Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-01-2020 Exécuté par copin (administrateur) sur LAPTOP-KRMH05N6 (HP HP Laptop 14-dk0xxx) (12-01-2020 21:16:04) Exécuté depuis C:\Users\copin\Downloads Profils chargés: copin (Profils disponibles: copin) Platform: Windows 10 Home Version 1903 18362.207 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0342612.inf_amd64_f45480a6fb163a4b\B342328\atieclxx.exe (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0342612.inf_amd64_f45480a6fb163a4b\B342328\atiesrxx.exe (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f4dbf64491b40e54\x64\TouchpointAnalyticsClientService.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8c815d0673843d8e\x64\AppHelperCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8c815d0673843d8e\x64\NetworkCap.exe (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8c815d0673843d8e\x64\SysInfoCap.exe (HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.35.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\copin\AppData\Local\Microsoft\OneDrive\19.222.1110.0006\FileCoAuth.exe (Microsoft Corporation -> Microsoft Corporation) C:\Users\copin\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe (The Chromium Authors) [Fichier non signé] C:\Users\copin\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) [Fichier non signé] C:\Users\copin\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) [Fichier non signé] C:\Users\copin\AppData\Local\chromium\Application\chrome.exe (The Chromium Authors) [Fichier non signé] C:\Users\copin\AppData\Local\chromium\Application\chrome.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [876320 2019-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKU\S-1-5-21-2188352691-80776327-4179555477-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HpseuHostLauncher.exe [1114112 2019-05-11] (HP Inc.) [Fichier non signé] HKU\S-1-5-21-2188352691-80776327-4179555477-1001\...\Run: [Chromium] => "c:\users\copin\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session HKU\S-1-5-21-2188352691-80776327-4179555477-1001\...\Run: [GoogleChromeAutoLaunch_0A99D0E1FFB5C973038AFE228668DA80] => "C:\Users\copin\AppData\Local\chromium\Application\chrome.exe" --no-startup-window /prefetch:5 HKU\S-1-5-21-2188352691-80776327-4179555477-1001\...\RunOnce: [Delete Cached Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\copin\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" HKU\S-1-5-21-2188352691-80776327-4179555477-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\copin\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" HKU\S-1-5-21-2188352691-80776327-4179555477-1001\...\RunOnce: [Uninstall 19.192.0926.0012\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\copin\AppData\Local\Microsoft\OneDrive\19.192.0926.0012\amd64" HKU\S-1-5-21-2188352691-80776327-4179555477-1001\...\RunOnce: [Uninstall 19.192.0926.0012] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\copin\AppData\Local\Microsoft\OneDrive\19.192.0926.0012" ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {003FA7DB-C1D1-434D-B723-BEE8CCBC44EA} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation) Task: {38BA561F-9A17-4B1D-855D-4378A5E4FF62} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {553B6156-E2DB-4E6E-8D56-4A4BCAD281AC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24625520 2020-01-07] (Microsoft Corporation -> Microsoft Corporation) Task: {71B536B1-1592-48E4-BDA7-66CFA2C09D3C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {782B8A17-633A-4B91-974F-07FDB96E1BD2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158544 2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Task: {A5A9A19A-D915-42F1-A249-ADB388053E62} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [415744 2019-03-19] (Microsoft Windows -> Microsoft Corporation) Task: {A88752D2-F5CF-4754-9F76-EAF07CC0336B} - System32\Tasks\HP\Consent Manager Launcher => sc start hptouchpointanalyticsservice Task: {B5D01623-9350-42F6-A045-248044B746DD} - System32\Tasks\McAfee\mfewin10switch => C:\Program Files\HP\McAfeePre\1.4.111\DADUpdater.exe [4145800 2020-01-12] (McAfee, Inc. -> McAfee, Inc.) Task: {EF05D2C0-F1B8-4E4B-A413-DBDFE99E0941} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2050448 2020-01-12] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{3ecb91d0-5fb2-4bb3-9c43-e3575b39b6e2}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-23f8bf74332602d3 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-2188352691-80776327-4179555477-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-23f8bf74332602d3 HKU\S-1-5-21-2188352691-80776327-4179555477-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2188352691-80776327-4179555477-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-23f8bf74332602d3&q={searchTerms} BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) Edge: ====== Edge Notifications: HKU\S-1-5-21-2188352691-80776327-4179555477-1001 -> hxxps://www.facebook.com FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-12] (Microsoft Corporation -> Microsoft Corporation) ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AMD External Events Utility; C:\windows\System32\DriverStore\FileRepository\u0342612.inf_amd64_f45480a6fb163a4b\B342328\atiesrxx.exe [515296 2019-05-31] (Advanced Micro Devices, Inc. -> AMD) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11164232 2020-01-07] (Microsoft Corporation -> Microsoft Corporation) R2 ETDService; C:\windows\System32\ETDService.exe [225216 2019-04-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8c815d0673843d8e\x64\AppHelperCap.exe [404752 2019-04-17] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8c815d0673843d8e\x64\NetworkCap.exe [404752 2019-04-17] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8c815d0673843d8e\x64\SysInfoCap.exe [407824 2019-04-17] (HP Inc. -> HP Inc.) R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f4dbf64491b40e54\x64\TouchpointAnalyticsClientService.exe [423168 2019-04-18] (HP Inc. -> HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6960640 2020-01-12] (Malwarebytes Inc -> Malwarebytes) R2 RtkAudioUniversalService; C:\windows\System32\RtkAudUService64.exe [876320 2019-05-13] (Realtek Semiconductor Corp. -> Realtek Semiconductor) R2 RtkBtManServ; C:\windows\RtkBtManServ.exe [694688 2019-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) R2 SECOMNService; C:\windows\System32\SECOMN64.exe [169680 2019-05-13] (Sound Research Corporation -> Sound Research, Corp.) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-12] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-12] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 amdacpbus; C:\windows\System32\drivers\amdacpbus.sys [1368184 2019-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R3 amdgpio2; C:\windows\System32\drivers\amdgpio2.sys [34568 2019-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc) R3 amdi2c; C:\windows\System32\drivers\amdi2c.sys [61728 2019-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc) R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\u0342612.inf_amd64_f45480a6fb163a4b\B342328\atikmdag.sys [53520096 2019-05-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\u0342612.inf_amd64_f45480a6fb163a4b\B342328\atikmpag.sys [600800 2019-05-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R0 amdpsp; C:\windows\System32\drivers\amdpsp.sys [146304 2019-05-31] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. ) R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [108152 2019-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices) R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153312 2020-01-12] (Malwarebytes Corporation -> Malwarebytes) R3 ETDHCF; C:\windows\System32\drivers\ETDHCF.sys [29632 2019-04-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [25024 2019-04-18] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.) R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [218288 2020-01-12] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [20936 2020-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [226448 2020-01-12] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73584 2020-01-12] (Malwarebytes Corporation -> Malwarebytes) R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [248968 2020-01-12] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [105112 2020-01-12] (Malwarebytes Inc -> Malwarebytes) R3 PTPFilter; C:\windows\System32\drivers\PTPFilter.sys [46016 2019-04-23] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.) R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1131024 2018-11-10] (Realtek Semiconductor Corp. -> Realtek ) R3 RtkBtFilter; C:\windows\System32\drivers\RtkBtfilter.sys [802344 2019-04-09] (WDKTestCert VSAuto,131800073559665678 -> Realtek Semiconductor Corporation) S3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [442664 2019-04-03] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation) R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [11459368 2019-05-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation ) S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [45664 2020-01-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [355760 2020-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-12] (Microsoft Windows -> Microsoft Corporation) R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-18] (HP Inc. -> HP) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-01-12 20:55 - 2020-01-12 21:08 - 000000000 ____D C:\Users\copin\AppData\LocalLow\IGDump 2020-01-12 20:55 - 2020-01-12 20:55 - 000226448 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys 2020-01-12 20:55 - 2020-01-12 20:55 - 000105112 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys 2020-01-12 20:55 - 2020-01-12 20:55 - 000073584 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2020-01-12 20:54 - 2020-01-12 20:54 - 000248968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys 2020-01-12 20:54 - 2020-01-12 20:54 - 000218288 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys 2020-01-12 20:54 - 2020-01-12 20:54 - 000002028 _____ C:\ProgramData\Bureau\Malwarebytes.lnk 2020-01-12 20:54 - 2020-01-12 20:54 - 000000000 ____D C:\Users\copin\AppData\Local\mbamtray 2020-01-12 20:54 - 2020-01-12 20:54 - 000000000 ____D C:\Users\copin\AppData\Local\mbam 2020-01-12 20:54 - 2020-01-12 20:54 - 000000000 ____D C:\Users\copin\AppData\Local\cache 2020-01-12 20:54 - 2020-01-12 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2020-01-12 20:54 - 2020-01-12 20:53 - 000020936 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamElam.sys 2020-01-12 20:53 - 2020-01-12 20:53 - 000153312 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys 2020-01-12 20:53 - 2020-01-12 20:53 - 000000000 ____D C:\ProgramData\Malwarebytes 2020-01-12 20:53 - 2020-01-12 20:53 - 000000000 ____D C:\Program Files\Malwarebytes 2020-01-12 20:52 - 2020-01-12 20:52 - 000004174 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{06EB2DBC-E248-46C7-B679-B5A85BA74ED0} 2020-01-12 20:51 - 2020-01-12 20:51 - 001883976 _____ (Malwarebytes) C:\Users\copin\Downloads\MBSetup.exe 2020-01-12 20:49 - 2020-01-12 20:49 - 000000000 ____D C:\Users\copin\AppData\LocalLow\AMD 2020-01-12 20:48 - 2020-01-12 21:01 - 000000000 ____D C:\windows\system32\Tasks\SyncVersion 2020-01-12 20:48 - 2020-01-12 20:48 - 000002341 _____ C:\Users\copin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2020-01-12 20:48 - 2020-01-12 20:48 - 000000000 ____D C:\Users\copin\AppData\Roaming\Funuridonoc 2020-01-12 20:48 - 2020-01-12 20:48 - 000000000 ____D C:\Users\copin\AppData\Local\chromium 2020-01-12 20:47 - 2020-01-12 20:50 - 000000000 ____D C:\Users\copin\OneDrive\Documents\FrostWire 2020-01-12 20:47 - 2020-01-12 20:48 - 000000000 ____D C:\ProgramData\{848BB8B7-ACA3-C0CF-F4FB-E8E71C13303F} 2020-01-12 20:46 - 2020-01-12 20:50 - 000000000 ____D C:\Users\copin\.frostwire5 2020-01-12 20:46 - 2020-01-12 20:50 - 000000000 ____D C:\ProgramData\gdmfq 2020-01-12 20:46 - 2020-01-12 20:46 - 000000000 ____D C:\ProgramData\Oracle 2020-01-12 20:25 - 2020-01-12 20:25 - 000000000 ___HD C:\OneDriveTemp 2020-01-12 09:48 - 2020-01-12 09:50 - 000016776 _____ C:\Users\copin\Downloads\Addition.txt 2020-01-12 09:43 - 2020-01-12 21:18 - 000019659 _____ C:\Users\copin\Downloads\FRST.txt 2020-01-12 09:38 - 2020-01-12 21:16 - 000000000 ____D C:\FRST 2020-01-12 09:38 - 2020-01-12 21:15 - 000000000 ____D C:\Users\copin\Downloads\FRST-OlderVersion 2020-01-12 09:10 - 2020-01-12 09:10 - 000000000 ____D C:\Users\copin\AppData\Local\OneDrive 2020-01-12 08:54 - 2020-01-12 08:54 - 000000000 ____D C:\ProgramData\McAfee_dad 2020-01-12 08:54 - 2020-01-12 08:54 - 000000000 ____D C:\Program Files\Common Files\DynamicAppDownloader 2020-01-12 08:53 - 2020-01-12 09:00 - 000000000 ____D C:\ProgramData\McAfee 2020-01-12 08:53 - 2020-01-12 08:54 - 000000000 ____D C:\windows\system32\Tasks\McAfee 2020-01-11 21:20 - 2020-01-11 21:19 - 000748816 _____ (Microsoft Corporation) C:\windows\system32\MpSigStub.exe 2020-01-11 21:14 - 2020-01-12 21:15 - 002573312 _____ (Farbar) C:\Users\copin\Downloads\FRST64-2.1.exe 2020-01-11 21:07 - 2020-01-11 21:41 - 000000000 ____D C:\Users\copin\AppData\Local\PlaceholderTileLogoFolder 2020-01-11 21:07 - 2020-01-11 21:07 - 001397976 _____ (Google LLC) C:\Users\copin\Downloads\ChromeSetup.exe 2020-01-11 21:00 - 2020-01-11 21:00 - 000000000 ____D C:\Users\copin\AppData\Local\Publishers 2020-01-11 21:00 - 2020-01-11 21:00 - 000000000 ____D C:\Users\copin\AppData\Local\Comms 2020-01-11 18:27 - 2020-01-11 18:27 - 000000000 ____D C:\Users\copin\OneDrive\Documents\TotalAV 2020-01-11 18:27 - 2020-01-11 18:27 - 000000000 ____D C:\Users\copin\OneDrive\Documents\Modèles Office personnalisés 2020-01-11 18:27 - 2020-01-11 18:27 - 000000000 ____D C:\Users\copin\OneDrive\Documents\CyberLink 2020-01-11 18:27 - 2020-01-11 18:27 - 000000000 ____D C:\Users\copin\OneDrive\Documents\Bouygues Telecom - Espace Client_files 2020-01-11 18:27 - 2020-01-11 18:27 - 000000000 ____D C:\Users\copin\OneDrive\Documents\Blocs-notes OneNote 2020-01-11 18:27 - 2020-01-11 18:27 - 000000000 ____D C:\Users\copin\OneDrive\Documents\(3) Facebook_files 2020-01-11 18:27 - 2018-06-07 09:10 - 000126465 _____ C:\Users\copin\OneDrive\Documents\Détails du retour.pdf 2020-01-11 18:27 - 2018-05-21 19:27 - 000160832 _____ C:\Users\copin\OneDrive\Documents\Attestation Loi de Finances.pdf 2020-01-11 18:27 - 2018-01-07 00:37 - 001240723 _____ C:\Users\copin\OneDrive\Documents\Bouygues Telecom - Espace Client.html 2020-01-11 18:27 - 2018-01-02 00:25 - 001009523 _____ C:\Users\copin\OneDrive\Documents\(3) Facebook.html 2020-01-11 18:27 - 2017-04-02 21:59 - 000037846 _____ C:\Users\copin\OneDrive\Documents\2017058299786.pdf 2020-01-11 18:27 - 2017-04-02 21:55 - 000029710 _____ C:\Users\copin\OneDrive\Documents\2017058299787 pole emploi.pdf 2020-01-11 18:27 - 2017-02-28 02:34 - 000000120 ____R C:\Users\copin\OneDrive\Documents\Ordinateur portable de copin.url 2020-01-11 18:27 - 2016-12-05 00:27 - 008388608 _____ C:\Users\copin\OneDrive\Documents\08224.bin 2020-01-11 18:27 - 2016-12-05 00:27 - 008388608 _____ C:\Users\copin\OneDrive\Documents\08221.bin 2020-01-11 18:27 - 2016-12-05 00:27 - 008388608 _____ C:\Users\copin\OneDrive\Documents\0821E.bin 2020-01-11 18:27 - 2016-12-05 00:27 - 000000256 _____ C:\Users\copin\OneDrive\Documents\08224.s12 2020-01-11 18:27 - 2016-12-05 00:27 - 000000256 _____ C:\Users\copin\OneDrive\Documents\08221.s12 2020-01-11 18:27 - 2016-12-05 00:27 - 000000256 _____ C:\Users\copin\OneDrive\Documents\0821E.s12 2020-01-11 18:26 - 2020-01-12 20:25 - 000003376 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2188352691-80776327-4179555477-1001 2020-01-11 18:26 - 2020-01-12 20:25 - 000000000 ___RD C:\Users\copin\OneDrive 2020-01-11 18:26 - 2020-01-11 21:01 - 000000000 ____D C:\Users\copin\AppData\Local\PackageStaging 2020-01-11 18:20 - 2020-01-11 18:20 - 000000000 ___HD C:\Users\copin\MicrosoftEdgeBackups 2020-01-11 18:20 - 2020-01-11 18:20 - 000000000 ____D C:\Users\copin\AppData\Local\MicrosoftEdge 2020-01-11 18:19 - 2020-01-12 20:54 - 000000000 ____D C:\Users\copin\AppData\Local\D3DSCache 2020-01-11 18:19 - 2020-01-12 15:57 - 000000000 ____D C:\Users\copin\AppData\Local\Packages 2020-01-11 18:19 - 2020-01-11 20:58 - 000000000 ____D C:\Users\copin\AppData\Local\ConnectedDevicesPlatform 2020-01-11 18:19 - 2020-01-11 18:19 - 000000000 ___RD C:\Users\copin\3D Objects 2020-01-11 18:19 - 2020-01-11 18:19 - 000000000 ____D C:\Users\copin\AppData\Roaming\Adobe 2020-01-11 18:19 - 2020-01-11 18:19 - 000000000 ____D C:\Users\copin\AppData\Local\VirtualStore 2020-01-11 18:19 - 2020-01-11 18:19 - 000000000 ____D C:\Users\copin\AppData\Local\AMD 2020-01-11 18:10 - 2020-01-12 20:46 - 000000000 ____D C:\Users\copin 2020-01-11 18:10 - 2020-01-12 20:25 - 000002408 _____ C:\Users\copin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2020-01-11 18:10 - 2020-01-11 18:10 - 000000020 ___SH C:\Users\copin\ntuser.ini 2020-01-11 18:10 - 2020-01-11 18:10 - 000000000 _SHDL C:\Users\copin\Voisinage réseau 2020-01-11 18:10 - 2020-01-11 18:10 - 000000000 _SHDL C:\Users\copin\Voisinage d'impression 2020-01-11 18:10 - 2020-01-11 18:10 - 000000000 _SHDL C:\Users\copin\Modèles 2020-01-11 18:10 - 2020-01-11 18:10 - 000000000 _SHDL C:\Users\copin\Mes documents 2020-01-11 18:10 - 2020-01-11 18:10 - 000000000 _SHDL C:\Users\copin\Menu Démarrer 2020-01-11 18:10 - 2020-01-11 18:10 - 000000000 _SHDL C:\Users\copin\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2020-01-11 18:10 - 2020-01-11 18:10 - 000000000 _SHDL C:\Users\copin\AppData\Local\Historique 2020-01-11 17:05 - 2020-01-11 17:05 - 000000000 ____D C:\windows\minidump 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default\Modèles 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default\Mes documents 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default User\Voisinage réseau 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default User\Voisinage d'impression 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default User\Modèles 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default User\Mes documents 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default User\Menu Démarrer 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Historique 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\ProgramData\Modèles 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programmes 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\ProgramData\Bureau 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Program Files\Fichiers communs 2020-01-11 17:04 - 2020-01-11 17:04 - 000000000 _SHDL C:\Documents and Settings ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-01-12 21:18 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-12 20:54 - 2019-03-19 05:52 - 000000000 ___HD C:\windows\ELAMBKUP 2020-01-12 20:42 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2020-01-12 20:41 - 2019-06-13 03:37 - 000000000 ____D C:\Program Files\Microsoft Office 2020-01-12 16:04 - 2019-03-19 05:52 - 000000000 ____D C:\windows\AppReadiness 2020-01-12 15:57 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps 2020-01-12 13:45 - 2019-04-15 16:38 - 000000000 ____D C:\windows\system32\SleepStudy 2020-01-12 10:14 - 2019-09-22 11:53 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2020-01-12 10:14 - 2019-03-19 05:50 - 000000000 ____D C:\windows\INF 2020-01-12 09:28 - 2019-04-15 16:38 - 000000000 ____D C:\windows\system32\Drivers\wd 2020-01-12 09:28 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows Defender 2020-01-11 21:00 - 2019-03-19 05:52 - 000000000 ____D C:\windows\ServiceState 2020-01-11 18:21 - 2019-06-13 03:35 - 000000000 ____D C:\ProgramData\HP 2020-01-11 18:19 - 2019-04-15 16:39 - 000000000 __RHD C:\Users\Public\AccountPictures 2020-01-11 18:10 - 2019-06-13 13:15 - 000756770 _____ C:\windows\system32\perfh00C.dat 2020-01-11 18:10 - 2019-06-13 13:15 - 000142442 _____ C:\windows\system32\perfc00C.dat 2020-01-11 18:10 - 2019-06-13 03:34 - 001732252 _____ C:\windows\system32\PerfStringBackup.INI 2020-01-11 17:06 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\WinBioDatabase 2020-01-11 17:06 - 2019-03-19 05:52 - 000000000 ____D C:\windows\system32\spool 2020-01-11 17:06 - 2019-03-19 05:37 - 000000000 ____D C:\windows\CbsTemp 2020-01-11 17:04 - 2019-09-22 12:29 - 000002848 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2188352691-80776327-4179555477-500 2020-01-11 17:04 - 2019-04-15 17:31 - 000000000 ____D C:\windows\Panther 2020-01-11 17:04 - 2019-04-15 16:38 - 000000006 ____H C:\windows\Tasks\SA.DAT 2020-01-11 17:04 - 2019-03-19 05:52 - 000000000 ____D C:\Program Files\Windows NT ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)