Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 31-03-2021
Exécuté par regis (administrateur) sur RELAX (HP HP Stream Laptop 14-ds0xxx) (03-04-2021 13:11:40)
Exécuté depuis C:\Users\gines\Downloads
Profils chargés: regis
Platform: Windows 10 Home Version 1909 18363.1440 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0358103.inf_amd64_d8540bf2fc7e5fd1\B357813\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0358103.inf_amd64_d8540bf2fc7e5fd1\B357813\atiesrxx.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupSvc.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\TuneUp\TuneupUI.exe <4>
(Corel Corporation -> WinZip Computing) C:\Program Files\WinZip\WzPreloader.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <18>
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f98b15466093b28e\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.9.1548.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CredentialEnrollmentManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.1430_none_16f0726f2a33ac55\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [971552 2019-09-19] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\AVG\TuneUp\TuneupUI.exe [2447104 2021-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [WinZip UN] => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-02] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Préchargeur.lnk [2021-04-02]
ShortcutTarget: WinZip Préchargeur.lnk -> C:\Program Files\WinZip\WzPreloader.exe (Corel Corporation -> WinZip Computing)
BootExecute: autocheck autochk * icarus_rvrt.exe

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {095C2C77-4A5A-4925-B6B2-F76946D8BCA0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [135000 2020-10-03] (HP Inc. -> HP Inc.)
Task: {12F40878-1615-4F3C-9D1B-90EB4C47D36C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1F4C0313-368B-408F-A943-1086B9950A76} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {2DB6E162-6B07-4529-B6FC-B03DDB2B3F6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1139032 2021-02-20] (HP Inc. -> HP Inc.)
Task: {4062754A-9AA8-408E-BDCC-9A75084D3DE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-04] (Google LLC -> Google LLC)
Task: {49190CB4-1CF9-411C-A7F7-1598A3B20BDF} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [615904 2021-02-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {51E5A3BD-212F-4CA7-A442-0EF4A57AC39A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1139032 2021-02-20] (HP Inc. -> HP Inc.)
Task: {58EE369D-91E5-426D-9A17-CC22C0B84ED5} - System32\Tasks\AVG\AVG TuneUp BugReport => C:\Program Files\AVG\TuneUp\AvBugReport.exe [4665600 2021-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) -> --send "dumps|report" --silent --product 74 --programpath "C:\Program Files\AVG\TuneUp\Setup\.." --configpath "C:\Program Files\AVG\TuneUp\Setup" --path "C:\ProgramData\AVG\TuneUp\log" --path "C:\ProgramData\AVG\Icarus\Logs" --guid d6a1e20e-c127-4d89-877b-b7c8aae44a9e
Task: {629914A9-CED9-4157-873E-F9790922FE9D} - System32\Tasks\ASC_SkipUac_regis => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {671AA359-F652-489F-8C1B-680BDE083CAB} - System32\Tasks\AVG\AVG TuneUp Update => C:\Program Files\Common Files\AVG\Icarus\avg-tu\icarus.exe [5546240 2021-03-08] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {67E13BE7-E64A-4BEE-9878-B7F048A2C607} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [553304 2020-11-05] (HP Inc. -> HP Inc.)
Task: {7C2EBCE4-A070-4AFC-A8E2-FF31CDEF1562} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8806788D-7AEB-4CFA-A10A-588510614F00} - System32\Tasks\IMF_SkipUAC_regis => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
Task: {B606A832-D707-4481-A22B-05A8489C1101} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-07-04] (Google LLC -> Google LLC)
Task: {C4042FF5-093B-4825-A8B2-B2F2EA5B8D63} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D5A52AEF-6756-4232-B31E-5EA17A75B621} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MpCmdRun.exe [566368 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D8C622D2-EF7B-4A90-B774-97326F88F11A} - System32\Tasks\Christmas Task (One-Time) => C:\Program Files (x86)\IObit\IObit Malware Fighter\xmas.exe
Task: {DDDC41CD-E144-48B0-A415-D368E49E1408} - System32\Tasks\WinZip Update Notifier 2 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)
Task: {EB6B016C-5DC1-4108-A22E-F3A1BBB3864E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {F1B9309F-7D57-4D9B-9C87-F7C0C9B09893} - System32\Tasks\WinZip Update Notifier 3 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)
Task: {FC7E3E27-A44D-4CFF-93D1-6F32667CB294} - System32\Tasks\WinZip Update Notifier 1 => C:\Program Files\WinZip\WZUpdateNotifier.exe [2859928 2020-09-28] (Corel Corporation -> Corel Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0699fa06-2028-4937-a8a2-21fb999b1b00}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\gines\Downloads

FireFox:
========
FF DefaultProfile: n8460w22.default
FF ProfilePath: C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\n8460w22.default [2020-12-23]
FF user.js: detected! => C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\n8460w22.default\user.js [2020-12-23]
FF ProfilePath: C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\9u0zz5fm.default-release [2021-04-02]
FF user.js: detected! => C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\9u0zz5fm.default-release\user.js [2020-12-23]
FF Session Restore: Mozilla\Firefox\Profiles\9u0zz5fm.default-release -> est activé.
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\9u0zz5fm.default-release\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-02-06]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\gines\AppData\Roaming\Mozilla\Firefox\Profiles\9u0zz5fm.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-02-06]
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default [2021-04-03]
CHR Notifications: Default -> hxxps://1.megaterralink.xyz; hxxps://1.sabs-push.xyz; hxxps://a.bestdealfor25.life; hxxps://click-on-this.today; hxxps://fr.filmtube.me; hxxps://get-rc.to; hxxps://ivolabs.com; hxxps://moto.auto-doc.fr; hxxps://special-breaking.news; hxxps://stream-complet.plus; hxxps://telecharger-uptobox.fr; hxxps://thewowfeed.com; hxxps://wrw.hds-streaming.tv; hxxps://www.radio.fr; hxxps://www.wish.com
CHR Extension: (Slides) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-04]
CHR Extension: (Docs) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-07-04]
CHR Extension: (Google Drive) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-27]
CHR Extension: (YouTube) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-07-04]
CHR Extension: (Sheets) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-07-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-29]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-27]
CHR Extension: (Chrome Media Router) - C:\Users\gines\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-13]
CHR Profile: C:\Users\gines\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-04-03]
CHR Profile: C:\Users\gines\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-02]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Brave:
=======
BRA Profile: C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-04-02]
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-04-02]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-04-02]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-04-02]
BRA Extension: (Brave User Model Installer) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2021-04-02]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-04-02]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2021-04-02]
BRA Extension: (Brave NTP sponsored images) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-04-02]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\gines\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-04-02]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 CleanupPSvc; C:\Program Files\AVG\TuneUp\TuneupSvc.exe [12421888 2021-04-02] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\AppHelperCap.exe [693760 2021-01-06] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\NetworkCap.exe [692736 2021-01-06] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_5544a2e7dfd0f875\x64\SysInfoCap.exe [693760 2021-01-06] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f98b15466093b28e\x64\TouchpointAnalyticsClientService.exe [479504 2021-01-06] (HP Inc. -> HP Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 luminati_net_updater_win_hola_org; "C:/Program Files/Hola/app/net_updater64.exe" --updater win_hola.org [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 AntiLog32; C:\WINDOWS\system32\drivers\AntiLog64.sys [49752 2020-12-30] (Zemana Ltd. -> Zemana Ltd.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 Imf8HpRegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpRegFilter.sys [41848 2019-12-17] (IObit Information Technology -> IObit)
S3 ImfHpFileFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfHpFileFilter.sys [45432 2019-12-17] (IObit Information Technology -> IObit)
S3 ImfRealScanner; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRealScanner.sys [50168 2020-07-01] (IObit Information Technology -> IObit)
S3 ImfRegistryFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win10_amd64\ImfRegistryFilter.sys [42360 2019-12-17] (IObit Information Technology -> IObit)
S3 keycrypt; C:\WINDOWS\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd. -> Zemana Ltd.)
R3 MpKsl0ca73767; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DFEFC7E3-6C48-4831-BD27-4AE14C0E5616}\MpKslDrv.sys [97528 2021-04-03] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-17] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2021-02-21] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2020-12-16] (Zemana Ltd. -> Zemana Ltd.)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
S3 AscFileFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileFilter.sys [X]
S3 AscRegistryFilter; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscRegistryFilter.sys [X]
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]
R4 eamonm; system32\DRIVERS\eamonm.sys [X]
R4 edevmon; system32\DRIVERS\edevmon.sys [X]
R4 ehdrv; \SystemRoot\system32\DRIVERS\ehdrv.sys [X]
R4 ekbdflt; \SystemRoot\system32\DRIVERS\ekbdflt.sys [X]
R4 epfw; \SystemRoot\system32\DRIVERS\epfw.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-03 13:11 - 2021-04-03 13:13 - 000020476 _____ C:\Users\gines\Downloads\FRST.txt
2021-04-03 01:23 - 2021-04-03 01:23 - 000000000 ____D C:\Users\regis
2021-04-02 20:02 - 2021-04-02 20:02 - 000000000 _____ C:\Users\gines\ipconfig
2021-04-02 18:41 - 2021-04-02 18:41 - 009649994 _____ C:\Users\gines\Downloads\RevoUninstaller_Portable.zip
2021-04-02 18:37 - 2021-04-02 19:02 - 000000000 ____D C:\Users\gines\AppData\Local\WinZip
2021-04-02 18:37 - 2021-04-02 18:38 - 000000000 ____D C:\ProgramData\WinZip
2021-04-02 18:37 - 2021-04-02 18:37 - 000003622 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 2
2021-04-02 18:37 - 2021-04-02 18:37 - 000003620 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 3
2021-04-02 18:37 - 2021-04-02 18:37 - 000003620 _____ C:\WINDOWS\system32\Tasks\WinZip Update Notifier 1
2021-04-02 18:37 - 2021-04-02 18:37 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip.lnk
2021-04-02 18:37 - 2021-04-02 18:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2021-04-02 18:36 - 2021-04-02 18:37 - 000000000 ____D C:\Program Files\WinZip
2021-04-02 18:35 - 2021-04-02 18:35 - 000000000 ____D C:\ProgramData\UniqueId
2021-04-02 18:34 - 2021-04-02 18:34 - 000977320 _____ (WinZip Computing) C:\Users\gines\Downloads\winzip25.exe
2021-04-02 18:17 - 2021-04-02 18:17 - 000000017 _____ C:\Users\gines\AppData\Local\resmon.resmoncfg
2021-04-02 15:08 - 2021-04-03 13:16 - 000614311 _____ C:\WINDOWS\ZAM.krnl.trace
2021-04-02 15:08 - 2021-04-03 13:16 - 000435811 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2021-04-02 05:44 - 2021-04-02 17:35 - 000000115 _____ C:\Users\gines\AppData\Roaming\System Monitor II_UptimeRecord.ini
2021-04-02 05:28 - 2021-04-02 05:28 - 000000386 _____ C:\Users\gines\AppData\Roaming\Top Process Monitor_#0_Settings.ini
2021-04-02 05:23 - 2021-04-02 05:23 - 000000000 ____D C:\Users\gines\AppData\Local\Clipboarder
2021-04-02 05:22 - 2021-04-02 18:10 - 000000000 ____D C:\Users\gines\AppData\Local\Sidebar7
2021-04-02 05:18 - 2021-04-02 05:18 - 027354152 _____ C:\Users\gines\Downloads\8GadgetPackSetup.msi
2021-04-02 04:53 - 2021-04-02 04:58 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-04-02 04:53 - 2021-04-02 04:54 - 000000000 ____D C:\Users\gines\AppData\Local\BraveSoftware
2021-04-02 04:33 - 2021-04-02 04:33 - 000000000 ____D C:\ProgramData\Emsisoft
2021-04-02 04:31 - 2021-04-02 04:54 - 000000000 ____D C:\EEK
2021-04-02 04:28 - 2021-04-02 04:30 - 296151056 _____ C:\Users\gines\Downloads\EmsisoftEmergencyKit.exe
2021-04-02 04:10 - 2021-04-02 04:10 - 000002070 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG TuneUp.lnk
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVG
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Users\gines\AppData\Roaming\AVG
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Users\gines\AppData\Local\CEF
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Program Files\Common Files\AVG
2021-04-02 04:10 - 2021-04-02 04:10 - 000000000 ____D C:\Program Files\AVG
2021-04-02 04:09 - 2021-04-02 15:20 - 000000000 ____D C:\ProgramData\AVG
2021-04-02 04:09 - 2021-04-02 04:09 - 001154184 _____ (AVG Technologies) C:\Users\gines\Downloads\avg-pc-tuneup-20-4-757-0.exe
2021-04-02 04:09 - 2021-03-08 21:46 - 000134400 _____ (AVG Technologies) C:\WINDOWS\system32\icarus_rvrt.exe
2021-04-02 03:24 - 2021-04-02 03:24 - 000000000 ____D C:\WINDOWS\Panther
2021-04-02 03:02 - 2021-04-02 03:02 - 000000000 ____D C:\Users\gines\AppData\Local\Simply Super Software
2021-04-02 02:55 - 2021-04-02 18:58 - 000000000 ____D C:\Program Files (x86)\Trojan Remover
2021-04-02 02:54 - 2021-04-02 02:54 - 014321120 _____ (Simply Super Software ) C:\Users\gines\Downloads\trjsetup695.exe
2021-04-01 23:27 - 2021-04-01 23:27 - 000000000 ___RD C:\Users\gines\Documents\Scanned Documents
2021-04-01 23:25 - 2021-04-01 23:25 - 000000000 ____D C:\Users\DOM
2021-04-01 23:10 - 2021-04-01 23:10 - 000000557 _____ C:\Users\gines\Documents\restoreregedit.vbs
2021-04-01 23:07 - 2021-04-01 23:07 - 000000557 _____ C:\Users\gines\Documents\restoreregedit
2021-04-01 21:22 - 2021-04-01 21:22 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-01 21:20 - 2021-04-01 21:20 - 002084016 _____ (Malwarebytes) C:\Users\gines\Downloads\MBSetup.exe
2021-04-01 21:09 - 2021-04-01 21:09 - 000027136 _____ C:\Users\gines\Documents\FRST.txt
2021-04-01 20:53 - 2021-04-01 20:53 - 000026564 _____ C:\Users\gines\Documents\FRSTallo2.txt
2021-04-01 20:44 - 2021-04-01 20:44 - 000026380 _____ C:\Users\gines\Documents\halloo.txt
2021-04-01 20:37 - 2021-04-01 20:37 - 000026355 _____ C:\Users\gines\Documents\hallo1.txt
2021-04-01 20:36 - 2021-04-01 20:36 - 000023602 _____ C:\Users\gines\Documents\hallo.txt
2021-04-01 20:27 - 2021-04-01 20:27 - 000000000 ____D C:\Users\gines\AppData\Roaming\ZHP
2021-04-01 20:27 - 2021-04-01 20:27 - 000000000 ____D C:\Users\gines\AppData\Local\ZHP
2021-04-01 20:25 - 2021-04-01 20:25 - 003304320 _____ C:\Users\gines\Downloads\ZHPCleaner-2019 (1).exe
2021-04-01 20:13 - 2021-04-03 13:12 - 000000000 ____D C:\FRST
2021-04-01 20:11 - 2021-04-01 20:11 - 002298368 _____ (Farbar) C:\Users\gines\Downloads\FRST64.exe
2021-04-01 19:00 - 2021-04-01 19:00 - 000002144 _____ C:\Users\gines\Desktop\Hetman Internet Spy.lnk
2021-04-01 19:00 - 2021-04-01 19:00 - 000000000 ____D C:\Users\gines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hetman Software
2021-04-01 19:00 - 2021-04-01 19:00 - 000000000 ____D C:\Program Files\Hetman Software
2021-04-01 18:59 - 2021-04-01 19:00 - 022093200 _____ C:\Users\gines\Downloads\hetman_internet_spy (1).exe
2021-04-01 00:00 - 2021-04-01 02:06 - 000000353 _____ C:\Users\gines\Documents\darweb.txt
2021-03-31 02:38 - 2021-03-31 02:38 - 000008678 _____ C:\Users\gines\Downloads\ficheDetail (6).pdf
2021-03-31 01:16 - 2021-03-31 01:16 - 000008679 _____ C:\Users\gines\Downloads\ficheDetail (5).pdf
2021-03-31 01:16 - 2021-03-31 01:16 - 000008678 _____ C:\Users\gines\Downloads\ficheDetail (4).pdf
2021-03-31 00:53 - 2021-03-31 00:53 - 000000000 ____D C:\Users\gines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2021-03-30 19:37 - 2021-03-30 19:37 - 000000000 ____D C:\Users\gines\AppData\Local\luminati
2021-03-30 19:36 - 2021-03-31 16:50 - 000000000 ____D C:\Program Files\Hola
2021-03-30 19:31 - 2021-03-30 19:31 - 000000919 _____ C:\Users\gines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2021-03-30 19:31 - 2021-03-30 19:31 - 000000871 _____ C:\Users\gines\Desktop\Start Tor Browser.lnk
2021-03-30 19:28 - 2021-03-30 19:29 - 000000000 ____D C:\Users\gines\Desktop\Tor Browser
2021-03-30 19:26 - 2021-03-30 19:26 - 073100528 _____ C:\Users\gines\Downloads\torbrowser-install-win64-10.0.15_fr.exe
2021-03-25 23:30 - 2021-03-27 22:57 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-03-23 21:10 - 2021-03-23 21:10 - 000002396 _____ C:\Users\gines\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-23 19:14 - 2021-03-23 19:14 - 000000000 ____D C:\Users\gines\AppData\Local\ESET
2021-03-23 19:06 - 2021-03-23 19:06 - 006341552 _____ (ESET) C:\Users\gines\Downloads\eset_internet_security_live_installer.exe
2021-03-23 19:01 - 2021-03-23 19:01 - 008534696 _____ (Malwarebytes) C:\Users\gines\Downloads\adwcleaner_8.2.exe
2021-03-12 12:52 - 2021-03-12 12:53 - 000032202 _____ C:\Users\gines\Downloads\Facture_Free_MARSA.pdf
2021-03-12 01:46 - 2021-03-12 01:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-12 01:46 - 2021-03-12 01:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-12 01:45 - 2021-03-12 01:45 - 001282360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-12 01:45 - 2021-03-12 01:45 - 000000357 _____ C:\WINDOWS\system32\DrtmAuth19.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth18.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth17.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth16.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth15.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2021-03-12 01:45 - 2021-03-12 01:45 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2021-03-12 01:44 - 2021-03-12 01:44 - 000861696 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-12 01:43 - 2021-03-12 01:43 - 001757632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-12 01:43 - 2021-03-12 01:43 - 001365640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-09 17:05 - 2021-03-09 17:05 - 000181263 _____ C:\Users\gines\Downloads\DALO.pdf
2021-03-08 12:59 - 2021-03-08 12:59 - 000028024 _____ C:\Users\gines\Downloads\2021_Janvier (2).pdf
2021-03-08 12:49 - 2021-03-08 12:49 - 000032202 _____ C:\Users\gines\Downloads\Facture_Free_mars.pdf
2021-03-06 20:01 - 2021-03-06 20:01 - 000079387 _____ C:\Users\gines\Downloads\108998128-154000217393.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-03 13:14 - 2020-07-04 09:59 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-03 13:10 - 2020-07-04 11:55 - 000000000 ____D C:\Users\gines\AppData\Local\D3DSCache
2021-04-03 03:16 - 2020-07-04 10:22 - 001681874 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-03 03:16 - 2020-07-04 10:05 - 000756770 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-03 03:16 - 2020-07-04 10:05 - 000142442 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-03 03:16 - 2020-07-04 09:56 - 000000000 ____D C:\WINDOWS\INF
2021-04-03 01:57 - 2020-07-04 10:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-03 01:22 - 2020-07-04 09:48 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-02 20:25 - 2020-07-04 09:59 - 000000000 __SHD C:\Program Files\Windows Sidebar
2021-04-02 20:25 - 2020-07-04 09:59 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2021-04-02 20:21 - 2016-09-29 11:00 - 000000000 ____D C:\Users\gines\Desktop\RevoUninstaller_Portable
2021-04-02 20:02 - 2020-07-04 10:11 - 000000000 ____D C:\Users\gines
2021-04-02 18:53 - 2020-07-04 09:59 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-02 18:49 - 2020-07-04 11:58 - 000000000 ____D C:\Users\gines\AppData\Local\Zemana
2021-04-02 18:47 - 2020-07-04 21:41 - 000000000 ____D C:\Users\gines\AppData\Local\AMSDK
2021-04-02 18:38 - 2020-09-15 20:06 - 000000000 ____D C:\Users\gines\AppData\Roaming\vlc
2021-04-02 18:21 - 2020-07-04 09:59 - 000000000 ____D C:\PerfLogs
2021-04-02 15:08 - 2020-07-04 10:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-02 13:41 - 2020-07-04 10:04 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-04-02 13:41 - 2020-07-04 09:46 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-02 04:16 - 2020-08-18 00:00 - 000000000 ____D C:\Users\gines\AppData\Roaming\WhatsApp
2021-04-02 04:16 - 2020-08-17 23:58 - 000000000 ____D C:\Users\gines\AppData\Local\SquirrelTemp
2021-04-02 00:25 - 2020-07-04 09:59 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-02 00:25 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-02 00:10 - 2020-08-01 02:44 - 000000000 ____D C:\Users\gines\AppData\Local\ElevatedDiagnostics
2021-04-01 20:02 - 2020-08-01 02:57 - 000000000 ____D C:\Users\gines\AppData\Local\CrashDumps
2021-04-01 02:13 - 2019-10-15 19:27 - 000000000 ____D C:\Users\gines\AppData\LocalLow\Mozilla
2021-03-30 20:56 - 2020-01-29 00:10 - 000000000 ____D C:\Paie Plus Demo
2021-03-28 20:41 - 2020-07-04 10:35 - 000000000 ____D C:\WINDOWS\minidump
2021-03-22 19:19 - 2020-07-04 21:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-03-17 01:02 - 2020-07-04 10:20 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-12 12:44 - 2019-06-24 06:33 - 000000000 ___RD C:\Users\gines\3D Objects
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\SystemResources
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\system32\setup
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\Provisioning
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-03-12 12:37 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-03-12 02:23 - 2020-07-05 23:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-12 02:13 - 2020-07-05 23:50 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-07 19:58 - 2020-07-04 09:59 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Fichiers à la racine de certains dossiers ========

2021-04-02 05:44 - 2021-04-02 17:35 - 000000115 _____ () C:\Users\gines\AppData\Roaming\System Monitor II_UptimeRecord.ini
2021-04-02 05:28 - 2021-04-02 05:28 - 000000386 _____ () C:\Users\gines\AppData\Roaming\Top Process Monitor_#0_Settings.ini
2021-04-02 18:17 - 2021-04-02 18:17 - 000000017 _____ () C:\Users\gines\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================