Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2021
Exécuté par Eléa (administrateur) sur ELEY-PC (TOSHIBA SATELLITE L50-A-173) (16-11-2021 19:40:34)
Exécuté depuis C:\Users\Eléa\Desktop
Profils chargés: Eléa
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1052 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\RMService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dxgiadaptercache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Temp\58E62551-3435-4412-AAF2-034FCB848F6B\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1022_none_7e372e9e7c6ecccb\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\80.0.4170.63\opera_autoupdate.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> ) C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel® Services Manager -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114012024 2021-06-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Run: [E89342E66DA002D433D97BEF3A737B7A0C2A6924._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [266336 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP AF11 Status Monitor: C:\WINDOWS\system32\hpinkstsAF11LM.dll [329576 2012-04-02] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\WINDOWS\system32\hpz3lw72.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0931F59B-6F50-4122-A6B3-B13AD1E8D130} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Pas de fichier)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {13A7E2DA-12D4-4C63-BC43-A2DCEE96F6B1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-15] (Adobe Inc. -> Adobe)
Task: {18CA94D7-08AA-4703-BB12-4BC90F7DAA14} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {1C191F90-C18D-438B-BD9C-C7F5456401F3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {1CBA8C44-1BDC-4DEC-83FC-2CE1365F72C7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {1D81F062-18C7-4EFC-900B-35BF316BAFEE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
Task: {266F7D0A-C7FD-4901-9AF9-600989787221} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {2670DEC8-EF4D-4AFB-88D2-54CAF20AC752} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2F5E3A60-591B-4466-9056-D704E22A97C3} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [654440 2013-03-19] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {3077D018-E158-4C3A-8865-2C1ECAE917D7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {3FD472D2-444F-4619-BB11-7CE292F7FC0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4712d818-f255-4c97-b13a-8abb3c312b55} - pas de chemin du fichier
Task: {50DF27FC-7C26-4EAD-B395-B0149F5B7400} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-15] (Adobe Inc. -> Adobe)
Task: {5792822D-33EE-427A-8EBE-D7F999602C0C} - \WPD\SqmUpload_S-1-5-21-1703695413-1640498887-1373312417-1002 -> Pas de fichier <==== ATTENTION
Task: {67A05C7A-8987-4CC7-86D2-4841BE62DBC5} - System32\Tasks\CCleanerSkipUAC - Eléa => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72E81325-A795-4166-92CC-A2C6197938EF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {72F097F5-45EA-497B-86FC-6EDABD591E16} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {75AD5C99-98F6-4A22-A99E-8AE74E9AF161} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {79302C10-2E33-4218-99BE-2544152AF457} - System32\Tasks\Opera scheduled Autoupdate 1502202723 => C:\Program Files (x86)\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {804B3023-9549-40E7-B51A-D4ED91722BCF} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {8538FFC6-1AA5-4629-8413-CB8443DE605C} - \WPD\SqmUpload_S-1-5-21-1703695413-1640498887-1373312417-1003 -> Pas de fichier <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {93419372-46F6-4098-9D99-AAD8B95BEA05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93BE03F1-264B-4653-8E41-7BD129362B33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {99E6376D-A3C4-4819-9673-A9C1181D93F5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {9BA25F63-C6DF-46B6-92E6-ADFAD48D60E0} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {A05B7A51-9DF1-4A3C-BD08-405CCF513604} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {A93759C1-5DBC-47AF-8AEB-3FD7C71B84E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEC4A1A6-65B9-471F-AFB0-8DBF59C130C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {b588d5c6-f5b2-4bcd-8cc9-bbfc00293983} - pas de chemin du fichier
Task: {b66bd82e-c750-4b19-ab41-926b2100be17} - pas de chemin du fichier
Task: {BA952631-C866-409D-A45D-0612AFEB3CAD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C85718AC-0745-43E8-9818-58A24F35200D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1F8DBF3-538E-4B33-9260-27BD1A28AFAC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {E0F46E2F-9FA3-46EE-9A77-A475B5EA3818} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {EB624B51-F5F5-493D-9294-9B30AFA67012} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5626369e-de0c-40db-830b-42f7b142dd6c}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Notifications: HKU\S-1-5-21-1703695413-1640498887-1373312417-1002 -> hxxps://web.skype.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Eléa\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-16]
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1703695413-1640498887-1373312417-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Eléa\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\Eléa\AppData\Roaming\Opera Software\Opera Stable [2021-11-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Eléa\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Eléa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-16]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\DSDFunctionKeyCtlService.exe [625776 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
S3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] (DTS, Inc. -> )
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-16] (Malwarebytes Inc -> Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\dynabookSystemService.exe [44773040 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\TOSTABSYSSVC.exe [296272 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\RMService.exe [446248 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-29] (Malwarebytes Inc -> Malwarebytes)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [561680 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\TosSrvCtlDrv.sys [25584 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-16 19:40 - 2021-11-16 19:55 - 000023790 _____ C:\Users\Eléa\Desktop\FRST.txt
2021-11-16 19:18 - 2021-11-16 19:18 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-16 19:06 - 2021-11-16 19:11 - 002311680 _____ (Farbar) C:\Users\Eléa\Desktop\FRST64.exe
2021-11-16 18:55 - 2021-11-16 19:47 - 000000000 ____D C:\FRST
2021-11-16 17:44 - 2021-11-16 17:44 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d76c02e766a14e
2021-11-16 17:36 - 2021-11-16 17:36 - 000000000 ___HD C:\$WinREAgent
2021-11-16 17:20 - 2021-11-16 17:20 - 000002884 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Eléa
2021-11-16 17:16 - 2021-11-16 17:16 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage réseau
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage d'impression
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Modèles
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Mes documents
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Menu Démarrer
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes vidéos
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes images
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Ma musique
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historique
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 ____D C:\Users\DefaultAppPool
2021-11-16 17:16 - 2019-12-07 10:10 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-16 20:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-16 19:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-16 19:44 - 2021-06-24 20:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-16 19:32 - 2018-06-04 16:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-16 19:24 - 2021-06-28 10:54 - 001852202 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-16 19:24 - 2019-12-07 15:49 - 000826662 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-16 19:24 - 2019-12-07 15:49 - 000160376 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-16 19:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-16 19:24 - 2016-03-12 03:26 - 000000000 ____D C:\Program Files\CCleaner
2021-11-16 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-16 19:19 - 2015-12-11 13:32 - 000000000 __SHD C:\Users\Eléa\IntelGraphicsProfiles
2021-11-16 19:16 - 2021-06-28 11:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-16 19:16 - 2021-06-28 10:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-16 19:16 - 2017-08-08 15:31 - 000000000 ____D C:\Program Files (x86)\Opera
2021-11-16 19:16 - 2016-09-29 20:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-16 19:15 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-16 18:46 - 2021-06-28 10:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-16 18:31 - 2020-03-27 17:30 - 000000000 ____D C:\Users\Eléa\AppData\LocalLow\IGDump
2021-11-16 18:30 - 2021-06-29 12:16 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-16 18:30 - 2020-03-27 17:29 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-16 18:28 - 2015-05-24 11:23 - 000000000 ____D C:\Users\Eléa\AppData\Local\CrashDumps
2021-11-16 18:27 - 2020-03-27 16:42 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-16 18:25 - 2020-03-27 17:24 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-16 18:25 - 2015-05-21 11:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-16 18:13 - 2021-06-28 11:12 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1502202723
2021-11-16 18:13 - 2018-03-30 20:55 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-11-16 17:59 - 2014-04-05 00:22 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-16 17:44 - 2021-06-28 11:12 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 17:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-16 17:24 - 2020-03-23 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-11-16 17:20 - 2021-06-28 11:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Fichiers à la racine de certains dossiers ========
2016-04-29 13:02 - 2016-04-29 13:03 - 000007168 _____ () C:\Users\Eléa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-11 15:03 - 2018-09-30 09:23 - 000007599 _____ () C:\Users\Eléa\AppData\Local\resmon.resmoncfg
2015-02-12 23:53 - 2015-02-12 23:53 - 000000000 _____ () C:\Users\Eléa\AppData\Local\{D7491BB5-2313-4273-9555-13F14B55AB87}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Eléa (administrateur) sur ELEY-PC (TOSHIBA SATELLITE L50-A-173) (16-11-2021 19:40:34)
Exécuté depuis C:\Users\Eléa\Desktop
Profils chargés: Eléa
Plate-forme: Microsoft Windows 10 Famille Version 20H2 19042.1052 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\DSDFunctionKeyCtlService.exe <2>
(Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\RMService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dxgiadaptercache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Temp\58E62551-3435-4412-AAF2-034FCB848F6B\DismHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1022_none_7e372e9e7c6ecccb\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\80.0.4170.63\opera_autoupdate.exe <2>
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> ) C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel® Services Manager -> Intel Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35342976 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [114012024 2021-06-22] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Run: [E89342E66DA002D433D97BEF3A737B7A0C2A6924._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8
HKU\S-1-5-21-1703695413-1640498887-1373312417-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpzppw72: C:\Windows\System32\spool\prtprocs\x64\hpzppw72.dll [266336 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG2500 series: C:\WINDOWS\system32\CNMLMBX.DLL [391168 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP AF11 Status Monitor: C:\WINDOWS\system32\hpinkstsAF11LM.dll [329576 2012-04-02] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\PCL hpz3lw72: C:\WINDOWS\system32\hpz3lw72.dll [55392 2017-12-18] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0931F59B-6F50-4122-A6B3-B13AD1E8D130} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe (Pas de fichier)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {13A7E2DA-12D4-4C63-BC43-A2DCEE96F6B1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_pepper.exe [1471032 2020-07-15] (Adobe Inc. -> Adobe)
Task: {18CA94D7-08AA-4703-BB12-4BC90F7DAA14} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Pas de fichier <==== ATTENTION
Task: {1C191F90-C18D-438B-BD9C-C7F5456401F3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {1CBA8C44-1BDC-4DEC-83FC-2CE1365F72C7} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {1D81F062-18C7-4EFC-900B-35BF316BAFEE} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
Task: {266F7D0A-C7FD-4901-9AF9-600989787221} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {2670DEC8-EF4D-4AFB-88D2-54CAF20AC752} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2F5E3A60-591B-4466-9056-D704E22A97C3} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [654440 2013-03-19] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {3077D018-E158-4C3A-8865-2C1ECAE917D7} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (Pas de fichier)
Task: {3FD472D2-444F-4619-BB11-7CE292F7FC0A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {4712d818-f255-4c97-b13a-8abb3c312b55} - pas de chemin du fichier
Task: {50DF27FC-7C26-4EAD-B395-B0149F5B7400} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_403_Plugin.exe [1475640 2020-07-15] (Adobe Inc. -> Adobe)
Task: {5792822D-33EE-427A-8EBE-D7F999602C0C} - \WPD\SqmUpload_S-1-5-21-1703695413-1640498887-1373312417-1002 -> Pas de fichier <==== ATTENTION
Task: {67A05C7A-8987-4CC7-86D2-4841BE62DBC5} - System32\Tasks\CCleanerSkipUAC - Eléa => C:\Program Files\CCleaner\CCleaner.exe [29417088 2021-11-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {72E81325-A795-4166-92CC-A2C6197938EF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {72F097F5-45EA-497B-86FC-6EDABD591E16} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {75AD5C99-98F6-4A22-A99E-8AE74E9AF161} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [477512 2021-05-19] (Microsoft Windows -> Microsoft Corporation)
Task: {79302C10-2E33-4218-99BE-2544152AF457} - System32\Tasks\Opera scheduled Autoupdate 1502202723 => C:\Program Files (x86)\Opera\launcher.exe [46227664 2021-10-20] (Opera Software AS -> Opera Software)
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {804B3023-9549-40E7-B51A-D4ED91722BCF} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {8538FFC6-1AA5-4629-8413-CB8443DE605C} - \WPD\SqmUpload_S-1-5-21-1703695413-1640498887-1373312417-1003 -> Pas de fichier <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {93419372-46F6-4098-9D99-AAD8B95BEA05} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93BE03F1-264B-4653-8E41-7BD129362B33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {99E6376D-A3C4-4819-9673-A9C1181D93F5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {9BA25F63-C6DF-46B6-92E6-ADFAD48D60E0} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {A05B7A51-9DF1-4A3C-BD08-405CCF513604} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {A93759C1-5DBC-47AF-8AEB-3FD7C71B84E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AEC4A1A6-65B9-471F-AFB0-8DBF59C130C6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {b588d5c6-f5b2-4bcd-8cc9-bbfc00293983} - pas de chemin du fichier
Task: {b66bd82e-c750-4b19-ab41-926b2100be17} - pas de chemin du fichier
Task: {BA952631-C866-409D-A45D-0612AFEB3CAD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C85718AC-0745-43E8-9818-58A24F35200D} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-11-12] (Piriform Software Ltd -> Piriform)
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D1F8DBF3-538E-4B33-9260-27BD1A28AFAC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {E0F46E2F-9FA3-46EE-9A77-A475B5EA3818} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {EB624B51-F5F5-493D-9294-9B30AFA67012} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [375416 2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5626369e-de0c-40db-830b-42f7b142dd6c}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Notifications: HKU\S-1-5-21-1703695413-1640498887-1373312417-1002 -> hxxps://web.skype.com
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Eléa\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-16]
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_403.dll [2020-07-15] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-08] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-1703695413-1640498887-1373312417-1002: @zoom.us/ZoomVideoPlugin -> C:\Users\Eléa\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-04-26] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp]
Opera:
=======
OPR Profile: C:\Users\Eléa\AppData\Roaming\Opera Software\Opera Stable [2021-11-16]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Eléa\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-11-16]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Eléa\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-11-16]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S2 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-07-15] (Adobe Inc. -> Adobe)
R2 DSDFunctionKeyCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\DSDFunctionKeyCtlService.exe [625776 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
S3 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] (DTS, Inc. -> )
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7848632 2021-11-16] (Malwarebytes Inc -> Malwarebytes)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [350224 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S2 TSDSettingService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\dynabookSystemService.exe [44773040 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
S2 TSDTabletControlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\TOSTABSYSSVC.exe [296272 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
R2 TSDWirelessLEDCtlService; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\RMService.exe [446248 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210352 2021-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-29] (Malwarebytes Inc -> Malwarebytes)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [561680 2015-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Tempo Semiconductor Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [47816 2020-07-21] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\WINDOWS\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_f06ed65d98eceea8\TosSrvCtlDrv.sys [25584 2021-05-25] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
R0 TVALZ_O; C:\WINDOWS\System32\drivers\TVALZ_O.SYS [46088 2019-04-30] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48520 2021-11-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [435424 2021-11-16] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-16] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-16 19:40 - 2021-11-16 19:55 - 000023790 _____ C:\Users\Eléa\Desktop\FRST.txt
2021-11-16 19:18 - 2021-11-16 19:18 - 000210352 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-11-16 19:06 - 2021-11-16 19:11 - 002311680 _____ (Farbar) C:\Users\Eléa\Desktop\FRST64.exe
2021-11-16 18:55 - 2021-11-16 19:47 - 000000000 ____D C:\FRST
2021-11-16 17:44 - 2021-11-16 17:44 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d76c02e766a14e
2021-11-16 17:36 - 2021-11-16 17:36 - 000000000 ___HD C:\$WinREAgent
2021-11-16 17:20 - 2021-11-16 17:20 - 000002884 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Eléa
2021-11-16 17:16 - 2021-11-16 17:16 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage réseau
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage d'impression
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Modèles
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Mes documents
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Menu Démarrer
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes vidéos
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes images
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Ma musique
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historique
2021-11-16 17:16 - 2021-11-16 17:16 - 000000000 ____D C:\Users\DefaultAppPool
2021-11-16 17:16 - 2019-12-07 10:10 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-11-16 20:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-16 19:56 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-11-16 19:44 - 2021-06-24 20:28 - 000000000 ___DC C:\WINDOWS\Panther
2021-11-16 19:32 - 2018-06-04 16:13 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-11-16 19:24 - 2021-06-28 10:54 - 001852202 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-11-16 19:24 - 2019-12-07 15:49 - 000826662 _____ C:\WINDOWS\system32\perfh00C.dat
2021-11-16 19:24 - 2019-12-07 15:49 - 000160376 _____ C:\WINDOWS\system32\perfc00C.dat
2021-11-16 19:24 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-11-16 19:24 - 2016-03-12 03:26 - 000000000 ____D C:\Program Files\CCleaner
2021-11-16 19:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-11-16 19:19 - 2015-12-11 13:32 - 000000000 __SHD C:\Users\Eléa\IntelGraphicsProfiles
2021-11-16 19:16 - 2021-06-28 11:12 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-11-16 19:16 - 2021-06-28 10:25 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-16 19:16 - 2017-08-08 15:31 - 000000000 ____D C:\Program Files (x86)\Opera
2021-11-16 19:16 - 2016-09-29 20:57 - 000000000 ____D C:\ProgramData\NVIDIA
2021-11-16 19:15 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-11-16 18:46 - 2021-06-28 10:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-11-16 18:31 - 2020-03-27 17:30 - 000000000 ____D C:\Users\Eléa\AppData\LocalLow\IGDump
2021-11-16 18:30 - 2021-06-29 12:16 - 000002044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-11-16 18:30 - 2020-03-27 17:29 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-11-16 18:28 - 2015-05-24 11:23 - 000000000 ____D C:\Users\Eléa\AppData\Local\CrashDumps
2021-11-16 18:27 - 2020-03-27 16:42 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-11-16 18:25 - 2020-03-27 17:24 - 000000000 ____D C:\Program Files\Malwarebytes
2021-11-16 18:25 - 2015-05-21 11:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-11-16 18:13 - 2021-06-28 11:12 - 000003980 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1502202723
2021-11-16 18:13 - 2018-03-30 20:55 - 000001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-11-16 17:59 - 2014-04-05 00:22 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-11-16 17:44 - 2021-06-28 11:12 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-11-16 17:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-11-16 17:24 - 2020-03-23 10:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2021-11-16 17:20 - 2021-06-28 11:12 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Fichiers à la racine de certains dossiers ========
2016-04-29 13:02 - 2016-04-29 13:03 - 000007168 _____ () C:\Users\Eléa\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-11 15:03 - 2018-09-30 09:23 - 000007599 _____ () C:\Users\Eléa\AppData\Local\resmon.resmoncfg
2015-02-12 23:53 - 2015-02-12 23:53 - 000000000 _____ () C:\Users\Eléa\AppData\Local\{D7491BB5-2313-4273-9555-13F14B55AB87}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================