Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Exécuté par PC (administrateur) sur DESKTOP-760AFFE (HP 460-a014nf) (08-01-2023 12:52:00)
Exécuté depuis C:\Users\PC\Contacts\Desktop
Profils chargés: PC
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.2364 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe ->) (Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(DriverStore\FileRepository\c0325303.inf_amd64_4e99ed79cccac08d\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <21>
(explorer.exe ->) (NG PDF Lab) C:\Program Files\WindowsApps\6760NGPDFLab.PDFX_1.3.49.0_x64__sbe4t8mqwq93a\FileWatcher\FileWatcher.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0325303.inf_amd64_4e99ed79cccac08d\atiesrxx.exe
(services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.8.0\ABService.exe
(services.exe ->) (CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21256.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21256.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [Fichier non signé]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11327200 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-2130443135-54271296-3300602816-1001\...\Run: [MyDriveConnect.exe] => C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe [2238832 2022-09-01] (TomTom International B.V. -> TomTom)
HKU\S-1-5-21-2130443135-54271296-3300602816-1001\...\Run: [MicrosoftEdgeAutoLaunch_B47356396DDD0FAAE76D0ED141F5CEA2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879368 2023-01-05] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2022-11-19]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {1AE716E2-2F19-451C-9B0C-513057E7036D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1C167256-FC67-4C28-B81D-318807AC54D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2022-11-28] (HP Inc. -> HP Inc.)
Task: {25EA7478-4B30-4035-AC99-8AF244B2D74A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2017-10-26] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {33462DFE-1EA3-4DDC-9293-47847E35E3B6} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {444BAFBD-A8A1-41D1-9933-0BF6E1BE27DF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-11-28] (HP Inc. -> HP Inc.)
Task: {52D45FF4-8CE3-4D80-A0EA-E1EAB5C9634B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Accès refusé]
Task: {52E893F8-0E5D-4626-9888-7F4203FFA51E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {58F24F0D-F86F-4910-8FFC-11EF0E33D79D} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe (Pas de fichier)
Task: {612507A1-6CCD-4698-99AA-55DDB5B537F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Accès refusé]
Task: {641B8861-82FB-4511-B274-FD3A9730050B} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9279544 2018-09-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {7E2573B1-4099-4DC7-A7EC-1E4F3DDCEE14} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {81C081C9-53FA-446A-BA0B-DFFE24AFCE1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {A5E3319B-DA08-44F9-B1B0-A3BC16CFCB4D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Accès refusé]
Task: {CC6F7176-66F2-445F-8601-7BE65563317B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-11-28] (HP Inc. -> HP Inc.)
Task: {D4632F4E-4545-47EE-B1EB-FB166E8CF5F5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1552376 2022-09-26] (Adobe Inc. -> Adobe Inc.)
Task: {DE762CD9-CD62-4BA0-B312-9AA10682B157} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E4AA2226-1E1E-4ACA-B9ED-05061C640B19} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation) [Accès refusé]
Task: {E9F7E7EB-A702-4685-A276-7F8FADA5FCC3} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier)
Task: {EA76608C-0223-47E7-A12C-4115860DDDA9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC16F256-E5E8-424F-A5E3-8BA84DBA754A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F358F84E-7353-47E6-AAF5-C5C71A4304B8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114656 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {F7EC77A8-0617-440F-B67D-AF81EDD695EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {FD47D2A7-F319-4497-A2F8-B1D1105340EF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26308584 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {FEB2F498-1218-4D28-BE2C-0EEF10DF22B8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f5165607-3dbe-4ea2-82e5-b5b680559a32}: [DhcpNameServer] 192.168.1.254

Edge:
=======
DownloadDir: C:\Users\PC\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2130443135-54271296-3300602816-1001 -> about:start
Edge Notifications: HKU\S-1-5-21-2130443135-54271296-3300602816-1001 -> hxxps://www.letour.fr; hxxps://www.fnac.com; hxxps://lesdiscutailleursfan.forumperso.com
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-08]
Edge Notifications: Default -> hxxps://entreprise.one; hxxps://fr.journalmural.com; hxxps://sitenolwennmapassion.forumactif.com; hxxps://tv-programme.com; hxxps://vavavoomproductions.com; hxxps://www.eurosport.fr; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.lanouvellerepublique.fr; hxxps://www.rougegorge.com; hxxps://www.sncf-connect.com
Edge HomePage: Default -> hxxp://hp17win10.msn.com/?pc=HCTE
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-12-13]
Edge Extension: (uBlock Origin) - C:\Users\PC\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-12-23]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-11-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-03] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2022-09-26] (Adobe Inc. -> Adobe Inc.)
R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.8.0\ABService.exe [1088560 2021-12-15] (AOMEI International Network Limited -> AOMEI International Network Limited)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12540928 2022-12-16] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-12] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2022-12-25] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [787512 2022-10-26] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [786512 2022-10-26] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [782904 2022-10-26] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [787016 2022-10-26] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8892256 2022-12-17] (Malwarebytes Inc. -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2022-02-24] (AOMEI International Network Limited -> )
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2022-06-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2022-12-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [197088 2023-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [76216 2023-01-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-12-15] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181816 2023-01-08] (Malwarebytes Inc. -> Malwarebytes)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166752 2019-07-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld20ffa59; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B09E5ABA-B441-4222-A9E5-E23BE04E076D}\MpKslDrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-01-08 12:47 - 2023-01-08 12:54 - 000000000 ____D C:\FRST
2023-01-08 12:44 - 2023-01-08 12:44 - 002434048 _____ (Farbar) C:\Users\PC\Downloads\FRST64-2.1.exe
2023-01-08 11:22 - 2023-01-08 11:22 - 000181816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-01-07 23:39 - 2023-01-07 23:35 - 000436626 _____ C:\Users\PC\Documents\effectuer un massage des sinus carotidiens.pdf
2023-01-07 23:30 - 2023-01-07 23:35 - 000436626 _____ C:\Users\PC\Downloads\effectuer un massage des sinus carotidiens.pdf
2023-01-06 17:57 - 2023-01-06 17:57 - 000028784 _____ C:\Users\PC\Downloads\Ticket CB (3).pdf
2023-01-06 17:55 - 2023-01-06 17:55 - 000045954 _____ C:\Users\PC\Downloads\Ticket de caisse_06012023-164804.pdf
2023-01-05 12:01 - 2023-01-05 12:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2023-01-04 15:41 - 2023-01-04 16:38 - 005020672 _____ C:\Users\PC\Downloads\Liste+des+canaux+affectés+aux+multiplex+de+la+TNT+en+métropole+et+outremer (2).xls
2023-01-04 00:44 - 2023-01-04 00:44 - 000000993 _____ C:\Users\PC\Downloads\12-01-2023-a-15h00 (1).ics
2023-01-04 00:43 - 2023-01-04 00:44 - 000000993 _____ C:\Users\PC\Downloads\12-01-2023-a-15h00.ics
2023-01-03 14:43 - 2023-01-03 14:47 - 000000000 ____D C:\Users\PC\Documents\Viventer 2023
2023-01-03 14:41 - 2023-01-03 14:41 - 000978675 _____ C:\Users\PC\Documents\attestation mutuelle serge 2023.pdf
2023-01-03 14:30 - 2023-01-03 14:30 - 000978685 _____ C:\Users\PC\Documents\attestation mutuelle Martine.pdf
2023-01-03 14:30 - 2023-01-03 14:30 - 000958514 _____ C:\Users\PC\Downloads\attestation (17).pdf
2023-01-03 14:28 - 2023-01-03 14:28 - 000958526 _____ C:\Users\PC\Downloads\attestation (16).pdf
2023-01-03 11:00 - 2023-01-03 11:00 - 000150898 _____ C:\Users\PC\Downloads\8R44572813125 (1).pdf
2023-01-02 16:45 - 2023-01-02 16:45 - 000000000 ___HD C:\$WinREAgent
2023-01-01 23:06 - 2023-01-01 23:06 - 000100052 _____ C:\Users\PC\Downloads\archive (6).zip
2023-01-01 23:06 - 2023-01-01 23:06 - 000056563 _____ C:\Users\PC\Downloads\ebillet_2402506_2699237-22180620-10001836814414 (3).pdf
2023-01-01 23:05 - 2023-01-01 23:05 - 000056563 _____ C:\Users\PC\Downloads\ebillet_2402506_2699237-22180620-10001836814414 (2).pdf
2022-12-28 23:30 - 2022-12-28 23:30 - 000412137 _____ C:\Users\PC\Downloads\20220808-lignes-directrices-relatives-a-la-determination-des-sanctions-financieres.pdf
2022-12-27 13:36 - 2022-12-27 13:36 - 000478294 _____ C:\Users\PC\Downloads\facture_2402506 (1).pdf
2022-12-27 13:30 - 2022-12-27 13:30 - 000056563 _____ C:\Users\PC\Downloads\ebillet_2402506_2699237-22180620-10001836814414 (1).pdf
2022-12-27 10:28 - 2022-12-27 10:28 - 002287042 _____ C:\Users\PC\Documents\P19-20-vectorisées-avec-fond-perdurécap ordures ménagères pdf.pdf
2022-12-26 09:59 - 2022-12-26 09:59 - 000150898 _____ C:\Users\PC\Downloads\8R44572813125.pdf
2022-12-26 09:47 - 2022-12-26 09:47 - 000150898 _____ C:\Users\PC\Documents\Retour pantouffles astérix.PDF
2022-12-25 00:54 - 2022-12-25 00:54 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2022-12-23 23:17 - 2023-01-05 16:38 - 000024938 _____ C:\Users\PC\Documents\compte recap le 23 12 22.xlsx
2022-12-23 17:37 - 2022-12-23 17:37 - 000028539 _____ C:\Users\PC\Downloads\Ticket CB (2).pdf
2022-12-23 17:37 - 2022-12-23 17:37 - 000028539 _____ C:\Users\PC\Downloads\Ticket CB (1).pdf
2022-12-22 16:59 - 2022-12-22 16:59 - 000707106 _____ C:\Users\PC\Downloads\Résumé de garanties frais de santé (1).pdf
2022-12-22 16:59 - 2022-12-22 16:59 - 000707106 _____ C:\Users\PC\Documents\Résumé de garanties frais de santé 2023 viventer.pdf
2022-12-22 16:44 - 2022-12-22 16:44 - 000047203 _____ C:\Users\PC\Downloads\E_01_Echeancier_Vivinter_8694975331254039311.pdf
2022-12-22 16:44 - 2022-12-22 16:44 - 000047203 _____ C:\Users\PC\Downloads\E_01_Echeancier_Vivinter_8694975331254039311 (1).pdf
2022-12-22 00:38 - 2022-12-22 00:38 - 000011892 _____ C:\Users\PC\Downloads\ReleveMensuelNovembre2022.pdf
2022-12-21 00:53 - 2022-12-21 00:53 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (8).xlsx
2022-12-15 11:06 - 2022-12-15 11:06 - 000257593 _____ C:\Users\PC\Documents\Statines - Ce que vos patients doivent savoir.pdf
2022-12-12 22:27 - 2022-12-12 22:27 - 000000000 ___HD C:\$Windows.~WS
2022-12-12 00:15 - 2022-12-12 00:15 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (7).xlsx
2022-12-11 23:31 - 2022-12-11 23:31 - 030466504 _____ (Rene.E Laboratory ) C:\Users\PC\Downloads\ReneeBecca_Latest (1).exe
2022-12-11 22:57 - 2022-12-11 23:00 - 030466504 _____ (Rene.E Laboratory ) C:\Users\PC\Downloads\ReneeBecca_Latest.exe
2022-12-11 22:08 - 2022-12-12 00:10 - 000008889 _____ C:\Users\PC\Documents\courbes évolution cholesterol.xlsx
2022-12-11 12:14 - 2022-12-11 12:14 - 000108792 _____ C:\Users\PC\Downloads\BP2212090081_exportKaliRes_P_202212091523071 (3).pdf
2022-12-11 12:10 - 2022-12-11 12:11 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (6).xlsx
2022-12-11 12:10 - 2022-12-11 12:10 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (5).xlsx
2022-12-11 12:10 - 2022-12-11 12:10 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (4).xlsx
2022-12-11 12:09 - 2022-12-11 12:09 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (3).xlsx
2022-12-10 15:39 - 2022-12-10 15:39 - 001651246 _____ C:\Users\PC\Downloads\expression-home-xp-5205-datasheet.pdf
2022-12-10 15:11 - 2022-12-10 15:11 - 000108792 _____ C:\Users\PC\Downloads\BP2212090081_exportKaliRes_P_202212091523071 (2).pdf
2022-12-10 14:52 - 2022-12-10 14:52 - 000182979 _____ C:\Users\PC\Downloads\BP2210050107_exportKaliRes_P_202210051750021 (16).pdf
2022-12-10 14:46 - 2022-12-10 14:46 - 000108792 _____ C:\Users\PC\Downloads\BP2212090081_exportKaliRes_P_202212091523071 (1).pdf
2022-12-10 14:45 - 2022-12-10 14:45 - 000068602 _____ C:\Users\PC\Downloads\BP2212090082_exportKaliRes_P_202212091848431 (2).pdf
2022-12-10 14:42 - 2022-12-11 00:48 - 000011424 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (2).xlsx
2022-12-10 14:26 - 2022-12-10 14:26 - 000069830 _____ C:\Users\PC\Downloads\BP2205130052_exportKaliRes_P_202205131523401 (11).pdf
2022-12-10 13:16 - 2022-12-10 13:16 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang (1).xlsx
2022-12-10 13:10 - 2022-12-10 13:10 - 000182979 _____ C:\Users\PC\Downloads\BP2210050107_exportKaliRes_P_202210051750021 (15).pdf
2022-12-10 13:07 - 2022-12-10 13:07 - 000011203 _____ C:\Users\PC\Downloads\Surveillance-prise-de-sang.xlsx
2022-12-10 11:36 - 2022-12-10 11:36 - 000108792 _____ C:\Users\PC\Downloads\BP2212090081_exportKaliRes_P_202212091523071.pdf
2022-12-09 22:53 - 2022-12-09 22:53 - 000182979 _____ C:\Users\PC\Downloads\BP2210050107_exportKaliRes_P_202210051750021 (14).pdf
2022-12-09 20:09 - 2022-12-09 20:09 - 000069830 _____ C:\Users\PC\Downloads\BP2205130052_exportKaliRes_P_202205131523401 (10).pdf
2022-12-09 20:06 - 2022-12-09 20:06 - 000068602 _____ C:\Users\PC\Downloads\BP2212090082_exportKaliRes_P_202212091848431 (1).pdf
2022-12-09 19:42 - 2022-12-09 19:42 - 000068602 _____ C:\Users\PC\Downloads\BP2212090082_exportKaliRes_P_202212091848431.pdf
2022-12-09 18:52 - 2022-12-09 18:52 - 000069830 _____ C:\Users\PC\Downloads\BP2205130052_exportKaliRes_P_202205131523401 (9).pdf
2022-12-09 13:37 - 2022-12-09 13:37 - 000182979 _____ C:\Users\PC\Downloads\BP2210050107_exportKaliRes_P_202210051750021 (13).pdf
2022-12-09 13:36 - 2022-12-09 13:36 - 000069830 _____ C:\Users\PC\Downloads\BP2205130052_exportKaliRes_P_202205131523401 (8).pdf
2022-12-09 13:04 - 2022-12-09 13:04 - 000044487 _____ C:\Users\PC\Downloads\BP2205130053_exportKaliRes_P_202205131753252 (5).pdf
2022-12-09 13:00 - 2022-12-09 13:00 - 000182979 _____ C:\Users\PC\Downloads\BP2210050107_exportKaliRes_P_202210051750021 (12).pdf
2022-12-09 12:55 - 2022-12-09 12:55 - 000093117 _____ C:\Users\PC\Downloads\SO000000989149_1 (1).pdf
2022-12-09 12:47 - 2022-12-09 12:47 - 000182979 _____ C:\Users\PC\Downloads\BP2210050107_exportKaliRes_P_202210051750021 (11).pdf
2022-12-09 12:43 - 2022-12-09 12:43 - 000182979 _____ C:\Users\PC\Downloads\BP2210050107_exportKaliRes_P_202210051750021 (10).pdf
2022-12-09 10:52 - 2022-12-09 10:52 - 000013154 _____ C:\Users\PC\Documents\Retour tea schirt noir00465969.pdf
2022-12-09 10:25 - 2022-12-09 10:25 - 000093117 _____ C:\Users\PC\Downloads\SO000000989149_1.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-01-08 12:52 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-08 12:07 - 2018-09-03 11:48 - 000000000 ____D C:\Users\PC\AppData\Local\Dropbox
2023-01-08 11:50 - 2020-07-12 10:42 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2023-01-08 11:27 - 2021-07-04 16:09 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{58D0B303-304A-45AF-AC5B-0E281A6A645F}
2023-01-08 11:21 - 2022-02-24 10:48 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2023-01-08 11:21 - 2022-02-24 10:48 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2023-01-08 11:21 - 2021-07-04 16:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-08 11:21 - 2020-08-18 22:05 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-08 11:20 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-08 11:20 - 2018-03-21 10:42 - 000000000 ____D C:\ProgramData\Realtek
2023-01-08 11:20 - 2018-03-21 10:40 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2023-01-08 10:48 - 2021-06-06 12:03 - 000000000 ____D C:\Users\PC\AppData\LocalLow\IGDump
2023-01-08 10:33 - 2021-07-04 15:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-08 09:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-08 09:47 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-08 00:03 - 2022-10-11 20:21 - 000014667 _____ C:\Users\PC\Documents\med cholesterol acide folique aspirine.xlsx
2023-01-07 23:47 - 2018-04-01 11:03 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2023-01-07 17:51 - 2018-04-05 16:08 - 000000000 ____D C:\Users\PC\Documents\serge
2023-01-07 12:21 - 2020-01-27 10:32 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-07 12:21 - 2020-01-27 10:32 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-01-05 12:06 - 2016-10-25 06:09 - 000000000 ____D C:\Program Files (x86)\Dropbox
2023-01-04 23:33 - 2021-07-04 16:09 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-04 23:33 - 2021-07-04 16:09 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-03 15:47 - 2021-07-04 14:22 - 000000000 ____D C:\Users\PC
2023-01-03 14:19 - 2021-02-21 22:19 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-03 10:43 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-02 17:58 - 2021-07-04 15:46 - 001924286 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-02 17:58 - 2019-12-07 15:49 - 000831904 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-02 17:58 - 2019-12-07 15:49 - 000167670 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-02 17:51 - 2021-07-04 15:22 - 000404120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-02 17:48 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-01-02 17:46 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-02 17:28 - 2021-07-04 15:28 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-02 15:11 - 2018-03-31 15:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-01-02 15:03 - 2018-03-31 15:20 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-01 12:02 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-12-19 10:22 - 2022-07-25 21:38 - 000000000 ____D C:\Users\PC\Documents\courses classement retrouvés
2022-12-17 14:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-12-16 23:09 - 2016-10-25 06:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-12-15 22:21 - 2018-07-14 23:13 - 000000000 ____D C:\Users\PC\Documents\CR OP Saint aubert
2022-12-14 22:14 - 2022-01-27 09:54 - 000002415 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-12-14 22:14 - 2021-12-12 21:32 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2130443135-54271296-3300602816-1001
2022-12-14 22:14 - 2021-07-04 16:09 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2130443135-54271296-3300602816-1001
2022-12-14 15:56 - 2022-10-24 16:44 - 000000000 ____D C:\Users\PC\Documents\Suivi arteres et Veines Martine
2022-12-13 19:09 - 2021-07-04 16:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-12-12 22:27 - 2021-07-04 11:45 - 000000000 ___DC C:\WINDOWS\Panther
2022-12-09 19:35 - 2018-03-31 21:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== Fichiers à la racine de certains dossiers ========

2018-03-21 14:15 - 2023-01-08 12:05 - 006202224 _____ () C:\Users\PC\AppData\Local\BTServer.log
2020-10-08 12:26 - 2022-02-13 15:52 - 000010240 _____ () C:\Users\PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-04-07 07:10 - 2018-04-07 07:10 - 000000017 _____ () C:\Users\PC\AppData\Local\resmon.resmoncfg

==================== FLock ==============================

2018-03-31 15:40 C:\WINDOWS\UpdateAssistant

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================