Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2021 Exécuté par PC Marie (administrateur) sur LAPTOP-Q3MB4CVO (HP HP Laptop 17-cp0xxx) (04-11-2021 06:48:51) Exécuté depuis C:\Users\PC Marie\Downloads Profils chargés: PC Marie Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1288 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0369631.inf_amd64_88e1f90c6b221b8e\B369439\atieclxx.exe (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0369631.inf_amd64_88e1f90c6b221b8e\B369439\atiesrxx.exe (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\BridgeCommunication.exe <2> (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\DiagsCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\SysInfoCap.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.2.11.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6\HP.myHP.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.myHP_1.10.53217.0_x64__v10z8vjag6ke6\win32\HPBackgroundProcess.exe (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\mcafee-security.exe (McAfee LLC.) C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.67.0_x64__wafk5atnkzcwy\Win32\mcafee-security-ft.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.14527.20234\OfficeClickToRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxAccounts.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20544.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCopyAccelerator.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10> (Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkWiFiManServ.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c759ff49aef8a7cf\RtkAudUService64.exe <3> (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe (WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c759ff49aef8a7cf\RtkAudUService64.exe [1208560 2021-02-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [465120 2020-08-20] (Express Vpn LLC -> ExpressVPN) HKU\S-1-5-21-3197046720-53040324-473360483-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [525312 2021-10-06] (HP Inc.) [Fichier non signé] HKU\S-1-5-21-3197046720-53040324-473360483-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35116160 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\95.0.4638.69\Installer\chrmstp.exe [2021-11-03] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {002ADCC5-4F75-4BEB-9013-A5463FA6B021} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {13BD9B0A-2A27-4227-9E33-2345022EAE18} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-03] (Mozilla Corporation -> Mozilla Foundation) Task: {258AA95F-2105-4CA4-910D-29BC996528C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-09-15] (Google Inc -> Google LLC) Task: {323B02B4-9BAD-457E-BDA8-AD014ADBEC7E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {3C33565D-BA51-4EEE-8658-3B51EEAB39D9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [560816 2021-10-06] (HP Inc. -> HP Inc.) Task: {42A9452D-2CBA-4312-AD8D-0F5C6AF56DE1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {44BFEF5A-1602-47BE-87D7-C1839F2A8D07} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2021-09-15] (Google Inc -> Google LLC) Task: {59A2C6D0-CE59-407D-BBE3-E8B25F985D7B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1123504 2021-10-06] (HP Inc. -> HP Inc.) Task: {7144102C-9CBF-484E-9A5F-90C2D01EB695} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.) Task: {7A900925-99AE-42B3-BA56-9D43A58974EE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21978504 2021-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {8694D375-35F3-470B-B795-D74C1A373690} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform) Task: {8A0B4AB0-1485-4F0D-9DD9-7B24B985C6F4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [134504 2021-10-20] (Microsoft Corporation -> Microsoft Corporation) Task: {AF3D42F0-7A90-472C-ACD8-256C2F27A953} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1123504 2021-10-06] (HP Inc. -> HP Inc.) Task: {B120F3E8-397A-4391-9F24-049859226051} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B607B9C5-C434-40E6-8539-918D72F5C6DC} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {D53B50E7-791B-448B-B71E-956C52C540F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {D73B6A06-0AA3-409F-AAF6-01EA81FB98A9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-10-06] (HP Inc. -> HP Inc.) Task: {E24370AD-6D70-4C79-BE22-469CE52367AC} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {F330E5CF-71D6-4D5B-B404-4788285B2F7D} - System32\Tasks\CCleanerSkipUAC - PC Marie => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd) Task: {F497ABC1-0948-4975-A74C-ADD155F3C450} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6e271dc4-c481-440c-81db-bdfc8923cbb1}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\PC Marie\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-31] Edge Extension: (Kaspersky Protection) - C:\Users\PC Marie\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-10-31] FireFox: ======== FF DefaultProfile: gv5tlpbt.default FF ProfilePath: C:\Users\PC Marie\AppData\Roaming\Mozilla\Firefox\Profiles\gv5tlpbt.default [2021-10-31] FF ProfilePath: C:\Users\PC Marie\AppData\Roaming\Mozilla\Firefox\Profiles\8sk3s6ac.default-release [2021-11-04] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-09-26] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-09-26] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default [2021-11-02] CHR StartupUrls: Default -> "hxxps://www.google.com/" CHR Extension: (Slides) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-15] CHR Extension: (Docs) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-15] CHR Extension: (Google Drive) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-15] CHR Extension: (YouTube) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-15] CHR Extension: (Sheets) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-15] CHR Extension: (Google Docs hors connexion) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-15] CHR Extension: (Gmail) - C:\Users\PC Marie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-15] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9251696 2021-10-20] (Microsoft Corporation -> Microsoft Corporation) R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437472 2020-08-20] (Express Vpn LLC -> ExpressVPN) R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.) R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\AppHelperCap.exe [755704 2021-09-24] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\DiagsCap.exe [754184 2021-09-24] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\NetworkCap.exe [751104 2021-09-24] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_fac814d252ae9e85\x64\SysInfoCap.exe [754688 2021-09-24] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_87bd97ebe57d6f93\x64\TouchpointAnalyticsClientService.exe [494688 2021-09-24] (HP Inc. -> HP Inc.) R2 RtkWiFiManServ; C:\windows\RtkWiFiManServ.exe [827896 2021-03-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1732144 2021-09-23] (WildTangent Inc -> ) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AMDAfdAudioService; C:\windows\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_302298e63447b7ff\amdacpafd.sys [338824 2021-06-22] (Advanced Micro Devices Inc. -> Advanced Micro Devices) R3 amdwddmg; C:\windows\System32\DriverStore\FileRepository\u0369631.inf_amd64_88e1f90c6b221b8e\B369439\amdkmdag.sys [83123008 2021-07-14] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) S0 AMSElamDriver; C:\windows\System32\drivers\amselam.sys [21976 2021-05-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG) R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [208176 2020-12-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avipbb; C:\windows\system32\DRIVERS\avipbb.sys [197176 2020-12-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R1 avkmgr; C:\windows\system32\DRIVERS\avkmgr.sys [46704 2020-12-09] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S3 BthA2dp; C:\windows\System32\drivers\BthA2dp.sys [279040 2021-02-21] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé] S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2020-08-20] (ExprsVPN LLC -> ExpressVPN) R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [24096 2020-04-07] (HP Inc. -> HP Inc.) S3 MpKsl6e7b6978; C:\windows\system32\MpEngineStore\MpKslDrv.sys [130296 2021-09-16] (Microsoft Windows -> Microsoft Corporation) R3 tapexpressvpn; C:\windows\System32\drivers\tapexpressvpn.sys [52904 2020-08-20] (ExprsVPN LLC -> The OpenVPN Project) S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-04 06:48 - 2021-11-04 06:49 - 000019776 _____ C:\Users\PC Marie\Downloads\FRST.txt 2021-11-04 06:48 - 2021-11-04 06:49 - 000000000 ____D C:\FRST 2021-11-04 06:47 - 2021-11-04 06:48 - 002311168 _____ (Farbar) C:\Users\PC Marie\Downloads\FRST64(1).exe 2021-11-03 07:15 - 2021-11-03 07:15 - 000274463 _____ C:\Users\PC Marie\Desktop\ZHPDiag.txt 2021-11-03 07:15 - 2021-11-03 07:15 - 000000135 _____ C:\Users\PC 2021-11-03 07:11 - 2021-11-03 07:15 - 000000000 ____D C:\Users\PC Marie\AppData\Roaming\ZHP 2021-11-03 07:11 - 2021-11-03 07:11 - 000000875 _____ C:\Users\PC Marie\Desktop\ZHPSuite.lnk 2021-11-03 07:11 - 2021-11-03 07:11 - 000000000 ____D C:\Users\PC Marie\AppData\Local\ZHP 2021-11-03 07:09 - 2021-11-03 07:11 - 003477144 _____ (Nicolas Coolman) C:\Users\PC Marie\Downloads\ZHPSuite.exe 2021-11-03 07:01 - 2021-11-03 07:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 2021-11-03 06:57 - 2021-11-03 06:57 - 000001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk 2021-11-03 06:57 - 2021-11-03 06:57 - 000000000 ____D C:\Program Files\PCHealthCheck 2021-10-31 17:33 - 2021-10-31 17:33 - 000000000 ___HD C:\$WINDOWS.~BT 2021-10-31 17:11 - 2013-12-24 17:45 - 000625760 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\SET8C42.tmp 2021-10-31 17:11 - 2013-12-24 17:45 - 000090208 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\SET8C52.tmp 2021-10-31 16:41 - 2013-12-24 17:45 - 000625760 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\SETA354.tmp 2021-10-31 16:41 - 2013-12-24 17:45 - 000090208 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\SETA365.tmp 2021-10-31 16:34 - 2013-12-24 17:45 - 000625760 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\SETB0E1.tmp 2021-10-31 16:34 - 2013-12-24 17:45 - 000090208 _____ (Kaspersky Lab ZAO) C:\windows\system32\Drivers\SETB0F1.tmp 2021-10-31 16:28 - 2021-11-02 17:36 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2021-10-31 16:20 - 2021-10-31 16:21 - 002761552 _____ (Kaspersky) C:\Users\PC Marie\Downloads\kav21.3.10.391abfr_25769.exe 2021-10-31 16:13 - 2021-10-31 16:13 - 002761040 _____ (Kaspersky) C:\Users\PC Marie\Downloads\kav21.3.10.391abfr_25768.exe 2021-10-31 15:20 - 2021-10-31 15:20 - 000000112 ___SH C:\bootTel.dat 2021-10-31 15:13 - 2021-11-04 06:46 - 000000000 ____D C:\Users\PC Marie\AppData\LocalLow\Mozilla 2021-10-31 15:13 - 2021-11-04 06:44 - 000000000 ____D C:\ProgramData\Mozilla 2021-10-31 15:13 - 2021-11-04 06:41 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-10-31 15:13 - 2021-11-04 06:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-10-31 15:13 - 2021-11-03 07:08 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-10-31 15:13 - 2021-11-03 07:08 - 000000000 ____D C:\windows\system32\Tasks\Mozilla 2021-10-31 15:13 - 2021-10-31 15:13 - 000000000 ____D C:\Users\PC Marie\AppData\Roaming\Mozilla 2021-10-31 15:13 - 2021-10-31 15:13 - 000000000 ____D C:\Users\PC Marie\AppData\Local\Mozilla 2021-10-31 15:11 - 2021-10-31 15:11 - 000333176 _____ (Mozilla) C:\Users\PC Marie\Downloads\Firefox Installer.exe 2021-10-31 15:10 - 2021-10-31 15:10 - 008553680 _____ (Malwarebytes) C:\Users\PC Marie\Downloads\adwcleaner_8.3.0 (1).exe 2021-10-22 15:13 - 2021-10-22 15:13 - 000706536 _____ C:\windows\system32\TextShaping.dll 2021-10-22 15:13 - 2021-10-22 15:13 - 000611960 _____ C:\windows\SysWOW64\TextShaping.dll 2021-10-22 15:13 - 2021-10-22 15:13 - 000570368 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2021-10-22 15:13 - 2021-10-22 15:13 - 000452096 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2021-10-22 15:13 - 2021-10-22 15:13 - 000098304 _____ C:\windows\system32\Drivers\cimfs.sys 2021-10-22 15:13 - 2021-10-22 15:13 - 000011495 _____ C:\windows\system32\DrtmAuthTxt.wim 2021-10-22 15:12 - 2021-10-22 15:12 - 000288768 _____ C:\windows\system32\Windows.Management.InprocObjects.dll 2021-10-22 15:07 - 2021-10-22 15:07 - 000000000 ___HD C:\$WinREAgent 2021-10-21 18:23 - 2021-10-21 18:47 - 000000000 ____D C:\AdwCleaner 2021-10-21 18:23 - 2021-10-21 18:23 - 008553680 _____ (Malwarebytes) C:\Users\PC Marie\Downloads\adwcleaner_8.3.0.exe 2021-10-09 14:55 - 2021-10-09 14:55 - 000000000 ____D C:\Users\PC Marie\Desktop\TF2021 2021-10-09 14:51 - 2021-10-09 14:51 - 000001523 _____ C:\Users\PC Marie\Documents\TÉLÉPAIEMENT DE L'IMPÔT TAXES FONCIÈRES.txt 2021-10-09 14:39 - 2021-10-09 14:39 - 000017921 _____ C:\Users\PC Marie\Downloads\Compte_09263062013.pdf 2021-10-06 10:17 - 2021-10-20 11:10 - 000000000 ____D C:\Users\PC Marie\Desktop\MANOU ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-11-04 06:46 - 2021-09-15 20:12 - 000000000 ____D C:\Program Files (x86)\Google 2021-11-04 06:46 - 2021-09-15 20:10 - 000000000 ____D C:\Program Files\CCleaner 2021-11-04 06:46 - 2021-02-21 19:09 - 000827790 _____ C:\windows\system32\perfh00C.dat 2021-11-04 06:46 - 2021-02-21 19:09 - 000165948 _____ C:\windows\system32\perfc00C.dat 2021-11-04 06:46 - 2020-05-06 10:03 - 001917038 _____ C:\windows\system32\PerfStringBackup.INI 2021-11-04 06:46 - 2019-12-07 10:14 - 000000000 ____D C:\windows\AppReadiness 2021-11-04 06:46 - 2019-12-07 10:13 - 000000000 ____D C:\windows\INF 2021-11-04 06:42 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-11-04 06:42 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-11-04 06:41 - 2020-05-06 09:58 - 000565008 _____ C:\windows\system32\FNTCACHE.DAT 2021-11-04 06:41 - 2020-05-06 09:58 - 000008192 ___SH C:\DumpStack.log.tmp 2021-11-04 06:41 - 2020-05-06 09:58 - 000000006 ____H C:\windows\Tasks\SA.DAT 2021-11-03 19:59 - 2019-12-07 10:03 - 000786432 _____ C:\windows\system32\config\BBI 2021-11-03 19:58 - 2020-05-06 09:58 - 000000000 ____D C:\windows\system32\SleepStudy 2021-11-03 07:32 - 2021-09-15 20:14 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2021-11-03 07:08 - 2021-09-15 18:08 - 000000000 ____D C:\Users\PC Marie\AppData\Local\Packages 2021-11-03 07:03 - 2021-09-15 18:08 - 000000000 ____D C:\Users\PC Marie\AppData\Local\D3DSCache 2021-11-03 07:01 - 2021-09-15 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2021-11-03 07:01 - 2021-09-15 18:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Works 2021-11-03 07:01 - 2021-09-15 18:27 - 000000000 ____D C:\windows\SHELLNEW 2021-11-03 07:01 - 2021-09-15 18:25 - 000000000 ____D C:\Program Files (x86)\MSBuild 2021-11-03 06:59 - 2019-12-07 10:14 - 000000199 _____ C:\windows\win.ini 2021-11-02 17:58 - 2020-05-06 09:58 - 000000000 ____D C:\windows\system32\Drivers\wd 2021-11-02 17:35 - 2019-12-07 10:14 - 000000000 ___HD C:\windows\ELAMBKUP 2021-11-02 17:35 - 2019-12-07 10:03 - 000032768 _____ C:\windows\system32\config\ELAM 2021-11-02 17:34 - 2021-06-18 03:13 - 000000000 ____D C:\Program Files\Common Files\AV 2021-11-02 12:12 - 2021-09-15 18:39 - 000116272 _____ C:\Users\PC Marie\AppData\Local\GDIPFONTCACHEV1.DAT 2021-10-31 17:40 - 2021-09-15 18:24 - 000000000 ____D C:\Users\PC Marie\AppData\Local\HP 2021-10-31 17:34 - 2020-05-06 10:50 - 000000000 ____D C:\windows\Panther 2021-10-31 15:55 - 2019-12-07 10:03 - 000000000 ____D C:\windows\CbsTemp 2021-10-31 15:50 - 2021-06-18 12:59 - 000000000 ____D C:\windows\HoloShell 2021-10-31 15:40 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\NDF 2021-10-31 15:23 - 2021-09-15 18:09 - 000003380 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3197046720-53040324-473360483-1001 2021-10-31 15:23 - 2021-09-15 18:03 - 000002429 _____ C:\Users\PC Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-10-31 15:07 - 2021-09-15 20:11 - 000003936 _____ C:\windows\system32\Tasks\CCleaner Update 2021-10-31 14:56 - 2021-02-21 10:27 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ___SD C:\windows\system32\UNP 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\oobe 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SystemResources 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\WinBioPlugIns 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\oobe 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\windows\PolicyDefinitions 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\windows\DiagTrack 2021-10-31 14:49 - 2019-12-07 10:14 - 000000000 ____D C:\windows\bcastdvr 2021-10-22 15:07 - 2021-09-15 20:08 - 000000000 ____D C:\windows\system32\MRT 2021-10-22 15:06 - 2021-06-18 03:04 - 000000000 ____D C:\ProgramData\Packages 2021-10-22 15:00 - 2021-09-15 20:08 - 139806512 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2021-10-21 18:49 - 2021-09-15 18:08 - 000000000 ____D C:\Users\PC Marie\AppData\Roaming\WildTangent 2021-10-21 18:47 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2021-10-21 18:47 - 2019-12-07 10:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2021-10-21 18:47 - 2019-12-07 10:51 - 000000000 ____D C:\windows\OCR 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\SysWOW64\winrm 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\SysWOW64\WCN 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\SysWOW64\slmgr 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\SysWOW64\Printing_Admin_Scripts 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\system32\winrm 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\system32\WCN 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\system32\slmgr 2021-10-21 18:47 - 2019-12-07 10:49 - 000000000 ____D C:\windows\system32\Printing_Admin_Scripts 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ___SD C:\windows\SysWOW64\F12 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ___SD C:\windows\SysWOW64\DiagSvcs 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ___SD C:\windows\system32\F12 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ___SD C:\windows\system32\dsc 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ___SD C:\windows\system32\DiagSvcs 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\SystemResetPlatform 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\PerceptionSimulation 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\migwiz 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\windows\IME 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System 2021-10-21 18:47 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2021-10-21 18:47 - 2019-12-07 10:03 - 000000000 ____D C:\windows\servicing 2021-10-20 11:05 - 2021-02-21 10:36 - 000000000 ____D C:\Program Files\Microsoft Office 2021-10-09 14:00 - 2021-02-21 10:27 - 000003634 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2021-10-09 14:00 - 2021-02-21 10:27 - 000003510 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2021-10-09 13:59 - 2021-09-15 18:24 - 000000000 ____D C:\windows\system32\Tasks\Hewlett-Packard 2021-10-06 10:33 - 2021-09-15 18:47 - 000000000 ____D C:\Users\PC Marie\AppData\Local\HP_Inc 2021-10-06 10:32 - 2021-09-15 20:15 - 000000000 ____D C:\Users\PC Marie\AppData\Local\Google 2021-10-06 09:25 - 2021-09-15 20:12 - 000003590 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA 2021-10-06 09:25 - 2021-09-15 20:12 - 000003466 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore 2021-10-06 09:25 - 2021-09-15 18:49 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================