Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-04-2022 01
Exécuté par Christiane (administrateur) sur CHRISTIANE-PC (Acer Aspire 7736) (23-04-2022 14:32:28)
Exécuté depuis C:\Users\Christiane\Desktop
Profils chargés: Christiane
Plate-forme: Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) Langue: Français (France)
Navigateur par défaut: Brave
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(CyberLink -> Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(explorer.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(explorer.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (SONIX TECHNOLOGY CO. , LTD -> ) C:\Windows\PLFSetI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(nvvsvc.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(services.exe ->) (Acer Incorporated -> Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(services.exe ->) (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(services.exe ->) (NewTech Infosystems, Inc -> NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-11-25] (SONIX TECHNOLOGY CO. , LTD -> )
HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey (Pas de fichier)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent (Pas de fichier)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated -> Acer Incorporated)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2010-01-18] (CyberLink -> Acer Corp.)
HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [Fichier non signé]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-4071522075-2442597929-1746449056-1000\...\MountPoints2: {3de81fd2-61df-11e8-9829-206a8a1f240b} - E:\.\Driver\DriverInstaller.exe -eject
HKLM\...\Windows x64\Print Processors\Epson Inkjet: C:\Windows\System32\spool\prtprocs\x64\EP0NPP01.DLL [38912 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\100.1.37.116\Installer\chrmstp.exe [2022-04-18] (Brave Software, Inc. -> Brave Software, Inc.) [Fichier non signé]
GroupPolicy: Restriction ? <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {02EC61D9-5AE0-46CD-9B99-53A36ED64CB4} - System32\Tasks\{FE351440-81DC-4F3F-84A8-ABF673944E78} => C:\Windows\system32\pcalua.exe -a "C:\Programmes divers\ZHPFix\ZHPhep.exe" -d "C:\Programmes divers\ZHPFix"
Task: {1F328ED0-1764-4DA3-9900-836596E1D513} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé]
Task: {2B6F6A6D-146D-46F1-85CE-2D1ED5E5509D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {5DC4C037-F73F-4E8A-A0F1-D6842B6CF57A} - System32\Tasks\{8C9A89D0-B2D6-40EF-950B-EBEB26E454B7} => "c:\programmes divers\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=12002
Task: {78E71AA8-5348-42CB-B298-8AF88BEB0CCA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000Core => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-02] (Facebook, Inc. -> Facebook Inc.)
Task: {7AAC7237-9347-4C9B-AAD2-30259F69F0E2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000UA => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-02] (Facebook, Inc. -> Facebook Inc.)
Task: {84695EA3-B1B6-4D1B-980A-7CF77675A3E9} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé]
Task: {D14F74E7-9C2E-40FD-8BE3-FB5C5E7F8C36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd -> Piriform Ltd)
Task: {D834902E-CC0A-40F8-BDBC-1F25F9EA2996} - System32\Tasks\{8054B108-E820-4151-AE4A-EDD4215801FC} => "c:\programmes divers\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.1.0.179.367/fr/abandoninstall?source=lightinstaller&page=tsProblems&LastError=404&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000Core.job => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000UA.job => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{292B3F29-1954-452B-B8EE-6DC0D4D86757}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D05C5E21-5063-4C8A-92C5-266608F2BFD5}: [NameServer] 8.8.8.8,8.8.4.4
Edge:
=======
Edge Profile: C:\Users\Christiane\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-20]
Edge StartupUrls: Default -> "hxxps://mail02.orange.fr/appsuite/#!&app=io.ox/mail&folder=default0/INBOX"
Edge HKU\S-1-5-21-4071522075-2442597929-1746449056-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [elhpdacimkjpccooodognopfhbdgnpbk]
FireFox:
========
FF DefaultProfile: fk6i3i3h.default-1597597810631
FF ProfilePath: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\fk6i3i3h.default-1597597810631 [2022-04-23]
FF Homepage: Mozilla\Firefox\Profiles\fk6i3i3h.default-1597597810631 -> hxxps://fr.audiofanzine.com/forums/101255/
FF Extension: (uBlock Origin) - C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\fk6i3i3h.default-1597597810631\Extensions\uBlock0@raymondhill.net.xpi [2022-04-08]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox
FF Extension: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2010-11-25] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2010-11-25] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-11-25] [] [non signé]
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin HKU\S-1-5-21-4071522075-2442597929-1746449056-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Christiane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-04-10] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-04-10] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default [2022-04-18]
CHR StartupUrls: Default -> "hxxps://mail02.orange.fr/appsuite/#!&app=io.ox/mail&folder=default0/INBOX","hxxp://audiofanzine.com/"
CHR Extension: (Slides) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-18]
CHR Extension: (Docs) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-18]
CHR Extension: (Google Drive) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-18]
CHR Extension: (YouTube) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-18]
CHR Extension: (Sheets) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-18]
CHR Extension: (Gmail) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-18]
CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Brave:
=======
BRA Profile: C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-04-20]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-04-20]
BRA Extension: (Brave NTP background images) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-04-18]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-04-18]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-19]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-04-19]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2022-04-18]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-04-18]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-04-20]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-04-19]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2009-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
S4 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé]
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé]
S3 clr_optimization_v2.0.50727_64; C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [89920 2009-06-10] (Microsoft Corporation -> Microsoft Corporation)
S2 clr_optimization_v4.0.30319_64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [124088 2015-06-19] (Microsoft Dynamic Code Publisher -> Microsoft Corporation)
S4 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354152 2020-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)
S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251800 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [633600 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1217792 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79760 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
S4 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-07] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232344 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-23 14:32 - 2022-04-23 14:42 - 000022393 _____ C:\Users\Christiane\Desktop\FRST.txt
2022-04-23 14:11 - 2022-04-23 14:11 - 000285188 _____ C:\Users\Christiane\Desktop\ZHPDiag.txt
2022-04-23 13:38 - 2022-04-23 13:38 - 000257228 _____ C:\Users\Christiane\Desktop\ZHPCleaner (S).txt
2022-04-23 12:54 - 2022-04-23 12:54 - 008069269 _____ C:\Users\Christiane\Downloads\lardeche-vue-par-jean-ferrat.mp4
2022-04-21 19:12 - 2022-04-21 19:12 - 009789899 _____ C:\Users\Christiane\Downloads\VID-20190607-WA0045.mp4
2022-04-21 19:09 - 2022-04-21 19:09 - 002691584 _____ C:\Users\Christiane\Downloads\Pyr.Or. Pays Basque 1_01.pps
2022-04-21 19:07 - 2022-04-21 19:07 - 010335943 _____ C:\Users\Christiane\Downloads\Hallelujah_au_bord_du_Titicaca_1_.mp4
2022-04-21 19:03 - 2022-04-21 19:03 - 007483439 _____ C:\Users\Christiane\Downloads\HARMONICA GUILLAUME TELL.mp4
2022-04-21 07:28 - 2022-04-21 07:28 - 000001391 _____ C:\Users\Christiane\Downloads\isrgrootx1.der
2022-04-20 19:07 - 2022-04-20 19:07 - 003295944 _____ (Nicolas Coolman) C:\Users\Christiane\Desktop\ZHPCleaner.exe
2022-04-20 18:49 - 2022-04-20 18:49 - 002366464 _____ (Farbar) C:\Users\Christiane\Desktop\FRST64.exe
2022-04-19 21:44 - 2022-04-19 21:44 - 000403957 _____ C:\Users\Christiane\Desktop\ZHPCleaner (S).html
2022-04-19 21:12 - 2022-04-19 21:12 - 003295944 _____ (Nicolas Coolman) C:\Users\Christiane\Desktop\zhpcleaner_2022-4-15-25_fr_433513.exe
2022-04-18 22:14 - 2022-04-23 14:36 - 000000000 ____D C:\FRST
2022-04-18 21:44 - 2022-04-19 21:13 - 000000000 ____D C:\Users\Christiane\AppData\Local\ZHP
2022-04-18 21:43 - 2022-04-18 21:43 - 003482312 _____ (Nicolas Coolman) C:\Users\Christiane\Desktop\ZHPSuite.exe
2022-04-18 18:31 - 2022-04-18 18:31 - 000003160 _____ C:\Windows\system32\Tasks\{FE351440-81DC-4F3F-84A8-ABF673944E78}
2022-04-18 18:27 - 2022-04-18 18:27 - 000001642 _____ C:\Users\Public\Desktop\ZHPFix.lnk
2022-04-18 18:27 - 2022-04-18 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2022-04-18 18:26 - 2022-04-18 18:26 - 003521467 _____ (Nicolas Coolman ) C:\Users\Christiane\Downloads\ZHPFix.exe
2022-04-18 18:12 - 2022-04-18 18:12 - 000002365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2022-04-18 18:12 - 2022-04-18 18:12 - 000000000 ____D C:\Program Files\BraveSoftware
2022-04-18 18:08 - 2022-04-18 18:08 - 000003512 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2022-04-18 18:08 - 2022-04-18 18:08 - 000003384 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2022-04-18 18:08 - 2022-04-18 18:08 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2022-04-18 18:07 - 2022-04-18 18:12 - 000000000 ____D C:\Users\Christiane\AppData\Local\BraveSoftware
2022-04-18 18:05 - 2022-04-18 18:05 - 001293840 _____ (BraveSoftware Inc.) C:\Users\Christiane\Downloads\BraveBrowserSetup-CLU884.exe
2022-04-18 13:05 - 2022-04-23 12:50 - 000002231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-18 13:02 - 2022-04-18 13:02 - 000003534 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-18 13:02 - 2022-04-18 13:02 - 000003406 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-18 12:52 - 2022-04-18 12:52 - 001481400 _____ (Orange) C:\Users\Christiane\Downloads\Orange-assistant-page-de-demarrage.exe
2022-04-18 12:44 - 2022-04-20 18:52 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-18 12:44 - 2022-04-18 12:54 - 000000000 ____D C:\Users\Christiane\AppData\Local\Google
2022-04-18 12:44 - 2022-04-18 12:44 - 001343320 _____ (Google LLC) C:\Users\Christiane\Downloads\ChromeSetup(1).exe
2022-04-18 12:43 - 2022-04-18 12:43 - 001343320 _____ (Google LLC) C:\Users\Christiane\Downloads\ChromeSetup.exe
2022-04-18 08:49 - 2022-04-18 08:49 - 005306938 _____ C:\Users\Christiane\Downloads\VID-20220126-WA0000.mp4
2022-04-18 08:48 - 2022-04-18 08:48 - 002099213 _____ C:\Users\Christiane\Downloads\VID-20220324-WA0002.mp4
2022-04-15 17:28 - 2022-04-15 17:28 - 013413599 _____ C:\Users\Christiane\Downloads\VIDEO-2020-08-18-09-31-491.mp4
2022-04-15 17:26 - 2022-04-15 17:26 - 002304461 _____ C:\Users\Christiane\Downloads\Le gardien de but.mp4
2022-04-14 19:18 - 2022-04-14 19:18 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2022-04-12 19:12 - 2022-04-12 19:12 - 004202036 _____ C:\Users\Christiane\Downloads\RECYCLAGE_EN_AFRIQUE_._._sv_111.mp4
2022-04-10 08:02 - 2022-04-10 08:02 - 011478398 _____ C:\Users\Christiane\Downloads\statue_de_la_liberte.mp4
2022-04-05 19:24 - 2022-04-05 19:24 - 000603832 _____ C:\Users\Christiane\Downloads\macron va parler.mp4
2022-04-05 18:54 - 2022-04-05 18:54 - 006825004 _____ C:\Users\Christiane\Downloads\Statues inédites (H.Ley).mp4
2022-04-05 18:52 - 2022-04-05 18:52 - 005426982 _____ C:\Users\Christiane\Downloads\en manque de boulot.mp4
2022-04-05 18:48 - 2022-04-05 18:48 - 006585108 _____ C:\Users\Christiane\Downloads\acces_interdit_aux_femmes____1111-1111_01.mp4
2022-04-03 13:08 - 2022-04-03 13:08 - 006564864 _____ C:\Users\Christiane\Downloads\VISITAMOS_EL_KREMLIN.pps
2022-03-29 18:58 - 2022-03-29 18:58 - 005639453 _____ C:\Users\Christiane\Downloads\VID-20211228-WA0003.mp4
2022-03-28 19:06 - 2022-03-28 19:06 - 002602256 _____ C:\Users\Christiane\Downloads\VID-20201210-WA0000__medecine_chinoise_01.mp4
2022-03-24 19:26 - 2022-03-24 19:26 - 005806080 _____ C:\Users\Christiane\Downloads\heeracleion21111111-2.pps
2022-03-24 19:19 - 2022-03-24 19:19 - 007625006 _____ C:\Users\Christiane\Downloads\VID-20210616-WA0000.mp4
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-04-23 14:35 - 2020-04-10 07:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-23 14:32 - 2011-03-22 16:02 - 000003976 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{5FE46448-4A2F-4820-A8FC-EDC3A63EC373}
2022-04-23 14:31 - 2016-12-04 19:20 - 000000000 ____D C:\Users\Christiane\AppData\LocalLow\Mozilla
2022-04-23 14:29 - 2022-02-12 07:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-23 14:11 - 2016-12-24 11:43 - 000000000 ____D C:\Users\Christiane\AppData\Roaming\ZHP
2022-04-23 12:45 - 2009-07-14 06:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2022-04-23 12:45 - 2009-07-14 06:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2022-04-23 12:42 - 2010-11-26 05:48 - 000747910 _____ C:\Windows\system32\perfh00C.dat
2022-04-23 12:42 - 2010-11-26 05:48 - 000150402 _____ C:\Windows\system32\perfc00C.dat
2022-04-23 12:42 - 2009-07-14 07:13 - 001669656 _____ C:\Windows\system32\PerfStringBackup.INI
2022-04-23 12:42 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2022-04-23 12:38 - 2010-11-25 20:58 - 000000000 ____D C:\ProgramData\NVIDIA
2022-04-23 12:38 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-04-20 18:25 - 2014-02-02 16:20 - 000000948 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000UA.job
2022-04-18 22:54 - 2013-06-10 21:16 - 000000132 _____ C:\Windows\winamp.ini
2022-04-18 18:27 - 2013-06-10 21:06 - 000000000 ____D C:\Programmes divers
2022-04-15 07:18 - 2016-10-21 12:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2022-04-14 19:18 - 2020-10-05 22:21 - 000003530 _____ C:\Windows\wininit.ini
2022-03-30 19:03 - 2009-07-14 07:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2022-03-25 20:02 - 2011-04-20 14:23 - 000000000 ____D C:\Users\Christiane\AppData\Local\Paint.NET
==================== Fichiers à la racine de certains dossiers ========
2011-10-17 18:32 - 2011-10-17 18:33 - 000033134 _____ () C:\Users\Christiane\AppData\Roaming\UserTile.png
2013-08-09 18:12 - 2017-05-09 20:53 - 000007168 _____ () C:\Users\Christiane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
LastRegBack: 2022-04-13 19:04
==================== Fin de FRST.txt ========================