Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Exécuté par Domi (administrateur) sur DESKTOP-RUD4LTG (Hewlett-Packard p6-2391ef) (29-09-2022 10:52:21)
Exécuté depuis C:\Users\33673\Desktop
Profils chargés: Domi
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.2006 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Shelblock\ShelblockSvc.exe ->) (SHELBLOCK -> Shelblock) C:\Program Files\Shelblock\Shelblock.exe
(C:\Users\33673\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\33673\AppData\Local\Programs\Opera\87.0.4390.45\opera_crashreporter.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\plugins_nms.exe
(explorer.exe ->) (Integrated Device Technology Inc. -> Hewlett-Packard) [Fichier non signé] C:\Program Files\IDT\WDM\Beats64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Suunto Oy -> ) C:\Users\33673\AppData\Local\Suuntolink\app-4.1.6\resources\app\LaunchAgents\SuuntolinkLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.6.0\Pub\PubPlatform.exe
(Opera Software AS -> Opera Software) C:\Users\33673\AppData\Local\Programs\Opera\opera.exe <13>
(services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (SHELBLOCK -> Shelblock) C:\Program Files\Shelblock\ShelblockSvc.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Integrated Device Technology Inc. -> Hewlett-Packard) [Fichier non signé]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1721368 2020-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6315480 2022-03-05] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [Moveslink2] => C:\Users\33673\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto (Pas de fichier)
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [SuuntolinkLauncher] => C:\Users\33673\AppData\Local\Suuntolink\app-4.1.6\resources\app\LaunchAgents\SuuntolinkLauncher.exe [832904 2022-06-22] (Suunto Oy -> )
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [Opera Browser Assistant] => C:\Users\33673\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4137216 2022-06-07] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [MicrosoftEdgeAutoLaunch_B0D2C138AFC9480A46CA43B4FCE1B603] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {050e682c-f993-11ea-b0c6-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {5188744a-2470-11ed-b14d-001583f2835c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {5502755b-fafc-11ec-b145-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {57f53c77-866a-11eb-b0e7-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {7e39ec3c-f79a-11eb-b101-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {98c9c685-30e2-11eb-b0d3-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\Windows\system32\CNMLMAE.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0F1802B7-59DE-439D-B575-1C88492AB245} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-19] (Google LLC -> Google LLC)
Task: {7F8D0E5B-553E-425B-8881-2D0967E26D5B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.)
Task: {90FCFAB8-B2F3-4352-9513-79D5844CEF8F} - System32\Tasks\Driver Booster SkipUAC (Domi) => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\DriverBooster.exe [7945488 2020-07-24] (IObit Information Technology -> IObit)
Task: {94ACDB52-6311-4141-9A1E-90396DCF2E09} - System32\Tasks\Opera scheduled assistant Autoupdate 1610364396 => C:\Users\33673\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\33673\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {9E7DCDE4-9F4D-440F-AABB-005F892E7B5D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\Scheduler.exe [149776 2020-07-24] (IObit Information Technology -> IObit)
Task: {C517AF6F-24FA-4703-A521-B6DBBED684A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-19] (Google LLC -> Google LLC)
Task: {C965E39B-01EC-4569-BB66-A457EB6F7C23} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\AutoUpdate.exe [2375952 2020-07-24] (IObit Information Technology -> IObit)
Task: {DEF10EC3-D3E4-418E-8B42-BEEAC35C98AE} - System32\Tasks\Opera scheduled Autoupdate 1610364393 => C:\Users\33673\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
ProxyEnable: [HKLM] => Proxy est activé.
ProxyEnable: [HKLM-x32] => Proxy est activé.
ProxyServer: [HKLM] => http=127.0.0.1:48080;https=127.0.0.1:48080
ProxyServer: [HKLM-x32] => http=127.0.0.1:48080;https=127.0.0.1:48080
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2a0d3cad-1dfb-435b-9fae-c1f6117bb759}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{787b3863-4bd8-4fd0-a8c1-63adbc355cad}: [DhcpNameServer] 192.168.0.254
ManualProxies: 1http=127.0.0.1:48080;https=127.0.0.1:48080 <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\33673\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\33673\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-29]
Edge Extension: (Kaspersky Protection) - C:\Users\33673\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-09-28]
Edge Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\33673\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfjgmgjhcihmkobljembcfodkajehoej [2021-08-29]
Edge HKU\S-1-5-21-3600481859-447244473-4001743809-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default [2022-09-28]
CHR Notifications: Default -> hxxps://lichess.org
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
CHR DefaultSearchKeyword: Default -> qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (AdLock - adblocker & privacy protection) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemffjkmgcepimloclpkecifcnipnodh [2022-03-20]
CHR Extension: (Kaspersky Protection) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-02]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
CHR Extension: (uBlock Origin) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (AdBlocker) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhacaboehinamiaoafpljgofoapchgf [2022-08-22]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
Opera:
=======
OPR Profile: C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable [2022-09-29]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-05]
OPR Extension: (Opera Crypto Wallet) - C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-31]
StartMenuInternet: (HKU\S-1-5-21-3600481859-447244473-4001743809-1001) OperaStable - "C:\Users\33673\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [467928 2022-03-05] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [184768 2021-06-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [357272 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-28] (Malwarebytes Inc. -> Malwarebytes)
R2 ShelblockSvc; C:\Program Files\Shelblock\ShelblockSvc.exe [4098760 2021-09-11] (SHELBLOCK -> Shelblock)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [358936 2020-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [98840 2021-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
R3 AmUStor; C:\Windows\system32\drivers\AmUStorU.sys [150840 2022-04-20] (Alcorlink Corp. -> )
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [154112 2021-10-13] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2020-11-09] (CPUID -> CPUID)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2021-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [136688 2022-07-19] (GENESYS LOGIC, INC. -> Genesys Logic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-08-20] (Martin Malik - REALiX -> REALiX(tm))
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [711056 2022-09-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1642376 2022-09-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [189032 2022-09-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [357136 2022-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [187192 2022-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [270752 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-09-29] (Malwarebytes Inc. -> Malwarebytes)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [570392 2020-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [39032 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429288 2020-11-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-29 10:52 - 2022-09-29 10:52 - 000024914 _____ C:\Users\33673\Desktop\FRST.txt
2022-09-29 10:52 - 2022-09-29 10:52 - 000000000 ____D C:\FRST
2022-09-29 10:51 - 2022-09-29 10:51 - 000000000 ____D C:\Users\33673\AppData\LocalLow\IGDump
2022-09-29 10:50 - 2022-09-29 10:50 - 002371072 _____ (Farbar) C:\Users\33673\Desktop\FRST64.exe
2022-09-29 10:42 - 2022-09-29 10:42 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-09-29 10:42 - 2022-09-29 10:42 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-09-29 10:42 - 2022-09-29 10:42 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-09-28 22:47 - 2022-09-28 22:47 - 000010092 _____ C:\Users\33673\Desktop\ZHPCleaner (R).html
2022-09-28 22:47 - 2022-09-28 22:47 - 000003298 _____ C:\Users\33673\Desktop\ZHPCleaner (R).txt
2022-09-28 22:46 - 2022-09-28 22:46 - 000009728 _____ C:\Users\33673\Desktop\ZHPCleaner (S).html
2022-09-28 22:46 - 2022-09-28 22:46 - 000003064 _____ C:\Users\33673\Desktop\ZHPCleaner (S).txt
2022-09-28 22:21 - 2022-09-28 22:21 - 000280576 _____ C:\Users\33673\Desktop\ZHPDiag.txt
2022-09-28 22:17 - 2022-09-28 22:17 - 000000902 _____ C:\Users\33673\Desktop\ZHPDiag.lnk
2022-09-28 21:59 - 2022-09-28 21:59 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-28 21:59 - 2022-09-28 21:59 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-28 21:59 - 2022-09-28 21:59 - 000000000 ____D C:\Users\33673\AppData\Local\mbam
2022-09-28 21:58 - 2022-09-28 21:58 - 002631672 _____ (Malwarebytes) C:\Users\33673\Downloads\MBSetup.exe
2022-09-28 21:58 - 2022-09-28 21:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-28 21:58 - 2022-09-28 21:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-28 21:15 - 2022-09-28 21:15 - 003303624 _____ (Nicolas Coolman) C:\Users\33673\Downloads\ZHPCleaner.exe
2022-09-28 21:15 - 2022-09-28 21:15 - 000000877 _____ C:\Users\33673\Desktop\ZHPCleaner.lnk
2022-09-28 20:59 - 2022-09-28 22:47 - 000000000 ____D C:\Users\33673\AppData\Roaming\ZHP
2022-09-28 20:58 - 2022-09-28 20:59 - 003309768 _____ (Nicolas Coolman) C:\Users\33673\Downloads\ZHPDiag3 (1).exe
2022-09-27 18:37 - 2022-09-27 18:37 - 002620784 _____ C:\Users\33673\Downloads\09172896_Hyp_Compl_LDP_Chap7.pdf
2022-09-27 08:48 - 2022-09-27 08:48 - 472459241 _____ C:\Users\33673\Downloads\The.Deuce.S03E02.FRENCH.WEBRip.XviD-Wawacity.ninja.avi
2022-09-26 20:48 - 2022-09-26 20:48 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3600481859-447244473-4001743809-1001
2022-09-26 20:48 - 2022-09-26 20:48 - 000002417 _____ C:\Users\33673\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-24 14:49 - 2022-09-24 14:49 - 000024091 _____ C:\Users\33673\Downloads\CARTE_AVANTAGE_ADULTE_27-59_ANS_TREILLARD_DOMINIQUE_280822_20H47_oFsGSUmvlyrXRXfycSt6.pdf
2022-09-22 08:09 - 2022-09-22 08:09 - 000357136 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2022-09-22 08:08 - 2022-09-22 08:08 - 000187192 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2022-09-22 08:07 - 2022-09-28 21:06 - 000270752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2022-09-22 08:07 - 2022-09-22 08:07 - 000376920 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2022-09-15 11:58 - 2022-09-15 11:58 - 000413696 _____ C:\Windows\system32\AzureCheck.dll
2022-09-15 11:58 - 2022-09-15 11:58 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-09-15 11:58 - 2022-09-15 11:58 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-09-15 11:58 - 2022-09-15 11:58 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-09-15 11:58 - 2022-09-15 11:58 - 000011813 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-09-15 11:52 - 2022-09-15 11:52 - 000000000 ___HD C:\$WinREAgent
2022-09-14 14:36 - 2022-09-14 14:36 - 000030136 _____ C:\Users\33673\Downloads\Delivrance_autotests_gratuits.pdf
2022-09-12 16:57 - 2022-09-12 16:57 - 000000000 ____D C:\Users\33673\AppData\Roaming\com.adobe.dunamis
2022-09-11 21:23 - 2022-09-11 21:23 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-09-11 21:23 - 2022-09-11 21:23 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-11 21:23 - 2022-09-11 21:23 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-09-05 21:49 - 2022-09-05 21:49 - 000750572 _____ C:\Users\33673\Downloads\Licence FFCO 17777-2022.pdf
2022-09-05 21:49 - 2022-09-05 21:49 - 000750309 _____ C:\Users\33673\Downloads\Licence FFCO 43320-2022.pdf
2022-09-05 21:49 - 2022-09-05 21:49 - 000750290 _____ C:\Users\33673\Downloads\Licence FFCO 43321-2022.pdf
2022-09-04 21:11 - 2022-09-04 21:11 - 000145975 _____ C:\Users\33673\Downloads\Attestation CM.pdf
2022-09-04 15:52 - 2022-09-04 15:52 - 001077674 _____ C:\Users\33673\Downloads\justificatif-de-domicile-plum.pdf
2022-09-02 20:18 - 2022-09-02 20:18 - 000032129 _____ C:\Users\33673\Downloads\Emploi_du_temps_TREILLARD_Dominique.pdf
2022-09-02 17:35 - 2022-09-02 17:35 - 001642376 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2022-09-02 17:35 - 2022-09-02 17:35 - 000711056 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klgse.sys
2022-09-02 15:06 - 2022-09-02 15:06 - 000163598 _____ C:\Users\33673\Downloads\attestation_negative.pdf
2022-08-31 21:36 - 2022-08-31 21:39 - 000000000 ____D C:\Users\33673\Documents\danse 2022 vidéos
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-29 10:48 - 2020-08-18 20:28 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2022-09-29 10:48 - 2019-12-07 16:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2022-09-29 10:48 - 2019-12-07 16:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2022-09-29 10:48 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-09-29 10:44 - 2020-08-19 16:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-29 10:43 - 2022-03-11 10:35 - 000000000 ____D C:\ProgramData\Adguard
2022-09-29 10:42 - 2020-08-18 20:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-29 10:42 - 2020-08-18 20:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-09-29 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-28 22:58 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-09-28 22:22 - 2020-08-19 15:18 - 000000000 ____D C:\Users\33673\AppData\Local\D3DSCache
2022-09-28 22:08 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-28 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-09-28 21:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-09-28 21:26 - 2020-08-20 15:45 - 000000000 ____D C:\ProgramData\IObit
2022-09-28 21:15 - 2022-06-03 17:37 - 000000000 ____D C:\Users\33673\AppData\Local\ZHP
2022-09-28 18:41 - 2020-09-02 22:08 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-28 18:39 - 2020-08-18 20:22 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-09-26 22:43 - 2020-08-20 16:27 - 000000000 ____D C:\Users\33673\AppData\Roaming\vlc
2022-09-26 20:48 - 2021-12-11 21:37 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3600481859-447244473-4001743809-1001
2022-09-21 12:21 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-09-18 09:15 - 2020-08-19 16:29 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-18 09:15 - 2020-08-19 16:29 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-16 19:10 - 2020-11-20 17:59 - 000000000 ____D C:\Users\33673\AppData\Roaming\dvdcss
2022-09-16 16:09 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-09-15 12:42 - 2020-08-18 20:22 - 000569384 _____ C:\Windows\system32\FNTCACHE.DAT
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-09-15 11:58 - 2020-08-18 20:26 - 003011072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-09-14 21:03 - 2020-08-18 21:05 - 000000000 ____D C:\Windows\system32\MRT
2022-09-14 21:01 - 2020-08-18 21:05 - 141646296 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-09-05 17:10 - 2020-08-18 21:00 - 000000000 ____D C:\Users\33673\AppData\Local\Packages
2022-09-01 18:32 - 2020-08-19 14:41 - 000000000 ____D C:\Users\33673\Documents\Dom
2022-08-30 20:07 - 2020-08-19 16:28 - 000003590 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 20:07 - 2020-08-19 16:28 - 000003466 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-09-16 17:52 - 2021-09-16 17:52 - 000000258 _____ () C:\ProgramData\fontcacheev1.dat
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Domi (administrateur) sur DESKTOP-RUD4LTG (Hewlett-Packard p6-2391ef) (29-09-2022 10:52:21)
Exécuté depuis C:\Users\33673\Desktop
Profils chargés: Domi
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.2006 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\Adguard.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Shelblock\ShelblockSvc.exe ->) (SHELBLOCK -> Shelblock) C:\Program Files\Shelblock\Shelblock.exe
(C:\Users\33673\AppData\Local\Programs\Opera\opera.exe ->) (Opera Software AS -> Opera Software) C:\Users\33673\AppData\Local\Programs\Opera\87.0.4390.45\opera_crashreporter.exe
(cmd.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\plugins_nms.exe
(explorer.exe ->) (Integrated Device Technology Inc. -> Hewlett-Packard) [Fichier non signé] C:\Program Files\IDT\WDM\Beats64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(explorer.exe ->) (Suunto Oy -> ) C:\Users\33673\AppData\Local\Suuntolink\app-4.1.6\resources\app\LaunchAgents\SuuntolinkLauncher.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(IObit Information Technology -> IObit) C:\Program Files (x86)\IObit\Driver Booster\7.6.0\Pub\PubPlatform.exe
(Opera Software AS -> Opera Software) C:\Users\33673\AppData\Local\Programs\Opera\opera.exe <13>
(services.exe ->) (Adguard Software Limited -> Adguard Software Ltd) C:\Program Files (x86)\Adguard\AdguardSvc.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(services.exe ->) (SHELBLOCK -> Shelblock) C:\Program Files\Shelblock\ShelblockSvc.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22072.207.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2013-11-20] (Integrated Device Technology Inc. -> Hewlett-Packard) [Fichier non signé]
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1721368 2020-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
HKLM-x32\...\Run: [Adguard] => C:\Program Files (x86)\Adguard\Adguard.exe [6315480 2022-03-05] (Adguard Software Limited -> Adguard Software Ltd)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [Moveslink2] => C:\Users\33673\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suunto\Moveslink2.appref-ms -auto (Pas de fichier)
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [SuuntolinkLauncher] => C:\Users\33673\AppData\Local\Suuntolink\app-4.1.6\resources\app\LaunchAgents\SuuntolinkLauncher.exe [832904 2022-06-22] (Suunto Oy -> )
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [Opera Browser Assistant] => C:\Users\33673\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4137216 2022-06-07] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\Run: [MicrosoftEdgeAutoLaunch_B0D2C138AFC9480A46CA43B4FCE1B603] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3795376 2022-09-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {050e682c-f993-11ea-b0c6-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {5188744a-2470-11ed-b14d-001583f2835c} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {5502755b-fafc-11ec-b145-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {57f53c77-866a-11eb-b0e7-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {7e39ec3c-f79a-11eb-b101-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3600481859-447244473-4001743809-1001\...\MountPoints2: {98c9c685-30e2-11eb-b0d3-001583f2835c} - "E:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [30208 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\Windows\system32\CNMLMAE.DLL [385024 2012-03-14] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\105.0.5195.127\Installer\chrmstp.exe [2022-09-18] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0F1802B7-59DE-439D-B575-1C88492AB245} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-19] (Google LLC -> Google LLC)
Task: {7F8D0E5B-553E-425B-8881-2D0967E26D5B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1555696 2022-08-03] (Adobe Inc. -> Adobe Inc.)
Task: {90FCFAB8-B2F3-4352-9513-79D5844CEF8F} - System32\Tasks\Driver Booster SkipUAC (Domi) => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\DriverBooster.exe [7945488 2020-07-24] (IObit Information Technology -> IObit)
Task: {94ACDB52-6311-4141-9A1E-90396DCF2E09} - System32\Tasks\Opera scheduled assistant Autoupdate 1610364396 => C:\Users\33673\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\33673\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {9E7DCDE4-9F4D-440F-AABB-005F892E7B5D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\Scheduler.exe [149776 2020-07-24] (IObit Information Technology -> IObit)
Task: {C517AF6F-24FA-4703-A521-B6DBBED684A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-08-19] (Google LLC -> Google LLC)
Task: {C965E39B-01EC-4569-BB66-A457EB6F7C23} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\7.6.0\AutoUpdate.exe [2375952 2020-07-24] (IObit Information Technology -> IObit)
Task: {DEF10EC3-D3E4-418E-8B42-BEEAC35C98AE} - System32\Tasks\Opera scheduled Autoupdate 1610364393 => C:\Users\33673\AppData\Local\Programs\Opera\launcher.exe [2473216 2022-06-02] (Opera Software AS -> Opera Software)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
ProxyEnable: [HKLM] => Proxy est activé.
ProxyEnable: [HKLM-x32] => Proxy est activé.
ProxyServer: [HKLM] => http=127.0.0.1:48080;https=127.0.0.1:48080
ProxyServer: [HKLM-x32] => http=127.0.0.1:48080;https=127.0.0.1:48080
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2a0d3cad-1dfb-435b-9fae-c1f6117bb759}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{787b3863-4bd8-4fd0-a8c1-63adbc355cad}: [DhcpNameServer] 192.168.0.254
ManualProxies: 1http=127.0.0.1:48080;https=127.0.0.1:48080 <==== ATTENTION
Edge:
=======
DownloadDir: C:\Users\33673\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\33673\AppData\Local\Microsoft\Edge\User Data\Default [2022-09-29]
Edge Extension: (Kaspersky Protection) - C:\Users\33673\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-09-28]
Edge Extension: (Hola Free VPN Proxy Unblocker - Best VPN) - C:\Users\33673\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nfjgmgjhcihmkobljembcfodkajehoej [2021-08-29]
Edge HKU\S-1-5-21-3600481859-447244473-4001743809-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-09-08] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default [2022-09-28]
CHR Notifications: Default -> hxxps://lichess.org
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
CHR DefaultSearchKeyword: Default -> qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (AdLock - adblocker & privacy protection) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\aemffjkmgcepimloclpkecifcnipnodh [2022-03-20]
CHR Extension: (Kaspersky Protection) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-08-02]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2022-08-30]
CHR Extension: (uBlock Origin) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-09-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (AdBlocker) - C:\Users\33673\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhacaboehinamiaoafpljgofoapchgf [2022-08-22]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
Opera:
=======
OPR Profile: C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable [2022-09-29]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-07-05]
OPR Extension: (Opera Crypto Wallet) - C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-08-20]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\33673\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-08-31]
StartMenuInternet: (HKU\S-1-5-21-3600481859-447244473-4001743809-1001) OperaStable - "C:\Users\33673\AppData\Local\Programs\Opera\Launcher.exe"
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Adguard Service; C:\Program Files (x86)\Adguard\AdguardSvc.exe [467928 2022-03-05] (Adguard Software Limited -> Adguard Software Ltd)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172264 2022-08-03] (Adobe Inc. -> Adobe Inc.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [184768 2021-06-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [357272 2021-04-28] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8765464 2022-09-28] (Malwarebytes Inc. -> Malwarebytes)
R2 ShelblockSvc; C:\Program Files\Shelblock\ShelblockSvc.exe [4098760 2021-09-11] (SHELBLOCK -> Shelblock)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [358936 2020-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\NisSrv.exe [2467088 2020-11-23] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2010.7-0\MsMpEng.exe [128376 2020-11-23] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 adgnetworkwfpdrv; C:\Windows\System32\drivers\adgnetworkwfpdrv.sys [98840 2021-11-02] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
R3 AmUStor; C:\Windows\system32\drivers\AmUStorU.sys [150840 2022-04-20] (Alcorlink Corp. -> )
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [154112 2021-10-13] (Microsoft Corporation) [Fichier non signé]
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [237288 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 cpuz145; C:\Windows\temp\cpuz145\cpuz145_x64.sys [49968 2020-11-09] (CPUID -> CPUID)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [158640 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ew_usbccgpfilter; C:\Windows\System32\drivers\ew_usbccgpfilter.sys [18816 2021-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 GeneStor; C:\Windows\system32\DRIVERS\GeneStor.sys [136688 2022-07-19] (GENESYS LOGIC, INC. -> Genesys Logic)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-08-20] (Martin Malik - REALiX -> REALiX(tm))
R1 klbackupdisk; C:\Windows\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [206600 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [119568 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\Windows\system32\DRIVERS\klflt.sys [522504 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [711056 2022-09-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1642376 2022-09-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [189032 2022-09-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1049864 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [90896 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [104728 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [107328 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [78088 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [88328 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\Windows\System32\Drivers\klupd_klif_arkmon.sys [376920 2022-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_klif_klark; C:\Windows\System32\Drivers\klupd_klif_klark.sys [357136 2022-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\Windows\System32\Drivers\klupd_klif_klbg.sys [187192 2022-09-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\Windows\System32\Drivers\klupd_klif_mark.sys [270752 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [150280 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [325400 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [294680 2022-02-09] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [223176 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2022-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193488 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [75216 2022-09-29] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239544 2022-09-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [181992 2022-09-29] (Malwarebytes Inc. -> Malwarebytes)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [570392 2020-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [39032 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48536 2020-11-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [429288 2020-11-23] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [71912 2020-11-23] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-29 10:52 - 2022-09-29 10:52 - 000024914 _____ C:\Users\33673\Desktop\FRST.txt
2022-09-29 10:52 - 2022-09-29 10:52 - 000000000 ____D C:\FRST
2022-09-29 10:51 - 2022-09-29 10:51 - 000000000 ____D C:\Users\33673\AppData\LocalLow\IGDump
2022-09-29 10:50 - 2022-09-29 10:50 - 002371072 _____ (Farbar) C:\Users\33673\Desktop\FRST64.exe
2022-09-29 10:42 - 2022-09-29 10:42 - 000193488 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2022-09-29 10:42 - 2022-09-29 10:42 - 000181992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2022-09-29 10:42 - 2022-09-29 10:42 - 000075216 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2022-09-28 22:47 - 2022-09-28 22:47 - 000010092 _____ C:\Users\33673\Desktop\ZHPCleaner (R).html
2022-09-28 22:47 - 2022-09-28 22:47 - 000003298 _____ C:\Users\33673\Desktop\ZHPCleaner (R).txt
2022-09-28 22:46 - 2022-09-28 22:46 - 000009728 _____ C:\Users\33673\Desktop\ZHPCleaner (S).html
2022-09-28 22:46 - 2022-09-28 22:46 - 000003064 _____ C:\Users\33673\Desktop\ZHPCleaner (S).txt
2022-09-28 22:21 - 2022-09-28 22:21 - 000280576 _____ C:\Users\33673\Desktop\ZHPDiag.txt
2022-09-28 22:17 - 2022-09-28 22:17 - 000000902 _____ C:\Users\33673\Desktop\ZHPDiag.lnk
2022-09-28 21:59 - 2022-09-28 21:59 - 000239544 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000223176 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000158640 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000021480 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2022-09-28 21:59 - 2022-09-28 21:59 - 000002041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2022-09-28 21:59 - 2022-09-28 21:59 - 000002029 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2022-09-28 21:59 - 2022-09-28 21:59 - 000000000 ____D C:\Users\33673\AppData\Local\mbam
2022-09-28 21:58 - 2022-09-28 21:58 - 002631672 _____ (Malwarebytes) C:\Users\33673\Downloads\MBSetup.exe
2022-09-28 21:58 - 2022-09-28 21:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-09-28 21:58 - 2022-09-28 21:58 - 000000000 ____D C:\Program Files\Malwarebytes
2022-09-28 21:15 - 2022-09-28 21:15 - 003303624 _____ (Nicolas Coolman) C:\Users\33673\Downloads\ZHPCleaner.exe
2022-09-28 21:15 - 2022-09-28 21:15 - 000000877 _____ C:\Users\33673\Desktop\ZHPCleaner.lnk
2022-09-28 20:59 - 2022-09-28 22:47 - 000000000 ____D C:\Users\33673\AppData\Roaming\ZHP
2022-09-28 20:58 - 2022-09-28 20:59 - 003309768 _____ (Nicolas Coolman) C:\Users\33673\Downloads\ZHPDiag3 (1).exe
2022-09-27 18:37 - 2022-09-27 18:37 - 002620784 _____ C:\Users\33673\Downloads\09172896_Hyp_Compl_LDP_Chap7.pdf
2022-09-27 08:48 - 2022-09-27 08:48 - 472459241 _____ C:\Users\33673\Downloads\The.Deuce.S03E02.FRENCH.WEBRip.XviD-Wawacity.ninja.avi
2022-09-26 20:48 - 2022-09-26 20:48 - 000003376 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3600481859-447244473-4001743809-1001
2022-09-26 20:48 - 2022-09-26 20:48 - 000002417 _____ C:\Users\33673\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-09-24 14:49 - 2022-09-24 14:49 - 000024091 _____ C:\Users\33673\Downloads\CARTE_AVANTAGE_ADULTE_27-59_ANS_TREILLARD_DOMINIQUE_280822_20H47_oFsGSUmvlyrXRXfycSt6.pdf
2022-09-22 08:09 - 2022-09-22 08:09 - 000357136 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klark.sys
2022-09-22 08:08 - 2022-09-22 08:08 - 000187192 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_klbg.sys
2022-09-22 08:07 - 2022-09-28 21:06 - 000270752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_mark.sys
2022-09-22 08:07 - 2022-09-22 08:07 - 000376920 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klupd_klif_arkmon.sys
2022-09-15 11:58 - 2022-09-15 11:58 - 000413696 _____ C:\Windows\system32\AzureCheck.dll
2022-09-15 11:58 - 2022-09-15 11:58 - 000288768 _____ C:\Windows\system32\Windows.Management.InprocObjects.dll
2022-09-15 11:58 - 2022-09-15 11:58 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2022-09-15 11:58 - 2022-09-15 11:58 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2022-09-15 11:58 - 2022-09-15 11:58 - 000011813 _____ C:\Windows\system32\DrtmAuthTxt.wim
2022-09-15 11:52 - 2022-09-15 11:52 - 000000000 ___HD C:\$WinREAgent
2022-09-14 14:36 - 2022-09-14 14:36 - 000030136 _____ C:\Users\33673\Downloads\Delivrance_autotests_gratuits.pdf
2022-09-12 16:57 - 2022-09-12 16:57 - 000000000 ____D C:\Users\33673\AppData\Roaming\com.adobe.dunamis
2022-09-11 21:23 - 2022-09-11 21:23 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2022-09-11 21:23 - 2022-09-11 21:23 - 000002075 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-09-11 21:23 - 2022-09-11 21:23 - 000002063 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2022-09-05 21:49 - 2022-09-05 21:49 - 000750572 _____ C:\Users\33673\Downloads\Licence FFCO 17777-2022.pdf
2022-09-05 21:49 - 2022-09-05 21:49 - 000750309 _____ C:\Users\33673\Downloads\Licence FFCO 43320-2022.pdf
2022-09-05 21:49 - 2022-09-05 21:49 - 000750290 _____ C:\Users\33673\Downloads\Licence FFCO 43321-2022.pdf
2022-09-04 21:11 - 2022-09-04 21:11 - 000145975 _____ C:\Users\33673\Downloads\Attestation CM.pdf
2022-09-04 15:52 - 2022-09-04 15:52 - 001077674 _____ C:\Users\33673\Downloads\justificatif-de-domicile-plum.pdf
2022-09-02 20:18 - 2022-09-02 20:18 - 000032129 _____ C:\Users\33673\Downloads\Emploi_du_temps_TREILLARD_Dominique.pdf
2022-09-02 17:35 - 2022-09-02 17:35 - 001642376 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2022-09-02 17:35 - 2022-09-02 17:35 - 000711056 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klgse.sys
2022-09-02 15:06 - 2022-09-02 15:06 - 000163598 _____ C:\Users\33673\Downloads\attestation_negative.pdf
2022-08-31 21:36 - 2022-08-31 21:39 - 000000000 ____D C:\Users\33673\Documents\danse 2022 vidéos
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-09-29 10:48 - 2020-08-18 20:28 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2022-09-29 10:48 - 2019-12-07 16:49 - 000755174 _____ C:\Windows\system32\perfh00C.dat
2022-09-29 10:48 - 2019-12-07 16:49 - 000141980 _____ C:\Windows\system32\perfc00C.dat
2022-09-29 10:48 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2022-09-29 10:44 - 2020-08-19 16:28 - 000000000 ____D C:\Program Files (x86)\Google
2022-09-29 10:43 - 2022-03-11 10:35 - 000000000 ____D C:\ProgramData\Adguard
2022-09-29 10:42 - 2020-08-18 20:22 - 000008192 ___SH C:\DumpStack.log.tmp
2022-09-29 10:42 - 2020-08-18 20:22 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2022-09-29 10:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-09-28 22:58 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2022-09-28 22:22 - 2020-08-19 15:18 - 000000000 ____D C:\Users\33673\AppData\Local\D3DSCache
2022-09-28 22:08 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-09-28 22:08 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2022-09-28 21:59 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2022-09-28 21:26 - 2020-08-20 15:45 - 000000000 ____D C:\ProgramData\IObit
2022-09-28 21:15 - 2022-06-03 17:37 - 000000000 ____D C:\Users\33673\AppData\Local\ZHP
2022-09-28 18:41 - 2020-09-02 22:08 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-09-28 18:39 - 2020-08-18 20:22 - 000000000 ____D C:\Windows\system32\SleepStudy
2022-09-26 22:43 - 2020-08-20 16:27 - 000000000 ____D C:\Users\33673\AppData\Roaming\vlc
2022-09-26 20:48 - 2021-12-11 21:37 - 000003588 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3600481859-447244473-4001743809-1001
2022-09-21 12:21 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2022-09-18 09:15 - 2020-08-19 16:29 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-09-18 09:15 - 2020-08-19 16:29 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-09-16 19:10 - 2020-11-20 17:59 - 000000000 ____D C:\Users\33673\AppData\Roaming\dvdcss
2022-09-16 16:09 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2022-09-15 12:42 - 2020-08-18 20:22 - 000569384 _____ C:\Windows\system32\FNTCACHE.DAT
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2022-09-15 12:41 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2022-09-15 11:58 - 2020-08-18 20:26 - 003011072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2022-09-14 21:03 - 2020-08-18 21:05 - 000000000 ____D C:\Windows\system32\MRT
2022-09-14 21:01 - 2020-08-18 21:05 - 141646296 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2022-09-05 17:10 - 2020-08-18 21:00 - 000000000 ____D C:\Users\33673\AppData\Local\Packages
2022-09-01 18:32 - 2020-08-19 14:41 - 000000000 ____D C:\Users\33673\Documents\Dom
2022-08-30 20:07 - 2020-08-19 16:28 - 000003590 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 20:07 - 2020-08-19 16:28 - 000003466 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2021-09-16 17:52 - 2021-09-16 17:52 - 000000258 _____ () C:\ProgramData\fontcacheev1.dat
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================