Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Exécuté par Elève (administrateur) sur PC-KILLIAN (HP HP 240 G7 Notebook PC) (18-05-2020 19:07:14)
Exécuté depuis C:\Users\Elève\Documents\Logiciel
Profils chargés: Elève
Platform: Windows 10 Pro Education Version 1909 18363.592 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Conexant Systems LLC -> Conexant Systems LLC.) C:\Windows\System32\CxAudioSvc.exe
(Conexant Systems LLC -> Synaptics Incorporated.) C:\Windows\System32\SynAudSrv.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrlHelper.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDTouch.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\SysInfoCap.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\oem20.inf_amd64_b71caa8678a5098f\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\oem20.inf_amd64_b71caa8678a5098f\IntelCpHeciSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Elève\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11909.1002.3.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.82.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MRT.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2004.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <5>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [797048 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\Elève\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-01-27] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM-x32\...\Run: [TeamsMachineUninstallerProgramData] => %ProgramData%\Microsoft\Teams\Update.exe --uninstall --msiUninstall --source=default
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-09] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {004AF673-FCCC-4154-B9EB-A5DD34D78E1D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1EC04D4C-2BEE-4E43-9DC0-28C14720601B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4460968 2020-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F10645D-2414-4542-A3EB-C87635353370} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {297445C0-AD4A-4406-9F63-A37BFFD55452} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110416 2020-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {29BF3E12-D6CD-4858-BFF8-4F2FF2C8E81F} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Schedule #2 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {2ACA913B-1ACC-4918-B730-88BB1C7042CC} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {3954BB7E-1D54-4EF6-9C05-7B97E38E9630} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\PushRenewal => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {4267789B-97A3-4631-A4F1-18A9840FAB73} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {527E638A-C483-452B-A402-E048C983625A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {53961EAA-0DC1-4C95-B1C1-81B63F097F0E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {56C8E768-0A32-468E-93B0-FA464F637AD8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369352 2020-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {574B0AC5-2721-4998-868D-EFA5125C5DE6} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {61CA7C85-7591-4077-A156-0EAB74E62659} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Schedule #1 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {6F93714A-9C81-4C9C-AB6F-12F3C94FAF71} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MpCmdRun.exe [485944 2020-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7045740D-7EA1-43BE-A16F-7CB71FD18B58} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27369352 2020-04-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {781A7675-76AE-4570-B3F2-A85A676E0B7A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\PushLaunch => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {7C34D9E7-F3B5-435B-A1AD-03303575C778} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421736 2020-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {7CC1C5F3-19E7-4003-B1BF-CF8AC949CA25} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1421736 2020-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {81FEBD0A-37CB-433A-A210-84A788168B45} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {847D246F-CA2B-4067-883C-FE87F58E077B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1571624 2020-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {9CFCF15A-2E84-4E0E-830F-915E57E849B3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Schedule created by enrollment client for renewal of certificate warning => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {A72F31AA-B3D6-4328-A415-CA7B681AB431} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [110416 2020-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC93F0CF-97EE-4FCE-8C9D-D9444F263002} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {B454581A-F3DA-4311-98AC-B00D4EE039D7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-12] (Adobe Inc. -> Adobe)
Task: {B5321782-0269-4DE3-B03C-49CB69C76317} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {BF50D949-0AC6-4387-8A09-D77CB0A37984} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-04-17] (Google Inc -> Google Inc.)
Task: {C65B42F2-F1B9-49B7-808F-71BF555D289D} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [551424 2019-10-19] (Microsoft Windows -> Microsoft Corporation)
Task: {C674BB36-94F7-4A80-B0D0-A426EC2F0BFE} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\3446ACAA-636D-4980-9ACB-C1B3C5186024\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [330240 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Task: {E4F197C6-E32A-4145-9ED1-860A3D2C008E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4460968 2020-04-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7E1E055-AD09-4B6B-A995-C39619FF2C92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {F1B32453-B18F-4598-BA2D-ECD7ECB0BCAB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-04-17] (Google Inc -> Google Inc.)
Task: {F35232EB-BCFC-46B5-B17F-098D3CF90C2A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-25] (HP Inc. -> HP Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\windows\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{38b844cb-874c-4010-b54c-67a9bfd879c8}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{50d8402f-21c6-4eec-969b-a3dedff3a698}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{fdc5b2e4-b423-44cd-9f57-8c7a8ffa1a5f}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKU\S-1-5-21-115325724-795141790-1246627015-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-115325724-795141790-1246627015-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://www.qwant.com
SearchScopes: HKU\S-1-5-21-115325724-795141790-1246627015-1001 -> DefaultScope {6A3CD0D0-0DDB-4323-8C75-F8CC864330CE} URL = hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
SearchScopes: HKU\S-1-5-21-115325724-795141790-1246627015-1001 -> {6A3CD0D0-0DDB-4323-8C75-F8CC864330CE} URL = hxxps://www.qwant.com/?q={searchTerms}&client=opensearch
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: c9diwpgz.default-1568710549550
FF ProfilePath: C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550 [2020-05-18]
FF Extension: (Facebook Container) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\@contain-facebook.xpi [2020-04-17]
FF Extension: (Signets iCloud) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\firefoxdav@icloud.com.xpi [2019-09-17]
FF Extension: (flat) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\{17454870-2e99-4cbb-acd9-b83dd6748bb4}.xpi [2019-09-27]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2020-05-18]
FF Extension: (Gradient Orange-Blue) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\{31e908a3-8e1e-4e73-a24e-6051625d7498}.xpi [2020-01-13]
FF Extension: (Evening at the Carnival) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\{80e852eb-02fe-4e59-9218-4b1bf5237113}.xpi [2019-12-17]
FF Extension: (chrystalize) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\{96b7a652-8716-4678-be68-7a8bac53a373}.xpi [2019-12-17]
FF Extension: (Lollipop Road) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\{ae3cfee0-6213-44b2-86ec-8490f89e06b6}.xpi [2019-09-18]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Elève\AppData\Roaming\Mozilla\Firefox\Profiles\c9diwpgz.default-1568710549550\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-04-06]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-12] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default [2019-11-26]
CHR HomePage: Default -> hxxps://www.jeunest.fr/lycee-4.0
CHR StartupUrls: Default -> "hxxps://www.jeunest.fr/lycee-4.0"
CHR Extension: (Slides) - C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-11-26]
CHR Extension: (Docs) - C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-11-26]
CHR Extension: (Google Drive) - C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-11-26]
CHR Extension: (YouTube) - C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-11-26]
CHR Extension: (Sheets) - C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-11-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-11-26]
CHR Extension: (Gmail) - C:\Users\Elève\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-11-26]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11600776 2020-04-02] (Microsoft Corporation -> Microsoft Corporation)
R2 ETDService; C:\WINDOWS\System32\ETDService.exe [212928 2019-05-03] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\AppHelperCap.exe [515344 2020-03-27] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\NetworkCap.exe [514320 2020-03-27] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_79c5c41204d03777\x64\SysInfoCap.exe [516880 2020-03-27] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_942053d68a2ba613\x64\TouchpointAnalyticsClientService.exe [429008 2019-10-31] (HP Inc. -> HP Inc.)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2788368 2018-07-14] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\WINDOWS\System32\Intel\iCLS Client\lib\SocketHeciServer.exe [767184 2018-06-12] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\WINDOWS\System32\Intel\iCLS Client\lib\TPMProvisioningService.exe [727224 2018-06-12] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [797048 2018-11-02] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [738712 2019-11-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [161296 2019-07-31] (Sound Research Corporation -> Sound Research, Corp.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5796168 2019-10-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SynaAPOService; C:\WINDOWS\System32\SynAudSrv.exe [595176 2019-05-20] (Conexant Systems LLC -> Synaptics Incorporated.)
R2 SynaAudioService; C:\WINDOWS\System32\CxAudioSvc.exe [83464 2019-05-20] (Conexant Systems LLC -> Conexant Systems LLC.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\NisSrv.exe [3304992 2020-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2004.6-0\MsMpEng.exe [103376 2020-05-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [78680 2018-05-02] (Intel Corporation -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [71000 2018-05-02] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [402264 2018-05-02] (Intel Corporation -> Intel Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [34200 2018-08-30] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\oem37.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [33352 2018-12-19] (HP Inc. -> HP Inc.)
S3 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1092112 2018-07-14] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [73232 2018-07-14] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R1 MpKslDrv; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{59D76FD7-E8CE-40CA-AF6C-1D268F06C543}\MpKslDrv.sys [43232 2020-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2018-09-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [787232 2019-11-30] (WDKTestCert VSAuto,131800073559665678 -> Realtek Semiconductor Corporation)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [434000 2018-08-03] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [11722328 2019-12-04] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45960 2020-05-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [394680 2020-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [64944 2020-05-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-11-15] (HP Inc. -> HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ===================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-05-18 19:07 - 2020-05-18 19:07 - 000000000 ____D C:\FRST
2020-05-17 18:57 - 2020-05-17 18:57 - 000000000 ____D C:\Users\Elève\AppData\Roaming\[Worker]

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-05-18 19:07 - 2019-09-17 13:38 - 000000000 ____D C:\Users\Elève\Documents\Logiciel
2020-05-18 19:07 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-05-18 19:06 - 2019-04-17 19:44 - 120636720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-05-18 19:06 - 2019-04-17 19:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-05-18 18:13 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-05-18 18:09 - 2019-09-17 10:41 - 000000000 ___RD C:\Users\Elève\OneDrive
2020-05-18 18:06 - 2019-09-17 10:41 - 000000000 ____D C:\Users\Elève\AppData\LocalLow\Mozilla
2020-05-18 18:03 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-17 21:48 - 2019-10-15 09:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-17 21:48 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-17 20:40 - 2019-04-17 21:13 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-17 18:58 - 2019-10-29 15:45 - 000000000 ____D C:\Users\Elève\AppData\Roaming\Ankama Launcher
2020-05-17 18:57 - 2019-10-29 15:45 - 000000000 ____D C:\Users\Elève\AppData\Roaming\zaap
2020-05-17 18:57 - 2019-09-17 23:11 - 000000008 _____ C:\Users\Elève\AppData\Roaming\DofusAppId0_1
2020-05-14 11:09 - 2019-09-17 23:11 - 000000000 ____D C:\Users\Elève\AppData\Roaming\Dofus
2020-05-14 11:08 - 2019-09-17 23:11 - 000000113 _____ C:\Users\Elève\AppData\Roaming\D2Info0
2020-05-14 11:06 - 2019-09-17 23:14 - 000000008 _____ C:\Users\Elève\AppData\Roaming\DofusAppId0_2
2020-05-14 10:46 - 2019-10-15 09:59 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-115325724-795141790-1246627015-1001
2020-05-14 10:46 - 2019-10-15 09:53 - 000002408 _____ C:\Users\Elève\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-05-13 13:37 - 2020-01-06 20:29 - 000000000 ____D C:\Users\Elève\AppData\Local\Spotify
2020-05-13 13:35 - 2020-01-06 20:29 - 000000000 ____D C:\Users\Elève\AppData\Roaming\Spotify
2020-05-12 23:38 - 2019-09-17 10:41 - 000000000 ____D C:\Users\Elève\AppData\Local\Adobe
2020-05-12 23:37 - 2019-10-15 09:59 - 000004708 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-05-12 23:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-05-12 23:37 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-05-09 23:16 - 2019-04-17 20:20 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2020-05-09 23:16 - 2019-04-17 20:20 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-05-09 23:16 - 2019-04-17 20:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-05-09 23:15 - 2019-04-17 20:13 - 000002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 11:42 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-07 09:18 - 2019-09-17 23:18 - 000000008 _____ C:\Users\Elève\AppData\Roaming\DofusAppId0_3
2020-05-07 08:32 - 2019-04-17 19:28 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-04-27 16:11 - 2019-10-29 15:45 - 000002325 _____ C:\Users\Elève\Desktop\Ankama Launcher.lnk
2020-04-27 15:33 - 2019-09-17 10:41 - 000000000 ____D C:\Users\Elève\AppData\Local\PlaceholderTileLogoFolder
2020-04-27 15:31 - 2019-04-17 20:48 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-04-27 15:24 - 2020-02-03 11:58 - 000000000 ____D C:\Users\Elève\AppData\Local\BlueStacks

==================== Fichiers à la racine de certains dossiers ========

2019-09-17 23:11 - 2020-05-14 11:08 - 000000113 _____ () C:\Users\Elève\AppData\Roaming\D2Info0
2019-09-17 23:11 - 2020-05-17 18:57 - 000000008 _____ () C:\Users\Elève\AppData\Roaming\DofusAppId0_1
2019-09-17 23:14 - 2020-05-14 11:06 - 000000008 _____ () C:\Users\Elève\AppData\Roaming\DofusAppId0_2
2019-09-17 23:18 - 2020-05-07 09:18 - 000000008 _____ () C:\Users\Elève\AppData\Roaming\DofusAppId0_3

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================