Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2021
Exécuté par PC (administrateur) sur DESKTOP-760AFFE (HP 460-a014nf) (30-06-2021 13:26:56)
Exécuté depuis C:\Users\PC\Contacts\Desktop
Profils chargés: PC
Platform: Windows 10 Home Version 21H1 19043.1055 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0325303.inf_amd64_4e99ed79cccac08d\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Hewlett-Packard Company -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Fichier non signé]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Fichier non signé]
HKU\S-1-5-21-2130443135-54271296-3300602816-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2216416 2020-09-02] (TomTom International B.V. -> TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-10-25]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs () [Fichier non signé]
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-06-13]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {1198E362-6BD7-40C9-BAA8-157775AC064D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-06-16] (HP Inc. -> HP Inc.)
Task: {22B4C7D7-AE62-42A4-8B2C-FD1FE2CAB7CD} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {25EA7478-4B30-4035-AC99-8AF244B2D74A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2017-10-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {29882B5B-7A3D-4A46-80F3-030EFA80385F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {33462DFE-1EA3-4DDC-9293-47847E35E3B6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-31] (Dropbox, Inc -> Dropbox, Inc.)
Task: {444BAFBD-A8A1-41D1-9933-0BF6E1BE27DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {4AB0014A-0AB5-4ADD-9345-3158A51E0347} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {52FB5F2B-7707-42B1-973B-F2A57A2A7E51} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {58F24F0D-F86F-4910-8FFC-11EF0E33D79D} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-07-28] (HP Inc. -> )
Task: {5FE17693-594A-4660-A402-C416DFDFCEDD} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {617895AF-E626-4FD1-B873-62697664352C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {641B8861-82FB-4511-B274-FD3A9730050B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {6FAB8C80-3E9B-4BDA-9C93-02A9EA2EC940} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {732BE362-7DBC-47B2-9822-845257948586} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {81C081C9-53FA-446A-BA0B-DFFE24AFCE1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {A6F05475-1D1D-407C-BC54-0AA6E8AD8F9C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {C8E0F1A1-B5BA-4C3F-9905-96A0FD2EA9DF} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124856 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {DBD11F98-1F30-495F-9EC8-805343318134} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {E081FED4-8D48-4772-BC12-8E5A2FF29936} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {E21AE622-689B-4AEB-A8AD-D5523D355E13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {E666CC05-B7F5-4493-BE6C-151D2A870E78} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {E9F7E7EB-A702-4685-A276-7F8FADA5FCC3} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {EA8178DE-1C77-4845-A2F3-887663BC7C95} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {EC16F256-E5E8-424F-A5E3-8BA84DBA754A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-31] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EF3EF245-1CDA-4BCE-80E0-9F9244F40A26} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {F7EC77A8-0617-440F-B67D-AF81EDD695EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f5165607-3dbe-4ea2-82e5-b5b680559a32}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\PC\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2130443135-54271296-3300602816-1001 -> about:start
Edge Notifications: HKU\S-1-5-21-2130443135-54271296-3300602816-1001 -> hxxps://www.letour.fr; hxxps://www.fnac.com; hxxps://lesdiscutailleursfan.forumperso.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (uBlock Origin) -> EdgeExtension_37833NikRollsuBlockOrigin_f8jsg5mm64m62 => C:\Program Files\WindowsApps\37833NikRolls.uBlockOrigin_1.15.24.0_neutral__f8jsg5mm64m62 [2021-06-29]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-30]
Edge DownloadDir: Default -> C:\Users\PC\Downloads
Edge Notifications: Default -> hxxps://fr.aliexpress.com; hxxps://fr.depositphotos.com; hxxps://lesdiscutailleursfan.forumperso.com; hxxps://niusdiario-by.accengage.net; hxxps://pkge.net; hxxps://sciencepost.fr; hxxps://tv-programme.com; hxxps://twitter.com; hxxps://www.closermag.fr; hxxps://www.conforama.fr; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.futura-sciences.com; hxxps://www.huffingtonpost.fr; hxxps://www.laredoute.fr; hxxps://www.lasexta.com; hxxps://www.letour.fr; hxxps://www.lightinthebox.com; hxxps://www.maisonsdumonde.com; hxxps://www.telestar.fr; hxxps://www.topsante.com; hxxps://www.youtube.com
Edge HomePage: Default -> hxxp://hp17win10.msn.com/?pc=HCTE
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-06-29]
Edge Extension: (uBlock Origin) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2021-06-29]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-05-28] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-06-03] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-31] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-03-31] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-07-28] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-26] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-13] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-03-28] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-10] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-30] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-10] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-06-30] (Malwarebytes Inc -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49568 2021-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425184 2021-06-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-30 10:20 - 2021-06-30 10:20 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-06-30 10:20 - 2021-06-30 10:20 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-06-30 10:20 - 2021-06-30 10:20 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-06-29 19:05 - 2021-06-29 19:06 - 002300416 _____ (Farbar) C:\Users\PC\Downloads\Non confirmé 438961.crdownload
2021-06-29 18:37 - 2021-06-29 18:37 - 000000000 ____D C:\Users\PC\Documents\FeedbackHub
2021-06-29 14:55 - 2021-06-29 14:55 - 002300416 _____ (Farbar) C:\Users\PC\Downloads\Non confirmé 612494.crdownload
2021-06-29 13:49 - 2021-06-29 14:26 - 000424380 _____ C:\WINDOWS\Minidump\062921-45343-01.dmp
2021-06-29 12:27 - 2021-06-29 12:27 - 000000000 ___HD C:\$SysReset
2021-06-28 14:47 - 2021-06-28 14:47 - 000000112 ___SH C:\bootTel.dat
2021-06-28 14:47 - 2021-06-28 14:47 - 000000000 __SHD C:\found.000
2021-06-26 21:51 - 2021-06-26 21:51 - 002300416 _____ (Farbar) C:\Users\PC\Downloads\Non confirmé 835737.crdownload
2021-06-26 00:13 - 2021-06-26 00:13 - 000000000 ____D C:\Users\PC\AppData\Local\OneDrive
2021-06-15 12:33 - 2021-06-15 12:33 - 000011453 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-14 16:22 - 2021-06-14 16:23 - 011320651 _____ C:\Users\PC\Downloads\Copie AAE avec annexes VENTE MARCHAND_CARASCO BONNET.pdf
2021-06-13 17:44 - 2021-06-13 17:44 - 011320651 _____ C:\Users\PC\Downloads\Copie AAE avec annexes VENTE MARCHAND_CARASCO BONNET.pdf
2021-06-13 13:38 - 2021-06-13 13:38 - 000572488 _____ C:\Users\PC\Downloads\20210422-covid-19-affiche-patients.pdf
2021-06-13 13:38 - 2021-06-13 13:38 - 000572488 _____ C:\Users\PC\Downloads\20210422-covid-19-affiche-patients (1).pdf
2021-06-12 23:03 - 2021-06-12 23:03 - 000584704 _____ C:\Users\PC\Downloads\trame cas de sortie4.ppt
2021-06-10 16:55 - 2021-06-10 16:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-10 16:55 - 2021-06-10 16:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-10 12:40 - 2021-06-10 12:40 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-10 12:40 - 2021-06-10 12:40 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-08 23:59 - 2021-06-08 23:59 - 000185481 _____ C:\Users\PC\Downloads\FORMULAIRE Loterie 2021.pdf
2021-06-08 16:02 - 2021-06-08 16:02 - 000096141 _____ C:\Users\PC\Documents\veolia 1er semestre 2021.pdf
2021-06-06 15:52 - 2021-06-06 15:58 - 000000000 ____D C:\Users\PC\Documents\Attestation vaccination 2 eme dose
2021-06-06 13:03 - 2021-06-29 12:54 - 000000000 ____D C:\Users\PC\AppData\LocalLow\IGDump
2021-06-06 10:30 - 2021-06-06 10:30 - 001173560 _____ (Akeo Consulting) C:\Users\PC\Downloads\rufus-3.14.exe
2021-06-05 22:28 - 2021-06-05 22:28 - 000298105 _____ C:\Users\PC\Downloads\table annuelle mariage décès (5).pdf
2021-06-05 22:28 - 2021-06-05 22:28 - 000298105 _____ C:\Users\PC\Downloads\table annuelle mariage décès (4).pdf
2021-06-05 22:28 - 2021-06-05 22:28 - 000298105 _____ C:\Users\PC\Downloads\table annuelle mariage décès (3).pdf
2021-06-05 22:27 - 2021-06-05 22:27 - 000033493 _____ C:\Users\PC\Downloads\tables annuelles 2016 (3).pdf
2021-06-05 22:26 - 2021-06-05 22:27 - 000033493 _____ C:\Users\PC\Downloads\tables annuelles 2016 (2).pdf
2021-06-05 13:46 - 2021-06-05 13:46 - 000298105 _____ C:\Users\PC\Downloads\table annuelle mariage décès (2).pdf
2021-06-03 14:39 - 2021-06-03 14:39 - 000293507 _____ C:\Users\PC\Downloads\ABS9074c919-8d16-11ea-ab89-005056a779dc.pdf
2021-06-02 20:09 - 2021-06-02 20:09 - 000122462 _____ C:\Users\PC\Downloads\IAN112161640DFSCNTDEMAT20160301212232000420.pdf
2021-06-02 20:09 - 2021-06-02 20:09 - 000122462 _____ C:\Users\PC\Downloads\IAN112161640DFSCNTDEMAT20160301212232000420 (1).pdf
2021-06-02 18:08 - 2021-06-02 18:12 - 000000000 ____D C:\Users\PC\Documents\Relevé km le 01 06 2021
2021-06-01 00:16 - 2021-06-01 00:16 - 000034421 _____ C:\Users\PC\Documents\Estimation montant retraite martine).pdf
2021-06-01 00:14 - 2021-06-01 00:14 - 000034421 _____ C:\Users\PC\Downloads\550166014900221988-01-012021-04-20-17.28.49.795611 (2).pdf
2021-05-31 17:31 - 2021-05-31 17:31 - 000277804 _____ C:\Users\PC\Downloads\billetimprimable1.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-30 13:28 - 2020-11-10 22:04 - 000000000 ____D C:\FRST
2021-06-30 13:26 - 2020-08-18 23:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-30 13:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-30 13:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-30 13:12 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-30 12:54 - 2020-07-12 11:42 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2021-06-30 10:27 - 2020-08-18 23:53 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{58D0B303-304A-45AF-AC5B-0E281A6A645F}
2021-06-30 10:18 - 2020-08-18 23:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-30 10:18 - 2020-08-18 23:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-30 10:18 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-30 10:18 - 2016-10-25 07:09 - 000001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-06-30 10:18 - 2016-10-25 07:09 - 000001222 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2021-06-30 10:17 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-30 10:17 - 2018-03-21 11:40 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2021-06-29 23:53 - 2018-03-31 10:52 - 000000000 ___RD C:\Users\PC\OneDrive
2021-06-29 23:52 - 2020-08-18 23:53 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2130443135-54271296-3300602816-1001
2021-06-29 23:52 - 2020-08-18 21:53 - 000002415 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-29 14:42 - 2018-04-01 12:03 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2021-06-29 14:36 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-06-29 14:36 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2021-06-29 14:36 - 2019-12-07 16:49 - 000000000 ____D C:\WINDOWS\system32\fr
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\dsc
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\downlevel
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Com
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\L2Schemas
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-06-29 14:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-29 14:35 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Portable Devices
2021-06-29 14:35 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2021-06-29 14:35 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2021-06-29 14:35 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2021-06-29 14:35 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2021-06-29 14:35 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2021-06-29 14:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-29 14:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-06-29 14:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\IME
2021-06-29 14:35 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-06-29 14:35 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-06-29 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2021-06-29 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2021-06-29 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2021-06-29 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\MUI
2021-06-29 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2021-06-29 14:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\IME
2021-06-29 14:27 - 2021-04-14 16:37 - 000000000 ____D C:\WINDOWS\Minidump
2021-06-29 14:26 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-29 14:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Containers
2021-06-29 14:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Branding
2021-06-29 14:22 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-06-29 14:22 - 2016-10-25 07:09 - 000000000 ____D C:\Program Files\Microsoft Office 15
2021-06-29 14:20 - 2020-01-27 11:32 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-29 14:20 - 2020-01-27 11:32 - 000002247 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-29 14:20 - 2020-01-27 11:32 - 000002247 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-06-29 13:55 - 2020-08-18 23:53 - 000004286 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2021-06-29 13:55 - 2020-08-18 23:53 - 000004054 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2021-06-29 13:51 - 2020-08-18 21:53 - 000000000 ____D C:\Users\PC
2021-06-29 13:49 - 2021-05-11 11:14 - 471016775 _____ C:\WINDOWS\MEMORY.DMP
2021-06-29 13:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-06-29 12:52 - 2016-10-25 07:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-06-26 16:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-06-26 10:54 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-19 12:13 - 2018-03-21 11:42 - 000000000 ____D C:\ProgramData\Realtek
2021-06-18 11:29 - 2018-03-31 13:05 - 000000000 ____D C:\Users\PC\AppData\Local\ElevatedDiagnostics
2021-06-13 12:09 - 2018-03-31 22:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-11 20:46 - 2021-02-21 23:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-10 17:47 - 2020-08-18 23:31 - 001924206 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-10 17:47 - 2019-12-07 16:49 - 000831884 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-10 17:47 - 2019-12-07 16:49 - 000167650 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-10 17:41 - 2020-08-18 23:05 - 000390592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-10 16:20 - 2018-03-31 16:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-10 16:16 - 2018-03-31 16:20 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-09 13:15 - 2018-07-05 12:07 - 000002103 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-06-06 11:04 - 2018-05-06 16:40 - 000000290 __RSH C:\ProgramData\ntuser.pol
2021-06-06 10:31 - 2018-05-06 16:40 - 000000149 _____ C:\Users\PC\Downloads\rufus.ini
2021-06-01 16:29 - 2021-04-14 14:49 - 000000000 ____D C:\Users\PC\Documents\Vaccin Covid nous
2021-06-01 12:21 - 2018-04-05 17:19 - 000000000 ____D C:\Users\PC\Documents\Ex Bureau

==================== Fichiers à la racine de certains dossiers ========

2018-03-21 15:15 - 2021-06-30 12:52 - 004269500 _____ () C:\Users\PC\AppData\Local\BTServer.log
2020-10-08 13:26 - 2020-10-08 13:28 - 000007680 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-07 08:10 - 2018-04-07 08:10 - 000000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================