Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Exécuté par guyto (administrateur) sur GUY (Packard Bell imedia S2185) (27-04-2021 05:19:35)
Exécuté depuis C:\Users\guyto\Desktop
Profils chargés: guyto
Platform: Windows 8.1 Connected (Update) (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(ATI Technologies Inc.) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\guyto\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19724_none_fa5e641b9b111ab1\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NortonLifeLock Inc. -> Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\22.21.2.50\NortonSecurity.exe <2>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify AB -> Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13642968 2013-08-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-06-28] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\Run: [BingSvc] => C:\Users\guyto\AppData\Local\Microsoft\BingSvc\BingSvc.exe [146312 2020-08-28] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\RunOnce: [Application Restart #4] => C:\Users\guyto\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (l'élément de données a 583 caractères en plus).
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\RunOnce: [Application Restart #2] => C:\Windows\SysWOW64\mshta.exe [12800 2014-10-31] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\RunOnce: [Application Restart #3] => C:\Users\guyto\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (l'élément de données a 583 caractères en plus).
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\RunOnce: [Application Restart #1] => C:\Users\guyto\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (l'élément de données a 583 caractères en plus).
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\RunOnce: [Application Restart #0] => C:\Users\guyto\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resour (l'élément de données a 583 caractères en plus).
HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\...\MountPoints2: {98fde897-7b19-11e9-82ad-f80f41c87fd0} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.93\Installer\chrmstp.exe [2021-04-27] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-04-21] (Adobe Inc. -> Adobe Systems, Inc.)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0E322A8D-56A2-4062-B524-2D02545196CA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {47672146-D37A-4491-B437-B96CB514F5E5} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.20.4.57\SymErr.exe
Task: {53C3DD7D-B720-41E5-859C-5809BDCB5E85} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton 360\Upgrade.exe [2344608 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {56C195F5-ADFD-4133-9F4E-CD622A8341C2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\22.21.2.50\WSCStub.exe [643584 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {65C2097D-FF9F-4713-8BCE-BEFAF3646B6D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {73601B6B-5A1F-49D6-9060-E174FA523947} - System32\Tasks\Norton 360\Norton 360 Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.21.2.50\SymErr.exe [115640 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {798CA0C1-1053-489C-99FD-635FBA0C5868} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)
Task: {7A89FE20-16C2-4043-86FD-EB9DA1EE8CEA} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [490728 2014-03-18] (Acer Incorporated -> Acer Incorporated)
Task: {8414CDCB-617D-412C-B2D2-2FF97DB6A0E5} - System32\Tasks\Norton Internet Security\Norton Internet Security Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\22.20.4.57\SymErr.exe
Task: {B7EE9D2C-C557-498C-ACD5-E0610F5EDBAE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [972176 2020-05-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D1C36570-FD66-4E43-977D-1F8C538F76D2} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65824 2017-09-26] (Acer Incorporated -> Acer Incorporated)
Task: {D2DCAC84-733D-49A7-8E8A-8B0EC0AFBDEF} - System32\Tasks\Norton 360\Norton 360 Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\22.21.2.50\SymErr.exe [115640 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {E7025AEA-EEFF-4090-B630-428A410E2FE8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-12-17] (Google Inc -> Google Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864 2010-05-18] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824 2010-05-18] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{D67C855C-970B-462C-8F1D-02C91687CC6F}: [DhcpNameServer] 192.168.0.254

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\guyto\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-26]

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default [2021-04-27]
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxps://secure.web-start-page.com/?partner=acer&src=omnibox&brw=ch&q={searchTerms}
CHR DefaultSearchKeyword: Default -> web-start-page.com
CHR DefaultSuggestURL: Default -> hxxps://secure-suggest.web-start-page.com/suggest?format=json&brw=ch&locale={language}&q={searchTerms}
CHR Extension: (Slides) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-26]
CHR Extension: (YouTube) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Recherche Google) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Allsearch App) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnjldgoapfngdgkmnjklhiifinndekb [2021-04-26]
CHR Extension: (Adobe Acrobat) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-26]
CHR Extension: (Norton Home Page for Chrome) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2018-09-21]
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2021-04-26]
CHR Extension: (Sheets) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-21]
CHR Extension: (Norton Safe Search) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkjahlcnbjiangkneanonnndppicobbd [2020-05-06]
CHR Extension: (Request Blocker) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\iccoongclhjjlmdgjodkekchlghnfiai [2016-09-13]
CHR Extension: (Norton Identity Safe) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2016-01-10]
CHR Extension: (Norton Safe) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2017-10-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Gmail) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\guyto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-26]
CHR Profile: C:\Users\guyto\AppData\Local\Google\Chrome\User Data\System Profile [2018-03-28]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKU\S-1-5-21-1973530735-1661702653-2252766653-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3052944 2020-07-14] (Microsoft Corporation -> Microsoft Corporation)
S2 KMService; C:\WINDOWS\SysWOW64\srvany.exe [8192 2003-04-18] () [Fichier non signé]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-26] (Malwarebytes Inc -> Malwarebytes)
R2 NortonSecurity; C:\Program Files (x86)\Norton Internet Security\Engine\22.21.2.50\NortonSecurity.exe [343336 2021-03-27] (NortonLifeLock Inc. -> Symantec Corporation)
S3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\BASHDefs\20210420.013\BHDrvx64.sys [1995864 2021-03-15] (Symantec Corporation -> Broadcom)
R1 ccSet_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\ccSetx64.sys [192248 2021-03-27] (Symantec Corporation -> Symantec Corporation)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-02-02] (Symantec Corporation -> Broadcom)
S3 EraserUtilDrv11910; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11910.sys [154360 2020-07-22] (Symantec Corporation -> Symantec Corporation)
S3 EraserUtilDrv11911; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11911.sys [154464 2021-01-27] (Symantec Corporation -> Broadcom)
R3 EraserUtilDrv11912; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11912.sys [153672 2021-04-26] (Symantec Corporation -> Broadcom)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [154288 2019-10-14] (Symantec Corporation -> Symantec Corporation)
S3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\IPSDefs\20210423.061\IDSvia64.sys [1488976 2021-04-06] (Symantec Corporation -> Broadcom)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-26] (Malwarebytes Inc -> Malwarebytes)
S3 nsvst_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\nsvst.sys [56912 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38504 2014-03-26] (Realtek Semiconductor Corp -> Windows (R) Codename Longhorn DDK provider)
R3 SRTSP; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SRTSP64.SYS [890464 2021-03-27] (Symantec Corporation -> Broadcom)
R3 SRTSPX; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SRTSPX64.SYS [50272 2021-03-27] (Symantec Corporation -> Broadcom)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2020-04-24] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SYMEFASI64.SYS [2060656 2021-03-27] (Symantec Corporation -> Broadcom)
S0 SymELAM; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\SymELAM.sys [25080 2021-03-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [100064 2019-03-21] (Symantec Corporation -> Symantec Corporation)
R3 SymEvnt; C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\SymPlatform\SymEvnt.sys [712368 2020-01-17] (Symantec Corporation -> Symantec Corporation)
R3 SymIRON; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\Ironx64.SYS [316488 2021-03-27] (Symantec Corporation -> Symantec Corporation)
S3 SymNetS; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\symnets.sys [575328 2021-03-27] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R1 wpCtrlDrv_NGC; C:\WINDOWS\System32\drivers\NGCx64\1615020.032\wpCtrlDrv.sys [1013792 2021-03-27] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 NAVENG; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160705.002\ENG64.SYS [X]
S3 NAVEX15; \??\C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.4.24\Definitions\SDSDefs\20160705.002\EX64.SYS [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-27 05:19 - 2021-04-27 05:20 - 000020499 _____ C:\Users\guyto\Desktop\FRST.txt
2021-04-27 05:16 - 2021-04-27 05:20 - 000000000 ____D C:\FRST
2021-04-27 05:14 - 2021-04-27 05:15 - 002298368 _____ (Farbar) C:\Users\guyto\Desktop\FRST64.exe
2021-04-27 05:12 - 2021-04-27 05:12 - 002298368 _____ (Farbar) C:\Users\guyto\Downloads\FRST64.exe
2021-04-26 20:54 - 2021-04-26 20:54 - 000000223 _____ C:\Users\guyto\Desktop\mots cles.txt
2021-04-26 20:54 - 2021-04-26 20:54 - 000000213 _____ C:\Users\guyto\Desktop\Quelle version du système d'exploitation Windows mon ordinateur exécute-t-il -.url
2021-04-26 20:49 - 2021-04-26 20:49 - 000000173 _____ C:\Users\guyto\Desktop\Pourrais-je avoir une aide pour désinfecter un PC SVP - - Forums CNET France.url
2021-04-26 20:08 - 2021-04-26 20:23 - 000000000 ____D C:\Users\guyto\Desktop\rapports
2021-04-26 19:34 - 2021-04-26 19:34 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2021-04-26 19:28 - 2021-04-26 19:28 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-26 19:28 - 2021-04-26 19:28 - 000001988 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-26 19:28 - 2021-04-26 19:28 - 000001976 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-04-26 19:28 - 2021-04-26 19:28 - 000000000 ____D C:\Users\guyto\AppData\Local\mbam
2021-04-26 19:27 - 2021-04-26 19:27 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-26 19:27 - 2021-04-26 19:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-26 19:26 - 2021-04-26 19:26 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-26 18:08 - 2021-04-26 18:17 - 000000000 ____D C:\AdwCleaner
2021-04-26 18:08 - 2021-04-26 16:16 - 008534696 _____ (Malwarebytes) C:\Users\guyto\Desktop\adwcleaner_8.2.exe
2021-04-26 17:27 - 2021-04-26 17:27 - 000000850 _____ C:\Users\guyto\Desktop\ZHPCleaner.lnk
2021-04-26 17:27 - 2021-04-26 16:15 - 003326616 _____ (Nicolas Coolman) C:\Users\guyto\Desktop\ZHPCleaner.exe
2021-04-26 17:14 - 2021-04-26 17:14 - 000000840 _____ C:\Users\guyto\Desktop\ZHPSuite.lnk
2021-04-26 17:14 - 2021-04-26 16:14 - 003468440 _____ (Nicolas Coolman) C:\Users\guyto\Desktop\ZHPSuite.exe
2021-04-26 16:14 - 2021-04-26 16:25 - 000000000 ____D C:\Users\guyto\Desktop\zhp
2021-04-23 09:42 - 2021-04-23 09:42 - 000000000 ____D C:\WINDOWS\system32\N360_BACKUP
2021-04-21 16:59 - 2021-04-21 16:59 - 003433704 _____ C:\Users\guyto\Downloads\mandat.pdf
2021-04-21 11:24 - 2021-04-21 11:24 - 003433704 _____ C:\Users\guyto\Downloads\mandat
2021-04-21 11:04 - 2021-04-21 11:09 - 000049664 _____ C:\Users\guyto\Documents\VENTES MARS 2021 CONSULTING.xls
2021-04-21 10:29 - 2021-04-21 11:11 - 000075264 _____ C:\Users\guyto\Documents\ACHAT MARS 2021 CONSULTING (1).xls
2021-04-21 10:13 - 2021-04-21 10:13 - 003433704 _____ C:\Users\guyto\Downloads\mandat Maille Guy pdf (4)
2021-04-21 10:10 - 2021-04-21 10:11 - 003433704 _____ C:\Users\guyto\Downloads\mandat Maille Guy pdf (3)
2021-04-21 10:10 - 2021-04-21 10:11 - 003433704 _____ C:\Users\guyto\Downloads\mandat Maille Guy pdf (2)
2021-04-21 10:10 - 2021-04-21 10:10 - 003433704 _____ C:\Users\guyto\Downloads\mandat Maille Guy pdf (1)
2021-04-21 10:09 - 2021-04-21 10:09 - 000000000 ____D C:\Users\guyto\AppData\LocalLow\Norton
2021-04-21 10:07 - 2021-04-21 10:07 - 003433704 _____ C:\Users\guyto\Downloads\mandat Maille Guy pdf
2021-04-19 19:21 - 2021-04-19 20:40 - 000052736 _____ C:\Users\guyto\Documents\FG MARS 2021 TRANSDISCONSULTING.xls
2021-04-19 11:11 - 2021-04-19 19:20 - 000069632 _____ C:\Users\guyto\Documents\BANQUE MARS 2021 CONSULTING.xls
2021-04-19 10:20 - 2021-04-19 11:10 - 000010148 _____ C:\Users\guyto\Documents\DIALLO BINTA IRCANTEC.xlsx
2021-04-19 10:04 - 2021-04-19 10:04 - 000026724 _____ C:\Users\guyto\Downloads\Accusé de réception.pdf
2021-04-17 21:42 - 2021-04-17 21:42 - 000296128 _____ C:\Users\guyto\Documents\CE MARS 2021.pdf
2021-04-17 21:41 - 2021-04-17 21:41 - 000296128 _____ C:\Users\guyto\Downloads\releve mars.pdf
2021-04-17 21:09 - 2021-04-17 21:09 - 000275585 _____ C:\Users\guyto\Documents\DIALLO M CONTRAT ENGIE.pdf
2021-04-17 15:52 - 2021-04-17 15:52 - 000000000 ____D C:\WINDOWS\system32\Tasks\Norton 360
2021-04-17 15:46 - 2021-04-17 15:46 - 000003236 _____ C:\WINDOWS\system32\Tasks\Norton WSC Integration
2021-04-17 15:45 - 2021-04-26 15:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-04-14 11:55 - 2021-04-01 06:34 - 001678040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-13 11:39 - 2021-04-13 11:39 - 000549291 _____ C:\Users\guyto\Documents\CARTE IDENTITE MARIAM.pdf
2021-04-13 11:38 - 2021-04-13 11:38 - 000690457 _____ C:\Users\guyto\Documents\CARTE IDENTITE GUY.pdf
2021-04-12 13:02 - 2021-04-12 13:02 - 000254813 _____ C:\Users\guyto\Documents\SCANNER AVRIL 2021.pdf
2021-04-09 22:40 - 2021-04-09 22:40 - 000093433 _____ C:\Users\guyto\Downloads\DuplicataDecompte01PMJ005.pdf
2021-04-08 15:01 - 2021-04-08 15:02 - 000006662 _____ C:\Users\guyto\Downloads\2021_03_MAILLE_STEPHANE.pdf
2021-04-07 08:20 - 2021-04-07 08:34 - 000010105 _____ C:\Users\guyto\Documents\BOLATRE RESILIA LIERNAIS.xlsx
2021-04-01 19:37 - 2021-04-01 19:37 - 000035622 _____ C:\Users\guyto\Downloads\Fac_C1030261.pdf
2021-04-01 10:04 - 2021-04-01 10:04 - 000397739 _____ C:\Users\guyto\Downloads\XP_R210300580.PDF
2021-04-01 09:38 - 2021-04-01 09:38 - 001167007 _____ C:\Users\guyto\Downloads\offre_d_achat_ferme-605e130743e5832d4b490f22-0e264de6-5b7e-48c5-9ac9-84c500c5093a (1).pdf
2021-04-01 09:34 - 2021-04-01 09:34 - 001167007 _____ C:\Users\guyto\Downloads\offre_d_achat_ferme-605e130743e5832d4b490f22-0e264de6-5b7e-48c5-9ac9-84c500c5093a.pdf
2021-04-01 09:10 - 2021-04-01 09:10 - 000035620 _____ C:\Users\guyto\Downloads\Fac_C1020185.pdf
2021-04-01 09:07 - 2021-04-01 09:07 - 000037757 _____ C:\Users\guyto\Downloads\Fac_C1010079.pdf
2021-04-01 09:06 - 2021-04-01 09:06 - 000035442 _____ C:\Users\guyto\Downloads\Fac_C0120723.pdf
2021-04-01 09:06 - 2021-04-01 09:06 - 000035442 _____ C:\Users\guyto\Downloads\Fac_C0120723 (1).pdf
2021-03-31 20:46 - 2021-03-31 20:46 - 000146168 _____ C:\Users\guyto\Documents\19-03-2021-attestation-de-deplacement-derogatoire.pdf
2021-03-29 19:11 - 2021-03-30 10:18 - 000010282 _____ C:\Users\guyto\Documents\DIALLO M CONGE LOCATION.xlsx

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-27 05:19 - 2014-04-03 11:35 - 000000000 ____D C:\Users\Administrator
2021-04-26 22:40 - 2014-06-28 11:00 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-04-26 20:16 - 2018-03-26 09:48 - 000000000 ____D C:\Users\guyto\AppData\Roaming\ZHP
2021-04-26 19:22 - 2014-06-28 20:18 - 000805600 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-26 19:22 - 2014-06-28 20:18 - 000156456 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-26 19:22 - 2014-03-18 11:47 - 001817064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-26 19:22 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2021-04-26 18:31 - 2015-12-17 01:33 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1973530735-1661702653-2252766653-1001
2021-04-26 18:25 - 2015-12-30 17:11 - 000000000 ____D C:\Users\guyto\AppData\Local\CrashDumps
2021-04-26 18:19 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-26 18:19 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2021-04-26 18:18 - 2014-06-28 11:11 - 000000000 ____D C:\Program Files (x86)\Acer
2021-04-26 18:05 - 2015-12-17 01:17 - 000000000 ____D C:\Users\guyto
2021-04-26 17:27 - 2018-03-26 09:48 - 000000000 ____D C:\Users\guyto\AppData\Local\ZHP
2021-04-26 15:57 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2021-04-26 15:56 - 2018-02-17 15:29 - 000002556 _____ C:\Users\Public\Desktop\Norton Security.lnk
2021-04-23 08:24 - 2018-07-04 16:37 - 000002091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-22 10:52 - 2017-10-01 08:20 - 000760320 _____ C:\Users\guyto\Documents\COMPTE VOLLEY.xls
2021-04-22 10:38 - 2015-12-30 11:20 - 000380928 _____ C:\Users\guyto\Documents\BANQUE VOLLEY 1.xls
2021-04-21 10:14 - 2015-12-17 16:08 - 000003502 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 10:14 - 2015-12-17 16:08 - 000003374 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-21 10:07 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-18 02:43 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2021-04-17 16:17 - 2015-12-22 00:32 - 000000000 ____D C:\Program Files\Common Files\AV
2021-04-17 16:01 - 2015-12-18 11:09 - 000016740 _____ C:\Users\guyto\Documents\TENSION ARTERIELLE.xlsx
2021-04-17 15:59 - 2020-01-03 19:14 - 000026768 _____ C:\Users\guyto\Documents\SIG GUY 2020 2021.xlsx
2021-04-17 15:46 - 2018-02-11 15:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\NGCx64
2021-04-17 15:45 - 2013-08-22 16:44 - 000372088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-14 12:30 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-14 12:21 - 2015-12-18 03:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-14 12:14 - 2015-12-18 03:06 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-13 09:31 - 2021-02-15 13:06 - 000050176 _____ C:\Users\guyto\Documents\VENTES JANVIER 2021 CONSULTING.xls
2021-04-13 09:17 - 2020-12-19 10:25 - 000050176 _____ C:\Users\guyto\Documents\VENTES NOVEMBRE 2020 CONSULTING.xls
2021-04-13 09:16 - 2021-01-18 11:33 - 000050176 _____ C:\Users\guyto\Documents\VENTES DECEMBRE 2020 CONSULTING.xls
2021-04-13 09:11 - 2021-03-22 09:43 - 000049664 _____ C:\Users\guyto\Documents\VENTES FEVRIER 2021 CONSULTING.xls
2021-04-13 08:02 - 2015-12-18 11:03 - 000024625 _____ C:\Users\guyto\Desktop\DIABETE.xlsx
2021-04-12 08:05 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-04-12 08:05 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-04-12 08:05 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-12 08:05 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-04-12 08:04 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-12 04:12 - 2019-03-09 09:15 - 000002352 _____ C:\Users\guyto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2021-04-12 04:12 - 2017-07-19 23:52 - 000003164 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1973530735-1661702653-2252766653-1001
2021-04-09 20:11 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-09 20:07 - 2016-02-04 18:33 - 000000000 ____D C:\Program Files\Microsoft Office 15

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2021-04-26 17:44
==================== Fin de FRST.txt ========================