Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
Exécuté par maeva (administrateur) sur AZAEL (TOSHIBA SATELLITE S50-B) (03-05-2021 20:52:21)
Exécuté depuis C:\Users\maeva\Desktop
Profils chargés: maeva
Platform: Windows 10 Home Version 20H2 19042.928 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\RMService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(GameHouse Europe B.V. -> GameHouse) C:\Program Files (x86)\GameHouse Games\aminstantservice.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Silhouette Research & Technology Ltd -> ) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe
(Spotify AB -> Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(TOSHIBA CORPORATION -> ) C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TssSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH -> Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3354856 2015-09-26] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [914648 2014-03-05] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830104 2014-01-14] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [179288 2014-01-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-10-09] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-2539059618-1822319508-3678612016-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google Inc -> Google)
HKU\S-1-5-21-2539059618-1822319508-3678612016-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [26424960 2016-06-29] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2539059618-1822319508-3678612016-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3416352 2020-10-07] (Valve -> Valve Corporation)
HKU\S-1-5-21-2539059618-1822319508-3678612016-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2014-04-15] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2539059618-1822319508-3678612016-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\maeva\AppData\Local\Microsoft\Teams\Update.exe [1790728 2019-11-15] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG5400 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBB.DLL [30208 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon MG5500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBU.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5400 series: C:\WINDOWS\system32\CNMLMBB.DLL [389120 2012-04-16] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2012-06-14] (CANON INC.) [Fichier non signé]
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {014AC074-774C-4AF2-86F3-337EE361CFE6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [699496 2013-09-24] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {073207ED-18C4-4874-B099-809499A1E1A4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {141F602E-2EDE-4AB0-BDB3-735B7E21E47D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {1F5DA72C-8853-4A05-8B5F-CF226D6A87D9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {205DF199-EEC2-487C-8E88-9DEA060F3AB4} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {43B98ABB-0171-4569-9883-854848599D72} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {4490F44F-6842-43CD-91AB-3684DCCE6B5C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {4D59587A-1356-4002-A971-410FED1984DE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5229504 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {5DC1EDF2-EC16-41A9-A47E-41AB0C58D33D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {71A94BBA-1567-4146-AEB8-D86190653CA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {758AD669-79A2-41F1-AAC6-10960877591B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498552 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {86AEEB94-9235-4295-9233-E56EAFC7D7B9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {8731A593-7E06-42AC-8DB7-10A539F6D216} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {8A5DA98B-EA69-4DB2-9CCC-DC7D358A99ED} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {98B08881-3F54-42B4-84E2-86E7739A7071} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {A639358B-D664-49E1-8DFF-D1A3D67E30D2} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [471416 2013-12-24] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
Task: {A8855A02-84B9-41F6-9022-571494FFBD68} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {C200F2AD-56CD-49F6-86B5-4D3DC53BC686} - System32\Tasks\GoogleUpdateTaskMachineCore1d0357aeff2171c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {C6862886-F07A-4014-9FA3-F6813EDEC5CA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23103392 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD126CFB-ED63-4429-A04D-79060439AC22} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [696304 2021-04-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D22DBDF4-DA53-4913-A554-CB1A9C62E826} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {D89F5BDD-D3AB-41BC-93F0-25996BF484F1} - \WPD\SqmUpload_S-1-5-21-2539059618-1822319508-3678612016-1001 -> Pas de fichier <==== ATTENTION
Task: {D924C98A-501D-4C26-9B21-139AAB2BD7F4} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {E924E81F-A337-4B24-A1DF-2272042C6954} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5229504 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F238DA2C-4DAC-4433-83E0-59B5D19E597D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141144 2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2C83292-DCE3-40AA-84A6-905F103F8CFC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {FC2712A3-39BF-4234-8DF5-1C5BCEA7D0A8} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {FD7B0FB7-7B50-436C-82A2-4E594D634238} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {FEB17B2F-1043-441A-B93C-FD1309F9924E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1a841754-5f44-4f30-8bdc-d25527827382}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{be766b11-201d-4854-8173-2d97be29bf16}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\maeva\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-27]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: p2cjd0wn.default
FF DefaultProfile: 3glqk7b1.default
FF ProfilePath: C:\Users\maeva\AppData\Roaming\Zotero\Zotero\Profiles\p2cjd0wn.default [2021-03-09]
FF ProfilePath: C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default [2021-05-03]
FF Session Restore: Mozilla\Firefox\Profiles\3glqk7b1.default -> est activé.
FF Extension: (Zotero Connector) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\zotero@chnm.gmu.edu.xpi [2021-03-13] [UpdateUrl:hxxps://www.zotero.org/download/connector/firefox/release/updates.json]
FF Extension: (Cats Love Hearts) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{17de15cd-11e0-46b3-bb17-5a87c96a5f8c}.xpi [2019-12-12]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-05-02]
FF Extension: (Christmas Welcome by M♥Donna) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{5de42e8b-dc9d-44ab-8383-25870e4903fa}.xpi [2020-02-01]
FF Extension: (peacock tail) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{696bbf89-20ef-4e12-ab36-418cd4424542}.xpi [2019-05-14]
FF Extension: (Spring Garden Serenity by MaDonna) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{9623927c-641b-4408-b5c1-55c439395826}.xpi [2020-01-17]
FF Extension: (ANIMATED Once upon a time...) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{ad9cfe20-a7e9-4992-8390-d87e30c10cb6}.xpi [2019-12-12]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Extension: (Running Foxes by MaDonna) - C:\Users\maeva\AppData\Roaming\Mozilla\Firefox\Profiles\3glqk7b1.default\Extensions\{dfb93b31-21ba-46fc-977d-46300ce0a76b}.xpi [2020-01-15]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-21] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AMInstantService; C:\Program Files (x86)\GameHouse Games\aminstantservice.exe [2041776 2016-10-26] (GameHouse Europe B.V. -> GameHouse)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8798600 2021-04-21] (Microsoft Corporation -> Microsoft Corporation)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\DSDFunctionKeyCtlService.exe [615776 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [21840 2014-03-21] (DTS, Inc. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-02-26] (WildTangent Inc -> WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-05-01] (Malwarebytes Inc -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119176 2017-01-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2181648 2017-01-14] (Electronic Arts, Inc. -> Electronic Arts)
R2 SilhouetteLink; C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe [897200 2016-12-06] (Silhouette Research & Technology Ltd -> )
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116088 2013-12-24] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\dynabookSystemService.exe [44767048 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\TOSTABSYSSVC.exe [296272 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\RMService.exe [446248 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-05-01] (Malwarebytes Inc -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-05-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-01] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-05-03] (Malwarebytes Inc -> Malwarebytes)
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [22736 2015-05-28] (WDKTestCert 1,130752733198717037 -> TOSHIBA)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-22] (Dynabook Inc. -> Dynabook Inc.)
R3 tosrfec; C:\WINDOWS\System32\drivers\tosrfec.sys [37808 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_4d5c54c80b005163\TosSrvCtlDrv.sys [25816 2021-02-22] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [421088 2021-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-05-03 20:41 - 2021-05-03 20:41 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-05-03 20:40 - 2021-05-03 20:40 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-05-03 20:40 - 2021-05-03 20:40 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-05-03 20:38 - 2021-05-03 20:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-05-03 20:29 - 2021-05-03 20:29 - 011096456 _____ (McAfee, Inc.) C:\Users\maeva\Desktop\MCPR.exe
2021-05-03 20:24 - 2021-05-03 20:24 - 000000000 ____D C:\ProgramData\McInstTemp0283831620066258
2021-05-03 18:06 - 2021-05-03 18:09 - 000048356 _____ C:\Users\maeva\Desktop\Addition.txt
2021-05-03 18:01 - 2021-05-03 20:54 - 000026387 _____ C:\Users\maeva\Desktop\FRST.txt
2021-05-03 08:20 - 2021-05-03 20:53 - 000000000 ____D C:\FRST
2021-05-03 08:16 - 2021-05-03 08:17 - 002298368 _____ (Farbar) C:\Users\maeva\Desktop\FRST64.exe
2021-05-01 18:08 - 2021-05-01 18:12 - 000000000 ____D C:\AdwCleaner
2021-05-01 18:07 - 2021-05-01 18:07 - 008534696 _____ (Malwarebytes) C:\Users\maeva\Downloads\adwcleaner_8.2.exe
2021-05-01 17:46 - 2021-05-01 17:46 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-01 17:46 - 2021-05-01 17:46 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-01 17:46 - 2021-05-01 17:46 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-01 17:46 - 2021-05-01 17:46 - 000000000 ____D C:\Users\maeva\AppData\Local\mbam
2021-05-01 17:45 - 2021-05-01 17:45 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-01 17:45 - 2021-05-01 17:45 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-05-01 17:45 - 2021-05-01 17:45 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-05-01 17:45 - 2021-05-01 17:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-05-01 17:44 - 2021-05-01 17:44 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-01 17:43 - 2021-05-01 17:44 - 002078632 _____ (Malwarebytes) C:\Users\maeva\Downloads\MBSetup.exe
2021-04-30 00:47 - 2021-04-30 00:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-04-22 05:19 - 2021-04-30 12:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-04-15 08:30 - 2021-04-15 08:30 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-04-15 08:28 - 2021-04-15 08:28 - 001823304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-04-15 08:27 - 2021-04-15 08:27 - 000231248 _____ C:\WINDOWS\system32\containerdevicemanagement.dll

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-05-03 20:44 - 2021-02-18 03:30 - 000004158 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{566ADE14-BF59-4E09-A5BE-CAFDD344912B}
2021-05-03 20:42 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-03 20:42 - 2015-09-12 23:14 - 000000000 __SHD C:\Users\maeva\IntelGraphicsProfiles
2021-05-03 20:41 - 2017-08-16 19:26 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-05-03 20:40 - 2021-02-18 03:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-05-03 20:39 - 2021-02-18 02:51 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-03 20:39 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-03 20:38 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-03 20:30 - 2016-11-16 17:56 - 000000000 ____D C:\Users\maeva\AppData\LocalLow\Mozilla
2021-05-03 20:26 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-05-03 20:24 - 2017-12-08 03:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-05-03 20:24 - 2015-10-30 08:28 - 000000000 ____D C:\Users\Default.migrated
2021-05-03 18:12 - 2015-01-20 18:05 - 000000000 ____D C:\ProgramData\Mozilla
2021-05-03 18:09 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-03 11:30 - 2019-10-05 21:07 - 000000000 ____D C:\Program Files\Microsoft Office
2021-05-03 04:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-03 04:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-05-01 17:54 - 2015-09-15 12:02 - 000000000 ____D C:\Users\maeva\AppData\LocalLow\Company
2021-05-01 13:39 - 2020-08-02 00:14 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-01 13:39 - 2020-08-02 00:14 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-04-30 12:48 - 2015-01-20 18:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-30 00:47 - 2015-01-20 18:05 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-29 21:52 - 2021-02-18 03:30 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2539059618-1822319508-3678612016-1001
2021-04-29 21:51 - 2021-02-18 03:00 - 000002452 _____ C:\Users\maeva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-29 21:51 - 2015-01-20 18:04 - 000000000 __RDO C:\Users\maeva\OneDrive
2021-04-29 19:50 - 2021-02-18 02:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-29 12:00 - 2020-10-01 00:20 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-04-27 13:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-04-27 07:15 - 2021-02-18 03:11 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-27 07:15 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-27 07:15 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-26 06:33 - 2021-03-05 02:27 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d70592c2c85e05
2021-04-26 06:33 - 2021-02-18 03:30 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-24 17:27 - 2019-02-11 13:19 - 000002147 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-04-21 07:28 - 2021-02-18 03:30 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-04-21 07:28 - 2021-02-18 03:30 - 000003494 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore1d0357aeff2171c
2021-04-18 17:39 - 2021-02-18 02:51 - 000688592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-04-18 17:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-04-15 08:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-04-15 08:26 - 2021-02-18 02:55 - 002877440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2021-04-15 07:33 - 2015-02-01 17:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-04-15 07:30 - 2015-02-01 17:25 - 131963968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-04-12 02:40 - 2017-12-14 00:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-07 19:25 - 2017-12-08 20:52 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-04-07 19:14 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Windows Defender

==================== Fichiers à la racine de certains dossiers ========

2020-01-22 23:11 - 2020-01-22 23:11 - 000000008 _____ () C:\Users\maeva\AppData\Roaming\com.silhouettesoftware.id
2021-02-25 13:14 - 2021-02-25 13:14 - 000001545 _____ () C:\Users\maeva\AppData\Local\recently-used.xbel
2017-02-05 23:35 - 2017-02-05 23:35 - 000000017 _____ () C:\Users\maeva\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================