RÃ©sultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 05-02-2022
ExÃ©cutÃ© par Carole (administrateur) sur ORDI-CAROLE (HP HP Notebook) (06-02-2022 16:18:30)
ExÃ©cutÃ© depuis C:\Users\Carole\Downloads
Profils chargÃ©s: Carole
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1466 (X64) Langue: FranÃ§ais (France)
Navigateur par dÃ©faut: FF
Mode d'amorÃ§age: Normal

==================== Processus (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le processus sera arrÃªtÃ©. Le fichier ne sera pas dÃ©placÃ©.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_5acc9ca73ae7cf4c\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> ) C:\Users\Carole\AppData\Local\PCHealthCheck\PCHealthCheck.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2111.12605.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCopyAccelerator.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <34>
(Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe

==================== Registre (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, l'Ã©lÃ©ment de Registre sera restaurÃ© Ã  la valeur par dÃ©faut ou supprimÃ©. Le fichier ne sera pas dÃ©placÃ©.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [StartCN] => c:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [7536520 2016-09-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2017-03-16] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-614154937-2299269801-1085597429-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-614154937-2299269801-1085597429-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe [23990080 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG3500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBV.DLL [30208 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG3500 series: C:\WINDOWS\system32\CNMLMBV.DLL [391168 2013-04-04] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [359936 2013-01-24] (CANON INC.) [Fichier non signÃ©]
HKLM\...\Print\Monitors\Wondershare PDFelement Monitor: C:\WINDOWS\system32\PEPrinterMonitor.dll [285232 2021-04-06] (Wondershare Technology Co.,Ltd -> Wondershare Software)

==================== TÃ¢ches planifiÃ©es (Avec liste blanche) ============

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

Task: {06CF9AA4-2186-4019-BDEB-C7A19631A964} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> Pas de fichier <==== ATTENTION
Task: {0D074273-8230-496A-B4AE-C128B12FF28B} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {12AB845F-E642-43CD-B728-5F9EFB6CFB56} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {201ACDCC-D4EB-43BA-BC0A-5FCE8AABE19A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [108904 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {20CAE1FF-9807-4B5C-9716-BB83C9C5B709} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6469008 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E0FD3CF-C148-4A75-812F-5BB034030870} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6469008 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {470DC68E-D810-4C56-87D8-A6455D5562CD} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> Pas de fichier <==== ATTENTION
Task: {4A84860A-6550-4AD6-8BDC-4A1E54A9E825} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {60BC8E75-9322-4B51-A28A-FEDF1536DEA2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {734114F4-27BE-4D7A-BF1E-871C3CF77A18} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1172360 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {750001A7-9DC9-40CE-819A-80D0C4DAD382} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> Pas de fichier <==== ATTENTION
Task: {7C8C6F17-CEB7-43ED-B07F-2A8906D10A74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {80B53E53-A9B9-46AD-BE96-68E773FCE896} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-21] (Adobe Inc. -> Adobe)
Task: {8A7EFB5C-00AF-4C1A-99C0-7E55FC176CC7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9AD08CC0-9926-4F4A-9E8D-34353E9E2EDE} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {A38E19A7-0E6E-4A54-ACAD-1C362E8A10F5} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe (Pas de fichier)
Task: {C45F1D13-505B-4664-85DA-48525DFAB94C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C583F14A-1716-4998-BF1B-E2ACC5614E97} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA7A8158-2DF9-4E66-BA40-0B6365352EE8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22880112 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {CDCA6595-C524-42F1-9934-DB51454D84C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CF55866C-2EAE-4E7C-977B-3D7ED11EE4D5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [25492152 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {D3FD8B54-4EB5-4BD0-B0A7-7A2976227680} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MpCmdRun.exe [901048 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E477271E-1D03-421F-BF0A-C7ABA9AF17D2} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> Pas de fichier <==== ATTENTION
Task: {F8B9428C-C015-47A2-BABD-5E2B95DF9CB1} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> Pas de fichier <==== ATTENTION
Task: {FB4F2C6E-B698-4C1A-AA60-45D6AE2C36E4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-21] (Adobe Inc. -> Adobe)
Task: {FF593DDB-00D2-4EAB-B89A-9B4984972ABF} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> Pas de fichier <==== ATTENTION

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier tÃ¢che (.job) sera dÃ©placÃ©. Le fichier exÃ©cutÃ© par la tÃ¢che ne sera pas dÃ©placÃ©.)


==================== Internet (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, s'il s'agit d'un Ã©lÃ©ment du Registre, il sera supprimÃ© ou restaurÃ© Ã  la valeur par dÃ©faut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a2edcfa1-e468-4472-bca8-450e42fd6cd1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f7486d33-8215-4c05-b99f-f8fe580eba93}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvÃ©(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvÃ©(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvÃ©(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvÃ©(e)]
Edge Profile: C:\Users\Carole\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-06]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Carole\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-03]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: 1wc6da00.default-1566490196734
FF ProfilePath: C:\Users\Carole\AppData\Roaming\Mozilla\Firefox\Profiles\1wc6da00.default-1566490196734 [2022-02-06]
FF Notifications: Mozilla\Firefox\Profiles\1wc6da00.default-1566490196734 -> hxxps://maaf-by.accengage.net; hxxps://youzik.com; hxxps://www.santediscount.com
FF Extension: (IGRAAL : Cashback & codes promo) - C:\Users\Carole\AppData\Roaming\Mozilla\Firefox\Profiles\1wc6da00.default-1566490196734\Extensions\{dbac9680-d559-4cd4-9765-059879e8c467}.xpi [2022-02-05]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-21] (Adobe Inc. -> )
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-21] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Fichier non signÃ©]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-10-30] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-21] (Adobe Inc. -> Adobe)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12124536 2022-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140936 2013-05-14] (Canon Inc. -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-14] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\NisSrv.exe [2876152 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1737776 2022-01-20] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2111.5-0\MsMpEng.exe [128360 2021-12-16] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [104688 2016-10-12] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2022-01-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-11-14] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-12-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435432 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86248 2021-12-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
S3 AndnetBus; \SystemRoot\System32\drivers\lgandnetbus64.sys [X]
S3 AndNetDiag; \SystemRoot\system32\DRIVERS\lgandnetdiag64.sys [X]
S3 ANDNetModem; \SystemRoot\system32\DRIVERS\lgandnetmodem64.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)


==================== Un mois (crÃ©Ã©s) (Avec liste blanche) =========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2022-02-06 16:18 - 2022-02-06 16:20 - 000020135 _____ C:\Users\Carole\Downloads\FRST.txt
2022-02-06 16:17 - 2022-02-06 16:19 - 000000000 ____D C:\FRST
2022-02-06 16:17 - 2022-02-06 16:17 - 002311680 _____ (Farbar) C:\Users\Carole\Downloads\FRST64.exe
2022-02-06 16:11 - 2022-02-06 16:11 - 000001357 _____ C:\Users\Carole\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-02-06 16:11 - 2022-02-06 16:11 - 000000000 ____D C:\Users\Carole\AppData\Local\PCHealthCheck
2022-02-06 16:09 - 2022-02-06 16:10 - 014233600 _____ C:\Users\Carole\Downloads\WindowsPCHealthCheckSetup.msi
2022-02-06 15:27 - 2022-02-06 15:27 - 000000000 ____D C:\Users\Carole\AppData\Local\Apps\2.0
2022-02-03 21:38 - 2022-02-03 21:38 - 000633327 _____ C:\Users\Carole\Documents\facture chessel manon.pdf
2022-02-03 21:38 - 2022-02-03 21:38 - 000050916 _____ C:\Users\Carole\Documents\facture Chessel Thomas.pdf
2022-02-03 20:57 - 2022-02-03 20:57 - 000279560 _____ C:\Users\Carole\Downloads\CrucialFRScan.exe
2022-02-03 17:52 - 2022-02-03 17:52 - 000000000 ____D C:\Users\Carole\AppData\Local\SolidDocuments
2022-01-31 18:34 - 2022-01-31 20:31 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2022-01-31 18:33 - 2022-01-31 18:33 - 000000000 ____D C:\Program Files\Adobe
2022-01-31 18:31 - 2022-01-31 18:33 - 000000000 ____D C:\Program Files\Common Files\Adobe
2022-01-31 18:27 - 2022-01-31 18:29 - 004319690 _____ C:\Users\Carole\Documents\Thomas CHESSEL Evaluations CM2.pdf
2022-01-31 18:25 - 2022-02-03 17:42 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-01-23 16:00 - 2022-01-23 16:00 - 000523776 _____ (curl, hxxps://curl.se/) C:\WINDOWS\system32\curl.exe
2022-01-23 16:00 - 2022-01-23 16:00 - 000464384 _____ (curl, hxxps://curl.se/) C:\WINDOWS\SysWOW64\curl.exe
2022-01-23 16:00 - 2022-01-23 16:00 - 000011797 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-01-23 15:37 - 2022-01-23 15:37 - 000000000 ___HD C:\$WinREAgent
2022-01-19 12:29 - 2022-01-19 12:29 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-01-07 19:41 - 2022-01-07 19:41 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-01-07 19:40 - 2022-01-07 19:40 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2022-01-07 19:40 - 2022-01-07 19:40 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe

==================== Un mois (modifiÃ©s) ==================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2022-02-06 16:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-02-06 15:59 - 2020-10-04 16:51 - 001924270 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-06 15:59 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-06 15:59 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-06 15:59 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-02-06 15:59 - 2019-02-04 21:27 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-06 15:58 - 2017-12-01 18:17 - 000000000 ____D C:\Users\Carole\AppData\LocalLow\Mozilla
2022-02-06 15:55 - 2017-12-01 18:03 - 000000000 __SHD C:\Users\Carole\IntelGraphicsProfiles
2022-02-06 15:53 - 2020-10-04 17:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-02-06 15:53 - 2020-10-04 16:28 - 000008192 ___SH C:\DumpStack.log.tmp
2022-02-06 15:53 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-02-06 15:53 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-02-06 15:52 - 2020-10-04 16:37 - 000000000 ____D C:\Users\Carole
2022-02-06 15:50 - 2020-11-15 14:32 - 000000000 ____D C:\Users\Carole\AppData\Local\CrashDumps
2022-02-06 15:46 - 2020-10-12 19:18 - 000002236 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2022-02-06 15:46 - 2020-10-12 19:18 - 000000000 ____D C:\Program Files\CCleaner
2022-02-06 15:12 - 2020-10-04 16:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-02-06 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-02-06 15:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-02-05 14:14 - 2020-06-26 13:03 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-02-03 21:44 - 2017-12-01 18:59 - 000000000 ____D C:\Users\Carole\Documents\CGOS
2022-02-03 21:12 - 2018-07-14 20:46 - 000000000 ____D C:\Users\Carole\AppData\Local\D3DSCache
2022-02-03 18:17 - 2016-10-21 08:35 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-02-03 17:52 - 2017-12-01 18:03 - 000000000 ____D C:\Users\Carole\AppData\Roaming\Adobe
2022-02-03 17:48 - 2020-10-12 19:18 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-03 17:42 - 2017-12-01 18:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-01-31 20:31 - 2020-10-04 17:06 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2022-01-31 20:29 - 2021-10-12 17:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-01-31 20:29 - 2017-12-01 18:17 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-01-31 18:31 - 2017-12-07 21:00 - 000000000 ____D C:\ProgramData\Adobe
2022-01-29 12:56 - 2020-10-04 17:06 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-01-29 12:56 - 2020-10-04 17:06 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-01-27 18:01 - 2017-12-17 12:20 - 000000000 ____D C:\ProgramData\CanonIJPLM
2022-01-24 00:27 - 2020-10-04 16:28 - 000523992 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-01-24 00:24 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2022-01-24 00:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-01-24 00:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-01-24 00:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-01-24 00:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-01-24 00:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-01-24 00:24 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-01-23 19:02 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-01-19 12:29 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-01-19 12:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-01-19 12:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-01-19 12:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-01-19 12:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-01-19 12:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-01-19 12:24 - 2018-01-24 21:03 - 001506304 _____ C:\Users\Carole\Documents\sauvegarde 24.01.2018.mmb
2022-01-19 11:55 - 2017-12-01 18:59 - 000000000 ____D C:\Users\Carole\Documents\Garderie - Assistantes maternelles-CAF-Pajemploi
2022-01-19 10:54 - 2017-12-07 20:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-01-18 20:54 - 2017-12-07 20:11 - 145765912 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Fichiers Ã  la racine de certains dossiers ========

2017-12-01 18:04 - 2022-02-06 15:55 - 004572583 _____ () C:\Users\Carole\AppData\Local\BTServer.log

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas Ã  la vÃ©rification.)

==================== Fin de FRST.txt ========================