Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-10-2021
Exécuté par mamie (administrateur) sur LAPTOP-DDLJ20L7 (Acer Aspire A317-33) (10-10-2021 13:03:29)
Exécuté depuis C:\Users\mamie\Downloads
Profils chargés: mamie
Platform: Microsoft Windows 10 Famille Version 20H2 19042.1237 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(GoTrustID Inc -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(GOTrustID Inc.) [Fichier non signé] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3c43114c92103b1a\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxextN.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.8.62\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.8.62\nsWscSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe <2>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe [1259872 2021-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1812220801-2207553701-1386832641-1001\...\Run: [MicrosoftEdgeAutoLaunch_F8339EE473C67237A36D1EF7DE9CE30B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0D3AC168-A2BA-4807-A1D4-70CA28A628AE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15F3FE05-2C04-4DBF-B569-23C0D14FFA56} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-11-10] (Acer Incorporated -> Acer Incorporated)
Task: {204041E5-F671-4C0A-BE79-51086CE92C81} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-11-10] (Acer Incorporated -> Acer Incorporated)
Task: {2EC6DA4E-73DA-440E-8848-B1CB14CCCC3B} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2020-09-18] (Acer Incorporated -> Microsoft)
Task: {347FB84D-EC04-4E69-BA5A-C4078A21570F} - System32\Tasks\AcerCMUpdateTask2.1.20250 => C:\Program Files (x86)\Acer\Amundsen\2.1.20250\AWC.exe [153128 2020-09-02] (Acer Incorporated -> )
Task: {3D52AA56-F863-4930-A91B-C13A455305AD} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> )
Task: {5C8BDE0C-B42E-490E-B01B-9084C481D811} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FE93FB8-D98F-4A72-A843-1FBF73CCE6E3} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2352488 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {669304D2-3230-49C8-A245-F81BE8AE2492} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> )
Task: {677F099F-F310-4207-83E3-02CAD1115796} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-11-06] (Acer Incorporated -> Acer Incorporated)
Task: {73707369-4CEA-4B5B-86DA-E16CF4C8D093} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {815DDEDB-D3A0-4220-A82F-D75DB16481F7} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {924D7CCE-EFE8-4203-9B75-90EE2BF00057} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> )
Task: {969E0AA2-8849-4F47-BD59-7A878506EFC6} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-11-18] (Acer Incorporated -> Acer Incorporated)
Task: {A9D390DB-381A-49C4-A36A-7B3B6BBFF864} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.8.62\WSCStub.exe [646520 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {B34BF9F9-BDE1-4727-AA1A-BAFDBE8E24D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF0F320E-780A-476E-9F52-5471EDF2FB77} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.8.62\SymErr.exe [108752 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {C08813E4-C08D-4E9B-B399-44F3CDDF90F0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C72EE997-7C05-4CC7-A136-D3A365AE48BD} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-11-18] (Acer Incorporated -> Acer Incorporated)
Task: {D7833844-CBA2-487A-A1D4-DB2D4E7107E5} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {DCDDC966-FD43-4DA6-9509-CF3619A49DD7} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.21.8.62\SymErr.exe [108752 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {EFF2FE39-B6AB-4A34-9B26-AF9543DEEA3B} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.21.8.62\SymErr.exe [108752 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{09ad9af3-e94c-449b-adb5-df301869508c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc12824e-e455-403c-ad94-bc9b60234e83}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\mamie\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-10]
Edge Notifications: Default -> hxxps://investmentguru.com; hxxps://www.facebook.com
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 1baay4hv.default
FF ProfilePath: C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\1baay4hv.default [2021-05-26]
FF ProfilePath: C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\7mtzx4hr.default-release [2021-10-10]
FF Extension: (Français Language Pack) - C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\7mtzx4hr.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-10-09]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\7mtzx4hr.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-10-10]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Français Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org.xpi [2020-09-15]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-10-09] []
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [Fichier non signé]
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7801016 2021-10-09] (Malwarebytes Inc -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.8.62\NortonSecurity.exe [343336 2021-09-02] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.8.62\nsWscSvc.exe [1058664 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-11-10] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-11-10] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [342568 2020-11-18] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20210721.013\BHDrvx64.sys [1995864 2021-05-25] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1615080.03E\ccSetx64.sys [192256 2021-09-02] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-05-29] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-06-07] (Symantec Corporation -> Broadcom)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20210723.061\IDSvia64.sys [1488976 2021-05-28] (Symantec Corporation -> Broadcom)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210344 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193448 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-10-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [149424 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1615080.03E\nsvst.sys [56080 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1615080.03E\SRTSP64.SYS [892616 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1615080.03E\SRTSPX64.SYS [48848 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1615080.03E\SYMEFASI64.SYS [2059968 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1615080.03E\SymELAM.sys [31992 2021-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1615080.03E\Ironx64.SYS [319192 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1615080.03E\symnets.sys [575344 2021-09-02] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2021-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [434424 2021-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1615080.03E\wpCtrlDrv.sys [1015760 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-10 13:03 - 2021-10-10 13:07 - 000018477 _____ C:\Users\mamie\Downloads\FRST.txt
2021-10-10 13:01 - 2021-10-10 13:05 - 000000000 ____D C:\FRST
2021-10-10 12:49 - 2021-10-10 12:49 - 002310144 _____ (Farbar) C:\Users\mamie\Downloads\FRST64.exe
2021-10-10 11:31 - 2021-10-10 11:31 - 000001527 _____ C:\Users\mamie\Desktop\malware.txt
2021-10-09 10:09 - 2021-10-09 10:09 - 000300400 _____ C:\Users\mamie\Desktop\ZHPDiag.html
2021-10-09 09:52 - 2021-10-09 09:52 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-10-09 09:51 - 2021-10-09 09:51 - 000193448 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-10-09 09:51 - 2021-10-09 09:51 - 000149424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-10-09 09:51 - 2021-10-09 09:51 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-09 09:51 - 2021-10-09 09:51 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-10-09 09:51 - 2021-10-09 09:51 - 000000000 ____D C:\Users\mamie\AppData\Local\mbam
2021-10-09 09:50 - 2021-10-09 09:50 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-10-09 09:50 - 2021-10-09 09:50 - 000210344 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-10-09 09:50 - 2021-10-09 09:49 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-10-09 09:50 - 2021-10-09 09:49 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-10-09 09:49 - 2021-10-09 09:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-10-09 09:48 - 2021-10-09 09:48 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-09 09:47 - 2021-10-09 09:47 - 002101944 _____ (Malwarebytes) C:\Users\mamie\Downloads\MBSetup.exe
2021-10-09 09:43 - 2021-10-09 09:43 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-10-09 09:42 - 2021-10-09 09:41 - 000009589 _____ C:\Users\mamie\Desktop\ZHPCleaner (R).html
2021-10-09 09:41 - 2021-10-09 09:41 - 000003203 _____ C:\Users\mamie\Desktop\ZHPCleaner (R).txt
2021-10-09 09:38 - 2021-10-09 09:44 - 000000000 ____D C:\AdwCleaner
2021-10-09 09:37 - 2021-10-09 09:37 - 008553680 _____ (Malwarebytes) C:\Users\mamie\Downloads\adwcleaner_8.3.0.exe
2021-10-09 09:37 - 2021-10-09 09:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-09 09:35 - 2021-10-09 09:35 - 000009273 _____ C:\Users\mamie\Desktop\ZHPCleaner (S).html
2021-10-09 09:35 - 2021-10-09 09:35 - 000002996 _____ C:\Users\mamie\Desktop\ZHPCleaner (S).txt
2021-10-09 09:19 - 2021-10-09 09:19 - 000000879 _____ C:\Users\mamie\Desktop\ZHPCleaner.lnk
2021-10-09 09:18 - 2021-10-09 09:18 - 003289752 _____ (Nicolas Coolman) C:\Users\mamie\Downloads\ZHPCleaner.exe
2021-10-08 20:44 - 2021-10-09 10:09 - 000244629 _____ C:\Users\mamie\Desktop\ZHPDiag.txt
2021-10-08 20:23 - 2021-10-09 10:09 - 000000000 ____D C:\Users\mamie\AppData\Roaming\ZHP
2021-10-08 20:23 - 2021-10-09 09:19 - 000000000 ____D C:\Users\mamie\AppData\Local\ZHP
2021-10-08 20:23 - 2021-10-08 20:35 - 000000869 _____ C:\Users\mamie\Desktop\ZHPSuite.lnk
2021-10-08 20:22 - 2021-10-08 20:22 - 003476120 _____ (Nicolas Coolman) C:\Users\mamie\Downloads\ZHPSuite.exe
2021-10-08 20:07 - 2021-10-08 20:07 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2021-09-23 10:43 - 2021-10-02 10:57 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security Ultra
2021-09-22 18:05 - 2021-09-22 18:05 - 000003376 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2021-09-22 18:05 - 2021-09-22 18:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-09-15 14:13 - 2021-09-15 14:13 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-15 14:05 - 2021-09-15 14:05 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-15 14:03 - 2021-09-15 14:03 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-15 14:02 - 2021-09-15 14:02 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-15 14:02 - 2021-09-15 14:02 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-15 14:02 - 2021-09-15 14:02 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-15 13:58 - 2021-09-15 13:58 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-15 13:58 - 2021-09-15 13:58 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 13:58 - 2021-09-15 13:58 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-15 13:58 - 2021-09-15 13:58 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-15 13:58 - 2021-09-15 13:58 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-15 13:57 - 2021-09-15 13:57 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-15 13:55 - 2021-09-15 13:55 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-15 13:55 - 2021-09-15 13:55 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-15 13:54 - 2021-09-15 13:54 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-15 13:54 - 2021-09-15 13:54 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-15 13:54 - 2021-09-15 13:54 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-15 13:54 - 2021-09-15 13:54 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-15 13:54 - 2021-09-15 13:54 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-15 13:53 - 2021-09-15 13:53 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-15 13:19 - 2021-09-15 13:19 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-10 12:34 - 2021-03-26 20:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-10 12:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-10 12:18 - 2021-06-28 13:39 - 000000000 ____D C:\Users\mamie\AppData\Local\CrashDumps
2021-10-10 11:11 - 2021-03-26 22:00 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-10 11:10 - 2021-05-26 21:09 - 000000000 ____D C:\Users\mamie\AppData\LocalLow\Mozilla
2021-10-10 11:04 - 2021-05-26 21:07 - 000000000 ___RD C:\Users\mamie\OneDrive
2021-10-09 09:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-10-09 09:43 - 2021-03-26 22:00 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-09 09:16 - 2021-03-26 21:02 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-09 09:16 - 2021-03-26 21:02 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-09 09:12 - 2021-05-26 21:05 - 000000000 __SHD C:\Users\mamie\IntelGraphicsProfiles
2021-10-08 20:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-08 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-08 19:35 - 2021-03-26 22:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-08 19:34 - 2021-03-26 20:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-10-07 15:53 - 2021-03-26 21:03 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-30 14:08 - 2021-05-26 21:07 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812220801-2207553701-1386832641-1001
2021-09-30 14:08 - 2021-05-26 21:00 - 000002425 _____ C:\Users\mamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-24 11:33 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-23 11:02 - 2021-05-30 15:23 - 000000000 ____D C:\Program Files\Common Files\AV
2021-09-23 10:33 - 2021-03-26 21:36 - 000000000 ___HD C:\Intel
2021-09-23 10:33 - 2021-03-26 20:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-23 10:33 - 2021-03-26 20:56 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-23 10:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-09-22 18:12 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-09-22 18:11 - 2021-03-26 21:49 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-22 18:11 - 2020-11-19 11:23 - 000793016 _____ C:\Windows\system32\perfh00C.dat
2021-09-22 18:11 - 2020-11-19 11:23 - 000150146 _____ C:\Windows\system32\perfc00C.dat
2021-09-22 18:08 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-09-22 18:06 - 2021-03-26 22:22 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2021-09-22 18:04 - 2021-03-26 20:57 - 000439128 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-09-22 17:57 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-09-20 17:27 - 2021-05-26 21:00 - 000000000 ____D C:\Users\mamie
2021-09-19 13:23 - 2021-03-26 22:11 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-15 14:35 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-09-15 13:18 - 2021-06-01 12:22 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 13:15 - 2021-06-01 12:21 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par mamie (administrateur) sur LAPTOP-DDLJ20L7 (Acer Aspire A317-33) (10-10-2021 13:03:29)
Exécuté depuis C:\Users\mamie\Downloads
Profils chargés: mamie
Platform: Microsoft Windows 10 Famille Version 20H2 19042.1237 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QALockHandler.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Quick Access Service\QASvc.exe
(Acer Incorporated -> Microsoft) C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe
(Acer Incorporated) C:\Program Files\WindowsApps\AcerIncorporated.AcerRegistration_2.0.3030.0_x64__48frkmn4z8aw4\DesktopApp\AcerRegistrationBackGroundTask.exe
(GoTrustID Inc -> GOTrustID Inc.) C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe
(GOTrustID Inc.) [Fichier non signé] C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_3c43114c92103b1a\LMS.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b578901fbed94a8e\igfxextN.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(NortonLifeLock Inc. -> Broadcom) C:\Program Files\Norton Security\Engine\22.21.8.62\NortonSecurity.exe <2>
(NortonLifeLock Inc. -> NortonLifeLock Inc.) C:\Program Files\Norton Security\Engine\22.21.8.62\nsWscSvc.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe <2>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_6903f1a9d3b68dab\RtkAudUService64.exe [1259872 2021-05-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1812220801-2207553701-1386832641-1001\...\Run: [MicrosoftEdgeAutoLaunch_F8339EE473C67237A36D1EF7DE9CE30B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0D3AC168-A2BA-4807-A1D4-70CA28A628AE} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {15F3FE05-2C04-4DBF-B569-23C0D14FFA56} - System32\Tasks\Quick Access => C:\Program Files\Acer\Quick Access Service\QALauncher.exe [447528 2020-11-10] (Acer Incorporated -> Acer Incorporated)
Task: {204041E5-F671-4C0A-BE79-51086CE92C81} - System32\Tasks\Power Button => C:\Program Files\Acer\Quick Access Service\ePowerButton_NB.exe [2770984 2020-11-10] (Acer Incorporated -> Acer Incorporated)
Task: {2EC6DA4E-73DA-440E-8848-B1CB14CCCC3B} - System32\Tasks\StorPSCTL => C:\Program Files\Acer\StorPSCTL\StorPSCTL.exe [153640 2020-09-18] (Acer Incorporated -> Microsoft)
Task: {347FB84D-EC04-4E69-BA5A-C4078A21570F} - System32\Tasks\AcerCMUpdateTask2.1.20250 => C:\Program Files (x86)\Acer\Amundsen\2.1.20250\AWC.exe [153128 2020-09-02] (Acer Incorporated -> )
Task: {3D52AA56-F863-4930-A91B-C13A455305AD} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2962984 2020-07-27] (Acer Incorporated -> )
Task: {5C8BDE0C-B42E-490E-B01B-9084C481D811} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {5FE93FB8-D98F-4A72-A843-1FBF73CCE6E3} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security Ultra\Upgrade.exe [2352488 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {669304D2-3230-49C8-A245-F81BE8AE2492} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4829224 2020-07-27] (Acer Incorporated -> )
Task: {677F099F-F310-4207-83E3-02CAD1115796} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-11-06] (Acer Incorporated -> Acer Incorporated)
Task: {73707369-4CEA-4B5B-86DA-E16CF4C8D093} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {815DDEDB-D3A0-4220-A82F-D75DB16481F7} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [18224 2021-03-12] (Acer Incorporated -> )
Task: {924D7CCE-EFE8-4203-9B75-90EE2BF00057} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [42024 2020-07-27] (Acer Incorporated -> )
Task: {969E0AA2-8849-4F47-BD59-7A878506EFC6} - System32\Tasks\UEIPInvitation => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UEIPOOBECheck.exe [2211368 2020-11-18] (Acer Incorporated -> Acer Incorporated)
Task: {A9D390DB-381A-49C4-A36A-7B3B6BBFF864} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Security\Engine\22.21.8.62\WSCStub.exe [646520 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
Task: {B34BF9F9-BDE1-4727-AA1A-BAFDBE8E24D4} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21857672 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF0F320E-780A-476E-9F52-5471EDF2FB77} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Analyzer => C:\Program Files\Norton Security\Engine\22.21.8.62\SymErr.exe [108752 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {C08813E4-C08D-4E9B-B399-44F3CDDF90F0} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139096 2021-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C72EE997-7C05-4CC7-A136-D3A365AE48BD} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program Service\Framework\TriggerFramework.exe [268328 2020-11-18] (Acer Incorporated -> Acer Incorporated)
Task: {D7833844-CBA2-487A-A1D4-DB2D4E7107E5} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [65064 2020-03-16] (Acer Incorporated -> Acer)
Task: {DCDDC966-FD43-4DA6-9509-CF3619A49DD7} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Error Processor => C:\Program Files\Norton Security\Engine\22.21.8.62\SymErr.exe [108752 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc)
Task: {EFF2FE39-B6AB-4A34-9B26-AF9543DEEA3B} - System32\Tasks\Norton Security Ultra\Norton Security Ultra Autofix => C:\Program Files\Norton Security\Engine\22.21.8.62\SymErr.exe [108752 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{09ad9af3-e94c-449b-adb5-df301869508c}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc12824e-e455-403c-ad94-bc9b60234e83}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\mamie\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-10]
Edge Notifications: Default -> hxxps://investmentguru.com; hxxps://www.facebook.com
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 1baay4hv.default
FF ProfilePath: C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\1baay4hv.default [2021-05-26]
FF ProfilePath: C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\7mtzx4hr.default-release [2021-10-10]
FF Extension: (Français Language Pack) - C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\7mtzx4hr.default-release\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-10-09]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\mamie\AppData\Roaming\Mozilla\Firefox\Profiles\7mtzx4hr.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-10-10]
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2019-05-14] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json]
FF Extension: (Français Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org.xpi [2020-09-15]
FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-10-09] []
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-01] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 ACCSvc; C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe [300584 2020-07-27] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9179528 2021-09-10] (Microsoft Corporation -> Microsoft Corporation)
R2 GoTrust ID Plugin; C:\Program Files\GoTrust ID Plugin\GoTrust ID Plugin\GTFidoService.exe [15360 2020-09-08] (GOTrustID Inc.) [Fichier non signé]
R2 GoTrustID Service; C:\Program Files\GoTrust ID Plugin\Bridge_Service.exe [336992 2020-09-08] (GoTrustID Inc -> GOTrustID Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7801016 2021-10-09] (Malwarebytes Inc -> Malwarebytes)
R2 NortonSecurity; C:\Program Files\Norton Security\Engine\22.21.8.62\NortonSecurity.exe [343336 2021-09-02] (NortonLifeLock Inc. -> Broadcom)
R2 nsWscSvc; C:\Program Files\Norton Security\Engine\22.21.8.62\nsWscSvc.exe [1058664 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
S3 QALSvc; C:\Program Files\Acer\Quick Access Service\QALSvc.exe [465960 2020-11-10] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Quick Access Service\QASvc.exe [526888 2020-11-10] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe [342568 2020-11-18] (Acer Incorporated -> Acer Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\NisSrv.exe [2855512 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2109.6-0\MsMpEng.exe [128392 2021-10-08] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
R1 BHDrvx64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\BASHDefs\20210721.013\BHDrvx64.sys [1995864 2021-05-25] (Symantec Corporation -> Broadcom)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ccSet_NGC; C:\Windows\System32\drivers\NGCx64\1615080.03E\ccSetx64.sys [192256 2021-09-02] (Symantec Corporation -> Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [516168 2021-05-29] (Symantec Corporation -> Broadcom)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153672 2021-06-07] (Symantec Corporation -> Broadcom)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [160176 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 IDSVia64; C:\Program Files\Norton Security\NortonData\22.20.5.40\Definitions\IPSDefs\20210723.061\IDSvia64.sys [1488976 2021-05-28] (Symantec Corporation -> Broadcom)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [210344 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [193448 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [69040 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-10-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [149424 2021-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 nsvst_NGC; C:\Windows\System32\drivers\NGCx64\1615080.03E\nsvst.sys [56080 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
R3 SRTSP; C:\Windows\System32\drivers\NGCx64\1615080.03E\SRTSP64.SYS [892616 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SRTSPX; C:\Windows\System32\drivers\NGCx64\1615080.03E\SRTSPX64.SYS [48848 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R0 SymEFASI; C:\Windows\System32\drivers\NGCx64\1615080.03E\SYMEFASI64.SYS [2059968 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S0 SymELAM; C:\Windows\System32\drivers\NGCx64\1615080.03E\SymELAM.sys [31992 2021-09-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Broadcom Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [93152 2021-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 SymEvnt; C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [712432 2021-07-13] (Symantec Corporation -> Symantec Corporation)
R1 SymIRON; C:\Windows\System32\drivers\NGCx64\1615080.03E\Ironx64.SYS [319192 2021-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R1 SymNetS; C:\Windows\System32\drivers\NGCx64\1615080.03E\symnets.sys [575344 2021-09-02] (Symantec Corporation -> Symantec Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [48520 2021-10-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [434424 2021-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86264 2021-10-08] (Microsoft Windows -> Microsoft Corporation)
S3 wpCtrlDrv_NGC; C:\Windows\System32\drivers\NGCx64\1615080.03E\wpCtrlDrv.sys [1015760 2021-09-02] (NortonLifeLock Inc. -> NortonLifeLock Inc.)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-10 13:03 - 2021-10-10 13:07 - 000018477 _____ C:\Users\mamie\Downloads\FRST.txt
2021-10-10 13:01 - 2021-10-10 13:05 - 000000000 ____D C:\FRST
2021-10-10 12:49 - 2021-10-10 12:49 - 002310144 _____ (Farbar) C:\Users\mamie\Downloads\FRST64.exe
2021-10-10 11:31 - 2021-10-10 11:31 - 000001527 _____ C:\Users\mamie\Desktop\malware.txt
2021-10-09 10:09 - 2021-10-09 10:09 - 000300400 _____ C:\Users\mamie\Desktop\ZHPDiag.html
2021-10-09 09:52 - 2021-10-09 09:52 - 000069040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-10-09 09:51 - 2021-10-09 09:51 - 000193448 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-10-09 09:51 - 2021-10-09 09:51 - 000149424 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-10-09 09:51 - 2021-10-09 09:51 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-09 09:51 - 2021-10-09 09:51 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-10-09 09:51 - 2021-10-09 09:51 - 000000000 ____D C:\Users\mamie\AppData\Local\mbam
2021-10-09 09:50 - 2021-10-09 09:50 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-10-09 09:50 - 2021-10-09 09:50 - 000210344 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-10-09 09:50 - 2021-10-09 09:49 - 000160176 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-10-09 09:50 - 2021-10-09 09:49 - 000019912 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2021-10-09 09:49 - 2021-10-09 09:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-10-09 09:48 - 2021-10-09 09:48 - 000000000 ____D C:\Program Files\Malwarebytes
2021-10-09 09:47 - 2021-10-09 09:47 - 002101944 _____ (Malwarebytes) C:\Users\mamie\Downloads\MBSetup.exe
2021-10-09 09:43 - 2021-10-09 09:43 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-10-09 09:42 - 2021-10-09 09:41 - 000009589 _____ C:\Users\mamie\Desktop\ZHPCleaner (R).html
2021-10-09 09:41 - 2021-10-09 09:41 - 000003203 _____ C:\Users\mamie\Desktop\ZHPCleaner (R).txt
2021-10-09 09:38 - 2021-10-09 09:44 - 000000000 ____D C:\AdwCleaner
2021-10-09 09:37 - 2021-10-09 09:37 - 008553680 _____ (Malwarebytes) C:\Users\mamie\Downloads\adwcleaner_8.3.0.exe
2021-10-09 09:37 - 2021-10-09 09:37 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-09 09:35 - 2021-10-09 09:35 - 000009273 _____ C:\Users\mamie\Desktop\ZHPCleaner (S).html
2021-10-09 09:35 - 2021-10-09 09:35 - 000002996 _____ C:\Users\mamie\Desktop\ZHPCleaner (S).txt
2021-10-09 09:19 - 2021-10-09 09:19 - 000000879 _____ C:\Users\mamie\Desktop\ZHPCleaner.lnk
2021-10-09 09:18 - 2021-10-09 09:18 - 003289752 _____ (Nicolas Coolman) C:\Users\mamie\Downloads\ZHPCleaner.exe
2021-10-08 20:44 - 2021-10-09 10:09 - 000244629 _____ C:\Users\mamie\Desktop\ZHPDiag.txt
2021-10-08 20:23 - 2021-10-09 10:09 - 000000000 ____D C:\Users\mamie\AppData\Roaming\ZHP
2021-10-08 20:23 - 2021-10-09 09:19 - 000000000 ____D C:\Users\mamie\AppData\Local\ZHP
2021-10-08 20:23 - 2021-10-08 20:35 - 000000869 _____ C:\Users\mamie\Desktop\ZHPSuite.lnk
2021-10-08 20:22 - 2021-10-08 20:22 - 003476120 _____ (Nicolas Coolman) C:\Users\mamie\Downloads\ZHPSuite.exe
2021-10-08 20:07 - 2021-10-08 20:07 - 000000000 ____D C:\Windows\system32\Tasks\Remediation
2021-09-23 10:43 - 2021-10-02 10:57 - 000000000 ____D C:\Windows\system32\Tasks\Norton Security Ultra
2021-09-22 18:05 - 2021-09-22 18:05 - 000003376 _____ C:\Windows\system32\Tasks\Norton WSC Integration
2021-09-22 18:05 - 2021-09-22 18:05 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2021-09-15 14:13 - 2021-09-15 14:13 - 000452096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2021-09-15 14:05 - 2021-09-15 14:05 - 000672768 _____ C:\Windows\system32\FsNVSDeviceSource.dll
2021-09-15 14:03 - 2021-09-15 14:03 - 000570368 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2021-09-15 14:02 - 2021-09-15 14:02 - 001313608 _____ (Microsoft Corporation) C:\Windows\system32\SecConfig.efi
2021-09-15 14:02 - 2021-09-15 14:02 - 000122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2021-09-15 14:02 - 2021-09-15 14:02 - 000011355 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-09-15 13:58 - 2021-09-15 13:58 - 002111488 _____ (Digimarc) C:\Windows\SysWOW64\DMRCDecoder.dll
2021-09-15 13:58 - 2021-09-15 13:58 - 001333760 _____ C:\Windows\SysWOW64\TextInputMethodFormatter.dll
2021-09-15 13:58 - 2021-09-15 13:58 - 001164288 _____ C:\Windows\system32\MBR2GPT.EXE
2021-09-15 13:58 - 2021-09-15 13:58 - 000426496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2021-09-15 13:58 - 2021-09-15 13:58 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-09-15 13:57 - 2021-09-15 13:57 - 000147456 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2021-09-15 13:55 - 2021-09-15 13:55 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-09-15 13:55 - 2021-09-15 13:55 - 001393480 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2021-09-15 13:54 - 2021-09-15 13:54 - 002295296 _____ (Digimarc) C:\Windows\system32\DMRCDecoder.dll
2021-09-15 13:54 - 2021-09-15 13:54 - 002260992 _____ C:\Windows\system32\TextInputMethodFormatter.dll
2021-09-15 13:54 - 2021-09-15 13:54 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-09-15 13:54 - 2021-09-15 13:54 - 000162816 _____ C:\Windows\system32\DataStoreCacheDumpTool.exe
2021-09-15 13:54 - 2021-09-15 13:54 - 000098816 _____ C:\Windows\system32\Drivers\cimfs.sys
2021-09-15 13:53 - 2021-09-15 13:53 - 000566784 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2021-09-15 13:19 - 2021-09-15 13:19 - 000000000 ___HD C:\$WinREAgent
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-10-10 12:34 - 2021-03-26 20:57 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-10-10 12:34 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-10 12:18 - 2021-06-28 13:39 - 000000000 ____D C:\Users\mamie\AppData\Local\CrashDumps
2021-10-10 11:11 - 2021-03-26 22:00 - 000000000 ____D C:\ProgramData\Mozilla
2021-10-10 11:10 - 2021-05-26 21:09 - 000000000 ____D C:\Users\mamie\AppData\LocalLow\Mozilla
2021-10-10 11:04 - 2021-05-26 21:07 - 000000000 ___RD C:\Users\mamie\OneDrive
2021-10-09 09:50 - 2019-12-07 11:14 - 000000000 ___HD C:\Windows\ELAMBKUP
2021-10-09 09:43 - 2021-03-26 22:00 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-09 09:16 - 2021-03-26 21:02 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-09 09:16 - 2021-03-26 21:02 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-09 09:12 - 2021-05-26 21:05 - 000000000 __SHD C:\Users\mamie\IntelGraphicsProfiles
2021-10-08 20:03 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-08 20:03 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-08 19:35 - 2021-03-26 22:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-08 19:34 - 2021-03-26 20:57 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-10-07 15:53 - 2021-03-26 21:03 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-30 14:08 - 2021-05-26 21:07 - 000003380 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1812220801-2207553701-1386832641-1001
2021-09-30 14:08 - 2021-05-26 21:00 - 000002425 _____ C:\Users\mamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-24 11:33 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-09-23 11:02 - 2021-05-30 15:23 - 000000000 ____D C:\Program Files\Common Files\AV
2021-09-23 10:33 - 2021-03-26 21:36 - 000000000 ___HD C:\Intel
2021-09-23 10:33 - 2021-03-26 20:57 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-23 10:33 - 2021-03-26 20:56 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-23 10:33 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-09-22 18:12 - 2019-12-07 11:03 - 000786432 _____ C:\Windows\system32\config\BBI
2021-09-22 18:11 - 2021-03-26 21:49 - 001770910 _____ C:\Windows\system32\PerfStringBackup.INI
2021-09-22 18:11 - 2020-11-19 11:23 - 000793016 _____ C:\Windows\system32\perfh00C.dat
2021-09-22 18:11 - 2020-11-19 11:23 - 000150146 _____ C:\Windows\system32\perfc00C.dat
2021-09-22 18:08 - 2019-12-07 11:03 - 000032768 _____ C:\Windows\system32\config\ELAM
2021-09-22 18:06 - 2021-03-26 22:22 - 000000000 ____D C:\Windows\system32\Drivers\NGCx64
2021-09-22 18:04 - 2021-03-26 20:57 - 000439128 _____ C:\Windows\system32\FNTCACHE.DAT
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\migwiz
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\Dism
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\DDFs
2021-09-22 17:58 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\appraiser
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ShellComponents
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-09-22 17:57 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-09-22 17:57 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\servicing
2021-09-20 17:27 - 2021-05-26 21:00 - 000000000 ____D C:\Users\mamie
2021-09-19 13:23 - 2021-03-26 22:11 - 000000000 ____D C:\Program Files\Microsoft Office
2021-09-15 14:35 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-09-15 13:18 - 2021-06-01 12:22 - 000000000 ____D C:\Windows\system32\MRT
2021-09-15 13:15 - 2021-06-01 12:21 - 135637312 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================