Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 20-02-2021 01
Exécuté par deane (administrateur) sur DESKTOP-U5IARK6 (ASUSTeK COMPUTER INC. X756UQK) (21-02-2021 10:53:27)
Exécuté depuis C:\Users\deane\OneDrive\Bureau
Profils chargés: deane
Platform: Windows 10 Home Version 20H2 19042.804 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Users\deane\Downloads\captvty-2.9.2\Captvty.exe
() [Fichier non signé] C:\Users\deane\Downloads\Explorer++\Explorer++.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <48>
(IDSA Production signing key 2021 -> Intel) C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_51074a304c325b5d\LMS.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) System Usage Report -> ) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(LENOVO -> Lenovo) [Fichier non signé] C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2012.21.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> ) C:\Windows\System32\EoAExperiences.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2101.9-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_c1be3fe4a5f7f580\Display.NvContainer\NVDisplay.Container.exe <2>
(Quick And Easy Software) [Fichier non signé] B:\Logiciels\USB_Disk_Eject.exe
(VideoLAN -> VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Q-Dir] => C:\Program Files\Q-Dir\Q-Dir.exe [2253704 2020-10-29] (Nenad Hrg -> Nenad Hrg (SoftwareOK.com))
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [321112 2019-07-29] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => "C:\Program Files (x86)\Winamp\winampa.exe"
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2016-06-16] (LENOVO -> Lenovo) [Fichier non signé]
HKLM-x32\...\Run: [Intel Driver & Support Assistant] => C:\Program Files (x86)\Intel\Driver and Support Assistant\DSATray.exe [286064 2021-01-25] (IDSA Production signing key 2021 -> Intel)
HKU\S-1-5-21-2705362736-2887218376-927619844-1001\...\Run: [GoogleChromeAutoLaunch_5ABA0BB30201E1F8F0C6847879FB1BA1] => "C:\Program Files\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-2705362736-2887218376-927619844-1001\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME\TTHOMERunner.exe [332288 2019-12-17] (TomTom) [Fichier non signé]
HKU\S-1-5-21-2705362736-2887218376-927619844-1001\...\Run: [OpenDNS Updater] => C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe [839680 2010-06-16] () [Fichier non signé]
HKU\S-1-5-21-2705362736-2887218376-927619844-1001\...\Run: [HP OfficeJet 8010 series (NET)] => C:\Program Files\HP\HP OfficeJet 8010 series\Bin\ScanToPCActivationApp.exe [4072864 2020-10-29] (HP Inc -> HP Inc.)
HKU\S-1-5-21-2705362736-2887218376-927619844-1001\...\Run: [Discord] => C:\Users\deane\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2705362736-2887218376-927619844-1001\...\MountPoints2: {64688cfc-4c04-11eb-9727-f0038c7deaec} - "E:\Lenovo_Suite.exe" 
HKU\S-1-5-21-2705362736-2887218376-927619844-1001\...\MountPoints2: {64688d07-4c04-11eb-9727-f0038c7deaec} - "F:\Lenovo_Suite.exe" 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\88.0.4324.182\Installer\chrmstp.exe [2021-02-19] (Google LLC -> Google LLC)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {12BC522B-3CE2-4979-AA43-143C8165C875} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {3D3EA957-03ED-417C-ACA5-ECC295796D3D} - System32\Tasks\HPCustParticipation HP OfficeJet 8010 series => C:\Program Files\HP\HP OfficeJet 8010 series\Bin\HPCustPartic.exe [6719392 2020-12-11] (HP Inc -> HP Inc.)
Task: {4947E2F5-22F7-47CA-BC58-55442903E230} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [3098912 2020-11-05] (Intel(R) System Usage Report -> Intel Corporation)
Task: {5D4F1F28-20DD-45FB-AC22-0C9191CB1BFD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9B340FFB-BE64-4D30-817C-3B38D1714E32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-12] (Google LLC -> Google LLC)
Task: {A0FEC4D9-BE45-4C24-AED8-7EB1E69027A0} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {AE861F66-6097-4821-8E09-1CBFF6992615} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B7F07C62-DEB9-4986-B117-485F8E40A51F} - System32\Tasks\lenovo mobile auto run => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499208 2016-06-16] (LENOVO -> Lenovo) [Fichier non signé]
Task: {D3ED35EE-A27A-45F1-84CE-8AD92190D8ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-09-12] (Google LLC -> Google LLC)
Task: {D50A31EC-C762-4CA9-89DC-EA2F5618A83F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {D99F7E97-67C7-4C46-B87D-055F9ED3A61A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F06DA713-0545-4C22-A467-2602F51AF08B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {F2FF5E74-D0D3-4BDC-B467-0C4F9B8643C4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {F8ED1B90-2774-4C3B-A3E3-F74A14E44617} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MpCmdRun.exe [562240 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{4108c23d-1992-4fee-a6a7-c2e3983f8e88}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{4108c23d-1992-4fee-a6a7-c2e3983f8e88}: [DhcpNameServer] 192.168.1.254

Edge: 
=======
Edge Profile: C:\Users\deane\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-21]

FireFox:
========
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-15] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR Profile: C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default [2021-02-21]
CHR Notifications: Default -> hxxps://drive.google.com; hxxps://tvline.com; hxxps://twitter.com; hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://google.fr/
CHR StartupUrls: Default -> "chrome-extension://admmjipmmciaobhojoghlmleefbicajg/content/ui/vault-tab-ui.html"
CHR DefaultSearchURL: Default -> hxxps://www.betaseries.com/images/site/android-chrome-192x192.png
CHR DefaultSearchKeyword: Default -> sc
CHR DefaultSuggestURL: Default -> hxxps://default-search.site/search/suggest.php?q={searchTerms}
CHR Session Restore: Default -> est activé.
CHR Extension: (Google Traduction) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-09-12]
CHR Extension: (Slides) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-09-12]
CHR Extension: (BetaSeries) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\adckfolnffkcbcokfohmbebcifoopojp [2021-02-21]
CHR Extension: (Docs) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-09-12]
CHR Extension: (Google Drive) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-19]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2021-01-08]
CHR Extension: (YouTube) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-09-12]
CHR Extension: (ESET Social Media Scanner) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnjkffaadkndhconoopdhknnlhlpchmo [2020-09-17]
CHR Extension: (Détail du compte - Espace client - Oney) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnlegnbfolplkmgneijhclolekeacljn [2021-02-21]
CHR Extension: (Ddlfr Téléchargement) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpmlhffefcngfgbcmdeglachhpablpkd [2021-02-21]
CHR Extension: (Advanced Font Settings) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\caclkomlalccbpcdllchkeecicepbmbm [2020-09-12]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-01-29]
CHR Extension: (Search Changer) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfikbclbljhmmokgdokgjhnpinnmihkp [2020-12-24]
CHR Extension: (DDL-Island) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngcemihklalppomlbhakpjfaebdfpef [2021-02-21]
CHR Extension: (Mes Favoris Google Chrome) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkmlfnjhgdneboddonnjpbeialebnaji [2021-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-12-15]
CHR Extension: (MyJDownloader Browser Extension) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbcohnmimjicjdomonkcbcpbpnhggkip [2020-11-20]
CHR Extension: (Sheets) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-09-12]
CHR Extension: (ReviewMeta.com Review Analyzer) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjifglfkcaipnmhngbigdebkoikioend [2020-09-12]
CHR Extension: (Majuscules Accentuées) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\fndcenfgdacibjnofbbdndfijggefgmp [2021-02-01]
CHR Extension: (Seriesaddict) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gahcgblndkfdplldidflpcmefpdejpln [2021-02-21]
CHR Extension: (Leftside Back) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdcddfacdedphcamippdkojfngoakglg [2021-01-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-18]
CHR Extension: (Super Simple Auto Refresh) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gljclgacfalmnebgmhknodlplmngmfpi [2020-09-12]
CHR Extension: (HP Smart Print) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi [2020-09-12]
CHR Extension: (Seriebox) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdmafibmegmndcpdfmogeejfkiigfdaf [2021-02-21]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2021-02-11]
CHR Extension: (Codes Promo Automatiques, des Bonnes Affaires, et des Remises en Argent!) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfapbcheiepjppjbnkphkmegjlipojba [2021-01-29]
CHR Extension: (Free Telechargement) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhmheigelmbolcejhgfifacenlafaeda [2021-02-21]
CHR Extension: (Extension Club Rakuten Everywhere) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnchgcelpejnpglbnaieofanfoikiepb [2021-02-16]
CHR Extension: (Barre latérale de favoris) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdbnofccmhefkmjbkkdkfiicjkgofkdh [2021-01-25]
CHR Extension: (Zone Telechargement) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\jdnlalgleiindcmebbajjhcoebpgflig [2021-02-21]
CHR Extension: (Download with JDownloader) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpmbokkdeapjommajdfmmheiiakdlgo [2020-12-24]
CHR Extension: (Trakt.tv) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjjpplpnehlgioofgejkhdlkjkeeiihj [2021-02-20]
CHR Extension: (Extreme Download) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpddndobocooddkmfdjkakofckeaccjb [2021-02-20]
CHR Extension: (TV Time) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\kinldhlacljbkajlijmjipmfogokckad [2021-02-21]
CHR Extension: (Free VPN - le service VPN le plus rapide de la maison) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmiomcifojboepikoohkgdalibbakboc [2020-09-27]
CHR Extension: (Material Freebox OS) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhdfonhgkclaigpfmclbahllambeednh [2020-09-12]
CHR Extension: (Plus belle la vie en avance) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghcmiojjdomjmkdafmiipmkcinaencb [2021-02-21]
CHR Extension: (OneDrive) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2020-09-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (SerieAll) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdgnjdlombacapfggommnenajbhgfkn [2021-02-20]
CHR Extension: (Reverso - Traduction, dictionnaire) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\onhiacboedfinnofagfgoaanfedhmfab [2020-09-12]
CHR Extension: (Android Developers) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\opfncoefigdklmipfplhopnijgjjgcfh [2021-02-11]
CHR Extension: (Drive Files to OneDrive™) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcagpleiioillikneeillgemaanajfae [2020-09-12]
CHR Extension: (Z. Téléchargement) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pijagikilockamfblkdejfdheocmjmmo [2021-02-21]
CHR Extension: (Gmail) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\deane\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
S2 TTHOMEService; C:\Program Files\TomTom HOME\TTHOMEService.exe [97792 2019-04-17] (TomTom) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 AMSProtectedService; C:\Program Files (x86)\Intego\elam_ppl\amsprotectedservice.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c1be3fe4a5f7f580\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_c1be3fe4a5f7f580\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S0 AMSElamDriver; C:\WINDOWS\System32\drivers\amselam.sys [21976 2020-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [117728 2017-11-01] (Alcor Micro, Corp. -> )
R3 AsusSGDrv; C:\WINDOWS\System32\drivers\AsusSGDrv.sys [140032 2019-08-19] (ASUSTek Computer Inc. -> ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\System32\drivers\ssudbus.sys [120416 2018-01-12] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R3 HIDSwitch; C:\WINDOWS\System32\drivers\AsRadioControl.sys [32680 2019-08-07] (ASUSTek Computer Inc. -> ASUS)
S3 leusbser; C:\WINDOWS\System32\drivers\leusbser.sys [238080 2016-06-30] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
R3 MpKsl2ebc4339; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6D3FE884-9CF5-481F-86A8-140839A82E1B}\MpKslDrv.sys [47344 2021-02-21] (Microsoft Windows -> Microsoft Corporation)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [55904 2018-01-12] (Samsung Electronics CO., LTD. -> QUALCOMM Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [150136 2016-06-30] (Microsoft Windows Hardware Compatibility Publisher -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-02-20 17:43 - 2021-02-21 10:55 - 000000000 ____D C:\FRST
2021-02-20 15:36 - 2021-02-20 15:36 - 000000000 ____D C:\Users\deane\AppData\Local\mbam
2021-02-20 15:35 - 2021-02-20 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-20 15:34 - 2021-02-20 15:34 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-20 15:25 - 2021-02-20 15:30 - 000000000 ____D C:\AdwCleaner
2021-02-20 15:04 - 2021-02-20 15:04 - 000001023 _____ C:\Users\deane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZHPCleaner.lnk
2021-02-20 13:50 - 2021-02-20 16:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 11:32 - 2021-02-20 11:32 - 000133869 _____ C:\Users\deane\Downloads\ZHPDiag.txt
2021-02-20 11:25 - 2021-02-20 15:51 - 000000000 ____D C:\Users\deane\AppData\Roaming\ZHP
2021-02-20 11:25 - 2021-02-20 14:59 - 000000000 ____D C:\Users\deane\AppData\Local\ZHP
2021-02-16 23:18 - 2000-04-27 02:07 - 000000397 _____ C:\Users\deane\Downloads\freeroms.htm
2021-02-16 23:02 - 2021-02-16 23:02 - 000000000 ____D C:\Users\deane\Downloads\3DS_To_CIA_Converter_v41
2021-02-16 16:14 - 2021-02-16 16:14 - 000001032 _____ C:\Users\deane\Downloads\WBFS to ISO.lnk
2021-02-16 16:14 - 2021-02-16 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WBFS to ISO
2021-02-16 16:14 - 2021-02-16 16:14 - 000000000 ____D C:\Program Files (x86)\WBFS to ISO
2021-02-16 16:12 - 2021-02-16 16:13 - 001752750 _____ (wbfstoiso.com ) C:\Users\deane\Downloads\wbfstoiso_setup.exe
2021-02-13 12:52 - 2021-02-13 12:52 - 008225846 _____ C:\Users\deane\Downloads\80128693_3_1.pdf
2021-02-13 12:51 - 2021-02-13 12:51 - 008548242 _____ C:\Users\deane\Downloads\143_453_Manuel_Ch_eau_FR.pdf
2021-02-13 12:51 - 2021-02-13 12:51 - 000443693 _____ C:\Users\deane\Downloads\5414849571440_prd_frpdf.pdf
2021-02-13 09:25 - 2021-02-13 09:25 - 000000263 _____ C:\Users\deane\Downloads\discord_backup_codes.txt
2021-02-13 09:20 - 2021-02-13 09:20 - 000000000 ____D C:\Users\deane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2021-02-13 09:19 - 2021-02-18 16:47 - 000000000 ____D C:\Users\deane\AppData\Local\Discord
2021-02-13 09:19 - 2021-02-18 08:57 - 000000000 ____D C:\Users\deane\AppData\Roaming\discord
2021-02-11 13:43 - 2021-02-11 13:43 - 000000000 ____D C:\Users\deane\AppData\Roaming\ADBDriverInstaller
2021-02-11 12:11 - 2021-02-11 12:11 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-11 12:11 - 2021-02-11 12:11 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-11 12:10 - 2021-02-11 12:10 - 000000000 ____D C:\Users\deane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2021-02-11 09:47 - 2021-02-11 09:47 - 000000000 ____D C:\Program Files (x86)\ClockworkMod
2021-02-10 14:55 - 2021-02-10 14:55 - 000282108 _____ C:\Users\deane\Downloads\Demande de complémentaire santé solidaire de Mmme Rosalia Maria Mighali (20.11.20).pdf
2021-02-10 09:15 - 2021-02-10 09:15 - 000049262 _____ C:\Users\deane\Downloads\Echéancier EDF Février 2021.pdf
2021-02-10 09:14 - 2021-02-10 09:14 - 000275275 _____ C:\Users\deane\Downloads\Facture edf Février 2021.pdf
2021-02-09 20:09 - 2021-02-09 19:27 - 000047430 _____ C:\Users\deane\Downloads\Accord retenue sur allocations 20210208 2.pdf
2021-02-09 17:04 - 2021-02-09 17:03 - 000047430 _____ C:\Users\deane\Downloads\Accord retenue sur allocations 20210208.pdf
2021-02-05 22:39 - 2021-02-05 22:39 - 000001426 _____ C:\WINDOWS\system32\default_error_stack-000030-000000.txt
2021-02-05 17:06 - 2021-02-05 17:06 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-05 17:05 - 2021-02-05 17:05 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-05 17:05 - 2021-02-05 17:05 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-04 19:33 - 2021-02-04 19:50 - 003107580 _____ C:\WINDOWS\Minidump\020421-49218-01.dmp
2021-02-04 13:24 - 2020-09-18 05:20 - 005129536 _____ (HP Inc.) C:\WINDOWS\SysWOW64\HPScanTEDrv.dll
2021-02-04 13:24 - 2020-09-18 05:20 - 001328960 _____ (HP Inc.) C:\WINDOWS\system32\HPScanTEDrv_x64_DiscoveryLibDyn.dll
2021-02-04 13:24 - 2020-09-18 05:20 - 000963392 _____ (HP Inc.) C:\WINDOWS\SysWOW64\DiscoveryLibDyn.dll
2021-02-04 13:24 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\SysWOW64\HPScanDrvConfig.xml
2021-02-04 13:24 - 2020-09-18 03:08 - 000003487 _____ C:\WINDOWS\system32\HPScanDrvConfig.xml
2021-02-04 10:16 - 2021-02-04 10:16 - 000343210 _____ C:\Users\deane\Downloads\Contrat comptes Crédit Agricole Alpes Provence de M. Frédéric Mighali (29.01.21).pdf
2021-02-04 10:13 - 2021-02-04 10:13 - 001732314 _____ C:\Users\deane\Downloads\Contrat de travail de M. Enzo Mighali SARL KM Chauffage Sorgues (04.01.21).pdf
2021-02-02 18:15 - 2021-02-02 18:15 - 000292308 _____ C:\Users\deane\Downloads\Page 4 (02.02.21).pdf
2021-02-02 18:13 - 2021-02-02 18:13 - 001114691 _____ C:\Users\deane\Downloads\Page 3 (02.02.21).pdf
2021-02-02 13:05 - 2021-02-02 13:05 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000029-000000.txt
2021-02-02 12:53 - 2021-02-02 12:53 - 000993777 _____ C:\Users\deane\Downloads\Page 2 (02.02.21).pdf
2021-02-02 12:52 - 2021-02-02 12:52 - 000711360 _____ C:\Users\deane\Downloads\Page 1 (02.02.21).pdf
2021-02-02 12:41 - 2021-02-02 12:41 - 000003734 _____ C:\WINDOWS\system32\Tasks\HPCustParticipation HP OfficeJet 8010 series
2021-02-02 12:40 - 2021-02-21 08:33 - 000004176 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{03BF4BE6-2ADE-444A-8D1A-B021DDEBFE4F}
2021-02-02 12:36 - 2021-02-02 12:45 - 000000000 ____D C:\Users\deane\AppData\Roaming\HP_Easy_Start
2021-02-01 19:37 - 2021-02-01 19:37 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000028-000000.txt
2021-02-01 18:56 - 2021-02-21 08:32 - 000000000 ____D C:\Users\deane\Downloads\captvty-2.9.2
2021-01-31 11:09 - 2021-01-31 11:09 - 000076795 _____ C:\Users\deane\Downloads\3e62046d-aa05-4e44-9843-d6119697f714.pdf
2021-01-31 09:38 - 2021-01-30 11:04 - 000014732 _____ C:\Users\deane\Downloads\Classement des Box TV _ Ranking of TV Boxes.xlsx
2021-01-27 09:45 - 2021-01-27 09:45 - 000010269 _____ C:\Users\deane\Downloads\DetailMessage (1).pdf
2021-01-27 09:44 - 2021-01-27 09:44 - 000010269 _____ C:\Users\deane\Downloads\DetailMessage.pdf
2021-01-25 15:32 - 2021-01-25 15:32 - 000169710 _____ C:\Users\deane\Downloads\fiche_15_je_souhaite_acceder_a_mon_dossier_medical_050320.pdf
2021-01-24 10:14 - 2021-01-24 10:14 - 000001425 _____ C:\WINDOWS\system32\default_error_stack-000027-000000.txt
2021-01-23 00:46 - 2021-01-23 01:19 - 000000000 ____D C:\Users\deane\AppData\LocalLow\Mozilla
2021-01-23 00:46 - 2021-01-23 00:46 - 000000950 _____ C:\Users\deane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-02-21 10:52 - 2020-09-12 15:35 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-21 10:45 - 2020-09-12 15:57 - 000000000 ____D C:\Users\deane\AppData\Roaming\vlc
2021-02-21 09:25 - 2020-09-12 15:03 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-21 09:10 - 2020-09-12 15:35 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-21 09:10 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-21 08:29 - 2020-09-12 15:07 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-20 17:37 - 2020-09-12 15:35 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-20 12:24 - 2020-09-12 19:46 - 000000000 ____D C:\Users\deane\AppData\Local\JDownloader 2.0
2021-02-20 09:28 - 2020-09-12 15:36 - 000000000 __SHD C:\Users\deane\IntelGraphicsProfiles
2021-02-19 22:16 - 2020-09-12 16:42 - 000002205 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-19 20:41 - 2020-09-12 15:19 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-17 12:55 - 2020-09-26 09:39 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-17 01:20 - 2020-09-12 15:27 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-17 01:01 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-02-15 10:02 - 2021-01-01 10:40 - 000000527 _____ C:\Users\deane\ticket1.xml
2021-02-13 09:20 - 2020-11-24 08:12 - 000000000 ____D C:\Users\deane\AppData\Local\SquirrelTemp
2021-02-12 12:38 - 2020-09-12 15:04 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-11 19:36 - 2020-09-12 15:40 - 000795764 _____ C:\WINDOWS\system32\perfh00C.dat
2021-02-11 19:36 - 2020-09-12 15:40 - 000151376 _____ C:\WINDOWS\system32\perfc00C.dat
2021-02-11 19:36 - 2020-09-12 15:34 - 000000000 ____D C:\WINDOWS\INF
2021-02-11 19:36 - 2020-09-12 15:27 - 001775332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-11 19:31 - 2020-09-12 15:03 - 000268440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-11 19:30 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\ServiceState
2021-02-11 19:30 - 2020-09-12 15:11 - 000000000 ____D C:\Intel
2021-02-11 19:30 - 2020-09-12 15:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-11 19:30 - 2020-09-12 15:03 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-11 19:29 - 2020-09-12 15:23 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-02-11 19:28 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-11 19:28 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-11 19:28 - 2020-09-12 15:35 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-11 11:34 - 2020-09-12 16:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-11 11:30 - 2020-09-12 16:00 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-11 09:35 - 2020-09-12 15:19 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 09:35 - 2020-09-12 15:19 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-10 15:00 - 2020-09-26 09:41 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-08 09:59 - 2020-09-12 15:31 - 000000000 ____D C:\Users\deane
2021-02-05 22:37 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-05 22:36 - 2020-09-12 15:35 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-05 22:36 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-05 22:36 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-05 22:36 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-05 22:36 - 2020-09-12 15:35 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-05 22:36 - 2020-09-12 15:23 - 000000000 ____D C:\WINDOWS\servicing
2021-02-05 11:57 - 2020-09-12 16:41 - 000003588 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 11:57 - 2020-09-12 16:41 - 000003464 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-04 19:50 - 2020-10-22 16:45 - 000000000 ____D C:\WINDOWS\Minidump
2021-02-04 19:33 - 2020-10-22 16:45 - 2157441347 _____ C:\WINDOWS\MEMORY.DMP
2021-02-04 13:24 - 2020-09-12 19:44 - 000000000 ____D C:\ProgramData\HP
2021-02-02 13:00 - 2020-12-30 11:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2021-02-02 13:00 - 2020-09-12 19:47 - 000000000 ____D C:\Program Files\HP
2021-02-02 13:00 - 2020-09-12 19:47 - 000000000 ____D C:\Program Files (x86)\HP
2021-02-02 12:45 - 2020-09-12 19:42 - 000000000 ____D C:\Users\deane\AppData\Local\HP
2021-02-02 12:42 - 2020-09-12 15:41 - 000000000 ____D C:\Users\deane\AppData\Local\PlaceholderTileLogoFolder
2021-02-02 12:38 - 2020-09-12 15:36 - 000000000 ____D C:\Users\deane\AppData\Roaming\Adobe
2021-01-30 12:46 - 2020-12-11 17:48 - 000001510 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver & Support Assistant.lnk
2021-01-30 12:46 - 2020-09-16 10:39 - 000000000 ____D C:\Program Files (x86)\Intel
2021-01-30 12:46 - 2020-09-12 19:49 - 000000000 ____D C:\ProgramData\Package Cache
2021-01-28 10:30 - 2020-09-12 15:36 - 000000000 ____D C:\Users\deane\AppData\Local\Packages
2021-01-22 08:49 - 2020-09-12 15:38 - 000799104 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Fichiers à la racine de certains dossiers ========

2020-10-19 08:26 - 2020-10-19 08:29 - 000000071 _____ () C:\Users\deane\AppData\Local\update_progress.txt

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================