Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Exécuté par Clarisse (administrateur) sur LAPTOP-QRNJS0GQ (Acer Aspire A315-41) (23-04-2021 13:21:57)
Exécuté depuis C:\Users\Clarisse\Downloads
Profils chargés: Clarisse
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe <2>
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352474.inf_amd64_c594fcc55638a18a\B346863\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0352474.inf_amd64_c594fcc55638a18a\B346863\atiesrxx.exe
(devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [970528 2019-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-98497742-165381478-2334534274-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Léa\AppData\Local\Microsoft\Teams\Update.exe [2453696 2021-04-04] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-98497742-165381478-2334534274-1003\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-98497742-165381478-2334534274-1004\...\Run: [Discord] => C:\Users\Corentin\AppData\Local\Discord\app-0.0.307\Discord.exe [91023672 2020-08-04] (Discord Inc. -> Discord Inc.)
HKU\S-1-5-21-98497742-165381478-2334534274-1004\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Corentin\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-10-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-98497742-165381478-2334534274-1005\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Clarisse\AppData\Local\Microsoft\Teams\Update.exe [2452136 2020-09-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-98497742-165381478-2334534274-1005\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe [5536424 2021-04-14] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.128\Installer\chrmstp.exe [2021-04-14] (Google LLC -> Google LLC)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0FA51D17-E5E1-4BB4-856F-B228A6C1C319} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268096 2018-12-17] (Acer Incorporated -> Acer Incorporated)
Task: {13016A14-CFE7-41B2-B84F-F5E6CAA7891C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {14F54C6B-D4D3-422E-AB2F-1213C2FD8FD8} - System32\Tasks\App Explorer => C:\Users\Clarisse\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [7968424 2020-12-03] (SweetLabs Inc. -> SweetLabs, Inc) <==== ATTENTION
Task: {1BDA83B1-C9BD-4CB5-93E2-38C4164340C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-15] (Google LLC -> Google LLC)
Task: {3E1E865A-8B88-45C2-816D-0A64042A42D7} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {42D5BA7F-7C60-49AB-83F2-0323A64F0EA2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118112 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B34F1D2-5B42-48FC-90B8-E6075E5C445E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated)
Task: {4B4C62A2-C532-42A1-9C1C-C8E3E9F601CE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118112 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {4F434B44-D78B-4E0A-B923-1EE31F57017C} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [63880 2018-12-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {5670EABD-2A9A-4449-8197-768D21987741} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-20] (Mozilla Corporation -> Mozilla Foundation)
Task: {56C17945-EC84-44EA-8199-5310B5B63A6B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {62FEA6D4-ABA5-439C-A958-67E806B8CE79} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4793152 2018-12-11] (Acer Incorporated -> )
Task: {6402C154-EF84-4DD4-B2A6-38C5EC2C1C0B} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2935104 2018-12-11] (Acer Incorporated -> )
Task: {67E318DF-FA63-45C6-A441-F7024FD8BB88} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3915168 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {79C1D583-D17C-4625-9B85-EF3F5D4D34E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8206A541-AEDA-4F78-9A76-853951394AFE} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1283464 2021-04-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {84421680-5979-40F3-8E83-DF85B09F238C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8AA122F2-686C-42B4-99FB-501003E2449E} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211136 2018-12-17] (Acer Incorporated -> Acer Incorporated)
Task: {A6752F43-9BC2-48D0-8827-3B6FBAD01603} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-09-10] (Acer Incorporated -> Acer Incorporated)
Task: {A90B20F5-E838-4500-AC91-76F83EFB9E78} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [64320 2019-07-11] (Acer Incorporated -> Acer)
Task: {AF085400-D860-4968-9A3F-32E3CB5719E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B0C5E6FA-3B30-498C-A0F0-93BACB41903D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B100159C-988C-4CCE-98AD-B77A761A73B1} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [152880 2016-09-20] (Acer Incorporated -> )
Task: {B53C84E3-12BD-4C50-84F7-DF24C87261FB} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [41792 2018-12-11] (Acer Incorporated -> )
Task: {BAD92B43-9557-48DC-9B06-C622ED09EFF4} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-12-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {BC52054F-290B-4350-9931-09965BAF4DC6} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> )
Task: {CAE9A9A6-1D01-494B-8FF7-E053A0EF2F2E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-05-15] (Google LLC -> Google LLC)
Task: {D3BE63FC-394F-44DF-AF21-79EB774E65FA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22764936 2021-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE929338-E68B-4B37-88F8-7DC9249E8AA8} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-09-10] (Acer Incorporated -> Acer Incorporated)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e09ee7b1-5ec3-48f8-8e8b-34b136653096}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\Clarisse\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-98497742-165381478-2334534274-1005 -> about:tabs
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Clarisse\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-05]
Edge DownloadDir: C:\Users\Clarisse\Downloads
Edge HomePage: Default -> edge://newtab/
Edge DefaultSearchURL: Default -> hxxps://manageyoursearch.com/?q={searchTerms}
Edge DefaultSuggestURL: Default -> hxxps://manageyoursearch.com/suggest?q={searchTerms}
Edge Extension: (Search Manager) - C:\Users\Clarisse\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\meckckfjnfnimlomkemnhcoonjfpbcoh [2020-08-14]
Edge HKLM\...\Edge\Extension: [meckckfjnfnimlomkemnhcoonjfpbcoh]
Edge HKU\S-1-5-21-98497742-165381478-2334534274-1005\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [meckckfjnfnimlomkemnhcoonjfpbcoh]
Edge HKLM-x32\...\Edge\Extension: [meckckfjnfnimlomkemnhcoonjfpbcoh]

FireFox:
========
FF DefaultProfile: r2brco8o.default
FF ProfilePath: C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\r2brco8o.default [2020-04-22]
FF SearchPlugin: C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\r2brco8o.default\searchplugins\senifenet.xml [2020-04-22]
FF ProfilePath: C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\xhaefav1.default-release [2021-04-23]
FF Notifications: Mozilla\Firefox\Profiles\xhaefav1.default-release -> hxxps://www.geekbuying.com
FF Extension: (Amazon Assistant) - C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\xhaefav1.default-release\Extensions\abb-acer@amazon.com.xpi [2021-04-08] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\xhaefav1.default-release\Extensions\appledev@soarinfotech.com.xpi [2021-03-21] [UpdateUrl:hxxps://www.coupert.com/api/v2/extension/ffupdate]
FF Extension: (Français Language Pack) - C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\xhaefav1.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-04-21]
FF Extension: (Search Manager) - C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\xhaefav1.default-release\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2020-03-17] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson]
FF SearchPlugin: C:\Users\Clarisse\AppData\Roaming\Mozilla\Firefox\Profiles\xhaefav1.default-release\searchplugins\senifenet.xml [2020-04-22]
FF Extension: (Picture-In-Picture) - C:\Program Files\Mozilla Firefox\browser\features\pictureinpicture@mozilla.org.xpi [2021-04-20] [non signé]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-01-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-01-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-14] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default [2021-04-12]
CHR DefaultSearchURL: Default -> hxxp://srchbar.com/?q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Slides) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-05-15]
CHR Extension: (Docs) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-05-15]
CHR Extension: (Google Drive) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-04-01]
CHR Extension: (YouTube) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-05-15]
CHR Extension: (Sheets) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-05-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-01]
CHR Extension: (Search Manager) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmgebopaejnjlncllgmcenbbflikfjd [2020-05-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-01]
CHR Extension: (Gmail) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-04-01]
CHR Extension: (Chrome Media Router) - C:\Users\Clarisse\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-01]
CHR HKLM\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-98497742-165381478-2334534274-1005\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKLM-x32\...\Chrome\Extension: [icmgebopaejnjlncllgmcenbbflikfjd]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300352 2018-12-11] (Acer Incorporated -> Acer Incorporated)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8854920 2021-04-01] (Microsoft Corporation -> Microsoft Corporation)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [6274224 2020-04-09] (devolo AG -> devolo AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2545752 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3485784 2021-04-09] (Electronic Arts, Inc. -> Electronic Arts)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-09-10] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-09-10] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [305984 2018-12-17] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2019-11-26] (devolo AG -> Riverbed Technology, Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-21 16:55 - 2021-04-21 16:55 - 000000000 ____D C:\Users\Clarisse\Downloads\FRST-OlderVersion
2021-04-21 15:21 - 2021-04-23 13:20 - 003008764 _____ C:\WINDOWS\ntbtlog.txt
2021-04-21 15:21 - 2021-04-23 13:17 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2021-04-21 02:43 - 2021-04-21 02:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-20 02:57 - 2021-04-21 15:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-16 21:57 - 2021-04-16 21:57 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-16 21:57 - 2021-04-16 21:57 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-04-16 21:57 - 2021-04-16 21:57 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-15 15:13 - 2021-04-21 17:01 - 000048708 _____ C:\Users\Clarisse\Downloads\Addition.txt
2021-04-15 15:11 - 2021-04-23 13:23 - 000022532 _____ C:\Users\Clarisse\Downloads\FRST.txt
2021-04-15 15:10 - 2021-04-23 13:22 - 000000000 ____D C:\FRST
2021-04-15 15:05 - 2021-04-21 16:55 - 002298368 _____ (Farbar) C:\Users\Clarisse\Downloads\FRST64.exe
2021-04-11 18:29 - 2021-04-11 18:29 - 000379665 _____ C:\Users\Clarisse\Documents\Signature .pdf
2021-04-11 18:16 - 2021-04-11 18:16 - 001032736 _____ C:\Users\Clarisse\Documents\Attestation hébergement.pdf
2021-04-11 18:11 - 2021-04-11 18:11 - 000510839 _____ C:\Users\Clarisse\Documents\Carte identité verso.pdf
2021-04-08 13:28 - 2021-04-18 18:14 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d718ddb4a2d3c7
2021-04-03 18:17 - 2021-04-03 18:17 - 000002389 _____ C:\Users\Corentin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-03 18:17 - 2021-04-03 18:17 - 000002330 _____ C:\Users\Corentin\Desktop\Google Chrome.lnk
2021-04-03 18:16 - 2021-04-03 18:16 - 000000020 ___SH C:\Users\Corentin\ntuser.ini
2021-04-01 14:28 - 2021-04-01 14:28 - 000057130 _____ C:\Users\Clarisse\Documents\carte-anniversaire-21-ans-dessin-chaton.webp
2021-03-25 10:49 - 2021-04-11 18:09 - 000000000 ____D C:\Users\Clarisse\Documents\Papier Léa
2021-03-24 18:06 - 2021-03-24 18:06 - 000000997 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-03-24 18:05 - 2021-03-24 18:05 - 000333216 _____ (Mozilla) C:\Users\Clarisse\Downloads\Firefox Installer.exe

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-23 13:21 - 2021-03-14 16:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-23 13:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-23 13:20 - 2021-03-14 16:18 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-23 13:20 - 2020-02-20 18:10 - 000000000 ____D C:\Users\Clarisse\AppData\LocalLow\Mozilla
2021-04-23 13:20 - 2020-02-08 18:47 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-23 13:20 - 2019-12-07 11:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2021-04-23 13:14 - 2020-03-17 12:32 - 000000000 ____D C:\Program Files (x86)\Chromium
2021-04-23 13:09 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-23 13:08 - 2020-02-17 14:29 - 000000000 ____D C:\Users\Clarisse\AppData\Local\Host App Service
2021-04-23 13:05 - 2020-10-02 14:21 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-21 16:50 - 2020-03-17 12:34 - 000000000 ____D C:\Users\Clarisse\AppData\Local\Chromium
2021-04-21 16:49 - 2021-03-14 16:27 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-21 16:49 - 2019-12-07 16:49 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-21 16:49 - 2019-12-07 16:49 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-21 16:49 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-21 15:02 - 2019-02-28 11:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-21 14:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-21 14:52 - 2020-02-17 14:29 - 000000000 ____D C:\Users\Clarisse\AppData\Local\Packages
2021-04-21 14:51 - 2020-08-14 14:11 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-21 14:51 - 2020-08-14 14:11 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-21 03:08 - 2020-02-17 22:21 - 000000000 ____D C:\Users\Léa\AppData\LocalLow\Mozilla
2021-04-21 02:43 - 2020-02-17 14:22 - 000000000 ____D C:\Users\Léa\AppData\Local\D3DSCache
2021-04-21 02:43 - 2019-02-28 11:26 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-21 02:09 - 2021-03-14 16:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-21 00:24 - 2020-02-17 14:22 - 000000000 ____D C:\Users\Léa\AppData\Local\Host App Service
2021-04-21 00:23 - 2021-03-14 16:28 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 00:23 - 2021-03-14 16:28 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-18 18:24 - 2020-03-26 15:25 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-04-18 18:14 - 2021-03-14 16:28 - 000003664 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA1d6abe536ff54e8
2021-04-17 16:45 - 2020-02-17 14:22 - 000000000 ____D C:\Users\Léa\AppData\Local\Packages
2021-04-17 16:31 - 2020-02-09 01:25 - 000000000 ____D C:\Program Files (x86)\Origin
2021-04-17 02:29 - 2021-03-14 16:18 - 000627160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-17 02:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-16 22:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-04-16 22:00 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-16 21:56 - 2021-03-14 16:19 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-16 21:45 - 2021-03-14 15:27 - 000000000 ___HD C:\$WinREAgent
2021-04-16 21:44 - 2020-02-09 00:31 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-16 21:43 - 2020-03-07 16:04 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-16 21:39 - 2020-02-09 00:30 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-14 15:25 - 2020-02-17 14:29 - 000000000 ____D C:\Users\Clarisse\AppData\Local\D3DSCache
2021-04-12 14:58 - 2021-03-14 16:28 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-98497742-165381478-2334534274-1005
2021-04-12 14:58 - 2021-03-14 16:19 - 000002410 _____ C:\Users\Clarisse\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-12 14:58 - 2020-02-17 14:31 - 000000000 ___RD C:\Users\Clarisse\OneDrive
2021-04-11 18:42 - 2021-03-14 16:19 - 000000000 ____D C:\Users\Léa
2021-04-11 17:29 - 2021-03-14 16:19 - 000000000 ____D C:\Users\Clarisse
2021-04-11 16:48 - 2019-02-28 10:47 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-07 15:26 - 2020-09-04 19:19 - 000000000 ___RD C:\Users\Léa\OneDrive - LYCEE MARCEL PAGNOL
2021-04-04 17:36 - 2020-03-08 18:14 - 000000000 ____D C:\Users\Léa\AppData\Local\Adobe
2021-04-04 17:36 - 2020-03-07 15:46 - 000000000 ____D C:\Users\Clarisse\AppData\Local\Adobe
2021-04-04 17:08 - 2020-03-26 21:26 - 000002354 _____ C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-04 17:08 - 2020-03-26 21:26 - 000002346 _____ C:\Users\Léa\Desktop\Microsoft Teams.lnk
2021-04-03 19:13 - 2020-02-17 18:38 - 000000000 ____D C:\Users\Corentin\AppData\LocalLow\Mozilla
2021-04-03 18:34 - 2020-02-17 14:59 - 000000000 ____D C:\Users\Corentin\AppData\Local\Packages
2021-04-03 18:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-04-03 18:21 - 2020-02-17 20:54 - 000000000 ____D C:\Users\Corentin\AppData\Roaming\Discord
2021-04-03 18:21 - 2020-02-17 14:59 - 000000000 ____D C:\Users\Corentin\AppData\Local\D3DSCache
2021-04-03 18:19 - 2020-02-17 20:54 - 000002248 _____ C:\Users\Corentin\Desktop\Discord.lnk
2021-04-03 18:18 - 2020-02-17 20:54 - 000000000 ____D C:\Users\Corentin\AppData\Local\Discord
2021-04-03 18:17 - 2020-02-17 14:59 - 000000000 ___RD C:\Users\Corentin\3D Objects
2021-04-03 18:17 - 2019-02-28 10:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-04-03 18:16 - 2021-03-14 16:19 - 000000000 ____D C:\Users\Corentin
2021-04-03 17:35 - 2020-02-17 15:08 - 000000000 ____D C:\Users\Clarisse\Documents\2019-06-27 ASTRID
2021-04-02 23:59 - 2021-03-14 16:28 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-98497742-165381478-2334534274-1003
2021-04-02 23:59 - 2021-03-14 16:19 - 000002395 _____ C:\Users\Léa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-31 17:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-27 16:26 - 2021-03-14 16:18 - 000000000 ____D C:\Windows.old
2021-03-27 16:15 - 2021-03-14 15:27 - 000000000 ___DC C:\WINDOWS\Panther

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================