Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-03-2021 Exécuté par conceptor (administrateur) sur CONCEPTHOR (29-03-2021 18:50:37) Exécuté depuis I:\installation Profils chargés: conceptor Platform: Windows 10 Pro Version 1909 18363.836 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (@ByELDI -> @ByELDI) [Fichier non signé] C:\Program Files\KMSpico\Service_KMS.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0354308.inf_amd64_48534036afa0f0d8\B354265\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0354308.inf_amd64_48534036afa0f0d8\B354265\atiesrxx.exe (AOMEI International Network Limited -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI\AOMEI Backupper 5.7.0\ABService.exe (Autodesk, Inc -> Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3> (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe (Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe (Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe (Disc Soft Ltd -> Disc Soft Ltd) [Fichier non signé] C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Flexera Software LLC -> Flexera Software LLC) C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe (Janos Mathe -> H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Mega Limited -> Mega Limited) C:\Users\conceptor\AppData\Local\MEGAsync\MEGAsync.exe (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\dispatcher.exe (Mentor Graphics Corporation -> Mentor Graphics Corporation) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Moo0) [Fichier non signé] C:\Program Files (x86)\Moo0\SystemMonitor 1.83\SystemMonitor.exe (Trace Software International -> ) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [116960 2021-02-25] (Avast Software s.r.o. -> AVAST Software) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes Corporation -> Malwarebytes) HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-05-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) HKLM\...\Policies\Explorer: [NoInstrumentation] 1 HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2667194965-3326937338-1918374670-1001\...\Run: [CorsairLink4] => C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe [27146280 2018-12-28] (Corsair Memory, Inc. -> Corsair Components, Inc.) HKU\S-1-5-21-2667194965-3326937338-1918374670-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2020-05-10] (Disc Soft Ltd -> Disc Soft Ltd) [Fichier non signé] HKU\S-1-5-21-2667194965-3326937338-1918374670-1001\...\Run: [Kryptex] => C:\Users\conceptor\AppData\Local\Programs\kryptex-app\Kryptex.exe [123573744 2021-03-15] (xBlock Ventures OÜ -> Kryptex) HKU\S-1-5-21-2667194965-3326937338-1918374670-1001\...\Policies\Explorer: [] HKU\S-1-5-21-2667194965-3326937338-1918374670-1001\...\MountPoints2: {32e9fc28-9390-11ea-be8a-20cf30065622} - "L:\ANSYSMotionSetup.exe" HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116224 2020-05-10] (pdfforge GmbH) [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2018 Démarrage rapide.lnk [2020-05-10] ShortcutTarget: SOLIDWORKS 2018 Démarrage rapide.lnk -> C:\Windows\Installer\{837A0B0D-F508-4088-8B05-606477DEB905}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC) [Fichier non signé] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Téléchargement en arrière-plan de SOLIDWORKS.lnk [2020-05-10] ShortcutTarget: Téléchargement en arrière-plan de SOLIDWORKS.lnk -> C:\Program Files (x86)\Common Files\Gestionnaire d'installation SOLIDWORKS\BackgroundDownloading\sldBgDwld.exe (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes SolidWorks Corp.) Startup: C:\Users\conceptor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Folding@home.lnk [2020-05-07] ShortcutTarget: Folding@home.lnk -> C:\Program Files (x86)\FAHClient\HideConsole.exe () [Fichier non signé] Startup: C:\Users\conceptor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2020-04-29] ShortcutTarget: MEGAsync.lnk -> C:\Users\conceptor\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited -> Mega Limited) GroupPolicy\User: Restriction ? <==== ATTENTION Policies: C:\Users\conceptor\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0705A503-0DE8-4C66-A8E7-590395364752} - System32\Tasks\KryptexElevationFromStartup => C:\Users\conceptor\AppData\Local\Programs\kryptex-app\Kryptex.exe [123573744 2021-03-15] (xBlock Ventures OÜ -> Kryptex) Task: {077874EF-5EF4-4D52-B2AA-C5C307BDE881} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61} Task: {1BAD8F04-EB0F-40B3-ADAB-D752690640E8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {2BBB3D68-5AC7-4016-982D-85A9783A77F3} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-25] (Avast Software s.r.o. -> AVAST Software) Task: {2C36C878-10AA-42FF-9CA9-F17E7B4A976A} - System32\Tasks\Moo0 System Monitor 1.83 => C:\Program Files (x86)\Moo0\SystemMonitor 1.83\SystemMonitor.exe [3497984 2019-06-14] (Moo0) [Fichier non signé] Task: {3BB6E095-2BFB-4400-A51E-B40878289403} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [745664 2016-01-12] (@ByELDI -> @ByELDI) [Fichier non signé] Task: {5ADFF7C6-B440-47D1-A33F-E636979BE147} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\WINDOWS\system32\NotificationUI.exe Task: {7DB8FB68-A8AF-4C29-9408-2F1AE92807C0} - System32\Tasks\Nettoyage mensuel => C:\Program [Argument = Files\CCleaner\CCleaner64.exe /AUTO] Task: {88E7F2CC-8292-44E4-A8FF-BC6D1ED5DE22} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {8D0585A7-F0F8-4C7F-AF97-D22BC8E46FAF} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION Task: {99573C38-E2A6-4A82-9847-5B3024E2E41C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E} Task: {9E26C17E-EF57-40E4-AA60-8F2E6E74F308} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1} Task: {A25A53EA-F8B1-41B4-8A8B-5CBAD99C638E} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\BIN64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {B36510D7-9E10-41FF-A8D8-154D6F6B5CDC} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {B59D0743-6CBE-49D8-B821-A01CE48E8B1E} - System32\Tasks\KryptexElevation => C:\Users\conceptor\AppData\Local\Programs\kryptex-app\Kryptex.exe [123573744 2021-03-15] (xBlock Ventures OÜ -> Kryptex) Task: {B5A343F7-377F-4ACD-A8D2-B4D500535626} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371} Task: {BE4674E5-50E6-4D67-8BC7-16CA94DF1087} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-04-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) Task: {C1187CB4-329E-4985-A497-20DEA0BA1512} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-2667194965-3326937338-1918374670-1001 => C:\Users\conceptor\AppData\Local\MEGAsync\MEGAupdater.exe [1303800 2021-02-25] (Mega Limited -> Mega Limited) Task: {CAEA14E9-A9CE-4BF6-9BDF-F839B58F6484} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {DC7B9AE4-2E48-4FF2-9D85-E3D94848EC2C} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [633824 2021-03-15] (Mozilla Corporation -> Mozilla Foundation) Task: {E299B441-F341-4611-96FD-803DB2961CA4} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-23] (Avast Software s.r.o. -> Avast Software) Task: {F0D27A9A-D7A0-4E24-8640-FD34DBAEB3E7} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1628160 2020-04-21] (Advanced Micro Devices, Inc.) [Fichier non signé] Task: {F56D6771-C42F-4261-9BE5-3B8C67B6596E} - System32\Tasks\Activation Windows et Office => C:\Windows\KMSnano\Activation2.vbs [295 2013-08-27] () [Fichier non signé] Task: {F96967A9-09D9-4112-A800-4EAE9E3CA205} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_conceptor => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [5458008 2018-07-17] (Janos Mathe -> H.D.S. Hungary) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{D9007A05-79F3-4E71-A134-3CC9225B71EC}: [DhcpNameServer] 192.168.1.254 HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION FireFox: ======== FF DefaultProfile: 9jf0uhi6.default FF ProfilePath: C:\Users\conceptor\AppData\Roaming\Mozilla\Firefox\Profiles\9jf0uhi6.default [2020-04-28] FF NewTab: Mozilla\Firefox\Profiles\9jf0uhi6.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-04-28 10:07:29&bName=&bitmask=0450 FF ProfilePath: C:\Users\conceptor\AppData\Roaming\Mozilla\Firefox\Profiles\0t3vqzf0.default-release [2021-03-16] FF Homepage: Mozilla\Firefox\Profiles\0t3vqzf0.default-release -> about:blank FF NewTab: Mozilla\Firefox\Profiles\0t3vqzf0.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=AE190201&iDate=2020-04-28 10:07:29&bName=&bitmask=0450 FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> C:\PROGRA~1\SOLIDWORKS Corp\SOLIDWORKS Composer\Bin\npcomposerplayerwebplugin.dll [2018-11-13] (Dassault Systemes SE -> Dassault Systemes) FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> C:\PROGRA~1\SOLIDWORKS Corp\SOLIDWORKS Composer\Bin\x86\npcomposerplayerwebplugin.dll [2018-11-13] (Dassault Systemes SE -> Dassault Systemes) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2018-04-08] (Foxit Software Incorporated -> Foxit Corporation) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7878680 2021-03-18] (Avast Software s.r.o. -> AVAST Software) R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621608 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [352480 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56904 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper 5.7.0\ABService.exe [889384 2020-04-18] (AOMEI International Network Limited -> AOMEI Tech Co., Ltd.) S4 CLink4Service; C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe [34344 2018-12-28] (Corsair Memory, Inc. -> Corsair Components, Inc.) R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [403496 2020-05-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55848 2020-05-20] (Corsair Memory, Inc. -> Corsair Memory, Inc.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd -> Disc Soft Ltd) R2 ewserver; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Electrical\server\EwServer.exe [191664 2018-11-13] (Trace Software International -> ) S3 impi_hydra; C:\Program Files\Common Files\SolidWorks Shared\Simulation Worker Agent\hydra_service.exe [880296 2018-11-13] (Intel(R) Software Development Products -> Intel Corporation) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes Corporation -> Malwarebytes) R2 mitsijm2017; C:\Program Files\Autodesk\Inventor 2017\Moldflow\bin\mitsijm.exe [967456 2015-08-04] (Autodesk, Inc -> Autodesk, Inc.) S4 ModernMix; C:\Program Files (x86)\Stardock\ModernMix\MMixSrv.exe [74864 2013-02-28] (Stardock Corporation -> Stardock Software, Inc) R2 MSSQL$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2015-04-20] (Microsoft Corporation -> Microsoft Corporation) R2 RemoteSolverDispatcher; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Flow Simulation\binCFW\remotesolverdispatcherservice.exe [264704 2018-11-13] (Mentor Graphics Corporation -> Mentor Graphics Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-28] (Microsoft Windows Publisher -> Microsoft Corporation) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI -> @ByELDI) [Fichier non signé] S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2020-05-10] (SolidWorks) [Fichier non signé] S4 SQLAgent$TEW_SQLEXPRESS; C:\ProgramData\SOLIDWORKS Electrical\MSSQL12.TEW_SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2015-04-20] (Microsoft Corporation -> Microsoft Corporation) S4 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Corporation -> Stardock Software, Inc) R2 SWVisualize2018.BoostService; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize Boost\SWVisualize.BoostService.exe [59280 2018-11-13] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) R2 SWVisualize2018.Queue.Server; C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS Visualize\SWVisualize.Queue.Server.exe [24976 2018-11-13] (Dassault Systemes SolidWorks Corp. -> Dassault Systèmes) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation) S2 CorsairGamingAudioConfig; C:\Windows\System32\CorsairGamingAudioCfgService64.exe [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AIDA64Driver; C:\Program Files (x86)\AIDA64\kerneld.x64 [47560 2018-11-20] (FinalWire Kft. -> ) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> ) R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16832 2020-12-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software) R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465160 2021-03-18] (Avast Software s.r.o. -> AVAST Software) R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-25] (Avast Software s.r.o. -> AVAST Software) R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-25] (Avast Software s.r.o. -> AVAST Software) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2020-01-09] (Microsoft Corporation) [Fichier non signé] R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.) R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45968 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21904 2020-04-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair) R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-03-29] (CPUID S.A.R.L.U. -> CPUID) R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2020-05-10] (Disc Soft Ltd -> Disc Soft Ltd) R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2020-05-10] (Disc Soft Ltd -> Disc Soft Ltd) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [34064 2020-12-19] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2021-03-29] (Malwarebytes Corporation -> Malwarebytes) R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> ) S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> ) S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> ) S4 RsFx0310; C:\WINDOWS\System32\DRIVERS\RsFx0310.sys [249024 2015-04-20] (Microsoft Corporation -> Microsoft Corporation) R0 speedfan; C:\Windows\SysWow64\speedfan.sys [29592 2011-03-18] (Sokno S.R.L. -> Almico Software) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation) R3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.83\WinRing0x64.sys [14544 2008-07-26] (Noriyuki MIYAZAKI -> OpenLibSys.org) S3 cpuz146; \??\C:\WINDOWS\temp\cpuz146\cpuz146_x64.sys [X] S3 GPU-Z-v2; \??\C:\Users\conceptor\AppData\Local\Temp\GPU-Z-v2.sys [X] <==== ATTENTION ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-03-29 18:44 - 2021-03-29 18:50 - 000000000 ____D C:\FRST 2021-03-29 18:37 - 2021-03-29 18:37 - 000003124 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher 2021-03-29 18:37 - 2021-03-29 18:37 - 000003110 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate 2021-03-29 18:35 - 2021-03-29 18:42 - 000967292 _____ C:\WINDOWS\Minidump\032921-41921-01.dmp 2021-03-26 16:52 - 2021-03-26 16:53 - 000000000 ____D C:\Users\conceptor\Documents\Autodesk Showcase 2017 2021-03-26 12:50 - 2021-03-29 18:35 - 1278381721 _____ C:\WINDOWS\MEMORY.DMP 2021-03-26 12:50 - 2021-03-26 12:58 - 000956076 _____ C:\WINDOWS\Minidump\032621-43015-01.dmp 2021-03-24 12:56 - 2021-03-24 13:04 - 000830724 _____ C:\WINDOWS\Minidump\032421-42921-01.dmp 2021-03-24 00:13 - 2021-03-24 00:16 - 000786484 _____ C:\WINDOWS\Minidump\032321-52109-01.dmp 2021-03-22 13:54 - 2021-03-22 13:54 - 000000000 ____D C:\Users\conceptor\AppData\Local\Anark_Corporation 2021-03-22 13:54 - 2021-03-22 13:54 - 000000000 ____D C:\Users\conceptor\AppData\Local\Adobe 2021-03-22 13:53 - 2021-03-22 13:53 - 000000000 ____D C:\Users\conceptor\AppData\Local\Anark 2021-03-22 12:11 - 2021-03-22 12:19 - 000836308 _____ C:\WINDOWS\Minidump\032221-40703-01.dmp 2021-03-20 12:26 - 2021-03-20 12:28 - 000770172 _____ C:\WINDOWS\Minidump\032021-40296-01.dmp 2021-03-19 12:51 - 2021-03-19 12:58 - 001196460 _____ C:\WINDOWS\Minidump\031921-41218-01.dmp 2021-03-18 22:11 - 2021-03-18 22:11 - 000465160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys 2021-03-18 22:05 - 2021-03-18 22:11 - 001180692 _____ C:\WINDOWS\Minidump\031821-41593-01.dmp 2021-03-18 10:25 - 2021-03-18 10:31 - 000970540 _____ C:\WINDOWS\Minidump\031821-43125-01.dmp 2021-03-17 14:59 - 2021-03-26 16:50 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2667194965-3326937338-1918374670-1001 2021-03-17 14:58 - 2021-03-17 14:58 - 000002457 _____ C:\Users\conceptor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-03-17 14:50 - 2021-03-17 14:57 - 001797724 _____ C:\WINDOWS\Minidump\031721-41875-01.dmp 2021-03-16 09:15 - 2021-03-16 09:16 - 000565756 _____ C:\WINDOWS\Minidump\031621-41187-01.dmp 2021-03-15 22:11 - 2021-03-15 22:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-03-15 14:30 - 2021-03-15 14:33 - 000839868 _____ C:\WINDOWS\Minidump\031521-52000-01.dmp 2021-03-10 17:04 - 2021-03-10 17:07 - 001055356 _____ C:\WINDOWS\Minidump\031021-40718-01.dmp 2021-03-09 19:10 - 2021-03-09 19:18 - 000804220 _____ C:\WINDOWS\Minidump\030921-40171-01.dmp 2021-03-06 14:43 - 2021-03-06 14:50 - 001062260 _____ C:\WINDOWS\Minidump\030621-40312-01.dmp 2021-03-05 21:20 - 2021-03-05 21:29 - 001186748 _____ C:\WINDOWS\Minidump\030521-41343-01.dmp 2021-03-05 09:18 - 2021-03-05 11:02 - 631936536 _____ (NVIDIA Corporation) C:\Users\conceptor\Downloads\461.72-desktop-win10-64bit-international-whql.exe 2021-03-05 07:40 - 2021-03-05 08:53 - 659528888 _____ (NVIDIA Corporation) C:\Users\conceptor\Downloads\461.72-desktop-win10-64bit-international-dch-whql.exe 2021-03-05 06:48 - 2021-03-05 06:48 - 001697344 _____ (CPUID, Inc. ) C:\Users\conceptor\Downloads\cpu-z_1.95-rog-en.exe 2021-03-05 06:28 - 2021-03-05 06:36 - 007262592 _____ (techPowerUp (www.techpowerup.com)) C:\Users\conceptor\Downloads\GPU-Z.2.37.0.exe 2021-03-05 06:17 - 2021-03-05 06:24 - 000977852 _____ C:\WINDOWS\Minidump\030521-49718-01.dmp ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-03-29 18:47 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-03-29 18:42 - 2021-02-01 17:19 - 000000000 ____D C:\Users\conceptor\AppData\Roaming\Kryptex 2021-03-29 18:41 - 2021-02-25 19:59 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update 2021-03-29 18:41 - 2021-02-01 17:19 - 000003266 _____ C:\WINDOWS\system32\Tasks\KryptexElevationFromStartup 2021-03-29 18:41 - 2021-02-01 17:19 - 000003196 _____ C:\WINDOWS\system32\Tasks\KryptexElevation 2021-03-29 18:39 - 2020-04-28 20:20 - 002057084 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-03-29 18:39 - 2019-03-19 14:01 - 000876346 _____ C:\WINDOWS\system32\perfh00C.dat 2021-03-29 18:39 - 2019-03-19 14:01 - 000186164 _____ C:\WINDOWS\system32\perfc00C.dat 2021-03-29 18:39 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF 2021-03-29 18:35 - 2020-04-30 15:40 - 000000000 ____D C:\WINDOWS\Minidump 2021-03-29 18:35 - 2020-04-29 13:59 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat 2021-03-29 18:35 - 2020-04-29 13:59 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2021-03-29 18:35 - 2020-04-28 20:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-03-29 18:35 - 2020-04-28 19:58 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-03-29 18:35 - 2020-04-28 13:32 - 000251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2021-03-26 20:31 - 2020-04-28 20:55 - 000000000 ____D C:\Users\conceptor\AppData\Local\D3DSCache 2021-03-26 16:54 - 2020-05-10 17:09 - 000000000 ____D C:\Users\conceptor\AppData\Roaming\Autodesk 2021-03-26 16:52 - 2020-05-10 17:09 - 000000000 ____D C:\ProgramData\Autodesk 2021-03-26 16:50 - 2020-05-10 17:26 - 000000000 ____D C:\Users\conceptor\AppData\Local\Autodesk 2021-03-26 16:50 - 2020-05-07 18:26 - 000002202 _____ C:\WINDOWS\system32\Tasks\StartCN 2021-03-26 16:50 - 2020-05-07 18:26 - 000002122 _____ C:\WINDOWS\system32\Tasks\StartDVR 2021-03-26 16:49 - 2020-05-07 18:26 - 000002388 _____ C:\WINDOWS\system32\Tasks\ModifyLinkUpdate 2021-03-26 16:49 - 2020-04-28 20:19 - 000003140 _____ C:\WINDOWS\system32\Tasks\Nettoyage mensuel 2021-03-26 16:49 - 2020-04-28 20:19 - 000002704 _____ C:\WINDOWS\system32\Tasks\Activation Windows et Office 2021-03-26 16:49 - 2020-04-28 20:19 - 000002546 _____ C:\WINDOWS\system32\Tasks\AutoPico Daily Restart 2021-03-26 16:49 - 2020-04-28 20:19 - 000002468 _____ C:\WINDOWS\system32\Tasks\Moo0 System Monitor 1.83 2021-03-26 16:24 - 2020-04-28 20:19 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software 2021-03-26 16:24 - 2020-04-28 10:46 - 000000000 ____D C:\Users\conceptor\AppData\Local\ClassicShell 2021-03-26 14:22 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps 2021-03-26 14:22 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-03-26 14:16 - 2020-04-28 10:19 - 000000000 ____D C:\Users\conceptor\AppData\Local\Packages 2021-03-26 12:55 - 2020-05-10 17:26 - 000000000 ____D C:\ProgramData\Documents\.forever 2021-03-16 17:35 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-03-16 11:08 - 2020-04-28 10:39 - 000000000 ____D C:\Users\conceptor\AppData\LocalLow\Mozilla 2021-03-16 11:08 - 2020-04-28 10:39 - 000000000 ____D C:\ProgramData\Mozilla 2021-03-16 09:15 - 2020-04-28 10:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2021-03-15 23:45 - 2020-05-11 16:02 - 000000000 ____D C:\Users\conceptor\AppData\Local\CrashDumps 2021-03-15 22:11 - 2020-04-28 10:39 - 000001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-03-15 14:34 - 2020-04-28 20:06 - 000000000 ____D C:\Users\conceptor ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================