Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021
Exécuté par user (administrateur) sur DESKTOP-21KSVAC (Dell Inc. Precision 7510) (20-04-2021 09:04:50)
Exécuté depuis C:\Users\user.DESKTOP-21KSVAC\OneDrive - Association Cesi Viacesi mail\Bureau
Profils chargés: user
Platform: Windows 10 Pro Version 2004 19041.804 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(Autodesk, Inc. -> Autodesk) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_7ed3bacbb0a8cc67\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lexmark International, Inc. -> ) C:\Program Files (x86)\Lexmark\ErrorApp\lmab1err.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <30>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Teams\current\Teams.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229592 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488664 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488664 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1070392 2019-10-08] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-3053335771-2016258822-3076255874-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3053335771-2016258822-3076255874-1001\...\Run: [LMab1err] => C:\Program Files (x86)\Lexmark\ErrorApp\LMab1err.exe [645736 2013-07-11] (Lexmark International, Inc. -> )
HKLM\...\Windows x64\Print Processors\hpcpp240: C:\Windows\System32\spool\prtprocs\x64\hpcpp240.dll [804488 2019-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\LMADXN4C: C:\Windows\System32\spool\prtprocs\x64\LMADXN4C.DLL [269312 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [127624 2019-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [315528 2019-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\LM_LMADXN: C:\WINDOWS\system32\LMADXNLANG.DLL [3059712 2013-07-31] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-03-13]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1A0F8BB7-082F-4389-852D-84F6E88C750B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {33FF86E5-3F58-4EC4-86C2-80C78C2299DB} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-25] () [Fichier non signé]
Task: {472719DB-A753-4E01-BD1C-124C7F0ABC8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {527BB875-4708-477A-B914-9AAB85AC795B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {996875B7-C1C9-4B1B-A85A-5F8E0C40A998} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {9FCB960F-A1A3-43F0-9D26-AB38699E5C19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61DB48D-00D6-4EE1-B4DD-50719A4DC886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF6D703C-E246-488A-9269-A2E5761C51F5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498000 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B60F7F98-F7B9-4655-A1C0-DF84A839FE53} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B96DDD64-EDD6-42D8-8FDE-22ED00782EAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9BC8EDE-FB3D-411A-86A2-9B0B87EE447E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA685A45-A2C5-4420-80C8-89F2282FE5A1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4061296 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5D9A3F-CF2F-43A2-8096-6D33EA7876FA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4BE87AE-52AC-42E7-88EF-C499D36A2AF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F652262E-43AB-47AE-8551-AF059AD3FCED} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{067d0918-650a-4a8e-b53c-39ffa299dc26}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
DownloadDir: C:\Users\user.DESKTOP-21KSVAC\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3053335771-2016258822-3076255874-1001 -> about:start
Edge DefaultProfile: Default
Edge Profile: C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-20]
Edge DownloadDir: C:\Users\user.DESKTOP-21KSVAC\Downloads
Edge Notifications: Default -> hxxps://ent.cesi.fr; hxxps://www.cnetfrance.fr
Edge HomePage: Default -> edge://newtab/
Edge Session Restore: Default -> est activé.
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: h1m3jxt5.default
FF ProfilePath: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\h1m3jxt5.default [2021-03-01]
FF ProfilePath: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\et6z9si2.default-release [2021-04-20]
FF Session Restore: Mozilla\Firefox\Profiles\et6z9si2.default-release -> est activé.
FF Extension: (Malwarebytes Browser Guard) - C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\et6z9si2.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-19]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-03-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-02] (HP Inc.) [Fichier non signé]
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-01] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-01] (Microsoft Windows -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-02] (HP Inc.) [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310552 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 akshasp; C:\WINDOWS\System32\drivers\akshasp.sys [69560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\System32\drivers\akshhl.sys [68536 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\System32\drivers\aksusb.sys [313784 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 bcmnfcusb; C:\WINDOWS\System32\drivers\bcmnfcusb.sys [54872 2017-05-25] (Broadcom Corporation -> Broadcom Corporation.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 DellRctl; C:\WINDOWS\System32\drivers\DellRctl.sys [42296 2017-02-28] (FPT USA Corp. -> )
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-09-16] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66368 2019-09-16] (VMware, Inc. -> VMware, Inc.)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2019-09-16] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
U4 npcap_wifi; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-20 09:04 - 2021-04-20 09:05 - 000000000 ____D C:\FRST
2021-04-20 08:52 - 2021-04-20 08:52 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-19 17:38 - 2021-04-19 17:43 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\ZHP
2021-04-19 17:38 - 2021-04-19 17:38 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\ZHP
2021-04-19 17:36 - 2021-04-19 17:38 - 003468440 _____ (Nicolas Coolman) C:\Users\user.DESKTOP-21KSVAC\Downloads\ZHPSuite (1).exe
2021-04-19 17:32 - 2021-04-19 17:32 - 003468440 _____ (Nicolas Coolman) C:\Users\user.DESKTOP-21KSVAC\Downloads\Non confirmé 822733.crdownload
2021-04-19 10:27 - 2021-04-19 10:27 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-19 10:27 - 2021-04-19 10:27 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-19 10:27 - 2021-04-19 10:27 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\mbam
2021-04-19 10:27 - 2021-04-19 10:26 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-19 10:27 - 2021-04-19 10:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-19 10:26 - 2021-04-19 10:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-19 10:24 - 2021-04-19 10:24 - 002078632 _____ (Malwarebytes) C:\Users\user.DESKTOP-21KSVAC\Downloads\MBSetup(1).exe
2021-04-19 10:24 - 2021-04-19 10:24 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-06 16:50 - 2021-04-06 16:50 - 002546726 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\Thèse_Damien_FRANCES_AMELIORATION_CONTINUE_GESTION_DE_PROJET_FINAL.pdf
2021-04-06 09:39 - 2021-04-06 09:39 - 000589528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-05 10:40 - 2021-04-05 10:40 - 001584669 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\grille-tarifaire-care-novembre-2020(1).pdf
2021-04-03 15:41 - 2021-04-03 15:42 - 013524420 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\noticerms1000-2000.pdf
2021-04-02 12:07 - 2021-04-02 12:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-03-28 09:41 - 2021-03-28 09:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-27 20:11 - 2021-03-30 18:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-24 11:16 - 2021-03-24 11:16 - 000207648 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\vp-41-21-chef-de-projet-utilisateurs-pmi-def(1).pdf
2021-03-24 10:50 - 2021-03-24 10:50 - 000207648 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\vp-41-21-chef-de-projet-utilisateurs-pmi-def.pdf
2021-03-22 10:47 - 2021-03-22 10:47 - 000000000 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\Resiliation.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-20 08:59 - 2021-03-01 14:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-20 08:58 - 2020-09-10 09:32 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\LocalLow\Mozilla
2021-04-20 08:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-04-20 08:56 - 2021-03-01 13:08 - 001779188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-20 08:56 - 2019-12-07 16:50 - 000797210 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-20 08:56 - 2019-12-07 16:50 - 000151850 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-20 08:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-20 08:53 - 2020-09-10 08:48 - 000000000 ___RD C:\Users\user.DESKTOP-21KSVAC\OneDrive
2021-04-20 08:52 - 2021-03-08 16:15 - 000000000 ____D C:\ProgramData\VMware
2021-04-20 08:52 - 2021-03-01 12:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-20 08:52 - 2021-03-01 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-20 08:52 - 2020-06-23 08:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-20 08:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-20 08:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-19 17:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-19 17:31 - 2021-03-01 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-19 11:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-19 11:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-19 10:35 - 2021-02-09 11:36 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\LocalLow\IGDump
2021-04-19 10:27 - 2021-02-09 11:34 - 000002021 _____ C:\ProgramData\Bureau\Malwarebytes.lnk
2021-04-19 10:27 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-19 09:44 - 2021-03-01 13:56 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-19 09:38 - 2020-11-18 12:51 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-19 09:38 - 2020-11-18 12:51 - 000002280 _____ C:\ProgramData\Bureau\Microsoft Edge.lnk
2021-04-11 09:07 - 2021-03-01 12:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-10 19:18 - 2021-03-01 13:16 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3053335771-2016258822-3076255874-1001
2021-04-10 19:18 - 2021-03-01 12:58 - 000002450 _____ C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-09 14:12 - 2021-03-01 15:06 - 000002443 _____ C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-06 09:39 - 2021-03-01 12:53 - 000000000 ____D C:\WINDOWS\Panther
2021-04-05 13:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-30 18:19 - 2021-03-01 14:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-28 13:42 - 2020-11-15 14:06 - 000000000 ____D C:\VueScan
2021-03-28 09:41 - 2021-03-01 14:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-24 15:19 - 2021-03-08 16:23 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\VMware
2021-03-24 14:50 - 2021-03-08 16:23 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\VMware
2021-03-24 14:50 - 2020-12-06 16:55 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\OneDrive - Association Cesi Viacesi mail\Documents\Virtual Machines
==================== Fichiers à la racine de certains dossiers ========
2021-03-03 17:11 - 2021-03-03 17:11 - 000000218 _____ () C:\Users\user.DESKTOP-21KSVAC\AppData\Local\recently-used.xbel
2021-03-03 11:00 - 2021-03-03 11:00 - 000000000 _____ () C:\Users\user.DESKTOP-21KSVAC\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par user (administrateur) sur DESKTOP-21KSVAC (Dell Inc. Precision 7510) (20-04-2021 09:04:50)
Exécuté depuis C:\Users\user.DESKTOP-21KSVAC\OneDrive - Association Cesi Viacesi mail\Bureau
Profils chargés: user
Platform: Windows 10 Pro Version 2004 19041.804 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe
(Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3>
(Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe
(Autodesk, Inc. -> Autodesk) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe
(Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe
(Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_7ed3bacbb0a8cc67\RstMwService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lexmark International, Inc. -> ) C:\Program Files (x86)\Lexmark\ErrorApp\lmab1err.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <30>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Teams\current\Teams.exe <8>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4>
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
(Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229592 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488664 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488664 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1070392 2019-10-08] (Autodesk, Inc. -> Autodesk)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-3053335771-2016258822-3076255874-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3053335771-2016258822-3076255874-1001\...\Run: [LMab1err] => C:\Program Files (x86)\Lexmark\ErrorApp\LMab1err.exe [645736 2013-07-11] (Lexmark International, Inc. -> )
HKLM\...\Windows x64\Print Processors\hpcpp240: C:\Windows\System32\spool\prtprocs\x64\hpcpp240.dll [804488 2019-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Windows x64\Print Processors\LMADXN4C: C:\Windows\System32\spool\prtprocs\x64\LMADXN4C.DLL [269312 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [127624 2019-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [315528 2019-11-15] (HP Inc. -> HP Inc.)
HKLM\...\Print\Monitors\LM_LMADXN: C:\WINDOWS\system32\LMADXNLANG.DLL [3059712 2013-07-31] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-03-13]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1A0F8BB7-082F-4389-852D-84F6E88C750B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {33FF86E5-3F58-4EC4-86C2-80C78C2299DB} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-25] () [Fichier non signé]
Task: {472719DB-A753-4E01-BD1C-124C7F0ABC8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {527BB875-4708-477A-B914-9AAB85AC795B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {996875B7-C1C9-4B1B-A85A-5F8E0C40A998} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-27] (Mozilla Corporation -> Mozilla Foundation)
Task: {9FCB960F-A1A3-43F0-9D26-AB38699E5C19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A61DB48D-00D6-4EE1-B4DD-50719A4DC886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF6D703C-E246-488A-9269-A2E5761C51F5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498000 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {B60F7F98-F7B9-4655-A1C0-DF84A839FE53} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {B96DDD64-EDD6-42D8-8FDE-22ED00782EAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9BC8EDE-FB3D-411A-86A2-9B0B87EE447E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {BA685A45-A2C5-4420-80C8-89F2282FE5A1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4061296 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {DD5D9A3F-CF2F-43A2-8096-6D33EA7876FA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {F4BE87AE-52AC-42E7-88EF-C499D36A2AF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {F652262E-43AB-47AE-8551-AF059AD3FCED} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{067d0918-650a-4a8e-b53c-39ffa299dc26}: [DhcpNameServer] 212.27.40.240 212.27.40.241
Edge:
=======
DownloadDir: C:\Users\user.DESKTOP-21KSVAC\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-3053335771-2016258822-3076255874-1001 -> about:start
Edge DefaultProfile: Default
Edge Profile: C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-20]
Edge DownloadDir: C:\Users\user.DESKTOP-21KSVAC\Downloads
Edge Notifications: Default -> hxxps://ent.cesi.fr; hxxps://www.cnetfrance.fr
Edge HomePage: Default -> edge://newtab/
Edge Session Restore: Default -> est activé.
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: h1m3jxt5.default
FF ProfilePath: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\h1m3jxt5.default [2021-03-01]
FF ProfilePath: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\et6z9si2.default-release [2021-04-20]
FF Session Restore: Mozilla\Firefox\Profiles\et6z9si2.default-release -> est activé.
FF Extension: (Malwarebytes Browser Guard) - C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\et6z9si2.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-19]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.)
R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-07] (Microsoft Corporation -> Microsoft Corporation)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-03-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> )
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-02] (HP Inc.) [Fichier non signé]
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-01] (Microsoft Windows -> Microsoft Corporation)
S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-01] (Microsoft Windows -> Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-02] (HP Inc.) [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310552 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-03-01] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 akshasp; C:\WINDOWS\System32\drivers\akshasp.sys [69560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 akshhl; C:\WINDOWS\System32\drivers\akshhl.sys [68536 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 aksusb; C:\WINDOWS\System32\drivers\aksusb.sys [313784 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.)
S3 bcmnfcusb; C:\WINDOWS\System32\drivers\bcmnfcusb.sys [54872 2017-05-25] (Broadcom Corporation -> Broadcom Corporation.)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.)
R3 DellRctl; C:\WINDOWS\System32\drivers\DellRctl.sys [42296 2017-02-28] (FPT USA Corp. -> )
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-20] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes)
R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-09-16] (VMware, Inc. -> VMware, Inc.)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66368 2019-09-16] (VMware, Inc. -> VMware, Inc.)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2019-09-16] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
U4 npcap_wifi; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-20 09:04 - 2021-04-20 09:05 - 000000000 ____D C:\FRST
2021-04-20 08:52 - 2021-04-20 08:52 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-04-19 17:38 - 2021-04-19 17:43 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\ZHP
2021-04-19 17:38 - 2021-04-19 17:38 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\ZHP
2021-04-19 17:36 - 2021-04-19 17:38 - 003468440 _____ (Nicolas Coolman) C:\Users\user.DESKTOP-21KSVAC\Downloads\ZHPSuite (1).exe
2021-04-19 17:32 - 2021-04-19 17:32 - 003468440 _____ (Nicolas Coolman) C:\Users\user.DESKTOP-21KSVAC\Downloads\Non confirmé 822733.crdownload
2021-04-19 10:27 - 2021-04-19 10:27 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-04-19 10:27 - 2021-04-19 10:27 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-04-19 10:27 - 2021-04-19 10:27 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\mbam
2021-04-19 10:27 - 2021-04-19 10:26 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-04-19 10:27 - 2021-04-19 10:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-04-19 10:26 - 2021-04-19 10:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-04-19 10:24 - 2021-04-19 10:24 - 002078632 _____ (Malwarebytes) C:\Users\user.DESKTOP-21KSVAC\Downloads\MBSetup(1).exe
2021-04-19 10:24 - 2021-04-19 10:24 - 000000000 ____D C:\Program Files\Malwarebytes
2021-04-06 16:50 - 2021-04-06 16:50 - 002546726 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\Thèse_Damien_FRANCES_AMELIORATION_CONTINUE_GESTION_DE_PROJET_FINAL.pdf
2021-04-06 09:39 - 2021-04-06 09:39 - 000589528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-04-05 10:40 - 2021-04-05 10:40 - 001584669 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\grille-tarifaire-care-novembre-2020(1).pdf
2021-04-03 15:41 - 2021-04-03 15:42 - 013524420 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\noticerms1000-2000.pdf
2021-04-02 12:07 - 2021-04-02 12:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-03-28 09:41 - 2021-03-28 09:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-03-27 20:11 - 2021-03-30 18:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-24 11:16 - 2021-03-24 11:16 - 000207648 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\vp-41-21-chef-de-projet-utilisateurs-pmi-def(1).pdf
2021-03-24 10:50 - 2021-03-24 10:50 - 000207648 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\vp-41-21-chef-de-projet-utilisateurs-pmi-def.pdf
2021-03-22 10:47 - 2021-03-22 10:47 - 000000000 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\Resiliation.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-04-20 08:59 - 2021-03-01 14:40 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-20 08:58 - 2020-09-10 09:32 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\LocalLow\Mozilla
2021-04-20 08:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-04-20 08:56 - 2021-03-01 13:08 - 001779188 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-04-20 08:56 - 2019-12-07 16:50 - 000797210 _____ C:\WINDOWS\system32\perfh00C.dat
2021-04-20 08:56 - 2019-12-07 16:50 - 000151850 _____ C:\WINDOWS\system32\perfc00C.dat
2021-04-20 08:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-04-20 08:53 - 2020-09-10 08:48 - 000000000 ___RD C:\Users\user.DESKTOP-21KSVAC\OneDrive
2021-04-20 08:52 - 2021-03-08 16:15 - 000000000 ____D C:\ProgramData\VMware
2021-04-20 08:52 - 2021-03-01 12:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-04-20 08:52 - 2021-03-01 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-04-20 08:52 - 2020-06-23 08:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-04-20 08:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-04-20 08:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-04-19 17:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-04-19 17:31 - 2021-03-01 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-04-19 11:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-04-19 11:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-04-19 10:35 - 2021-02-09 11:36 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\LocalLow\IGDump
2021-04-19 10:27 - 2021-02-09 11:34 - 000002021 _____ C:\ProgramData\Bureau\Malwarebytes.lnk
2021-04-19 10:27 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-04-19 09:44 - 2021-03-01 13:56 - 000000000 ____D C:\Program Files\Microsoft Office
2021-04-19 09:38 - 2020-11-18 12:51 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-19 09:38 - 2020-11-18 12:51 - 000002280 _____ C:\ProgramData\Bureau\Microsoft Edge.lnk
2021-04-11 09:07 - 2021-03-01 12:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-04-10 19:18 - 2021-03-01 13:16 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3053335771-2016258822-3076255874-1001
2021-04-10 19:18 - 2021-03-01 12:58 - 000002450 _____ C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-04-09 14:12 - 2021-03-01 15:06 - 000002443 _____ C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-04-06 09:39 - 2021-03-01 12:53 - 000000000 ____D C:\WINDOWS\Panther
2021-04-05 13:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-03-30 18:19 - 2021-03-01 14:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-03-28 13:42 - 2020-11-15 14:06 - 000000000 ____D C:\VueScan
2021-03-28 09:41 - 2021-03-01 14:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-03-24 15:19 - 2021-03-08 16:23 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\VMware
2021-03-24 14:50 - 2021-03-08 16:23 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\VMware
2021-03-24 14:50 - 2020-12-06 16:55 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\OneDrive - Association Cesi Viacesi mail\Documents\Virtual Machines
==================== Fichiers à la racine de certains dossiers ========
2021-03-03 17:11 - 2021-03-03 17:11 - 000000218 _____ () C:\Users\user.DESKTOP-21KSVAC\AppData\Local\recently-used.xbel
2021-03-03 11:00 - 2021-03-03 11:00 - 000000000 _____ () C:\Users\user.DESKTOP-21KSVAC\AppData\Local\zenmap.exe.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================