\AppData\Local\ZHP 2021-04-13 10:29 - 2015-02-28 19:45 - 000007378 _____ C:\Users\xav\Desktop\TROUVER.txt 2021-04-13 06:30 - 2020-11-06 00:36 - 000003534 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-04-13 06:30 - 2020-11-06 00:36 - 000003406 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-04-13 01:51 - 2012-07-26 07:26 - 000262144 ___SH C:\Windows\system32\config\ELAM 2021-04-12 23:31 - 2016-08-22 16:50 - 000000000 ____D C:\Users\xav\AppData\Local\CyberGhost 2021-03-31 01:38 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\AUInstallAgent 2021-03-31 01:37 - 2012-07-26 10:12 - 000000000 ___HD C:\Program Files\WindowsApps 2021-03-30 20:57 - 2013-09-08 01:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-03-30 19:24 - 2016-06-24 12:50 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2021-03-29 13:14 - 2012-07-26 10:12 - 000000000 ____D C:\Windows\system32\FxsTmp 2021-03-27 20:05 - 2019-12-04 22:45 - 000007960 _____ C:\Users\xav\Desktop\nourriture chats + direne.txt 2021-03-27 18:50 - 2013-09-21 13:39 - 000000000 ____D C:\Users\xav\Documents\ACHATS 2021-03-25 23:34 - 2013-09-07 20:16 - 000000000 ____D C:\Users\xav 2021-03-22 16:52 - 2014-08-04 17:32 - 000000000 ____D C:\Users\xav\Documents\AIR FRANCE 2021-03-22 16:13 - 2018-06-25 20:35 - 000000000 ____D C:\Users\xav\Documents\chats 2021-03-20 15:20 - 2020-10-23 12:43 - 000000000 ____D C:\Users\xav\Desktop\extraits bds riviere blanche ==================== Fichiers à la racine de certains dossiers ======== 2017-01-15 16:19 - 2017-01-15 16:19 - 002643968 _____ () C:\Users\xav\ZHPDiag3.exe 2013-10-01 14:45 - 2013-10-01 14:45 - 015641088 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe 2013-09-07 20:36 - 2016-06-18 11:54 - 000000401 _____ () C:\Users\xav\AppData\Roaming\sp_data.sys 2016-09-02 10:04 - 2016-10-28 14:06 - 000000189 _____ () C:\Users\xav\AppData\Roaming\WB.CFG 2018-12-19 23:46 - 2018-12-19 23:46 - 000003584 _____ () C:\Users\xav\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-10-23 03:49 - 2013-10-23 03:49 - 000000017 _____ () C:\Users\xav\AppData\Local\resmon.resmoncfg ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2021-04-13 03:01 ==================== Fin de FRST.txt ========================