Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-02-2021
Exécuté par florence CANDALH (administrateur) sur PC-CANDALH (LENOVO 10117) (14-02-2021 08:04:57)
Exécuté depuis C:\Users\florence CANDALH\Downloads
Profils chargés: florence CANDALH & stéphane
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Windows\jmesoft\Service.exe
() [Fichier non signé] C:\Windows\SysWOW64\UMonit64.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [Fichier non signé] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
(EnigmaSoft Limited -> EnigmaSoft Limited) C:\Program Files\EnigmaSoft\SpyHunter\SpyHunter5.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Lenovo -> ) C:\Program Files\Lenovo\LVT\LVT.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\4.0.110.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\McCBEntAndInstru.exe <4>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\CommonBuild\x6427F1.tmp <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McU3394.tmp <3>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe <5>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_12\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MAT\McPvTray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MPF\MpfAlert.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MQS\QcShm.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.13628.20380\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <9>
(pdfforge GmbH -> pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\ws.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(ScreenConnect Software -> ) C:\Users\florence CANDALH\AppData\Local\Apps\2.0\EYQMGLP2.PTH\019PW7D8.JTJ\scre..tion_2c2536e5112611c9_0006.0003_0b83a72f5177450e\ScreenConnect.ClientService.exe
(ScreenConnect Software -> ScreenConnect Software) C:\Users\florence CANDALH\AppData\Local\Apps\2.0\EYQMGLP2.PTH\019PW7D8.JTJ\scre..tion_2c2536e5112611c9_0006.0003_0b83a72f5177450e\ScreenConnect.WindowsClient.exe
Impossible d'accéder au processus -> AnyDesk.exe
Impossible d'accéder au processus -> AnyDesk.exe
Impossible d'accéder au processus -> AnyDesk.exe
Impossible d'accéder au processus -> AnyDesk.exe
Impossible d'accéder au processus -> firefox.exe
Impossible d'accéder au processus -> livecomm.exe
Impossible d'accéder au processus -> McUICnt.exe
Impossible d'accéder au processus -> SpyHunter5.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-11-12] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [116960 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-01] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo) [Fichier non signé]
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] () [Fichier non signé]
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo (Beijing) Limited -> Lenovo)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [ContentTransferWMDetector.exe] => C:\Program Files (x86)\Sony\Content Transfer\ContentTransferWMDetector.exe [583016 2009-11-19] (Sony Corporation -> Sony Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\...\Run: [com.squirrel.Teams.Teams] => C:\Users\florence CANDALH\AppData\Local\Microsoft\Teams\Update.exe [2452664 2020-12-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\...\Run: [PCPrivacyShield2018] => "C:\Program Files (x86)\PC Privacy Shield 2018\PCPrivacyShield2018.exe" minimized
HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\...\RunOnce: [Application Restart #0] => C:\Users\florence CANDALH\AppData\Local\Pokki\Engine\HostAppService.exe [7794504 2014-11-14] (Pokki -> Pokki)
HKU\S-1-5-21-3451928539-3764313262-2575019290-1002\...\MountPoints2: {21d3a799-2d30-11e4-825e-c03fd5934560} - "E:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [30870200 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\...\Run: [com.squirrel.Teams.Teams] => C:\Users\stéphane\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-22] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\...\RunOnce: [Application Restart #0] => C:\Users\stéphane\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable- (l'élément de données a 555 caractères en plus).
HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\...\MountPoints2: {21d3a799-2d30-11e4-825e-c03fd5934560} - "E:\WD SmartWare.exe" autoplay=true
HKLM\...\Windows x64\Print Processors\Canon MG5600 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCA.DLL [30208 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Epson Inkjet: C:\Windows\System32\spool\prtprocs\x64\EP0NPP01.DLL [38912 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series: C:\WINDOWS\system32\CNMLMCA.DLL [406016 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5600 series XPS: C:\WINDOWS\system32\CNMXLMCA.DLL [408576 2014-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-03-17] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\Epson Inbox Language Monitor01: C:\WINDOWS\system32\EP0SLM01.DLL [77824 2011-08-30] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [110264 2014-04-25] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-10] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-02-02] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FamilySafetyGuide.lnk [2014-06-05]
ShortcutTarget: FamilySafetyGuide.lnk -> C:\Program Files\Lenovo\LenovoFamilySecurity\LenovoFamilySecurity.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-27]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey FF RunOnce.lnk [2015-03-28]
ShortcutTarget: Install SafeKey FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee, Inc. -> McAfee)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install SafeKey IE RunOnce.lnk [2015-03-28]
ShortcutTarget: Install SafeKey IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (McAfee, Inc. -> McAfee)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0A22AA6A-CAFE-4F93-B38E-5C0565CFA53A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-09-22] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {0BC8D5A3-3950-485B-944D-4C621C7FD6B8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {14B41EB2-15E8-4A2F-BA9C-4512DA780C79} - System32\Tasks\UMonitor Task => C:\WINDOWS\SysWOW64\UMonit64.exe [53248 2013-10-25] () [Fichier non signé]
Task: {2C9FC04E-558F-43A1-836F-AFEFCC21728A} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [738272 2021-01-14] (McAfee, LLC -> McAfee, LLC)
Task: {32F1CA0F-4EF3-4519-B780-4F2FAC0B1DEC} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1360336 2015-03-09] (LENOVO -> Lenovo)
Task: {3313F3AF-A4BC-43B7-9115-11955BC1F7A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {382671EA-90D1-4A0D-A2EF-EB5328252A20} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26896568 2020-12-08] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3A9A3415-4C3E-495D-A852-02A171DC8D80} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [269872 2015-03-09] (LENOVO -> Lenovo)
Task: {47FDC00B-83AB-45FE-8F96-10C9A5FD8ABF} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [148432 2015-03-09] (LENOVO -> )
Task: {4E139472-5197-45F0-A5CB-C46C19015E0A} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3451928539-3764313262-2575019290-1002 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-29] (Microsoft Windows -> Microsoft)
Task: {5B8155A8-0891-406A-9384-4312DE16B043} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
Task: {649B0706-4229-4B70-ACA8-98EBDA097FAA} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [70496 2014-01-30] (Symantec Corporation -> Symantec Corporation)
Task: {70C8B23F-4C58-42FF-9642-C289CB7A10BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EFA4230-2B7E-4EE2-8132-B09DE000DDDB} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\SymErr.exe [70496 2014-01-30] (Symantec Corporation -> Symantec Corporation)
Task: {83D53BE5-6CE4-4D84-BD0F-6DCCB1B5A80C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {861972AE-BB51-48EE-B5B2-4C7B448924D9} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {98F43264-4C43-4E77-BAF2-FD89A221F769} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [677344 2021-02-10] (Mozilla Corporation -> Mozilla Foundation)
Task: {99F00444-B10A-4D1A-83D5-AA0FB1C1844B} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [269872 2015-03-09] (LENOVO -> Lenovo)
Task: {9BEBFEA9-455B-4770-A8E4-12DE45F54BAE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9C326C32-D8A4-4CC5-8A7B-558DD0599502} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {9CB7A8B8-C9F4-4CA7-9BEF-25793A8C9736} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115056 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DC6E8C1-37EE-491D-8C8D-FEBFA3ABCCC4} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16336 2015-03-09] (LENOVO -> Lenovo)
Task: {ACDCC5C6-5C60-4B5B-804B-1D14FFD73E5B} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {BBC9F0A0-988D-4F73-AE2F-F70A3BC30F99} - System32\Tasks\{50B494A6-24BC-4138-A0DB-F8A586A720BF} => C:\WINDOWS\system32\pcalua.exe -a C:\VueScan\vuescan.exe -c /remove
Task: {BCAA244C-CB81-45F7-8795-3FE160626C50} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [269872 2015-03-09] (LENOVO -> Lenovo)
Task: {BE15F7DD-2865-4E76-B74F-F466F0C2C369} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1741416 2021-02-13] (Avast Software s.r.o. -> Avast Software)
Task: {C0390F03-E143-4B0A-BC7B-7FE186152B9A} - System32\Tasks\SweetLabs App Platform => C:\Users\florence CANDALH\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" a été déverrouillé. <==== ATTENTION
Task: {C784D625-C2FF-46C1-8AE8-0C77A1ACC97C} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993360 2021-01-20] (McAfee, LLC -> McAfee, LLC)
Task: {CC16DC5A-A619-46E4-A8ED-6943D531C624} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {CE0AE17B-F597-4C7B-8DCC-6CB48374D518} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-01-07] (McAfee, Inc. -> McAfee, LLC.)
Task: {D5C1B8A1-3298-484B-BC8C-FF6A50EB5D32} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {D87EC5E2-462F-423C-800E-27523D26B845} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3451928539-3764313262-2575019290-1003 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-29] (Microsoft Windows -> Microsoft)
Task: {DB2CA903-6A84-4A8B-A847-A9EE48CA2917} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-31] (Google Inc -> Google Inc.)
Task: {E812B957-9067-4B51-BC3A-04709E3D9353} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [3993520 2021-02-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {E831BA33-7D4A-48F4-9407-FE0908B9548E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [148432 2015-03-09] (LENOVO -> )
Task: {EDEF09E4-396B-4E69-B543-E57A43191F9D} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4054696 2021-01-18] (McAfee, LLC -> McAfee, LLC)
Task: {F5AA30AE-8ADB-43C8-9609-3D497E3C4C4E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [993360 2021-01-20] (McAfee, LLC -> McAfee, LLC)
Task: {FE8AF4DE-9947-404C-8A9C-BC84EFBF36D7} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [1706296 2013-11-21] (Maxthon (Asia) Limited. -> Maxthon International ltd.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyEnable: [.DEFAULT] => Proxy est activé.
ProxyServer: [.DEFAULT] => http=127.0.0.1:51290;https=127.0.0.1:51290
ProxyServer: [S-1-5-21-3451928539-3764313262-2575019290-1006] => http=127.0.0.1:51290;https=127.0.0.1:51290
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6BF4FDF0-1D77-4E80-9C15-6A57F35A1A43}: [DhcpNameServer] 192.168.1.254

Edge:
=======
Edge Profile: C:\Users\florence CANDALH\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-13]

FireFox:
========
FF DefaultProfile: 76bm5ttc.default-1463257606067-1613283696827
FF ProfilePath: C:\Users\florence CANDALH\AppData\Roaming\Mozilla\Firefox\Profiles\nvf5w0zh.default-release [2021-02-13]
FF ProfilePath: C:\Users\florence CANDALH\AppData\Roaming\Mozilla\Firefox\Profiles\76bm5ttc.default-1463257606067-1613283696827 [2021-02-14]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\florence CANDALH\AppData\Roaming\Mozilla\Firefox\Profiles\76bm5ttc.default-1463257606067-1613283696827\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-02-14]
FF Extension: (Reset Search Defaults) - C:\Users\florence CANDALH\AppData\Roaming\Mozilla\Firefox\Profiles\76bm5ttc.default-1463257606067-1613283696827\features\{a84e1384-0175-4da7-81d5-15ccaef2cd9c}\reset-search-defaults@mozilla.com.xpi [2021-02-14]
FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.6.15\coFFPlgn
FF Extension: (Pas de nom) - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.6.15\coFFPlgn [2016-09-26] [non signé]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2021-02-12] [] [non signé]
FF HKU\S-1-5-21-3451928539-3764313262-2575019290-1003\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi => non trouvé(e)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-10] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2021-01-20] (McAfee, LLC -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-03-12] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2021-01-20] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH -> pdfforge GmbH)

Chrome:
=======
CHR Profile: C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default [2021-02-14]
CHR DefaultSearchURL: Default -> hxxps://fr.search.yahoo.com/search?fr=mcafee&type=E211FR714G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://fr.search.yahoo.com/sugg/gossip/gossip-fr-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Docs) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-03]
CHR Extension: (Google Drive) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-02]
CHR Extension: (YouTube) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-03]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-02-13]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2021-02-13]
CHR Extension: (Google Docs hors connexion) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-01-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-13]
CHR Extension: (Norton Security Toolbar) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2018-05-31]
CHR Extension: (Gmail) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-02]
CHR Extension: (Chrome Media Router) - C:\Users\florence CANDALH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-13]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx <non trouvé(e)>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif]
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\Exts\Chrome.crx <non trouvé(e)>

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 0049601613155445mcinstcleanup; C:\ProgramData\McInstTemp0049601613155445\McInst.exe [864720 2021-01-14] (McAfee, LLC -> McAfee, LLC)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-01] (Advanced Micro Devices, Inc.) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7878680 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621608 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1301136 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [352480 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-03] (Microsoft Corporation -> Microsoft Corporation)
R2 EsgShKernel; C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe [12887096 2021-02-13] (EnigmaSoft Limited -> EnigmaSoft Limited)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () [Fichier non signé]
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [272440 2015-03-09] (LENOVO -> Lenovo)
S3 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1871784 2015-08-21] (Maxthon (Asia) Limited. -> Maxthon)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [959752 2021-02-12] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_12\McApExe.exe [779080 2021-01-15] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\4.0.110.0\\McCSPServiceHost.exe [2784672 2021-01-06] (McAfee, LLC -> McAfee, LLC)
S3 McSecDashboardService; C:\Program Files\McAfeeDashboard\McSecDashboardService.exe [1295000 2020-07-27] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [645736 2020-12-10] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1627680 2021-01-20] (McAfee, LLC -> McAfee, LLC)
S3 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [131144 2015-03-05] (Symantec Corporation -> Symantec Corporation)
R3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH -> pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH -> pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4240160 2021-01-08] (McAfee, LLC -> McAfee, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] (CyberLink -> )
R3 ScreenConnect Client (ed8c37f1-3f45-44c7-a57c-fbe9669527ec); C:\Users\florence CANDALH\AppData\Local\Apps\2.0\EYQMGLP2.PTH\019PW7D8.JTJ\scre..tion_2c2536e5112611c9_0006.0003_0b83a72f5177450e\ScreenConnect.ClientService.exe [90768 2021-02-13] (ScreenConnect Software -> )
R2 ShMonitor; C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe [526904 2021-02-13] (EnigmaSoft Limited -> EnigmaSoft Limited)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175240 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
S0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [466224 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-13] (Avast Software s.r.o. -> AVAST Software)
S1 ccSet_NST; C:\WINDOWS\system32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation -> Symantec Corporation)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75712 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R3 EnigmaFileMonDriver; C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys [76744 2021-02-13] (EnigmaSoft Limited -> EnigmaSoft Limited)
R3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [103656 2013-10-21] (Genesys Logic,INC. -> GenesysLogic)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [89112 2021-01-18] (McAfee, LLC -> McAfee, LLC)
S3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [544704 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
U3 mfeaack01; pas de ImagePath
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [385984 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
U3 mfeavfk01; pas de ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85944 2020-12-11] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [522176 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1027520 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
U3 mfehidk01; pas de ImagePath
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [608192 2020-12-17] (McAfee, Inc. -> McAfee LLC.)
U3 mfencbdc01; pas de ImagePath
U3 mfencbdc02; pas de ImagePath
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107968 2020-12-17] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116672 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252352 2020-12-11] (McAfee, Inc. -> McAfee, LLC)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
U1 aswbdisk; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-02-14 08:04 - 2021-02-14 08:10 - 000038209 _____ C:\Users\florence CANDALH\Downloads\FRST.txt
2021-02-14 08:03 - 2021-02-14 08:07 - 000000000 ____D C:\FRST
2021-02-14 08:01 - 2021-02-14 08:01 - 002297344 _____ (Farbar) C:\Users\florence CANDALH\Downloads\FRST64.exe
2021-02-14 07:44 - 2021-02-14 07:44 - 000000000 ____D C:\Program Files\Malwarebytes
2021-02-14 07:43 - 2021-02-14 07:43 - 002086424 _____ (Malwarebytes) C:\Users\florence CANDALH\Downloads\MBSetup.exe
2021-02-14 07:21 - 2021-02-14 07:21 - 000000000 ____D C:\Users\florence CANDALH\Desktop\Anciennes données de Firefox
2021-02-13 21:18 - 2021-02-13 21:18 - 000076744 _____ (EnigmaSoft Limited) C:\WINDOWS\system32\Drivers\EnigmaFileMonDriver.sys
2021-02-13 21:18 - 2021-02-13 21:18 - 000001037 _____ C:\Users\Public\Desktop\SpyHunter5.lnk
2021-02-13 21:18 - 2021-02-13 21:18 - 000001037 _____ C:\ProgramData\Desktop\SpyHunter5.lnk
2021-02-13 21:18 - 2021-02-13 21:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2021-02-13 21:18 - 2021-02-13 21:18 - 000000000 ____D C:\ProgramData\EnigmaSoft Limited
2021-02-13 21:17 - 2021-02-13 21:18 - 000000000 ____D C:\sh5ldr
2021-02-13 21:13 - 2021-02-13 21:13 - 000000000 ____D C:\Program Files\EnigmaSoft
2021-02-13 21:12 - 2021-02-13 21:12 - 006565432 _____ (EnigmaSoft Limited) C:\Users\florence CANDALH\Downloads\SpyHunter-5.10-15-7042-Installer.exe
2021-02-13 18:40 - 2021-02-13 18:40 - 000496211 _____ C:\Users\florence CANDALH\Downloads\CANDALH Florence.docx-1.pdf
2021-02-13 13:39 - 2021-02-13 13:39 - 000002030 _____ C:\Users\Public\Desktop\Avast Premium Sécurité.lnk
2021-02-13 13:39 - 2021-02-13 13:39 - 000002030 _____ C:\ProgramData\Desktop\Avast Premium Sécurité.lnk
2021-02-13 13:38 - 2021-02-13 13:25 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-13 13:31 - 2021-02-13 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-02-13 13:31 - 2021-02-13 13:31 - 000000000 ____D C:\Users\florence CANDALH\AppData\Roaming\Avast Software
2021-02-13 13:30 - 2021-02-13 13:30 - 000000000 ____D C:\Users\florence CANDALH\Documents\support tech 0184145275
2021-02-13 13:26 - 2021-02-14 06:43 - 000004168 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-13 13:26 - 2021-02-13 13:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-13 13:25 - 2021-02-13 13:25 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000466224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000175240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-13 13:25 - 2021-02-13 13:25 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2755d0eaef6f8a0c.tmp
2021-02-13 13:25 - 2021-02-13 13:25 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-02-13 13:22 - 2021-02-13 13:22 - 000000000 ____D C:\Program Files\Avast Software
2021-02-13 13:17 - 2021-02-13 13:31 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-13 12:14 - 2021-02-13 12:14 - 000000000 ____D C:\Users\florence CANDALH\AppData\Roaming\PC Privacy Shield 2018
2021-02-13 12:13 - 2021-02-13 12:14 - 007964944 _____ (ShieldApps) C:\Users\florence CANDALH\Downloads\pc-privacy-shield_3.6.exe
2021-02-13 12:12 - 2021-02-14 07:47 - 000000000 ____D C:\ProgramData\scre..tion_2c2536e5112611c9_0006.0003_0b83a72f5177450e
2021-02-13 12:11 - 2021-02-13 12:12 - 000000000 ____D C:\Users\florence CANDALH\AppData\Local\Deployment
2021-02-13 12:11 - 2021-02-13 12:11 - 000000000 ____D C:\Users\florence CANDALH\AppData\Local\Apps\2.0
2021-02-13 12:10 - 2021-02-13 12:11 - 000086672 _____ C:\Users\florence CANDALH\Downloads\ConnectWiseControl.Client.exe
2021-02-13 12:06 - 2021-02-13 12:10 - 000000000 ____D C:\Users\florence CANDALH\AppData\Roaming\AnyDesk
2021-02-13 12:05 - 2021-02-13 12:05 - 003720416 _____ (philandro Software GmbH) C:\Users\florence CANDALH\Downloads\AnyDesk.exe
2021-02-12 19:44 - 2021-02-12 19:44 - 000000000 ____D C:\ProgramData\McInstTemp0049601613155445
2021-02-12 19:41 - 2021-02-12 19:43 - 000000000 ____D C:\ProgramData\McInstTemp0045061613155306
2021-02-12 18:36 - 2021-02-13 11:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2021-02-10 12:36 - 2021-01-12 07:07 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-10 12:36 - 2021-01-12 06:46 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-02-10 12:36 - 2021-01-12 06:44 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-10 12:36 - 2021-01-12 06:31 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-02-10 08:44 - 2021-02-10 08:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-10 08:37 - 2021-02-10 12:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-07 12:10 - 2021-02-07 12:11 - 000038178 _____ C:\Users\florence CANDALH\Downloads\Facture FCLORI047455-2.pdf
2021-01-31 16:38 - 2021-01-31 16:38 - 001504312 _____ (Adobe) C:\Users\florence CANDALH\Downloads\uninstall_flash_player.exe
2021-01-16 18:56 - 2021-01-16 18:56 - 000075830 _____ C:\Users\florence CANDALH\Downloads\Attestation de loyer et de résidence en foyer.pdf
2021-01-16 11:09 - 2021-01-16 11:09 - 000058961 _____ C:\Users\florence CANDALH\Downloads\31-12-2020-justificatif-de-deplacement-professionnel-couvre-feu-pdf.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-02-14 07:36 - 2014-08-25 14:52 - 000003988 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{7120CC6E-E613-4271-A999-03668028A3B4}
2021-02-14 07:34 - 2014-08-26 19:22 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-14 07:33 - 2016-11-20 11:13 - 000000000 ____D C:\Users\florence CANDALH\AppData\LocalLow\Mozilla
2021-02-14 07:33 - 2016-09-27 16:35 - 000000000 ____D C:\Users\florence CANDALH\AppData\Local\ClassicShell
2021-02-14 07:00 - 2014-08-25 14:53 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3451928539-3764313262-2575019290-1002
2021-02-13 23:50 - 2019-12-06 21:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-02-13 23:49 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf
2021-02-13 22:59 - 2020-12-07 19:13 - 000082432 ___SH C:\Users\florence CANDALH\Desktop\Thumbs.db
2021-02-13 22:51 - 2014-06-05 10:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-02-13 22:27 - 2014-12-12 07:16 - 000000000 ____D C:\Users\florence CANDALH\AppData\Local\CrashDumps
2021-02-13 22:26 - 2016-09-27 16:37 - 000000000 ____D C:\Program Files\CCleaner
2021-02-13 19:15 - 2013-08-22 14:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2021-02-13 14:16 - 2016-09-27 16:37 - 000002816 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-02-13 11:43 - 2014-08-26 19:22 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-02-13 11:43 - 2014-08-26 19:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-02-13 11:12 - 2014-08-25 15:12 - 000000000 ___DO C:\Users\florence CANDALH\SkyDrive
2021-02-13 11:11 - 2020-12-17 20:01 - 000000000 __RSD C:\Users\florence CANDALH\Documents\Coffres-forts McAfee
2021-02-12 19:46 - 2015-03-28 18:29 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-02-12 19:45 - 2019-12-06 21:42 - 000003296 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2021-02-12 19:43 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-12 19:23 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache
2021-02-12 17:40 - 2016-11-20 13:38 - 000000000 ____D C:\Users\stéphane\AppData\LocalLow\Mozilla
2021-02-12 17:40 - 2016-09-29 18:01 - 000000000 ____D C:\Users\stéphane\AppData\Local\ClassicShell
2021-02-12 17:03 - 2014-08-26 17:36 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3451928539-3764313262-2575019290-1003
2021-02-12 17:01 - 2014-08-26 17:37 - 000003956 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{EF8B7530-6A48-4F83-B7E0-A266C8F63C93}
2021-02-12 16:58 - 2020-12-16 18:32 - 000000000 __RSD C:\Users\stéphane\Documents\Coffres-forts McAfee
2021-02-12 16:58 - 2014-08-26 17:33 - 000000000 __RDO C:\Users\stéphane\SkyDrive
2021-02-12 09:26 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-11 18:30 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-11 18:25 - 2014-06-05 10:32 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-11 17:15 - 2015-02-13 17:22 - 000000000 ____D C:\Users\stéphane\AppData\Local\CrashDumps
2021-02-10 18:15 - 2014-12-25 17:30 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-10 18:14 - 2017-04-15 16:03 - 000002090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-02-10 17:53 - 2014-08-26 16:17 - 000000000 ____D C:\Users\stéphane
2021-02-10 17:53 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-10 17:49 - 2013-08-22 16:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-02-10 17:49 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-10 17:49 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-10 12:43 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-10 09:00 - 2013-08-22 14:25 - 001048576 ___SH C:\WINDOWS\system32\config\BBI
2021-02-10 08:58 - 2014-08-28 09:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-10 08:53 - 2014-08-28 09:04 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-10 08:43 - 2014-12-12 20:52 - 000000959 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-05 18:34 - 2018-05-31 17:56 - 000003502 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 18:34 - 2018-05-31 17:56 - 000003374 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-04 20:08 - 2014-08-25 20:47 - 000000000 ____D C:\Users\florence CANDALH
2021-01-31 16:42 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2021-01-31 16:42 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2021-01-31 16:39 - 2015-07-12 19:47 - 000000000 ____D C:\Users\Raphaël\AppData\Roaming\Adobe
2021-01-28 20:32 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2021-01-18 02:58 - 2020-12-16 16:46 - 000089112 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\McPvDrv.sys
2021-01-16 19:03 - 2018-04-08 17:35 - 000257024 ___SH C:\Users\florence CANDALH\Documents\Thumbs.db

==================== Fichiers à la racine de certains dossiers ========

2015-03-28 19:27 - 2015-03-28 19:27 - 032372200 _____ (McAfee) C:\Program Files (x86)\Common Files\lpuninstall.exe
2016-09-25 08:20 - 2020-09-27 20:34 - 000007598 _____ () C:\Users\florence CANDALH\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2021-02-12 18:41
==================== Fin de FRST.txt ========================