Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2021 01
Exécuté par cdaub (administrateur) sur LAPTOP-NMB6SND4 (HP HP Pavilion Laptop 14-ce0xxx) (01-06-2021 00:08:15)
Exécuté depuis C:\Users\cdaub\Desktop
Profils chargés: cdaub
Platform: Windows 10 Home Version 20H2 19042.985 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Firebit OU -> Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_e0cb3d04adc61069\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_e0cb3d04adc61069\x64\TouchpointGpuInfo.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\BridgeCommunication.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.10.1627.0_x64__v10z8vjag6ke6\HP.JumpStarts.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\GfxDownloadWrapper.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_618947f7f882ca01\IntelCpHeciSvc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\OobeHook.exe
(McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_19_7\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.2.117.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.13426.20920.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe
(Piriform Software Ltd -> Piriform) C:\Program Files\CCleaner\CCUpdate.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [TeamsMachineUninstallerLocalAppData] => C:\Users\cdaub\AppData\Local\Microsoft\Teams\Update.exe [2454184 2021-05-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1568788971-1803981128-75823642-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [528392 2020-09-28] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1568788971-1803981128-75823642-1001\...\Run: [Discord] => C:\Users\cdaub\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-1568788971-1803981128-75823642-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3411232 2020-12-21] (Valve -> Valve Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\90.0.4430.212\Installer\chrmstp.exe [2021-05-16] (Google LLC -> Google LLC)
Startup: C:\Users\cdaub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2020-08-09]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Firebit OU -> Rainmeter)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0358CEFC-43F5-41DE-B064-6AE325069960} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {05543831-500D-4281-AAC9-E4B47A35ED25} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {243C4DAC-2FE4-484B-B0A0-B9764B91E7BE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [555640 2021-05-01] (HP Inc. -> HP Inc.)
Task: {2BCA3BEE-6842-47DE-92E5-073F3500F167} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\windows\explorer.exe /NOUACCHECK
Task: {32491DF1-E894-4964-9F99-63347ABCD297} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137264 2021-05-24] (HP Inc. -> HP Inc.)
Task: {3C284543-4D26-4C0B-9B93-66640BA6FCA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136304 2021-05-24] (HP Inc. -> HP Inc.)
Task: {40C077E6-DFE5-4176-A137-FD193A2C8DA8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4AB0513F-62DA-44D9-9949-24C063CA83BB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1137264 2021-05-24] (HP Inc. -> HP Inc.)
Task: {61E67561-4576-4627-A7DD-5FD3B00DD85C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-05-20] (Piriform Software Ltd -> Piriform)
Task: {73C4FC77-D3BE-410D-BEEC-9A6AE998BC19} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88E4981D-3586-4E88-9DBB-165E29046AB0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-24] (Google Inc -> Google LLC)
Task: {8B53C9CB-503C-4FF6-BC8A-23C9BE11E311} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A139D591-1DCA-41BE-9712-A976CACBBDC9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MpCmdRun.exe [595288 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A1731502-D094-490A-94DD-A01B91DE3175} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28158080 2021-05-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A8A9270C-4BCA-40AC-A2FD-D5928811465B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-24] (Google Inc -> Google LLC)
Task: {BF02C1C1-AFD1-458C-AC98-C485A176ED1B} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice
Task: {C9CC5506-0AFF-491B-8D36-69BAD79FD48C} - System32\Tasks\RtkAudUService64_BG => C:\windows\system32\RtkAudUService64.exe [868128 2019-04-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5a139362-3b56-4b2b-94ca-ac0b2f97113d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{f8087e1e-7564-4f89-8d0c-a10b6d44e1a8}: [DhcpNameServer] 192.168.0.201 192.168.0.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\cdaub\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-01]

FireFox:
========
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1568788971-1803981128-75823642-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\cdaub\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2020-05-12] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FF Plugin HKU\S-1-5-21-1568788971-1803981128-75823642-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\cdaub\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-1568788971-1803981128-75823642-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\cdaub\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default [2021-06-01]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Extension: (Google Traduction) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-24]
CHR Extension: (Slides) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-24]
CHR Extension: (Docs) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-24]
CHR Extension: (Google Drive) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-24]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-05-25]
CHR Extension: (Galaxy-View) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2019-09-24]
CHR Extension: (Dashlane - Gestionnaire de mots de passe) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdjamakpfbbddfjaooikfcpapjohcfmg [2021-05-30]
CHR Extension: (Sheets) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-25]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-05-01]
CHR Extension: (Grammarly for Chrome) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-05-25]
CHR Extension: (IGRAAL - Cashback & codes promo) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2021-05-25]
CHR Extension: (Little Alchemy) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2019-09-24]
CHR Extension: (Boomerang for Gmail) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2019-09-24]
CHR Extension: (Consent-O-Matic) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdjildafknihdffpkfmmpnpoiajfjnjd [2021-05-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-31]
CHR Extension: (Smallpdf - Éditez et convertissez des PDF) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfgljdgelakfkefopgklcohadegdpjf [2021-02-09]
CHR Extension: (Gmail) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Extension: (Chrome Media Router) - C:\Users\cdaub\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-27]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S2 AppServicea; C:\WINDOWS\system32\ZSRWCR5193.tmp [6144 2021-06-01] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceb; C:\WINDOWS\system32\ZSRWCR5193.tmp [6144 2021-06-01] (Microsoft Corporation) [Fichier non signé]
S2 AppServicec; C:\WINDOWS\system32\ZSRWCR5193.tmp [6144 2021-06-01] (Microsoft Corporation) [Fichier non signé]
S2 AppServiced; C:\WINDOWS\system32\ZSRWCR5193.tmp [6144 2021-06-01] (Microsoft Corporation) [Fichier non signé]
S2 AppServicee; C:\WINDOWS\system32\ZSRWCR5193.tmp [6144 2021-06-01] (Microsoft Corporation) [Fichier non signé]
S2 AppServicef; C:\WINDOWS\system32\ZSRWCR5193.tmp [6144 2021-06-01] (Microsoft Corporation) [Fichier non signé]
S2 AppServiceh; C:\WINDOWS\system32\ZSRWCR5193.tmp [6144 2021-06-01] (Microsoft Corporation) [Fichier non signé]
S3 Dashlane Vpn Service; C:\Program Files (x86)\Dashlane\VPN\Service\VpnService.exe [3403264 2020-09-08] (Dashlane USA, Inc. -> AnchorFree Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\AppHelperCap.exe [733208 2021-04-20] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\DiagsCap.exe [731160 2021-04-20] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\NetworkCap.exe [731160 2021-04-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_bfd9ce614b7974c4\x64\SysInfoCap.exe [732184 2021-04-20] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_e0cb3d04adc61069\x64\TouchpointAnalyticsClientService.exe [489528 2021-04-21] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-05-20] (Malwarebytes Inc -> Malwarebytes)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_19_7\McApExe.exe [747896 2019-09-17] (McAfee, LLC. -> McAfee, LLC)
S3 McAWFwk; c:\program files\common files\McAfee\ActWiz\McAWFwk.exe [458688 2018-11-14] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.2.117.0\\McCSPServiceHost.exe [2226608 2019-10-22] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1731480 2019-10-21] (McAfee, LLC -> McAfee, LLC.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1367040 2019-09-19] (McAfee, LLC. -> McAfee, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\NisSrv.exe [2599328 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1548592 2019-09-23] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2104.14-0\MsMpEng.exe [128376 2021-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2020-02-19] (AnchorFree Inc -> The OpenVPN Project)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108480 2019-02-26] (Alcorlink Corp. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75696 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-05-30] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-11-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-05-31] (Malwarebytes Inc -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2019-08-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S3 TIEHDUSB; C:\WINDOWS\System32\drivers\tiehdusb.sys [128512 2012-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [421112 2021-05-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [73960 2021-05-17] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-01 00:08 - 2021-06-01 00:09 - 000023704 _____ C:\Users\cdaub\Desktop\FRST.txt
2021-06-01 00:07 - 2021-06-01 00:07 - 000001740 _____ C:\Users\cdaub\Desktop\RapportMBAM.txt
2021-06-01 00:01 - 2021-06-01 00:01 - 024379392 _____ C:\WINDOWS\system32\config\SYSTEM
2021-05-31 21:50 - 2021-05-31 21:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-05-31 19:36 - 2021-06-01 00:08 - 000000000 ____D C:\FRST
2021-05-31 19:35 - 2021-05-31 19:34 - 002299904 _____ (Farbar) C:\Users\cdaub\Desktop\FRST64.exe
2021-05-30 17:37 - 2021-05-30 17:37 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-05-30 17:08 - 2021-05-30 17:08 - 000152568 _____ C:\Users\cdaub\Desktop\cc_20210530_170804.reg
2021-05-30 17:05 - 2021-06-01 00:09 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-05-30 17:05 - 2021-06-01 00:00 - 000000000 ____D C:\Program Files\CCleaner
2021-05-30 17:05 - 2021-05-30 17:05 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-05-30 17:05 - 2021-05-30 17:05 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-05-30 17:05 - 2021-05-30 17:05 - 000000000 ____D C:\Users\cdaub\AppData\Roaming\Serian
2021-05-30 17:05 - 2021-05-30 17:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-05-30 17:04 - 2021-05-30 17:04 - 031491256 _____ (Piriform Software Ltd) C:\Users\cdaub\Downloads\ccsetup580.exe
2021-05-30 16:57 - 2021-05-30 17:06 - 000000000 ____D C:\WINDOWS\Minidump
2021-05-30 16:06 - 2021-05-31 22:44 - 113508352 _____ C:\WINDOWS\system32\config\software
2021-05-30 16:02 - 2021-05-30 16:06 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2021-05-30 14:45 - 2021-05-31 22:44 - 024379392 _____ C:\WINDOWS\system32\C_32770.NLS
2021-05-30 14:44 - 2021-06-01 00:05 - 000006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ZSRWCR5193.tmp
2021-05-30 14:43 - 2021-05-31 22:41 - 000000000 ____D C:\Users\cdaub\AppData\Local\CrashDumps
2021-05-28 12:53 - 2021-05-28 12:53 - 000734425 _____ C:\Users\cdaub\Downloads\harcelement-sexuel.pdf
2021-05-26 10:51 - 2021-05-26 10:53 - 000786600 _____ C:\Users\cdaub\Downloads\Whitemoor - Effective Sales Staff.pptx
2021-05-25 00:58 - 2021-05-30 14:24 - 000072919 _____ C:\Users\cdaub\Downloads\TABLEAUX DE BORD 2.xlsx
2021-05-25 00:58 - 2021-05-25 00:58 - 000000165 ____H C:\Users\cdaub\Downloads\~$TABLEAUX DE BORD 2.xlsx
2021-05-24 23:11 - 2021-05-24 23:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-05-24 23:11 - 2021-05-24 23:11 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-05-24 23:11 - 2021-05-24 23:11 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll
2021-05-24 23:11 - 2021-05-24 23:11 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-05-24 23:11 - 2021-05-24 23:11 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-05-24 23:11 - 2021-05-24 23:11 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-05-24 23:10 - 2021-05-24 23:10 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-05-24 23:10 - 2021-05-24 23:10 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-05-24 23:10 - 2021-05-24 23:10 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-05-24 23:10 - 2021-05-24 23:10 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-05-24 23:10 - 2021-05-24 23:10 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-05-24 23:10 - 2021-05-24 23:10 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2021-05-20 18:50 - 2021-05-31 19:31 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-05-16 17:30 - 2021-05-16 17:30 - 001987688 _____ C:\Users\cdaub\Downloads\ENTFRA17.pdf
2021-05-16 17:30 - 2021-05-16 17:30 - 000916178 _____ C:\Users\cdaub\Downloads\F1402.pdf
2021-05-16 17:26 - 2021-05-16 17:26 - 000350503 _____ C:\Users\cdaub\Downloads\TEF2020_203.pdf
2021-05-05 14:59 - 2021-05-05 14:59 - 000450316 _____ C:\Users\cdaub\Downloads\KbernouVF.pdf
2021-05-05 14:58 - 2021-05-05 14:58 - 000446603 _____ C:\Users\cdaub\Downloads\Kbernou.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2021-06-01 00:08 - 2019-09-24 20:35 - 000000000 ____D C:\Users\cdaub\AppData\Roaming\Discord
2021-06-01 00:06 - 2021-04-15 01:16 - 000000000 ____D C:\Users\cdaub
2021-06-01 00:06 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-06-01 00:06 - 2019-09-24 18:46 - 000000000 __SHD C:\Users\cdaub\IntelGraphicsProfiles
2021-06-01 00:05 - 2021-04-15 01:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-06-01 00:05 - 2021-04-15 01:14 - 000008192 ___SH C:\DumpStack.log.tmp
2021-06-01 00:05 - 2021-04-15 01:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-06-01 00:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-06-01 00:02 - 2021-04-15 01:21 - 000003376 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1568788971-1803981128-75823642-1001
2021-06-01 00:02 - 2021-04-15 01:16 - 000002408 _____ C:\Users\cdaub\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-06-01 00:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-06-01 00:02 - 2019-09-24 18:48 - 000000000 ___RD C:\Users\cdaub\OneDrive
2021-05-31 22:48 - 2021-04-15 01:24 - 001923758 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-05-31 22:48 - 2019-12-07 16:49 - 000834502 _____ C:\WINDOWS\system32\perfh00C.dat
2021-05-31 22:48 - 2019-12-07 16:49 - 000168216 _____ C:\WINDOWS\system32\perfc00C.dat
2021-05-31 22:48 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-05-31 22:44 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-05-31 21:58 - 2021-04-15 01:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2021-05-31 21:54 - 2019-09-24 18:46 - 000000000 ____D C:\Users\cdaub\AppData\Local\Packages
2021-05-31 21:53 - 2019-07-30 11:42 - 000000000 ____D C:\ProgramData\McAfee
2021-05-31 21:53 - 2019-07-30 11:42 - 000000000 ____D C:\Program Files\Common Files\McAfee
2021-05-30 17:57 - 2020-08-09 17:25 - 000000000 ____D C:\Users\cdaub\AppData\Roaming\Rainmeter
2021-05-30 17:55 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2021-05-30 17:37 - 2021-01-18 09:49 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-05-30 17:37 - 2020-08-30 20:02 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-05-30 17:28 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-30 17:26 - 2021-04-15 01:14 - 000556288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-05-30 17:26 - 2020-10-08 23:37 - 000007680 _____ C:\Users\cdaub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-05-30 17:06 - 2021-03-25 10:19 - 000000000 ___DC C:\WINDOWS\Panther
2021-05-30 17:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-05-30 17:06 - 2019-10-08 22:51 - 000000000 ____D C:\Program Files (x86)\Steam
2021-05-30 17:01 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-30 14:44 - 2019-12-07 11:03 - 024641536 _____ C:\WINDOWS\system32\config\BCD00000000
2021-05-30 14:44 - 2019-09-24 22:04 - 000000000 ____D C:\Users\cdaub\AppData\Local\D3DSCache
2021-05-30 14:43 - 2020-02-05 18:41 - 000000000 ____D C:\Program Files\Malwarebytes
2021-05-29 22:12 - 2020-08-23 01:29 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-05-28 17:47 - 2020-10-12 09:53 - 000000000 ____D C:\Users\cdaub\Desktop\Mastère 1
2021-05-26 09:12 - 2019-09-24 20:35 - 000000000 ____D C:\Users\cdaub\AppData\Local\Discord
2021-05-26 08:55 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-05-25 17:51 - 2020-01-06 10:08 - 000000000 ____D C:\Users\cdaub\AppData\Local\HP_Inc
2021-05-25 09:24 - 2019-09-24 18:48 - 000000000 ____D C:\Users\cdaub\AppData\Local\PlaceholderTileLogoFolder
2021-05-25 09:06 - 2021-04-15 01:48 - 000000000 ____D C:\WINDOWS\HoloShell
2021-05-25 09:04 - 2021-04-15 01:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-05-25 09:04 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-05-25 08:59 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-05-25 08:58 - 2019-07-30 11:42 - 000000000 ____D C:\Program Files (x86)\McAfee
2021-05-25 08:57 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-05-25 08:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-05-24 23:17 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2021-05-24 20:43 - 2019-10-01 22:21 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-05-24 15:41 - 2019-10-01 22:21 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-05-17 19:32 - 2019-09-24 20:19 - 000000000 ____D C:\Users\cdaub\AppData\Roaming\Dashlane
2021-05-17 18:33 - 2019-04-15 17:38 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-05-16 17:03 - 2021-04-16 01:07 - 000002143 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-05-03 09:06 - 2019-10-02 20:53 - 000000000 ____D C:\Users\cdaub\Desktop\Licence
2021-05-02 21:46 - 2020-10-07 22:47 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools

==================== Fichiers à la racine de certains dossiers ========

2020-10-08 23:37 - 2021-05-30 17:26 - 000007680 _____ () C:\Users\cdaub\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================