Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Exécuté par Samantha (administrateur) sur SAMANTHA-PC (05-04-2021 16:34:44)
Exécuté depuis C:\Users\Samantha\Desktop
Profils chargés: Samantha
Platform: Windows 10 Pro Version 20H2 19042.906 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <3>
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\119.4.1772\QtWebEngineProcess.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(INDEX EDUCATION SASU -> Index Education) C:\Program Files (x86)\index education\mise a jour automatique\ServiceMiseAJourIndex.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Samantha\AppData\Local\Microsoft\OneDrive\21.030.0211.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Samantha\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [7991528 2021-03-30] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-2989765749-1729005252-1676434015-1001\...\Run: [Discord] => C:\Users\Samantha\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKLM\...\Print\Monitors\HP CC11 Status Monitor: C:\WINDOWS\system32\hpinkstsCC11LM.dll [391992 2019-03-15] (HP Inc -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-03-31] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
HKU\S-1-5-21-2989765749-1729005252-1676434015-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {056D38FA-7F5F-466D-9AA4-1353ED7F0E6B} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0F984D50-7E07-419B-90CE-262B5BE6A736} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1B3F0B7A-998D-41AE-9C8C-AF46FBDFFC7F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2033E888-C983-4026-8F9E-3EEEB06A30E3} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {22F44E9B-29CE-4192-9031-2139CAF0BB4B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {28B8D43D-63B2-43F6-863C-92A3D2012E5A} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {2AC22D14-BB50-4BEA-8D78-45F391AA3B7A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23080824 2021-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DBCCE2D-4E8A-44CE-BA13-8BD97BC254A4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {358686E6-EAC8-4741-9DBD-E85EF4DC6197} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4EB0E6BC-94E8-450E-AF66-D068E185CFA8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {513E0B50-B8B7-47F0-BE4D-A63E13688B3D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {619FD0BC-7B6D-468E-BF7B-43EB5688F130} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {6DB37492-E8EF-4968-83DB-D0D3FF189377} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {6ED4DFB5-9AEC-4416-AECE-69F04B1EB488} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141184 2021-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6FE3147A-E44E-4939-84DA-8EA7EF8F3144} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1511320 2021-03-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7AD40B49-1184-4D15-BE46-BD41511365F6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7EE099F9-5DAA-4871-8DF8-6BA5977F82EE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {86D42F94-5D1B-4846-A316-4FD1870E1720} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BBDB228-1BC0-4644-AA81-44B50BDB88F9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8BE29AEC-977D-42D0-AC0D-228C40ADB321} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {983707B7-DE06-4E72-8C8D-6644836D8B67} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {994B0A0C-A445-4790-B67C-099C17710C79} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {9EBAC088-1200-48DA-87CD-C8FB853D9448} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FFB9A25-C9A8-4347-A3D2-2429E6FC63A7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A4107C7A-D798-40E6-B47E-AC18EA0756E5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A943C3B4-C444-4F3E-A485-D64E4A7A14F4} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AC27C458-71ED-4EF3-A82A-731D6874A793} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {BB2B6BE2-6C5C-4313-85CC-DC118E76E6BB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF9DC68D-6A8A-4955-9126-3769536B6EB0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-04-29] (Google Inc -> Google Inc.)
Task: {D74455B8-7A43-40D4-9A89-25637968B549} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-25] (Mozilla Corporation -> Mozilla Foundation)
Task: {E1CCB4C3-48D2-46BA-8430-8FE9B5AAC089} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EDBC1683-3370-4842-BF73-9558186FC5FC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F20AFE41-60B1-41D8-B2C6-CD9C7432112C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-30] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F71527B5-16FE-44A3-AA26-A691007E86D4} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {FEC209AC-42F4-4D5F-8400-6DE2A527D008} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\..\Interfaces\{d7b0749f-1d6d-4ee4-806f-5a9a231973dd}: [NameServer] 80.67.169.12,80.67.169.40

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Samantha\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-05]

FireFox:
========
FF DefaultProfile: di6421j5.default-1617539538399
FF ProfilePath: C:\Users\Samantha\AppData\Roaming\Mozilla\Firefox\Profiles\di6421j5.default-1617539538399 [2021-04-05]
FF Extension: (uBlock Origin) - C:\Users\Samantha\AppData\Roaming\Mozilla\Firefox\Profiles\di6421j5.default-1617539538399\Extensions\uBlock0@raymondhill.net.xpi [2021-04-04]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [Fichier non signé]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default [2021-04-05]
CHR Extension: (Slides) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-23]
CHR Extension: (Docs) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-23]
CHR Extension: (Google Drive) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-12]
CHR Extension: (YouTube) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-29]
CHR Extension: (uBlock Origin) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-04-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-04-04]
CHR Extension: (Sheets) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-23]
CHR Extension: (Google Docs hors connexion) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-05]
CHR Extension: (Gmail) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-12]
CHR Extension: (Chrome Media Router) - C:\Users\Samantha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8990072 2021-03-11] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-30] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-04-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [44272 2021-03-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 MajIndexEducationService; C:\program files (x86)\index education\mise a jour automatique\ServiceMiseAJourIndex.exe [3326056 2020-07-21] (INDEX EDUCATION SASU -> Index Education)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-05] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2018-04-08] (Reason Software Company Inc. -> Reason Software Company Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\NisSrv.exe [2483616 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2102.4-0\MsMpEng.exe [128376 2021-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-05] (Malwarebytes Inc -> Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [420072 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72952 2021-03-16] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-05 16:34 - 2021-04-05 16:36 - 000019255 _____ C:\Users\Samantha\Desktop\FRST.txt
2021-04-05 16:33 - 2021-04-05 16:35 - 000000000 ____D C:\FRST
2021-04-05 16:31 - 2021-04-05 16:31 - 002298368 _____ (Farbar) C:\Users\Samantha\Desktop\FRST64.exe
2021-04-05 08:07 - 2021-04-05 08:07 - 000000112 ___SH C:\bootTel.dat
2021-04-05 05:58 - 2021-04-05 05:58 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-05 05:58 - 2021-04-05 05:58 - 000002028 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-04-05 05:58 - 2021-04-05 05:58 - 000000000 ____D C:\Users\Samantha\AppData\Local\mbam
2021-04-05 05:57 - 2021-04-05 05:57 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-05 05:57 - 2021-04-05 05:57 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-05 05:57 - 2021-04-05 05:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-05 05:57 - 2021-04-05 05:56 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-05 05:56 - 2021-04-05 05:56 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-04 18:09 - 2021-04-04 18:09 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-04 18:09 - 2021-04-04 18:09 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-04 17:38 - 2021-04-04 17:38 - 000000000 ____D C:\Users\Samantha\AppData\Roaming\IrfanView
2021-04-04 17:38 - 2021-04-04 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2021-04-04 17:38 - 2021-04-04 17:38 - 000000000 ____D C:\Program Files\IrfanView
2021-04-04 17:37 - 2021-04-04 17:37 - 000000884 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk
2021-04-04 17:37 - 2021-04-04 17:37 - 000000000 ____D C:\Users\Samantha\AppData\Roaming\Notepad++
2021-04-04 17:37 - 2021-04-04 17:37 - 000000000 ____D C:\ProgramData\shimgen
2021-04-04 17:37 - 2021-04-04 17:37 - 000000000 ____D C:\Program Files\Notepad++
2021-04-04 14:32 - 2021-04-04 14:32 - 000000000 ____D C:\Users\Samantha\Desktop\Anciennes données de Firefox
2021-04-04 11:03 - 2021-04-04 11:03 - 000000000 ____D C:\Users\Samantha\AppData\Roaming\NuGet
2021-04-04 11:03 - 2021-04-04 11:03 - 000000000 ____D C:\Users\Samantha\AppData\Local\OO Software
2021-04-04 11:03 - 2021-04-04 11:03 - 000000000 ____D C:\Users\Samantha\AppData\Local\NuGet
2021-04-04 11:03 - 2021-04-04 11:03 - 000000000 ____D C:\ProgramData\chocolatey
2021-04-03 14:39 - 2021-04-03 14:39 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-03-31 02:25 - 2021-03-31 02:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2021-03-30 19:52 - 2021-03-30 19:52 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2021-03-30 19:52 - 2021-03-30 19:52 - 000044272 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2021-03-30 09:59 - 2021-03-30 09:59 - 001403760 _____ (O&O Software GmbH) C:\WINDOWS\system32\OOSU10.exe
2021-03-25 23:35 - 2021-03-25 23:35 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-25 21:50 - 2021-04-03 18:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-17 17:42 - 2021-03-17 17:42 - 000002432 _____ C:\Users\Samantha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-03-17 17:42 - 2021-03-17 17:42 - 000000000 ____D C:\Users\Samantha\AppData\Roaming\Teams
2021-03-11 09:32 - 2021-03-11 09:32 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-03-11 09:32 - 2021-03-11 09:32 - 000480256 _____ C:\WINDOWS\system32\AssignedAccessCsp.dll
2021-03-11 09:31 - 2021-03-11 09:31 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-03-11 09:31 - 2021-03-11 09:31 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-03-11 09:31 - 2021-03-11 09:31 - 000611952 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-03-11 09:30 - 2021-03-11 09:30 - 001822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-03-11 09:30 - 2021-03-11 09:30 - 001394024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-03-11 09:30 - 2021-03-11 09:30 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-03-11 09:29 - 2021-03-11 09:29 - 000707016 _____ C:\WINDOWS\system32\TextShaping.dll
2021-03-11 09:29 - 2021-03-11 09:29 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-03-11 09:29 - 2021-03-11 09:29 - 000091136 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-03-08 17:17 - 2021-03-08 17:17 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-04-05 16:34 - 2019-02-17 19:55 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-05 16:34 - 2017-04-29 04:23 - 000000000 ____D C:\Users\Samantha\AppData\LocalLow\Mozilla
2021-04-05 16:30 - 2020-06-21 21:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-05 16:30 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-05 08:09 - 2017-07-04 12:22 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-05 08:08 - 2020-06-21 22:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-05 08:08 - 2020-06-21 21:54 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-05 06:36 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-04-05 06:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-05 06:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-05 05:57 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-04 23:05 - 2020-03-16 16:52 - 000000000 ____D C:\Users\Samantha\AppData\Roaming\discord
2021-04-04 18:11 - 2020-06-21 22:04 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-04 18:11 - 2019-12-07 16:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-04 18:11 - 2019-12-07 16:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-04 18:11 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-04 15:08 - 2018-05-22 22:38 - 000000000 ____D C:\Users\Samantha\AppData\Local\PlaceholderTileLogoFolder
2021-04-04 11:11 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-04 11:11 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-04 11:11 - 2017-12-07 11:28 - 000000000 ____D C:\Users\Samantha\AppData\Local\Packages
2021-04-03 18:28 - 2020-06-21 21:54 - 000530080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-03 18:27 - 2017-04-29 04:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-03 18:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-03 18:24 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-03 18:24 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-03 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-03 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-03 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-03 18:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-03 14:37 - 2020-06-21 22:02 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-03 11:36 - 2020-06-25 20:38 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-03-31 02:26 - 2017-04-30 11:32 - 000000000 ____D C:\Program Files (x86)\Dropbox
2021-03-25 23:35 - 2017-04-29 04:23 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-25 16:50 - 2020-11-15 20:41 - 000000000 ____D C:\Users\Samantha\Desktop\travaux HLP Te
2021-03-24 20:33 - 2020-06-11 10:06 - 000000000 ____D C:\Users\Samantha\Desktop\mamie
2021-03-24 14:53 - 2020-03-03 22:45 - 000000000 ____D C:\Users\Samantha\Desktop\travaux 1ère
2021-03-23 18:30 - 2017-04-29 04:49 - 000000000 ____D C:\Program Files\Microsoft Office
2021-03-17 17:42 - 2020-03-12 23:42 - 000000000 ____D C:\Users\Samantha\AppData\Local\SquirrelTemp
2021-03-17 17:29 - 2020-05-06 10:04 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2021-03-16 19:18 - 2018-02-15 22:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-03-13 18:14 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-03-12 23:39 - 2017-04-29 17:35 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-11 22:49 - 2019-12-07 16:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2021-03-11 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-03-11 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-03-11 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-03-11 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-03-11 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-03-11 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-03-11 22:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-03-10 08:21 - 2017-04-29 08:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-03-10 08:17 - 2017-04-29 08:07 - 131005360 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-03-09 20:25 - 2020-06-21 22:20 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2989765749-1729005252-1676434015-1001
2021-03-09 20:24 - 2020-06-21 18:26 - 000002463 _____ C:\Users\Samantha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-03-07 00:29 - 2017-04-30 11:32 - 000001214 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2021-03-07 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-03-07 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-03-07 00:25 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-03-07 00:25 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing

==================== Fichiers à la racine de certains dossiers ========

2017-04-29 18:42 - 2017-04-29 18:42 - 000007601 _____ () C:\Users\Samantha\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================