Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17-04-2021 Exécuté par user (administrateur) sur DESKTOP-21KSVAC (Dell Inc. Precision 7510) (20-04-2021 09:04:50) Exécuté depuis C:\Users\user.DESKTOP-21KSVAC\OneDrive - Association Cesi Viacesi mail\Bureau Profils chargés: user Platform: Windows 10 Pro Version 2004 19041.804 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe (ALPS ELECTRIC CO., LTD. -> ALPSALPINE CO., LTD.) C:\Program Files\DellTPad\hidfind.exe (Autodesk, Inc. -> Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe <3> (Autodesk, Inc. -> Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\9.2.2.2501\AdskLicensingService\AdskLicensingService.exe (Autodesk, Inc. -> Autodesk) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe (Autodesk, Inc. -> Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe (Flexera Software LLC -> Flexera) C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\igfxCUIService.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\igfxEM.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\IntelCpHDCPSvc.exe (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_bf81fe4bbb266b4e\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_7ed3bacbb0a8cc67\RstMwService.exe (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (Lexmark International, Inc. -> ) C:\Program Files (x86)\Lexmark\ErrorApp\lmab1err.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <30> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Teams\current\Teams.exe <8> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2101.10.0_x64__8wekyb3d8bbwe\Calculator.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxOutlook.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20688.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12101.1001.14.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <4> (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <8> (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2> (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [779152 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9229592 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488664 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1488664 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [723928 2017-01-26] (Waves Inc -> Waves Audio Ltd.) HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [114273560 2020-10-14] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [Autodesk Genuine Service ] => C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Programs\Autodesk\Genuine Service\GenuineService.exe [1070392 2019-10-08] (Autodesk, Inc. -> Autodesk) HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [664872 2020-03-04] (Autodesk, Inc. -> Autodesk, Inc.) HKU\S-1-5-21-3053335771-2016258822-3076255874-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Teams\Update.exe [2453728 2021-04-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-3053335771-2016258822-3076255874-1001\...\Run: [LMab1err] => C:\Program Files (x86)\Lexmark\ErrorApp\LMab1err.exe [645736 2013-07-11] (Lexmark International, Inc. -> ) HKLM\...\Windows x64\Print Processors\hpcpp240: C:\Windows\System32\spool\prtprocs\x64\hpcpp240.dll [804488 2019-11-15] (HP Inc. -> HP Inc.) HKLM\...\Windows x64\Print Processors\LMADXN4C: C:\Windows\System32\spool\prtprocs\x64\LMADXN4C.DLL [269312 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.) HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW082.DLL [127624 2019-11-15] (HP Inc. -> HP Inc.) HKLM\...\Print\Monitors\HPMLM225: C:\WINDOWS\system32\hpmlm225.dll [315528 2019-11-15] (HP Inc. -> HP Inc.) HKLM\...\Print\Monitors\LM_LMADXN: C:\WINDOWS\system32\LMADXNLANG.DLL [3059712 2013-07-31] (Microsoft Windows Hardware Compatibility Publisher -> ) Startup: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-03-13] ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation) ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {1A0F8BB7-082F-4389-852D-84F6E88C750B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation) Task: {33FF86E5-3F58-4EC4-86C2-80C78C2299DB} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [880 2020-09-25] () [Fichier non signé] Task: {472719DB-A753-4E01-BD1C-124C7F0ABC8B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation) Task: {527BB875-4708-477A-B914-9AAB85AC795B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {996875B7-C1C9-4B1B-A85A-5F8E0C40A998} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-27] (Mozilla Corporation -> Mozilla Foundation) Task: {9FCB960F-A1A3-43F0-9D26-AB38699E5C19} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5255600 2021-04-19] (Microsoft Corporation -> Microsoft Corporation) Task: {A61DB48D-00D6-4EE1-B4DD-50719A4DC886} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AF6D703C-E246-488A-9269-A2E5761C51F5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1498000 2021-04-19] (Microsoft Corporation -> Microsoft Corporation) Task: {B60F7F98-F7B9-4655-A1C0-DF84A839FE53} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {B96DDD64-EDD6-42D8-8FDE-22ED00782EAE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B9BC8EDE-FB3D-411A-86A2-9B0B87EE447E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {BA685A45-A2C5-4420-80C8-89F2282FE5A1} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4061296 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {DD5D9A3F-CF2F-43A2-8096-6D33EA7876FA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141160 2021-04-19] (Microsoft Corporation -> Microsoft Corporation) Task: {F4BE87AE-52AC-42E7-88EF-C499D36A2AF0} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23248792 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) Task: {F652262E-43AB-47AE-8551-AF059AD3FCED} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1059336 2021-01-09] (Dell Inc -> Dell Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog9 15 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\vsocklib.dll [42296 2019-08-14] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9-x64 15 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.) Winsock: Catalog9-x64 16 C:\Windows\system32\vsocklib.dll [46392 2019-08-14] (VMware, Inc. -> VMware, Inc.) Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241 Tcpip\..\Interfaces\{067d0918-650a-4a8e-b53c-39ffa299dc26}: [DhcpNameServer] 212.27.40.240 212.27.40.241 Edge: ======= DownloadDir: C:\Users\user.DESKTOP-21KSVAC\Downloads Edge HomeButtonPage: HKU\S-1-5-21-3053335771-2016258822-3076255874-1001 -> about:start Edge DefaultProfile: Default Edge Profile: C:\Users\user.DESKTOP-21KSVAC\AppData\Local\Microsoft\Edge\User Data\Default [2021-04-20] Edge DownloadDir: C:\Users\user.DESKTOP-21KSVAC\Downloads Edge Notifications: Default -> hxxps://ent.cesi.fr; hxxps://www.cnetfrance.fr Edge HomePage: Default -> edge://newtab/ Edge Session Restore: Default -> est activé. Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee] FireFox: ======== FF DefaultProfile: h1m3jxt5.default FF ProfilePath: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\h1m3jxt5.default [2021-03-01] FF ProfilePath: C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\et6z9si2.default-release [2021-04-20] FF Session Restore: Mozilla\Firefox\Profiles\et6z9si2.default-release -> est activé. FF Extension: (Malwarebytes Browser Guard) - C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Mozilla\Firefox\Profiles\et6z9si2.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-04-19] FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-03-06] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1046904 2020-03-04] (Autodesk, Inc. -> Autodesk Inc.) R2 AdskLicensingService; C:\Program Files (x86)\Common Files\Autodesk Shared\AdskLicensing\Current\AdskLicensingService\AdskLicensingService.exe [16926864 2019-08-08] (Autodesk, Inc. -> Autodesk) R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [114960 2019-12-12] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8788392 2021-04-07] (Microsoft Corporation -> Microsoft Corporation) R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [287776 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3750944 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [507936 2020-10-26] (Dell Technologies Inc. -> Dell Technologies Inc.) R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7240.285\DSAPI.exe [985584 2021-03-01] (PC-Doctor, Inc. -> PC-Doctor, Inc.) R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [38592 2020-10-29] (Dell Inc -> ) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-04-19] (Malwarebytes Inc -> Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2019-02-02] (HP Inc.) [Fichier non signé] S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-01] (Microsoft Windows -> Microsoft Corporation) S3 OfficeSvcManagerAddons; C:\WINDOWS\system32\dllhost.exe /Processid:{2CA2E202-932F-4BA2-8771-195BB86398F5} [21312 2021-03-01] (Microsoft Windows -> Microsoft Corporation) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2019-02-02] (HP Inc.) [Fichier non signé] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310552 2018-07-30] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5198064 2021-03-01] (Microsoft Windows Publisher -> Microsoft Corporation) R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39432 2021-01-09] (Dell Inc -> Dell Inc.) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 akshasp; C:\WINDOWS\System32\drivers\akshasp.sys [69560 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.) S3 akshhl; C:\WINDOWS\System32\drivers\akshhl.sys [68536 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.) S3 aksusb; C:\WINDOWS\System32\drivers\aksusb.sys [313784 2020-05-29] (Gemalto, Inc. -> SafeNet, Inc.) S3 bcmnfcusb; C:\WINDOWS\System32\drivers\bcmnfcusb.sys [54872 2017-05-25] (Broadcom Corporation -> Broadcom Corporation.) R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [42376 2020-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.) R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [22864 2016-10-27] (WDKTestCert Andy_Chen6,131219483243550933 -> OSR Open Systems Resources, Inc.) R3 DellRctl; C:\WINDOWS\System32\drivers\DellRctl.sys [42296 2017-02-28] (FPT USA Corp. -> ) S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-04-20] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-04-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-04-19] (Malwarebytes Inc -> Malwarebytes) R1 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [74616 2020-09-25] (Insecure.Com LLC -> Insecure.Com LLC.) R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics) R1 vmkbd3; C:\WINDOWS\system32\DRIVERS\vmkbd.sys [52288 2019-09-16] (VMware, Inc. -> VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66368 2019-09-16] (VMware, Inc. -> VMware, Inc.) R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49216 2019-09-16] (VMware, Inc. -> VMware, Inc.) R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [103224 2019-08-14] (VMware, Inc. -> VMware, Inc.) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation) U4 npcap_wifi; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-20 09:04 - 2021-04-20 09:05 - 000000000 ____D C:\FRST 2021-04-20 08:52 - 2021-04-20 08:52 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-04-19 17:38 - 2021-04-19 17:43 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\ZHP 2021-04-19 17:38 - 2021-04-19 17:38 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\ZHP 2021-04-19 17:36 - 2021-04-19 17:38 - 003468440 _____ (Nicolas Coolman) C:\Users\user.DESKTOP-21KSVAC\Downloads\ZHPSuite (1).exe 2021-04-19 17:32 - 2021-04-19 17:32 - 003468440 _____ (Nicolas Coolman) C:\Users\user.DESKTOP-21KSVAC\Downloads\Non confirmé 822733.crdownload 2021-04-19 10:27 - 2021-04-19 10:27 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-04-19 10:27 - 2021-04-19 10:27 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-04-19 10:27 - 2021-04-19 10:27 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\mbam 2021-04-19 10:27 - 2021-04-19 10:26 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-04-19 10:27 - 2021-04-19 10:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-04-19 10:26 - 2021-04-19 10:26 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-04-19 10:24 - 2021-04-19 10:24 - 002078632 _____ (Malwarebytes) C:\Users\user.DESKTOP-21KSVAC\Downloads\MBSetup(1).exe 2021-04-19 10:24 - 2021-04-19 10:24 - 000000000 ____D C:\Program Files\Malwarebytes 2021-04-06 16:50 - 2021-04-06 16:50 - 002546726 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\Thèse_Damien_FRANCES_AMELIORATION_CONTINUE_GESTION_DE_PROJET_FINAL.pdf 2021-04-06 09:39 - 2021-04-06 09:39 - 000589528 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-04-05 10:40 - 2021-04-05 10:40 - 001584669 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\grille-tarifaire-care-novembre-2020(1).pdf 2021-04-03 15:41 - 2021-04-03 15:42 - 013524420 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\noticerms1000-2000.pdf 2021-04-02 12:07 - 2021-04-02 12:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime 2021-03-28 09:41 - 2021-03-28 09:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-03-27 20:11 - 2021-03-30 18:19 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-03-24 11:16 - 2021-03-24 11:16 - 000207648 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\vp-41-21-chef-de-projet-utilisateurs-pmi-def(1).pdf 2021-03-24 10:50 - 2021-03-24 10:50 - 000207648 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\vp-41-21-chef-de-projet-utilisateurs-pmi-def.pdf 2021-03-22 10:47 - 2021-03-22 10:47 - 000000000 _____ C:\Users\user.DESKTOP-21KSVAC\Downloads\Resiliation.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-04-20 08:59 - 2021-03-01 14:40 - 000000000 ____D C:\ProgramData\Mozilla 2021-04-20 08:58 - 2020-09-10 09:32 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\LocalLow\Mozilla 2021-04-20 08:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration 2021-04-20 08:56 - 2021-03-01 13:08 - 001779188 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-04-20 08:56 - 2019-12-07 16:50 - 000797210 _____ C:\WINDOWS\system32\perfh00C.dat 2021-04-20 08:56 - 2019-12-07 16:50 - 000151850 _____ C:\WINDOWS\system32\perfc00C.dat 2021-04-20 08:56 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-04-20 08:53 - 2020-09-10 08:48 - 000000000 ___RD C:\Users\user.DESKTOP-21KSVAC\OneDrive 2021-04-20 08:52 - 2021-03-08 16:15 - 000000000 ____D C:\ProgramData\VMware 2021-04-20 08:52 - 2021-03-01 12:57 - 000000000 ____D C:\ProgramData\NVIDIA 2021-04-20 08:52 - 2021-03-01 12:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-04-20 08:52 - 2020-06-23 08:14 - 000008192 ___SH C:\DumpStack.log.tmp 2021-04-20 08:52 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-04-20 08:52 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-04-19 17:51 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-04-19 17:31 - 2021-03-01 12:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-04-19 11:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-04-19 11:28 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-04-19 10:35 - 2021-02-09 11:36 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\LocalLow\IGDump 2021-04-19 10:27 - 2021-02-09 11:34 - 000002021 _____ C:\ProgramData\Bureau\Malwarebytes.lnk 2021-04-19 10:27 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-04-19 09:44 - 2021-03-01 13:56 - 000000000 ____D C:\Program Files\Microsoft Office 2021-04-19 09:38 - 2020-11-18 12:51 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-04-19 09:38 - 2020-11-18 12:51 - 000002280 _____ C:\ProgramData\Bureau\Microsoft Edge.lnk 2021-04-11 09:07 - 2021-03-01 12:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2021-04-10 19:18 - 2021-03-01 13:16 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3053335771-2016258822-3076255874-1001 2021-04-10 19:18 - 2021-03-01 12:58 - 000002450 _____ C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-04-09 14:12 - 2021-03-01 15:06 - 000002443 _____ C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-04-06 09:39 - 2021-03-01 12:53 - 000000000 ____D C:\WINDOWS\Panther 2021-04-05 13:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-03-30 18:19 - 2021-03-01 14:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-03-28 13:42 - 2020-11-15 14:06 - 000000000 ____D C:\VueScan 2021-03-28 09:41 - 2021-03-01 14:40 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-03-24 15:19 - 2021-03-08 16:23 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Local\VMware 2021-03-24 14:50 - 2021-03-08 16:23 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\AppData\Roaming\VMware 2021-03-24 14:50 - 2020-12-06 16:55 - 000000000 ____D C:\Users\user.DESKTOP-21KSVAC\OneDrive - Association Cesi Viacesi mail\Documents\Virtual Machines ==================== Fichiers à la racine de certains dossiers ======== 2021-03-03 17:11 - 2021-03-03 17:11 - 000000218 _____ () C:\Users\user.DESKTOP-21KSVAC\AppData\Local\recently-used.xbel 2021-03-03 11:00 - 2021-03-03 11:00 - 000000000 _____ () C:\Users\user.DESKTOP-21KSVAC\AppData\Local\zenmap.exe.log ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================