Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2021 ([color=red]ATTENTION: ====> FRST la version date de 334 jours et est peut-être périmée[/color]) Exécuté par Christiane (administrateur) sur CHRISTIANE-PC (Acer Aspire 7736) (18-04-2022 22:15:35) Exécuté depuis C:\Users\Christiane\Desktop Profils chargés: Christiane Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Navigateur par défaut: Brave Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Acer Incorporated -> Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (CyberLink -> Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (CyberLink -> CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe (Mozilla Corporation -> Mozilla Corporation) [Fichier non signé] C:\Program Files (x86)\Mozilla Firefox\firefox.exe <11> (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc -> NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Nullsoft) [Fichier non signé] C:\Programmes divers\Winamp\winamp.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2> (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SONIX TECHNOLOGY CO. , LTD -> ) C:\Windows\PLFSetI.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated -> Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [206208 2010-11-25] (SONIX TECHNOLOGY CO. , LTD -> ) HKLM\...\Run: [MSC] => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation -> Intel Corporation) HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated -> Acer Incorporated) HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2010-01-18] (CyberLink -> Acer Corp.) HKLM-x32\...\Run: [NeroFilterCheck] => C:\Windows\SysWOW64\NeroCheck.exe [155648 2001-07-09] (Ahead Software Gmbh) [Fichier non signé] HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1094736 2009-11-02] (Dritek System Inc. -> Dritek System Inc.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [265984 2010-06-29] (NewTech Infosystems, Inc -> NewTech Infosystems, Inc.) HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink -> CyberLink Corp.) HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-28] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKU\S-1-5-21-4071522075-2442597929-1746449056-1000\...\MountPoints2: {3de81fd2-61df-11e8-9829-206a8a1f240b} - E:\.\Driver\DriverInstaller.exe -eject HKLM\...\Windows x64\Print Processors\Epson Inkjet: C:\Windows\System32\spool\prtprocs\x64\EP0NPP01.DLL [38912 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\Windows\system32\EP0SLM01.DLL [77824 2009-07-14] (Microsoft Windows -> SEIKO EPSON CORPORATION) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-18] (Google LLC -> Google LLC) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\100.1.37.116\Installer\chrmstp.exe [2022-04-18] (Brave Software, Inc. -> Brave Software, Inc.) [Fichier non signé] GroupPolicy: Restriction ? <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {02EC61D9-5AE0-46CD-9B99-53A36ED64CB4} - System32\Tasks\{FE351440-81DC-4F3F-84A8-ABF673944E78} => C:\Windows\system32\pcalua.exe -a "C:\Programmes divers\ZHPFix\ZHPhep.exe" -d "C:\Programmes divers\ZHPFix" Task: {1F328ED0-1764-4DA3-9900-836596E1D513} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé] Task: {2B6F6A6D-146D-46F1-85CE-2D1ED5E5509D} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [781808 2022-04-14] (Mozilla Corporation -> Mozilla Foundation) [Fichier non signé] Task: {5DC4C037-F73F-4E8A-A0F1-D6842B6CF57A} - System32\Tasks\{8C9A89D0-B2D6-40EF-950B-EBEB26E454B7} => "c:\programmes divers\mozilla firefox\firefox.exe" http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.367&LastError=12002 Task: {78E71AA8-5348-42CB-B298-8AF88BEB0CCA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000Core => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-02] (Facebook, Inc. -> Facebook Inc.) Task: {7AAC7237-9347-4C9B-AAD2-30259F69F0E2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000UA => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-02-02] (Facebook, Inc. -> Facebook Inc.) Task: {7E9B3AE5-622B-416A-A696-3E70688CD4B1} - System32\Tasks\GoogleUpdateTaskMachineCore{0FEE041A-E5C6-4DFD-AFB7-4896C9384118} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-18] (Google LLC -> Google LLC) Task: {84695EA3-B1B6-4D1B-980A-7CF77675A3E9} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé] Task: {D14F74E7-9C2E-40FD-8BE3-FB5C5E7F8C36} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd -> Piriform Ltd) Task: {D834902E-CC0A-40F8-BDBC-1F25F9EA2996} - System32\Tasks\{8054B108-E820-4151-AE4A-EDD4215801FC} => "c:\programmes divers\mozilla firefox\firefox.exe" http://ui.skype.com/ui/0/4.1.0.179.367/fr/abandoninstall?source=lightinstaller&page=tsProblems&LastError=404&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded Task: {EFE9D343-FD51-4CAA-83A5-FE622645A9DD} - System32\Tasks\GoogleUpdateTaskMachineUA{7956C2BC-0A31-4EA0-B056-F1DD31DE39DA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-04-18] (Google LLC -> Google LLC) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000Core.job => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000UA.job => C:\Users\Christiane\AppData\Local\Facebook\Update\FacebookUpdate.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{292B3F29-1954-452B-B8EE-6DC0D4D86757}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{D05C5E21-5063-4C8A-92C5-266608F2BFD5}: [NameServer] 8.8.8.8,8.8.4.4 Edge: ======= Edge Profile: C:\Users\Christiane\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-18] Edge HKU\S-1-5-21-4071522075-2442597929-1746449056-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] FireFox: ======== FF DefaultProfile: fk6i3i3h.default-1597597810631 FF ProfilePath: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\fk6i3i3h.default-1597597810631 [2022-04-18] FF Homepage: Mozilla\Firefox\Profiles\fk6i3i3h.default-1597597810631 -> hxxps://fr.audiofanzine.com/forums/101255/ FF Extension: (uBlock Origin) - C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\fk6i3i3h.default-1597597810631\Extensions\uBlock0@raymondhill.net.xpi [2022-04-08] FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox FF Extension: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2010-11-25] [] [non signé] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2010-11-25] [] [non signé] FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension FF Extension: (Default Manager) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-11-25] [] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] (Adobe Systems Incorporated -> ) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll [2011-08-30] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll [2010-08-13] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé] FF Plugin HKU\S-1-5-21-4071522075-2442597929-1746449056-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Christiane\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-04-10] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-04-10] <==== ATTENTION Chrome: ======= CHR Profile: C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default [2022-04-18] CHR StartupUrls: Default -> "hxxps://mail02.orange.fr/appsuite/#!&app=io.ox/mail&folder=default0/INBOX","hxxp://audiofanzine.com/" CHR Extension: (Slides) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2022-04-18] CHR Extension: (Docs) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2022-04-18] CHR Extension: (Google Drive) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2022-04-18] CHR Extension: (YouTube) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-04-18] CHR Extension: (Sheets) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2022-04-18] CHR Extension: (Google Docs hors connexion) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-18] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-18] CHR Extension: (Gmail) - C:\Users\Christiane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-04-18] CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] Brave: ======= BRA Profile: C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2022-04-18] BRA Extension: (Brave Local Data Files Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2022-04-18] BRA Extension: (Brave NTP background images) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2022-04-18] BRA Extension: (Wallet Data Files Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2022-04-18] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-18] BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-04-18] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2022-04-18] BRA Extension: (Brave SpeedReader Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-04-18] BRA Extension: (Brave NTP sponsored images) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2022-04-18] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Christiane\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2022-04-18] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2009-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation) S4 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé] S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [165120 2022-04-18] (Brave Software, Inc. -> BraveSoftware Inc.) [Fichier non signé] S3 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\100.0.4896.127\elevation_service.exe [1591184 2022-04-13] (Google LLC -> Google LLC) [Fichier non signé] S4 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S3 kpm_launch_service; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 9.0.2\kpm_service.exe [354152 2020-02-20] (Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-06-10] (Kaspersky Lab JSC -> AO Kaspersky Lab) S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (EGIS TECHNOLOGY INC. -> Egis Technology Inc.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [31744 2009-09-16] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc) S3 cdrombus; C:\Windows\System32\Drivers\cdrombus.sys [25088 2012-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-07] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251800 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [633600 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1217792 2020-04-29] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79760 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project) S4 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-07] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232344 2020-04-14] (Kaspersky Lab -> AO Kaspersky Lab) S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.) S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X] S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-18 22:15 - 2022-04-18 22:29 - 000023360 _____ C:\Users\Christiane\Desktop\FRST.txt 2022-04-18 22:14 - 2022-04-18 22:21 - 000000000 ____D C:\FRST 2022-04-18 22:14 - 2022-04-18 22:14 - 002299904 _____ (Farbar) C:\Users\Christiane\Desktop\FRST64.exe 2022-04-18 21:44 - 2022-04-18 21:44 - 000000000 ____D C:\Users\Christiane\AppData\Local\ZHP 2022-04-18 21:43 - 2022-04-18 21:43 - 003482312 _____ (Nicolas Coolman) C:\Users\Christiane\Desktop\ZHPSuite.exe 2022-04-18 18:31 - 2022-04-18 18:31 - 000003160 _____ C:\Windows\system32\Tasks\{FE351440-81DC-4F3F-84A8-ABF673944E78} 2022-04-18 18:27 - 2022-04-18 18:27 - 000001642 _____ C:\Users\Public\Desktop\ZHPFix.lnk 2022-04-18 18:27 - 2022-04-18 18:27 - 000001642 _____ C:\ProgramData\Desktop\ZHPFix.lnk 2022-04-18 18:27 - 2022-04-18 18:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP 2022-04-18 18:26 - 2022-04-18 18:26 - 003521467 _____ (Nicolas Coolman ) C:\Users\Christiane\Downloads\ZHPFix.exe 2022-04-18 18:12 - 2022-04-18 18:12 - 000002365 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2022-04-18 18:12 - 2022-04-18 18:12 - 000000000 ____D C:\Program Files\BraveSoftware 2022-04-18 18:08 - 2022-04-18 18:08 - 000003512 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA 2022-04-18 18:08 - 2022-04-18 18:08 - 000003384 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore 2022-04-18 18:08 - 2022-04-18 18:08 - 000000000 ____D C:\Program Files (x86)\BraveSoftware 2022-04-18 18:07 - 2022-04-18 18:12 - 000000000 ____D C:\Users\Christiane\AppData\Local\BraveSoftware 2022-04-18 18:05 - 2022-04-18 18:05 - 001293840 _____ (BraveSoftware Inc.) C:\Users\Christiane\Downloads\BraveBrowserSetup-CLU884.exe 2022-04-18 13:05 - 2022-04-18 13:05 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2022-04-18 13:02 - 2022-04-18 13:02 - 000003534 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2022-04-18 13:02 - 2022-04-18 13:02 - 000003406 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2022-04-18 12:52 - 2022-04-18 12:52 - 001481400 _____ (Orange) C:\Users\Christiane\Downloads\Orange-assistant-page-de-demarrage.exe 2022-04-18 12:46 - 2022-04-18 12:46 - 000002248 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2022-04-18 12:45 - 2022-04-18 12:45 - 000000000 ____D C:\Program Files\Google 2022-04-18 12:44 - 2022-04-18 21:49 - 000000000 ____D C:\Program Files (x86)\Google 2022-04-18 12:44 - 2022-04-18 12:54 - 000000000 ____D C:\Users\Christiane\AppData\Local\Google 2022-04-18 12:44 - 2022-04-18 12:44 - 001343320 _____ (Google LLC) C:\Users\Christiane\Downloads\ChromeSetup(1).exe 2022-04-18 12:44 - 2022-04-18 12:44 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{7956C2BC-0A31-4EA0-B056-F1DD31DE39DA} 2022-04-18 12:44 - 2022-04-18 12:44 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{0FEE041A-E5C6-4DFD-AFB7-4896C9384118} 2022-04-18 12:43 - 2022-04-18 12:43 - 001343320 _____ (Google LLC) C:\Users\Christiane\Downloads\ChromeSetup.exe 2022-04-18 08:49 - 2022-04-18 08:49 - 005306938 _____ C:\Users\Christiane\Downloads\VID-20220126-WA0000.mp4 2022-04-18 08:48 - 2022-04-18 08:48 - 002099213 _____ C:\Users\Christiane\Downloads\VID-20220324-WA0002.mp4 2022-04-15 17:28 - 2022-04-15 17:28 - 013413599 _____ C:\Users\Christiane\Downloads\VIDEO-2020-08-18-09-31-491.mp4 2022-04-15 17:26 - 2022-04-15 17:26 - 002304461 _____ C:\Users\Christiane\Downloads\Le gardien de but.mp4 2022-04-14 19:18 - 2022-04-14 19:18 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2022-04-12 19:12 - 2022-04-12 19:12 - 004202036 _____ C:\Users\Christiane\Downloads\RECYCLAGE_EN_AFRIQUE_._._sv_111.mp4 2022-04-10 08:02 - 2022-04-10 08:02 - 011478398 _____ C:\Users\Christiane\Downloads\statue_de_la_liberte.mp4 2022-04-05 19:24 - 2022-04-05 19:24 - 000603832 _____ C:\Users\Christiane\Downloads\macron va parler.mp4 2022-04-05 18:54 - 2022-04-05 18:54 - 006825004 _____ C:\Users\Christiane\Downloads\Statues inédites (H.Ley).mp4 2022-04-05 18:52 - 2022-04-05 18:52 - 005426982 _____ C:\Users\Christiane\Downloads\en manque de boulot.mp4 2022-04-05 18:48 - 2022-04-05 18:48 - 006585108 _____ C:\Users\Christiane\Downloads\acces_interdit_aux_femmes____1111-1111_01.mp4 2022-04-03 13:08 - 2022-04-03 13:08 - 006564864 _____ C:\Users\Christiane\Downloads\VISITAMOS_EL_KREMLIN.pps 2022-03-29 18:58 - 2022-03-29 18:58 - 005639453 _____ C:\Users\Christiane\Downloads\VID-20211228-WA0003.mp4 2022-03-28 19:06 - 2022-03-28 19:06 - 002602256 _____ C:\Users\Christiane\Downloads\VID-20201210-WA0000__medecine_chinoise_01.mp4 2022-03-24 19:26 - 2022-03-24 19:26 - 005806080 _____ C:\Users\Christiane\Downloads\heeracleion21111111-2.pps 2022-03-24 19:19 - 2022-03-24 19:19 - 007625006 _____ C:\Users\Christiane\Downloads\VID-20210616-WA0000.mp4 2022-03-22 20:17 - 2022-03-22 20:17 - 000840192 _____ C:\Users\Christiane\Downloads\comment appeler la police.pps 2022-03-20 21:52 - 2022-03-20 21:52 - 000454891 _____ C:\Users\Christiane\Downloads\TRUC DES EXPERTS EN PEINTURE.pdf 2022-03-20 09:52 - 2022-03-20 09:52 - 001412096 _____ C:\Users\Christiane\Downloads\1500_vaches_AD_21.pps 2022-03-20 09:46 - 2022-03-20 09:46 - 002387749 _____ C:\Users\Christiane\Downloads\Roland Magdane (1981)1.mp4 ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2022-04-18 22:20 - 2020-04-10 07:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2022-04-18 22:20 - 2011-03-22 16:02 - 000003976 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{5FE46448-4A2F-4820-A8FC-EDC3A63EC373} 2022-04-18 22:11 - 2022-01-06 09:34 - 000295277 _____ C:\Users\Christiane\Desktop\ZHPDiag.txt 2022-04-18 22:11 - 2016-12-24 11:43 - 000000000 ____D C:\Users\Christiane\AppData\Roaming\ZHP 2022-04-18 21:40 - 2009-07-14 06:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2022-04-18 21:40 - 2009-07-14 06:45 - 000025840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2022-04-18 21:35 - 2010-11-26 05:48 - 000747910 _____ C:\Windows\system32\perfh00C.dat 2022-04-18 21:35 - 2010-11-26 05:48 - 000150402 _____ C:\Windows\system32\perfc00C.dat 2022-04-18 21:35 - 2009-07-14 07:13 - 001669656 _____ C:\Windows\system32\PerfStringBackup.INI 2022-04-18 21:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2022-04-18 21:33 - 2022-02-12 07:55 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2022-04-18 21:32 - 2016-12-04 19:20 - 000000000 ____D C:\Users\Christiane\AppData\LocalLow\Mozilla 2022-04-18 21:31 - 2010-11-25 20:58 - 000000000 ____D C:\ProgramData\NVIDIA 2022-04-18 21:31 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2022-04-18 18:27 - 2013-06-10 21:06 - 000000000 ____D C:\Programmes divers 2022-04-18 18:25 - 2014-02-02 16:20 - 000000948 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000UA.job 2022-04-15 07:18 - 2016-10-21 12:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2022-04-14 19:18 - 2020-10-05 22:21 - 000003530 _____ C:\Windows\wininit.ini 2022-04-11 22:19 - 2013-06-10 21:16 - 000000132 _____ C:\Windows\winamp.ini 2022-03-30 19:03 - 2009-07-14 07:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2022-03-25 20:02 - 2011-04-20 14:23 - 000000000 ____D C:\Users\Christiane\AppData\Local\Paint.NET 2022-03-19 16:35 - 2014-02-02 16:20 - 000000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4071522075-2442597929-1746449056-1000Core.job ==================== Fichiers à la racine de certains dossiers ======== 2011-10-17 18:32 - 2011-10-17 18:33 - 000033134 _____ () C:\Users\Christiane\AppData\Roaming\UserTile.png 2013-08-09 18:12 - 2017-05-09 20:53 - 000007168 _____ () C:\Users\Christiane\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2022-04-13 19:04 ==================== Fin de FRST.txt ========================