Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-06-2021
Exécuté par fnec (administrateur) sur DESKTOP-3Q917U0 (ASUSTeK COMPUTER INC. V241IC-R) (18-06-2021 12:43:20)
Exécuté depuis C:\Users\fnec\Desktop\Scan
Profils chargés: fnec
Platform: Windows 10 Home Version 2004 19041.1052 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBox.Agent.exe
(ASUSTek Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\ActionCenter.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\Integrator.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\DiskDefrag.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\TabCareCenter.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\TabReports.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\TabMakePortable.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\fnec\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\fnec\AppData\Local\slack\app-4.17.1\slack.exe <5>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ListenToDevice] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [Fichier non signé]
HKU\S-1-5-21-19921334-4119252529-242688907-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\fnec\AppData\Local\slack\slack.exe [308368 2021-06-08] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-19921334-4119252529-242688907-1002\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --profile-directory=Default --restore-last-session
HKLM\...\Print\Monitors\HP D911 Status Monitor: C:\WINDOWS\system32\hpinkstsD911LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-09-09]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {131C2BD2-5D4D-4C54-BAE6-CA6940076636} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1AA402B0-70C5-427D-B896-24663751353B} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {4827C971-10BC-49BE-8D03-1F4448015C95} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {67BDFFEC-4F8D-4018-93B1-C35E9ED35713} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BC7801E-1CCE-4665-8C76-674B78F7697E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CCD7DD2-E455-4BA9-82FC-F830D47FDBDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {85112CD1-BBAC-4549-AC6E-2EC1CE9DB374} - System32\Tasks\GoogleUpdateTaskMachineUA1d578235b9b46c8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {8C6DEFE9-775D-4AA9-9D66-BF0928D4FC3D} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [642448 2018-05-31] (ASUSTeK Computer Inc. -> )
Task: {98B4BE7A-6C4A-4BDB-A305-469C3185E441} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [75776 2017-10-24] (ASUS) [Fichier non signé]
Task: {A6552D62-01AE-4CDB-8F4F-870FA355EAA4} - System32\Tasks\ASUSTeK_TASK\ASUS Key Suite Helper => C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe [2451416 2017-08-29] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {A9D7871D-5089-4F07-BBAA-27BEA7D4B8F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {DEE5CAD7-C5A2-41C3-A6D0-B654539E6D6C} - System32\Tasks\GoogleUpdateTaskMachineCore1d578235b8e008c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {E9133044-0479-4E3F-8D76-6ACDE4D83B7E} - System32\Tasks\Auslogics\Disk Defrag\Start Disk Defrag on fnec logon => C:\Program Files (x86)\Auslogics\Disk Defrag\Integrator.exe [3622712 2021-02-10] (Auslogics Labs Pty Ltd -> Auslogics)
Task: {FA57ABB4-F10C-4293-81CC-8A42B164E9BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b70e0169-178a-40cc-8cec-10666bf435ae}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d5e8bac5-f171-4171-a8f9-cc0704f79ab3}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\fnec\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\fnec\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-18]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-06-11] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default [2021-06-18]
CHR DownloadDir: C:\Users\fnec\Desktop\Scan
CHR Notifications: Default -> hxxps://app.slack.com; hxxps://cookeojbh.fr; hxxps://mail.infomaniak.com; hxxps://meet.google.com; hxxps://web.skype.com; hxxps://www.castorama.fr; hxxps://www.deco.fr; hxxps://www.detentejardin.com; hxxps://www.mercotte.fr; hxxps://www.mycake.fr; hxxps://www.papillesetpupilles.fr; hxxps://www.pinterest.fr; hxxps://www.ricardocuisine.com; hxxps://www.rustica.fr
CHR NewTab: Default -> Not-active:"chrome-extension://dmpghkabedbjaabdjfchnafeciefnjnk/ntp.html"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR885G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-26]
CHR Extension: (Google Drive) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (EasyPDFCombine) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmpghkabedbjaabdjfchnafeciefnjnk [2020-06-04]
CHR Extension: (Sheets) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Ask Web Search) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\omjeicefamlpggmliloijcgjcmlagfmb [2020-08-19]
CHR Extension: (Recettes de pâtisserie) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnpbdegnlkgpokpadjcpcjggpdnedjd [2020-11-19]
CHR Extension: (Chrome Media Router) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR Profile: C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-10]
CHR Profile: C:\Users\fnec\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-03-09] (philandro Software GmbH -> philandro Software GmbH)
S2 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [325456 2018-06-12] (ASUSTek Computer Inc. -> )
R2 GiftBox.Service; C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe [302416 2018-06-29] (ASUSTek Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-14] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [973072 2021-06-11] (McAfee, LLC -> McAfee, LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\3.1.233.0\\McCSPServiceHost.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK WMIACPI\atkwmiacpi64.sys [19768 2013-07-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-14] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-18 12:42 - 2021-06-18 12:44 - 000000000 ____D C:\FRST
2021-06-16 12:32 - 2021-06-16 17:49 - 000026979 _____ C:\Users\fnec\Desktop\programme de formation BENYOUNES Nesrine 30 heures.odt
2021-06-16 11:42 - 2021-06-16 12:06 - 000013154 _____ C:\Users\fnec\Desktop\Attestation Présence BENYOUNES Nesrine.odt
2021-06-14 16:44 - 2021-06-14 16:44 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-14 16:44 - 2021-06-14 16:44 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-14 16:44 - 2021-06-14 16:44 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-14 16:44 - 2021-06-14 16:44 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-14 16:44 - 2021-06-14 16:44 - 000000000 ____D C:\Users\fnec\AppData\Local\mbam
2021-06-14 16:43 - 2021-06-14 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Auslogics
2021-06-14 16:43 - 2021-06-14 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2021-06-14 16:43 - 2021-06-14 16:43 - 000000000 ____D C:\Program Files (x86)\Auslogics
2021-06-14 16:43 - 2021-06-14 16:42 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-14 16:43 - 2021-06-14 16:42 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-14 16:43 - 2021-05-21 18:10 - 000002248 _____ C:\Users\fnec\Desktop\Auslogics Disk Defrag.lnk
2021-06-14 16:42 - 2021-06-14 16:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-14 16:42 - 2021-06-14 16:42 - 000000000 ____D C:\ProgramData\Auslogics
2021-06-14 16:41 - 2021-06-14 16:41 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-10 09:55 - 2021-06-10 09:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-10 09:55 - 2021-06-10 09:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-10 09:55 - 2021-06-10 09:55 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-10 09:55 - 2021-06-10 09:55 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-10 09:54 - 2021-06-10 09:54 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-10 09:54 - 2021-06-10 09:54 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-10 09:53 - 2021-06-10 09:53 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-10 09:53 - 2021-06-10 09:53 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-10 09:53 - 2021-06-10 09:53 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-10 09:53 - 2021-06-10 09:53 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-10 09:51 - 2021-06-10 09:51 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-10 09:51 - 2021-06-10 09:51 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-10 09:49 - 2021-06-10 09:49 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-10 09:49 - 2021-06-10 09:49 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-10 09:49 - 2021-06-10 09:49 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-10 09:48 - 2021-06-10 09:48 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-10 09:48 - 2021-06-10 09:48 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-10 09:48 - 2021-06-10 09:48 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-07 17:41 - 2021-06-07 17:41 - 000176427 _____ C:\Users\fnec\Downloads\LANOUX BS MAI.pdf
2021-06-07 16:24 - 2021-06-07 16:24 - 000104904 _____ C:\Users\fnec\Downloads\Reconnaissance de dette Stéphane.pdf
2021-06-07 15:31 - 2021-06-07 15:35 - 000012902 _____ C:\Users\fnec\Desktop\reconnaissance de dette Stéphane.odt
2021-06-07 15:16 - 2021-06-07 15:16 - 000101786 _____ C:\Users\fnec\Desktop\GODARD BS MAI 2021.pdf
2021-06-04 17:52 - 2021-06-08 16:14 - 000015454 _____ C:\Users\fnec\Desktop\FACTURE BERTHIER Magali 457.odt
2021-06-04 16:08 - 2021-06-04 16:13 - 000012988 _____ C:\Users\fnec\Desktop\Attestation Présence BERTHIER Magali.odt
2021-05-31 12:46 - 2021-05-31 12:51 - 000015324 _____ C:\Users\fnec\Desktop\DEVIS DIALLO.odt
2021-05-25 12:21 - 2021-05-25 12:21 - 000012925 _____ C:\Users\fnec\Desktop\evaluation pascal.ods
2021-05-21 10:45 - 2021-05-21 15:52 - 000014299 _____ C:\Users\fnec\Desktop\A ttestation d'inscription PANZA William.odt
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-18 12:47 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Roaming\Slack
2021-06-18 12:43 - 2019-05-13 09:02 - 000000000 ____D C:\Users\fnec\Desktop\Scan
2021-06-18 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-18 12:36 - 2021-02-10 21:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-18 08:31 - 2020-09-30 08:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-18 08:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-18 08:27 - 2019-04-26 10:38 - 000000359 _____ C:\Users\fnec\AppData\Roaming\sp_data.sys
2021-06-18 08:25 - 2019-04-26 10:36 - 000000000 __SHD C:\Users\fnec\IntelGraphicsProfiles
2021-06-17 10:36 - 2021-05-10 16:33 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 10:36 - 2021-05-10 16:33 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-16 09:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-16 09:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-15 08:30 - 2021-02-10 21:23 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-15 08:30 - 2019-12-07 16:49 - 000793234 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-15 08:30 - 2019-12-07 16:49 - 000150384 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-15 08:29 - 2021-02-10 21:49 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-19921334-4119252529-242688907-1001
2021-06-15 08:29 - 2021-02-10 21:11 - 000002443 _____ C:\Users\fnec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-15 08:29 - 2019-04-26 10:39 - 000000000 ___RD C:\Users\fnec\OneDrive
2021-06-15 08:25 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-15 08:24 - 2021-02-10 21:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-15 08:24 - 2021-02-10 21:04 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-15 08:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-14 18:32 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-14 18:27 - 2021-02-10 21:04 - 000293720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-14 16:43 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-14 09:35 - 2018-05-14 22:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-14 08:38 - 2020-07-07 08:07 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-14 08:38 - 2020-07-07 08:07 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-10 17:47 - 2019-05-03 14:28 - 000000000 ____D C:\Users\fnec\Desktop\Rnseignement rentrée
2021-06-10 10:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-10 08:48 - 2019-04-26 10:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-10 08:44 - 2019-04-26 10:53 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-08 08:43 - 2020-09-02 12:59 - 000002239 _____ C:\Users\fnec\Desktop\Slack.lnk
2021-06-08 08:43 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-06-08 08:43 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Local\SquirrelTemp
2021-06-08 08:43 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Local\slack
2021-06-02 19:40 - 2019-04-26 10:36 - 000000000 ____D C:\Users\fnec\AppData\Local\Packages
2021-06-01 19:37 - 2019-09-10 13:17 - 000000000 ___RD C:\Users\fnec\Desktop\DEVIS
2021-05-31 18:40 - 2021-02-10 21:11 - 000000000 ____D C:\Users\fnec
2021-05-25 07:48 - 2020-09-30 08:40 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-05-25 07:48 - 2020-02-19 09:12 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
==================== Fichiers à la racine de certains dossiers ========
2019-04-26 10:38 - 2021-06-18 08:27 - 000000359 _____ () C:\Users\fnec\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par fnec (administrateur) sur DESKTOP-3Q917U0 (ASUSTeK COMPUTER INC. V241IC-R) (18-06-2021 12:43:20)
Exécuté depuis C:\Users\fnec\Desktop\Scan
Profils chargés: fnec
Platform: Windows 10 Home Version 2004 19041.1052 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(ASUS) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe
(ASUSTek Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBox.Agent.exe
(ASUSTek Computer Inc. -> ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe
(ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.) C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\ActionCenter.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\Integrator.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\DiskDefrag.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\TabCareCenter.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\TabReports.exe
(Auslogics Labs Pty Ltd -> Auslogics) C:\Program Files (x86)\Auslogics\Disk Defrag\TabMakePortable.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <22>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\igfxext.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_31ba00ea6900d67d\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\fnec\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12104.1001.1.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe
(philandro Software GmbH -> philandro Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Slack Technologies, Inc. -> Slack Technologies Inc.) C:\Users\fnec\AppData\Local\slack\app-4.17.1\slack.exe <5>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_ListenToDevice] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1493984 2017-10-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [SN02IPRW] => C:\Windows\SysWOW64\SN02SELC.EXE [135168 2005-02-15] (SHARP CORPORATION) [Fichier non signé]
HKU\S-1-5-21-19921334-4119252529-242688907-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\fnec\AppData\Local\slack\slack.exe [308368 2021-06-08] (Slack Technologies, Inc. -> Slack Technologies Inc.)
HKU\S-1-5-21-19921334-4119252529-242688907-1002\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --profile-directory=Default --restore-last-session
HKLM\...\Print\Monitors\HP D911 Status Monitor: C:\WINDOWS\system32\hpinkstsD911LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\91.0.4472.106\Installer\chrmstp.exe [2021-06-17] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2020-09-09]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> philandro Software GmbH)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {131C2BD2-5D4D-4C54-BAE6-CA6940076636} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1AA402B0-70C5-427D-B896-24663751353B} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [143160 2019-03-12] (ASUSTek Computer Inc. -> ASUSTek Computer Inc.)
Task: {4827C971-10BC-49BE-8D03-1F4448015C95} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {67BDFFEC-4F8D-4018-93B1-C35E9ED35713} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6BC7801E-1CCE-4665-8C76-674B78F7697E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6CCD7DD2-E455-4BA9-82FC-F830D47FDBDF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {85112CD1-BBAC-4549-AC6E-2EC1CE9DB374} - System32\Tasks\GoogleUpdateTaskMachineUA1d578235b9b46c8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {8C6DEFE9-775D-4AA9-9D66-BF0928D4FC3D} - System32\Tasks\ASUS Hello => C:\Program Files (x86)\ASUS\ASUS Hello\ASUSHelloBG.exe [642448 2018-05-31] (ASUSTeK Computer Inc. -> )
Task: {98B4BE7A-6C4A-4BDB-A305-469C3185E441} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [75776 2017-10-24] (ASUS) [Fichier non signé]
Task: {A6552D62-01AE-4CDB-8F4F-870FA355EAA4} - System32\Tasks\ASUSTeK_TASK\ASUS Key Suite Helper => C:\Program Files (x86)\ASUS\ASUS Key Suite\AsKeySuite.exe [2451416 2017-08-29] (ASUSTeK Computer Inc. -> ASUSTeK COMPUTER INC.)
Task: {A9D7871D-5089-4F07-BBAA-27BEA7D4B8F6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {DEE5CAD7-C5A2-41C3-A6D0-B654539E6D6C} - System32\Tasks\GoogleUpdateTaskMachineCore1d578235b8e008c => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-26] (Google Inc -> Google LLC)
Task: {E9133044-0479-4E3F-8D76-6ACDE4D83B7E} - System32\Tasks\Auslogics\Disk Defrag\Start Disk Defrag on fnec logon => C:\Program Files (x86)\Auslogics\Disk Defrag\Integrator.exe [3622712 2021-02-10] (Auslogics Labs Pty Ltd -> Auslogics)
Task: {FA57ABB4-F10C-4293-81CC-8A42B164E9BE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MpCmdRun.exe [644888 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b70e0169-178a-40cc-8cec-10666bf435ae}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d5e8bac5-f171-4171-a8f9-cc0704f79ab3}: [DhcpNameServer] 192.168.1.1
Edge:
=======
DownloadDir: C:\Users\fnec\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\fnec\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-18]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2021-06-11] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default [2021-06-18]
CHR DownloadDir: C:\Users\fnec\Desktop\Scan
CHR Notifications: Default -> hxxps://app.slack.com; hxxps://cookeojbh.fr; hxxps://mail.infomaniak.com; hxxps://meet.google.com; hxxps://web.skype.com; hxxps://www.castorama.fr; hxxps://www.deco.fr; hxxps://www.detentejardin.com; hxxps://www.mercotte.fr; hxxps://www.mycake.fr; hxxps://www.papillesetpupilles.fr; hxxps://www.pinterest.fr; hxxps://www.ricardocuisine.com; hxxps://www.rustica.fr
CHR NewTab: Default -> Not-active:"chrome-extension://dmpghkabedbjaabdjfchnafeciefnjnk/ntp.html"
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E210FR885G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-26]
CHR Extension: (Google Drive) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-22]
CHR Extension: (EasyPDFCombine) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmpghkabedbjaabdjfchnafeciefnjnk [2020-06-04]
CHR Extension: (Sheets) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Ask Web Search) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\omjeicefamlpggmliloijcgjcmlagfmb [2020-08-19]
CHR Extension: (Recettes de pâtisserie) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnpbdegnlkgpokpadjcpcjggpdnedjd [2020-11-19]
CHR Extension: (Chrome Media Router) - C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-04]
CHR Profile: C:\Users\fnec\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-05-10]
CHR Profile: C:\Users\fnec\AppData\Local\Google\Chrome\User Data\System Profile [2020-05-10]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3743464 2021-03-09] (philandro Software GmbH -> philandro Software GmbH)
S2 DevActSvc; C:\Program Files (x86)\ASUS\ASUS Device Activation\DevActSvc.exe [325456 2018-06-12] (ASUSTek Computer Inc. -> )
R2 GiftBox.Service; C:\Program Files (x86)\ASUS\ASUS GiftBox Service\GiftBoxService.exe [302416 2018-06-29] (ASUSTek Computer Inc. -> ASUSTeK Computer Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-14] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [973072 2021-06-11] (McAfee, LLC -> McAfee, LLC)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\NisSrv.exe [2644776 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2105.5-0\MsMpEng.exe [136656 2021-06-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\3.1.233.0\\McCSPServiceHost.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 ATKWMIACPIIO; C:\Program Files (x86)\ASUS\ATK WMIACPI\atkwmiacpi64.sys [19768 2013-07-03] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-14] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-14] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-06-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425184 2021-06-14] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76000 2021-06-14] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-18 12:42 - 2021-06-18 12:44 - 000000000 ____D C:\FRST
2021-06-16 12:32 - 2021-06-16 17:49 - 000026979 _____ C:\Users\fnec\Desktop\programme de formation BENYOUNES Nesrine 30 heures.odt
2021-06-16 11:42 - 2021-06-16 12:06 - 000013154 _____ C:\Users\fnec\Desktop\Attestation Présence BENYOUNES Nesrine.odt
2021-06-14 16:44 - 2021-06-14 16:44 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-06-14 16:44 - 2021-06-14 16:44 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-06-14 16:44 - 2021-06-14 16:44 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-06-14 16:44 - 2021-06-14 16:44 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-06-14 16:44 - 2021-06-14 16:44 - 000000000 ____D C:\Users\fnec\AppData\Local\mbam
2021-06-14 16:43 - 2021-06-14 16:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Auslogics
2021-06-14 16:43 - 2021-06-14 16:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2021-06-14 16:43 - 2021-06-14 16:43 - 000000000 ____D C:\Program Files (x86)\Auslogics
2021-06-14 16:43 - 2021-06-14 16:42 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-06-14 16:43 - 2021-06-14 16:42 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-06-14 16:43 - 2021-05-21 18:10 - 000002248 _____ C:\Users\fnec\Desktop\Auslogics Disk Defrag.lnk
2021-06-14 16:42 - 2021-06-14 16:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-06-14 16:42 - 2021-06-14 16:42 - 000000000 ____D C:\ProgramData\Auslogics
2021-06-14 16:41 - 2021-06-14 16:41 - 000000000 ____D C:\Program Files\Malwarebytes
2021-06-10 09:55 - 2021-06-10 09:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-06-10 09:55 - 2021-06-10 09:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-06-10 09:55 - 2021-06-10 09:55 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-06-10 09:55 - 2021-06-10 09:55 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-06-10 09:54 - 2021-06-10 09:54 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-06-10 09:54 - 2021-06-10 09:54 - 000011353 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-06-10 09:53 - 2021-06-10 09:53 - 001864192 _____ (The ICU Project) C:\WINDOWS\SysWOW64\icu.dll
2021-06-10 09:53 - 2021-06-10 09:53 - 000468440 _____ C:\WINDOWS\SysWOW64\WindowManagementAPI.dll
2021-06-10 09:53 - 2021-06-10 09:53 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-06-10 09:53 - 2021-06-10 09:53 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-06-10 09:51 - 2021-06-10 09:51 - 001823792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-06-10 09:51 - 2021-06-10 09:51 - 001393496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-06-10 09:49 - 2021-06-10 09:49 - 002260480 _____ (The ICU Project) C:\WINDOWS\system32\icu.dll
2021-06-10 09:49 - 2021-06-10 09:49 - 000657464 _____ C:\WINDOWS\system32\WindowManagementAPI.dll
2021-06-10 09:49 - 2021-06-10 09:49 - 000097280 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-06-10 09:48 - 2021-06-10 09:48 - 000563712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-06-10 09:48 - 2021-06-10 09:48 - 000287232 _____ C:\WINDOWS\system32\CoreMas.dll
2021-06-10 09:48 - 2021-06-10 09:48 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-06-07 17:41 - 2021-06-07 17:41 - 000176427 _____ C:\Users\fnec\Downloads\LANOUX BS MAI.pdf
2021-06-07 16:24 - 2021-06-07 16:24 - 000104904 _____ C:\Users\fnec\Downloads\Reconnaissance de dette Stéphane.pdf
2021-06-07 15:31 - 2021-06-07 15:35 - 000012902 _____ C:\Users\fnec\Desktop\reconnaissance de dette Stéphane.odt
2021-06-07 15:16 - 2021-06-07 15:16 - 000101786 _____ C:\Users\fnec\Desktop\GODARD BS MAI 2021.pdf
2021-06-04 17:52 - 2021-06-08 16:14 - 000015454 _____ C:\Users\fnec\Desktop\FACTURE BERTHIER Magali 457.odt
2021-06-04 16:08 - 2021-06-04 16:13 - 000012988 _____ C:\Users\fnec\Desktop\Attestation Présence BERTHIER Magali.odt
2021-05-31 12:46 - 2021-05-31 12:51 - 000015324 _____ C:\Users\fnec\Desktop\DEVIS DIALLO.odt
2021-05-25 12:21 - 2021-05-25 12:21 - 000012925 _____ C:\Users\fnec\Desktop\evaluation pascal.ods
2021-05-21 10:45 - 2021-05-21 15:52 - 000014299 _____ C:\Users\fnec\Desktop\A ttestation d'inscription PANZA William.odt
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-06-18 12:47 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Roaming\Slack
2021-06-18 12:43 - 2019-05-13 09:02 - 000000000 ____D C:\Users\fnec\Desktop\Scan
2021-06-18 12:39 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-18 12:36 - 2021-02-10 21:04 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-18 08:31 - 2020-09-30 08:40 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-06-18 08:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-18 08:27 - 2019-04-26 10:38 - 000000359 _____ C:\Users\fnec\AppData\Roaming\sp_data.sys
2021-06-18 08:25 - 2019-04-26 10:36 - 000000000 __SHD C:\Users\fnec\IntelGraphicsProfiles
2021-06-17 10:36 - 2021-05-10 16:33 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-06-17 10:36 - 2021-05-10 16:33 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-06-16 09:04 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-06-16 09:01 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-06-15 08:30 - 2021-02-10 21:23 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-06-15 08:30 - 2019-12-07 16:49 - 000793234 _____ C:\WINDOWS\system32\perfh00C.dat
2021-06-15 08:30 - 2019-12-07 16:49 - 000150384 _____ C:\WINDOWS\system32\perfc00C.dat
2021-06-15 08:29 - 2021-02-10 21:49 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-19921334-4119252529-242688907-1001
2021-06-15 08:29 - 2021-02-10 21:11 - 000002443 _____ C:\Users\fnec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-15 08:29 - 2019-04-26 10:39 - 000000000 ___RD C:\Users\fnec\OneDrive
2021-06-15 08:25 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-06-15 08:24 - 2021-02-10 21:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-15 08:24 - 2021-02-10 21:04 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-15 08:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-14 18:32 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-06-14 18:27 - 2021-02-10 21:04 - 000293720 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-06-14 18:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-06-14 16:43 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-06-14 09:35 - 2018-05-14 22:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-06-14 08:38 - 2020-07-07 08:07 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-06-14 08:38 - 2020-07-07 08:07 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-06-10 17:47 - 2019-05-03 14:28 - 000000000 ____D C:\Users\fnec\Desktop\Rnseignement rentrée
2021-06-10 10:11 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-06-10 08:48 - 2019-04-26 10:54 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-06-10 08:44 - 2019-04-26 10:53 - 132447432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-06-08 08:43 - 2020-09-02 12:59 - 000002239 _____ C:\Users\fnec\Desktop\Slack.lnk
2021-06-08 08:43 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Slack Technologies Inc
2021-06-08 08:43 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Local\SquirrelTemp
2021-06-08 08:43 - 2020-09-02 12:59 - 000000000 ____D C:\Users\fnec\AppData\Local\slack
2021-06-02 19:40 - 2019-04-26 10:36 - 000000000 ____D C:\Users\fnec\AppData\Local\Packages
2021-06-01 19:37 - 2019-09-10 13:17 - 000000000 ___RD C:\Users\fnec\Desktop\DEVIS
2021-05-31 18:40 - 2021-02-10 21:11 - 000000000 ____D C:\Users\fnec
2021-05-25 07:48 - 2020-09-30 08:40 - 000470328 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-05-25 07:48 - 2020-02-19 09:12 - 000725304 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
==================== Fichiers à la racine de certains dossiers ========
2019-04-26 10:38 - 2021-06-18 08:27 - 000000359 _____ () C:\Users\fnec\AppData\Roaming\sp_data.sys
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================