Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19-07-2021 01
Exécuté par S (administrateur) sur LAPTOP-HSTMGRIT (HP HP Laptop 15-db0xxx) (21-07-2021 18:39:01)
Exécuté depuis C:\Users\__\Desktop
Profils chargés: S
Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365900.inf_amd64_9711e6a716b3374b\B365971\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365900.inf_amd64_9711e6a716b3374b\B365971\atiesrxx.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102824 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-87030960-3603999544-3405083870-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0A26B36F-DE9C-492F-A706-96EE9807B156} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {15B619A5-0AA7-45B7-B3E4-E922291ACCEA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {326F4273-BC80-4017-9C84-15EFA72820C6} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {3624E039-CCAB-4CB1-937C-4407DBE26D67} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37CD65EB-0846-4D99-917A-471DDFB17B47} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {3CB9FE7D-5B25-4430-B964-3DDC4083F8BE} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {4C1BC1D5-2953-4742-AC39-0E704B92A5B9} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4C5C00FE-8ED5-4D85-98AA-7002ED0AD7C9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {4DF16152-C02F-41BE-85A7-BD315895DCD0} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-87030960-3603999544-3405083870-500 => C:\Users\__\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {5DA5A7B4-F0A1-4330-9FE1-5637543C1E20} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {5FD2DBA9-5C9B-4BDF-8FEB-BE2DC3786250} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {628F0FDE-5CF3-4DED-8B12-C4988CD01889} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-07-03] (HP Inc. -> HP Inc.)
Task: {64D2BAFC-3362-4D56-A324-B9C1DA195CD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A553D67-D084-4BC4-93DF-9DBD2B088142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6AA92D18-2F1A-4040-B489-5FBEBF2E0A4A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {7A4C6A1B-2671-4C66-8FBA-3E26233DE020} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [462696 2018-06-01] (HP Inc. -> HP Inc.)
Task: {8FF37C6B-23DE-4FE2-8236-DAE535772A07} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {A7568BE3-3584-4C27-AB12-82BEF730676C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA81A033-B571-40B2-9905-8761CEA21E75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B738F8F3-F56F-4CD2-A3E6-2D8802ACE020} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-03] (HP Inc. -> HP Inc.)
Task: {C1738747-ADA2-44BF-A7FF-5061B9A6C3E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [560816 2021-07-03] (HP Inc. -> HP Inc.)
Task: {C38E54B6-86EE-428D-846F-899F40760EC7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {C9499A82-2232-40B2-ADED-F14940E1916A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {E99A87CC-CC9B-484C-8EDF-EB05CA584ADA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682424 2021-07-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {F5D17532-FAAF-411F-98DB-0EBE73751DA8} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {FA6FC5AF-6A03-42E0-B2EB-40EC896CE26E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-03] (HP Inc. -> HP Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{2b06c7ca-834f-4c61-910c-fb0ed9c92953}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\__\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-21]
FireFox:
========
FF DefaultProfile: clkyfops.default
FF ProfilePath: C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\clkyfops.default [2019-06-05]
FF ProfilePath: C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release [2021-07-21]
FF DownloadDir: C:\Users\__\Desktop
FF Extension: (Google Translator for Firefox) - C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release\Extensions\translator@zoli.bod.xpi [2019-05-26]
FF Extension: (Video DownloadHelper) - C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\AppHelperCap.exe [734752 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\DiagsCap.exe [733192 2021-05-24] (HP Inc. -> HP Inc.)
S3 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [478056 2018-06-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\NetworkCap.exe [733216 2021-05-24] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\SysInfoCap.exe [733720 2021-05-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1552688 2019-05-03] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108480 2018-09-07] (Alcorlink Corp. -> )
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-21 18:39 - 2021-07-21 18:42 - 000018030 _____ C:\Users\__\Desktop\FRST.txt
2021-07-21 18:38 - 2021-07-21 18:40 - 000000000 ____D C:\FRST
2021-07-21 18:36 - 2021-07-21 18:36 - 002300416 _____ (Farbar) C:\Users\__\Desktop\FRST64.exe
2021-07-21 18:26 - 2021-07-21 18:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-21 16:15 - 2021-07-21 16:15 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-07-21 16:15 - 2021-07-21 16:03 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-07-21 16:15 - 2021-07-21 16:03 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-07-21 13:54 - 2021-07-21 16:15 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-07-21 13:54 - 2021-07-21 16:15 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-21 13:54 - 2021-07-21 13:54 - 000000000 ____D C:\Users\__\AppData\Local\mbam
2021-07-21 13:53 - 2021-07-21 16:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-07-21 13:51 - 2021-07-21 13:51 - 000000000 ____D C:\Program Files\Malwarebytes
2021-07-21 09:16 - 2021-07-21 18:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-14 15:04 - 2021-07-14 15:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 15:04 - 2021-07-14 15:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 15:04 - 2021-07-14 15:04 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 15:04 - 2021-07-14 15:04 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-14 15:03 - 2021-07-14 15:03 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 15:02 - 2021-07-14 15:02 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-08 00:21 - 2021-07-08 00:21 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-08 00:21 - 2021-07-08 00:21 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-08 00:21 - 2021-07-08 00:21 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-08 00:21 - 2021-07-08 00:21 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-08 00:20 - 2021-07-08 00:20 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-08 00:20 - 2021-07-08 00:20 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-08 00:19 - 2021-07-08 00:19 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-08 00:19 - 2021-07-08 00:19 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-08 00:18 - 2021-07-08 00:18 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-08 00:18 - 2021-07-08 00:18 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 20:21 - 2021-07-07 20:24 - 000003023 _____ C:\Users\__\Desktop\SpartooChat.txt
2021-06-28 15:11 - 2021-06-28 15:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-06-22 18:43 - 2021-06-22 18:44 - 108906123 _____ C:\Users\__\Desktop\Envers.Affaires.1.....wawacity.tv.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-21 18:31 - 2019-05-23 14:39 - 000000000 ____D C:\Users\__\AppData\LocalLow\Mozilla
2021-07-21 18:26 - 2019-05-23 14:39 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-21 18:26 - 2019-05-23 14:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-21 18:10 - 2020-06-21 12:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-21 17:45 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-21 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-21 16:16 - 2019-05-27 21:04 - 000000000 ____D C:\Program Files\CCleaner
2021-07-21 16:12 - 2020-06-21 13:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-21 16:12 - 2020-06-21 12:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-21 16:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-21 16:11 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-07-21 16:11 - 2018-12-27 14:15 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-07-21 13:54 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-20 11:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-20 01:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-07-18 21:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-17 19:53 - 2020-06-21 09:22 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-16 21:32 - 2019-05-23 22:32 - 000000000 ____D C:\Users\__\AppData\Roaming\vlc
2021-07-16 17:05 - 2020-06-21 13:06 - 001789580 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-16 17:05 - 2019-12-07 16:49 - 000796372 _____ C:\WINDOWS\system32\perfh00C.dat
2021-07-16 17:05 - 2019-12-07 16:49 - 000159742 _____ C:\WINDOWS\system32\perfc00C.dat
2021-07-16 12:49 - 2020-06-21 12:23 - 000000000 ____D C:\Users\__
2021-07-14 15:21 - 2020-06-21 12:59 - 000366472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 15:14 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 14:15 - 2019-05-23 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 14:08 - 2019-05-23 13:26 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-09 20:58 - 2018-10-11 07:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-08 19:12 - 2018-12-27 15:58 - 000000000 ____D C:\Users\__\AppData\Local\D3DSCache
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-08 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-07-03 13:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-07-03 07:41 - 2020-06-21 13:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-07-03 07:38 - 2019-06-11 17:57 - 000000000 ____D C:\swsetup
2021-06-30 08:32 - 2020-06-21 13:16 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 08:32 - 2020-06-21 13:16 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-21 08:40 - 2020-06-21 13:16 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Fichiers à la racine de certains dossiers ========
2019-08-09 23:29 - 2019-08-09 23:29 - 000000017 _____ () C:\Users\__\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par S (administrateur) sur LAPTOP-HSTMGRIT (HP HP Laptop 15-db0xxx) (21-07-2021 18:39:01)
Exécuté depuis C:\Users\__\Desktop
Profils chargés: S
Platform: Windows 10 Home Version 20H2 19042.1110 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365900.inf_amd64_9711e6a716b3374b\B365971\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0365900.inf_amd64_9711e6a716b3374b\B365971\atiesrxx.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\DiagsCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\SysInfoCap.exe
(HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.1.21.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7>
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102824 2021-03-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKU\S-1-5-21-87030960-3603999544-3405083870-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [34508416 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0A26B36F-DE9C-492F-A706-96EE9807B156} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [28880512 2021-06-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {15B619A5-0AA7-45B7-B3E4-E922291ACCEA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => cmd /c start hpdiags://ABO
Task: {326F4273-BC80-4017-9C84-15EFA72820C6} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => cmd /c start hpdiags://BatteryStatusError
Task: {3624E039-CCAB-4CB1-937C-4407DBE26D67} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {37CD65EB-0846-4D99-917A-471DDFB17B47} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => cmd /c start hpdiags://BHM1
Task: {3CB9FE7D-5B25-4430-B964-3DDC4083F8BE} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => cmd /c start hpdiags://BCF
Task: {4C1BC1D5-2953-4742-AC39-0E704B92A5B9} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-07-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {4C5C00FE-8ED5-4D85-98AA-7002ED0AD7C9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => cmd /c start hpdiags://SmartCheckError
Task: {4DF16152-C02F-41BE-85A7-BD315895DCD0} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-87030960-3603999544-3405083870-500 => C:\Users\__\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {5DA5A7B4-F0A1-4330-9FE1-5637543C1E20} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-06-17] (Piriform Software Ltd -> Piriform)
Task: {5FD2DBA9-5C9B-4BDF-8FEB-BE2DC3786250} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => cmd /c start hpdiags:
Task: {628F0FDE-5CF3-4DED-8B12-C4988CD01889} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2021-07-03] (HP Inc. -> HP Inc.)
Task: {64D2BAFC-3362-4D56-A324-B9C1DA195CD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A553D67-D084-4BC4-93DF-9DBD2B088142} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6AA92D18-2F1A-4040-B489-5FBEBF2E0A4A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => cmd /c start hpdiags://BHM2
Task: {7A4C6A1B-2671-4C66-8FBA-3E26233DE020} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [462696 2018-06-01] (HP Inc. -> HP Inc.)
Task: {8FF37C6B-23DE-4FE2-8236-DAE535772A07} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => cmd /c start hpdiags://SmartCheckTest
Task: {A7568BE3-3584-4C27-AB12-82BEF730676C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AA81A033-B571-40B2-9905-8761CEA21E75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B738F8F3-F56F-4CD2-A3E6-2D8802ACE020} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-03] (HP Inc. -> HP Inc.)
Task: {C1738747-ADA2-44BF-A7FF-5061B9A6C3E1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [560816 2021-07-03] (HP Inc. -> HP Inc.)
Task: {C38E54B6-86EE-428D-846F-899F40760EC7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => cmd /c start hpdiags://BatteryStatusTest
Task: {C9499A82-2232-40B2-ADED-F14940E1916A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => cmd /c start hpdiags://LaunchUI
Task: {E99A87CC-CC9B-484C-8EDF-EB05CA584ADA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682424 2021-07-21] (Mozilla Corporation -> Mozilla Foundation)
Task: {F5D17532-FAAF-411F-98DB-0EBE73751DA8} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {FA6FC5AF-6A03-42E0-B2EB-40EC896CE26E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1118896 2021-07-03] (HP Inc. -> HP Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{2b06c7ca-834f-4c61-910c-fb0ed9c92953}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\__\AppData\Local\Microsoft\Edge\User Data\Default [2021-07-21]
FireFox:
========
FF DefaultProfile: clkyfops.default
FF ProfilePath: C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\clkyfops.default [2019-06-05]
FF ProfilePath: C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release [2021-07-21]
FF DownloadDir: C:\Users\__\Desktop
FF Extension: (Google Translator for Firefox) - C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release\Extensions\translator@zoli.bod.xpi [2019-05-26]
FF Extension: (Video DownloadHelper) - C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2021-07-01]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\__\AppData\Roaming\Mozilla\Firefox\Profiles\vitst99b.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-19]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2019-04-13] (FOXIT SOFTWARE INC. -> Foxit Corporation)
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\AppHelperCap.exe [734752 2021-05-24] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\DiagsCap.exe [733192 2021-05-24] (HP Inc. -> HP Inc.)
S3 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [478056 2018-06-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\NetworkCap.exe [733216 2021-05-24] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8e04d689d875112c\x64\SysInfoCap.exe [733720 2021-05-24] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_35df954651b1f88f\x64\TouchpointAnalyticsClientService.exe [489584 2021-06-18] (HP Inc. -> HP Inc.)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1552688 2019-05-03] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108480 2018-09-07] (Alcorlink Corp. -> )
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [23960 2018-07-06] (HP Inc. -> HP Inc.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-21] (Malwarebytes Inc -> Malwarebytes)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49560 2021-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [425192 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-21 18:39 - 2021-07-21 18:42 - 000018030 _____ C:\Users\__\Desktop\FRST.txt
2021-07-21 18:38 - 2021-07-21 18:40 - 000000000 ____D C:\FRST
2021-07-21 18:36 - 2021-07-21 18:36 - 002300416 _____ (Farbar) C:\Users\__\Desktop\FRST64.exe
2021-07-21 18:26 - 2021-07-21 18:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-21 16:15 - 2021-07-21 16:15 - 000001988 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-07-21 16:15 - 2021-07-21 16:03 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-07-21 16:15 - 2021-07-21 16:03 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-07-21 13:54 - 2021-07-21 16:15 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-07-21 13:54 - 2021-07-21 16:15 - 000002000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-07-21 13:54 - 2021-07-21 13:54 - 000000000 ____D C:\Users\__\AppData\Local\mbam
2021-07-21 13:53 - 2021-07-21 16:13 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-07-21 13:51 - 2021-07-21 13:51 - 000000000 ____D C:\Program Files\Malwarebytes
2021-07-21 09:16 - 2021-07-21 18:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-14 15:04 - 2021-07-14 15:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 15:04 - 2021-07-14 15:04 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 15:04 - 2021-07-14 15:04 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 15:04 - 2021-07-14 15:04 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-14 15:03 - 2021-07-14 15:03 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 15:02 - 2021-07-14 15:02 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-08 00:21 - 2021-07-08 00:21 - 002371072 _____ C:\WINDOWS\system32\rdpnano.dll
2021-07-08 00:21 - 2021-07-08 00:21 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-07-08 00:21 - 2021-07-08 00:21 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2021-07-08 00:21 - 2021-07-08 00:21 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2021-07-08 00:20 - 2021-07-08 00:20 - 001314128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-07-08 00:20 - 2021-07-08 00:20 - 000570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-07-08 00:19 - 2021-07-08 00:19 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-07-08 00:19 - 2021-07-08 00:19 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe
2021-07-08 00:18 - 2021-07-08 00:18 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-07-08 00:18 - 2021-07-08 00:18 - 000097792 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-07-07 20:21 - 2021-07-07 20:24 - 000003023 _____ C:\Users\__\Desktop\SpartooChat.txt
2021-06-28 15:11 - 2021-06-28 15:11 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
2021-06-22 18:43 - 2021-06-22 18:44 - 108906123 _____ C:\Users\__\Desktop\Envers.Affaires.1.....wawacity.tv.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-07-21 18:31 - 2019-05-23 14:39 - 000000000 ____D C:\Users\__\AppData\LocalLow\Mozilla
2021-07-21 18:26 - 2019-05-23 14:39 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-21 18:26 - 2019-05-23 14:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-21 18:10 - 2020-06-21 12:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-07-21 17:45 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-07-21 16:19 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-07-21 16:16 - 2019-05-27 21:04 - 000000000 ____D C:\Program Files\CCleaner
2021-07-21 16:12 - 2020-06-21 13:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-21 16:12 - 2020-06-21 12:59 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-21 16:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-07-21 16:11 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2021-07-21 16:11 - 2018-12-27 14:15 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2021-07-21 13:54 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-07-20 11:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-20 01:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-07-18 21:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-07-17 19:53 - 2020-06-21 09:22 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-07-16 21:32 - 2019-05-23 22:32 - 000000000 ____D C:\Users\__\AppData\Roaming\vlc
2021-07-16 17:05 - 2020-06-21 13:06 - 001789580 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-16 17:05 - 2019-12-07 16:49 - 000796372 _____ C:\WINDOWS\system32\perfh00C.dat
2021-07-16 17:05 - 2019-12-07 16:49 - 000159742 _____ C:\WINDOWS\system32\perfc00C.dat
2021-07-16 12:49 - 2020-06-21 12:23 - 000000000 ____D C:\Users\__
2021-07-14 15:21 - 2020-06-21 12:59 - 000366472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 15:17 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 15:14 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 14:15 - 2019-05-23 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 14:08 - 2019-05-23 13:26 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-09 20:58 - 2018-10-11 07:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-08 19:12 - 2018-12-27 15:58 - 000000000 ____D C:\Users\__\AppData\Local\D3DSCache
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-07-08 01:23 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-07-08 00:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2021-07-03 13:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2021-07-03 07:41 - 2020-06-21 13:16 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2021-07-03 07:38 - 2019-06-11 17:57 - 000000000 ____D C:\swsetup
2021-06-30 08:32 - 2020-06-21 13:16 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-06-30 08:32 - 2020-06-21 13:16 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-06-21 08:40 - 2020-06-21 13:16 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
==================== Fichiers à la racine de certains dossiers ========
2019-08-09 23:29 - 2019-08-09 23:29 - 000000017 _____ () C:\Users\__\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================