Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2023
Exécuté par Robin (administrateur) sur BABEL (Micro-Star International Co., Ltd. MS-7B79) (28-02-2023 17:56:13)
Exécuté depuis C:\Users\Robin\Desktop
Profils chargés: Robin
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2604 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(A-Volute SAS -> A-Volute) C:\Windows\System32\NhNotifSys.exe
(C:\Users\Robin\AppData\Local\MSoyi2\MSoyi2.exe ->) () [Fichier non signé] C:\Users\Robin\AppData\Local\MSoyi2\vMSoyi2.exe <2>
(DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atieclxx.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\atiesrxx.exe
(services.exe ->) (A-Volute SAS -> Nahimic) C:\Windows\System32\NahimicService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) () [Fichier non signé] C:\Users\Robin\AppData\Local\MSoyi2\MSoyi2.exe
(svchost.exe ->) (Adobe Systems Incorporated) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.23012.167.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [AdobeGCInvoker-1.0] => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe" (Pas de fichier)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5237416 2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [711288 2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-2161814760-1983881949-47704639-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4253032 2023-02-14] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2161814760-1983881949-47704639-1002\...\Run: [Opera GX Stable] => C:\Users\Robin\AppData\Local\Programs\Opera GX\launcher.exe [2571208 2023-02-27] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-2161814760-1983881949-47704639-1002\...\Run: [Opera GX Browser Assistant] => C:\Users\Robin\AppData\Local\Programs\Opera GX\assistant\browser_assistant.exe [3291288 2021-02-01] (Opera Software AS -> Opera Software)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [65496 2021-03-06] (Adobe Inc. -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\110.0.5481.178\Installer\chrmstp.exe [2023-02-28] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {210410A6-6F83-471E-9471-0C8DE7D1A0E9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {253C2D02-3678-4883-959D-2C745B0D763B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27AC6508-E69D-46B9-9E94-F0773F398C8F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-30] (Google LLC -> Google LLC)
Task: {3AC74EA9-5659-430C-9D05-14C12C6BC1B3} - System32\Tasks\Online_KMS_Activation_Script-Renewal => %ProgramData%\Online_KMS_Activation\Activate.cmd Task
Task: {3CE0A926-4B6F-4AF0-8756-8E8D1FDD1AEA} - System32\Tasks\Opera GX scheduled assistant Autoupdate 1663951707 => C:\Users\Robin\AppData\Local\Programs\Opera GX\launcher.exe [2571208 2023-02-27] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Robin\AppData\Local\Programs\Opera GX\assistant" $(Arg0)
Task: {45CDF0A1-1F4C-498A-87A4-25A74D805728} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4B6D8A1F-CF2F-4238-B3FC-8606ECF4D996} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {709DB9F9-C751-4E31-9938-BB581EC4124C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26334600 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {83938AF1-1F94-4212-A09A-FCA7CA8B768E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-18] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8526A7D9-A2D6-46E6-A77A-B3C50216BC29} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A265C31A-1B1A-4D09-AEB2-2048C90FBAF1} - System32\Tasks\CEBilwv1 => C:\Users\Robin\AppData\Local\MSoyi2\MSoyi2.exe [35328000 2022-03-04] () [Fichier non signé]
Task: {B45B656B-E5AE-4751-A3A2-A4EAD498188B} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114624 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {DC9BC298-45AF-4C6E-A7CE-74FC00998B27} - System32\Tasks\CEBilwv3 => C:\Users\Robin\AppData\Local\MSyqk2\MSyqk2.exe [310648 2021-07-01] (Panda-AntiCheat -> ) [Fichier non signé]
Task: {EFB2A8FC-DF94-43EF-89C9-9279D4D94F1F} - System32\Tasks\Opera GX scheduled Autoupdate 1663006633 => C:\Users\Robin\AppData\Local\Programs\Opera GX\launcher.exe [2571208 2023-02-27] (Opera Norway AS -> Opera Software)
Task: {F9FBABA7-2893-4ECA-88AC-9A8BA914D400} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-06-30] (Google LLC -> Google LLC)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{88688a47-2f5f-4563-a594-648a763d9f44}: [DhcpNameServer] 192.168.0.254

Edge: 
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge Profile: C:\Users\Robin\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-27]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2021-03-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\dtplugin\npDeployJava1.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.361.2 -> C:\Program Files\Java\jre1.8.0_361\bin\plugin2\npjp2.dll [2023-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-01] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-03-06] (Adobe Inc. -> Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default [2023-02-28]
CHR StartupUrls: Default -> "hxxp://www.netvibes.com/privatepage/3#Free","hxxps://mail.google.com/mail/?hl=fr&shva=1#inbox","hxxps://olorin.freeboxos.fr:60678/login.php","hxxps://www.qwant.com/"
CHR Extension: (Google Traduction) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-18]
CHR Extension: (uBlock Origin) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-02-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-22]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2021-06-30]
CHR Extension: (Dropbox) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2021-06-30]
CHR Extension: (Into the Storm) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpgabbidopbbiilaipddnilkkndkbcmg [2021-06-30]
CHR Extension: (Evernote Web) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2021-06-30]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-30]
CHR Extension: (Bitwarden - Gestion des mots de passe) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2023-02-21]
CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-28]
CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-02-23]
CHR Notifications: Profile 1 -> hxxps://colab.research.google.com
CHR Extension: (Google Docs hors connexion) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-19]
CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-02-26]
CHR Notifications: Profile 2 -> hxxps://www.yesstyle.com
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-02-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Robin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-04]
CHR Profile: C:\Users\Robin\AppData\Local\Google\Chrome\User Data\System Profile [2023-02-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]

Opera: 
=======
StartMenuInternet: (HKU\S-1-5-21-2161814760-1983881949-47704639-1002) Opera GXStable - "C:\Users\Robin\AppData\Local\Programs\Opera GX\Launcher.exe"

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12554240 2023-02-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NahimicService; C:\Windows\system32\NahimicService.exe [1888424 2021-10-08] (A-Volute SAS -> Nahimic)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-02-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [16518456 2022-12-12] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-18] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-18] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [54720 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0384804.inf_amd64_41ca4ca6939f5e56\B384763\amdkmdag.sys [94459216 2022-10-21] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [65168 2021-08-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R3 Nahimic_Mirroring; C:\Windows\System32\drivers\Nahimic_Mirroring.sys [85616 2021-08-13] (A-Volute -> Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49576 2023-02-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473336 2023-02-18] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-18] (Microsoft Windows -> Microsoft Corporation)
S3 AMDSAFD; \SystemRoot\System32\DriverStore\FileRepository\amdsafd.inf_amd64_50fee1227e96ec14\amdsafd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-02-28 17:56 - 2023-02-28 17:56 - 000019422 _____ C:\Users\Robin\Desktop\FRST.txt
2023-02-28 17:15 - 2023-02-28 17:56 - 000000000 ____D C:\FRST
2023-02-28 17:15 - 2023-02-28 17:15 - 002378752 _____ (Farbar) C:\Users\Robin\Desktop\FRST64.exe
2023-02-27 18:31 - 2023-02-27 18:31 - 000007605 _____ C:\Users\Robin\AppData\Local\Resmon.ResmonCfg
2023-02-27 15:11 - 2023-02-27 15:11 - 000000000 ____D C:\Users\Robin\AppData\Local\DBG
2023-02-27 15:11 - 2023-02-27 15:11 - 000000000 ____D C:\Users\Robin\AppData\Local\CrashReportClient
2023-02-27 15:02 - 2023-02-27 17:11 - 000000000 ____D C:\ProgramData\Hogwarts Legacy
2023-02-27 15:02 - 2023-02-27 15:02 - 000000000 ____D C:\Users\Robin\AppData\Local\Phoenix
2023-02-27 15:02 - 2023-02-27 15:02 - 000000000 ____D C:\Users\Robin\AppData\Local\NVIDIA Corporation
2023-02-27 15:01 - 2023-02-27 15:01 - 000000000 ____D C:\Users\Public\Documents\EMPRESS
2023-02-27 14:57 - 2023-02-27 14:57 - 000000000 ____D C:\Users\Robin\Downloads\py-agua-iot-master
2023-02-27 14:39 - 2023-02-27 14:39 - 000000000 ____D C:\Users\Robin\.ssh
2023-02-27 12:31 - 2023-02-27 12:31 - 000001109 _____ C:\Users\Public\Desktop\Hogwarts Legacy.lnk
2023-02-27 11:15 - 2023-02-27 11:15 - 000020830 _____ C:\Users\Robin\Downloads\py-agua-iot-master.zip
2023-02-21 20:00 - 2023-02-28 17:31 - 000000000 ____D C:\Users\Robin\AppData\Local\LogMeIn Hamachi
2023-02-21 20:00 - 2023-02-21 20:00 - 000000000 ____D C:\Users\Robin\AppData\Local\LogMeIn
2023-02-21 20:00 - 2023-02-21 20:00 - 000000000 ____D C:\ProgramData\LogMeIn
2023-02-21 19:42 - 2023-02-26 17:19 - 000000000 ____D C:\Users\Robin\AppData\Roaming\.minecraft
2023-02-21 19:41 - 2023-02-26 19:53 - 000000000 ____D C:\Users\Robin\AppData\Roaming\.tlauncher
2023-02-21 19:41 - 2023-02-21 19:41 - 000000000 ____D C:\Users\Robin\.tl
2023-02-21 19:41 - 2023-02-21 19:41 - 000000000 ____D C:\ProgramData\Oracle
2023-02-21 19:40 - 2023-02-21 19:40 - 065129096 _____ (Oracle Corporation) C:\Users\Robin\Downloads\jre-8u361-windows-x64.exe
2023-02-21 19:40 - 2023-02-21 19:40 - 000000000 ____D C:\Users\Robin\AppData\Roaming\Sun
2023-02-21 19:40 - 2023-02-21 19:40 - 000000000 ____D C:\Users\Robin\AppData\LocalLow\Sun
2023-02-21 19:40 - 2023-02-21 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2023-02-21 19:40 - 2023-02-21 19:40 - 000000000 ____D C:\Program Files\Java
2023-02-21 19:40 - 2023-01-09 09:10 - 000195232 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2023-02-21 19:40 - 2019-08-28 17:57 - 001086602 _____ () C:\Users\Robin\Desktop\TLauncher-MCL.exe
2023-02-19 16:09 - 2023-02-19 16:09 - 000000000 ___HD C:\$WinREAgent
2023-02-19 13:31 - 2023-02-19 13:31 - 406847488 _____ C:\Users\Robin\Downloads\debian-11.6.0-amd64-netinst.iso
2023-02-12 12:24 - 2023-02-12 12:37 - 000000000 ____D C:\Users\Robin\Downloads\Rufus
2023-02-12 12:23 - 2023-02-12 12:23 - 000000098 _____ C:\Users\Robin\Downloads\rufus.ini
2023-02-12 12:23 - 2023-02-12 12:23 - 000000000 ____D C:\Users\Robin\Documents\Formation
2023-02-12 12:23 - 2023-02-12 12:23 - 000000000 ____D C:\Users\Robin\Documents\charleen
2023-02-12 12:22 - 2023-02-12 12:22 - 001397320 _____ (Akeo Consulting) C:\Users\Robin\Downloads\rufus-3.21p.exe
2023-02-12 12:21 - 2023-02-12 12:21 - 784334848 _____ C:\Users\Robin\Downloads\systemrescue-9.06-amd64.iso
2023-02-11 18:45 - 2023-02-11 18:45 - 000000770 _____ C:\Users\Public\Desktop\Dead Cells.lnk

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-02-28 17:56 - 2021-06-30 20:41 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-28 17:54 - 2022-12-18 11:31 - 000000000 ____D C:\Program Files\TeamViewer
2023-02-28 17:54 - 2021-06-30 21:45 - 000000000 ____D C:\Users\Robin\AppData\Local\MSoyi2
2023-02-28 17:54 - 2021-06-30 21:32 - 000000000 ____D C:\Users\Robin\AppData\Local\MSyqk2
2023-02-28 17:54 - 2020-06-16 06:29 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-28 17:54 - 2020-06-16 06:29 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-28 17:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-28 17:53 - 2022-02-19 16:32 - 000000000 ____D C:\Program Files (x86)\Steam
2023-02-28 17:53 - 2021-06-30 20:42 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-02-28 17:53 - 2021-06-30 20:29 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-02-28 17:53 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2023-02-28 17:34 - 2021-06-30 20:29 - 000000000 ____D C:\Users\Robin\AppData\Local\D3DSCache
2023-02-28 17:30 - 2020-06-16 06:36 - 001767648 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-28 17:30 - 2019-12-07 15:49 - 000789732 _____ C:\Windows\system32\perfh00C.dat
2023-02-28 17:30 - 2019-12-07 15:49 - 000148784 _____ C:\Windows\system32\perfc00C.dat
2023-02-28 17:30 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-02-28 17:24 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-28 17:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-02-28 17:14 - 2020-06-16 06:29 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-02-28 17:06 - 2022-09-12 19:17 - 000004184 _____ C:\Windows\system32\Tasks\Opera GX scheduled Autoupdate 1663006633
2023-02-28 17:06 - 2022-09-12 19:17 - 000001434 _____ C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera GX.lnk
2023-02-28 17:00 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-02-27 23:55 - 2021-06-30 20:19 - 000000000 ____D C:\Users\Robin
2023-02-27 15:11 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\LiveKernelReports
2023-02-27 12:35 - 2020-06-16 06:29 - 000458080 _____ C:\Windows\system32\FNTCACHE.DAT
2023-02-27 12:34 - 2019-12-07 15:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-27 12:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-27 12:32 - 2021-06-30 21:18 - 000000000 ____D C:\ProgramData\Package Cache
2023-02-27 12:31 - 2021-07-01 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mephisto
2023-02-27 11:58 - 2021-07-02 23:07 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-27 11:34 - 2021-07-01 13:20 - 000000000 ____D C:\Users\Robin\AppData\Local\Mephisto
2023-02-25 17:31 - 2022-02-05 12:40 - 000003584 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2161814760-1983881949-47704639-1002
2023-02-25 17:31 - 2021-06-30 20:22 - 000003356 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2161814760-1983881949-47704639-1002
2023-02-25 17:31 - 2021-06-30 20:22 - 000002417 _____ C:\Users\Robin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-02-23 18:00 - 2021-06-30 20:20 - 000000000 ____D C:\Users\Robin\AppData\Local\Packages
2023-02-23 14:35 - 2020-06-16 06:34 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-02-19 16:15 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-19 16:13 - 2020-06-16 06:32 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-19 14:07 - 2021-07-04 15:07 - 000000000 ____D C:\Windows\system32\MRT
2023-02-19 14:04 - 2021-07-04 15:07 - 149955784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-02-18 18:56 - 2020-06-16 06:29 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-02-12 12:37 - 2021-07-26 16:37 - 000000432 __RSH C:\ProgramData\ntuser.pol
2023-02-09 12:52 - 2021-07-02 23:07 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-09 12:52 - 2021-07-02 23:07 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Fichiers à la racine de certains dossiers ========

2021-11-25 20:05 - 2021-11-30 20:32 - 000012288 _____ () C:\Users\Robin\AppData\Roaming\emp.bin
2021-06-30 20:54 - 2021-06-30 20:54 - 000000410 _____ () C:\Users\Robin\AppData\Local\oobelibMkey.log
2021-09-19 16:17 - 2021-09-19 16:17 - 000005972 _____ () C:\Users\Robin\AppData\Local\recently-used.xbel
2023-02-27 18:31 - 2023-02-27 18:31 - 000007605 _____ () C:\Users\Robin\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================