Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 25-03-2023
Exécuté par gwlad (administrateur) sur DESKTOP-1DIMEJF (HP HP Notebook) (26-03-2023 12:52:49)
Exécuté depuis C:\Users\gwlad\Desktop
Profils chargés: gwlad
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.2604 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_2\AcroCEF.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\Youcam6_webcam_camera_video.exe
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCopyAccelerator.exe
(C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-43c8e101.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\6372CE5C-9FD9-4406-B999-44EE8CC18578\MpSigStub.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(C:\Windows\Temp\111.0.5563.65_110.0.5481.180_chrome_updater.exe946d7f50 ->) (Google LLC -> Google LLC) C:\Windows\Temp\setup.exe946d7f60 <2>
(C:\Windows\Temp\CCleanerBrowserInstallerIncremental-109.0.19987.122.exe946d80b7 ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Windows\Temp\setup.exe946d80d7 <2>
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(explorer.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Windows\Temp\111.0.5563.65_110.0.5481.180_chrome_updater.exe946d7f50
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\gwlad\AppData\Local\Microsoft\OneDrive\23.048.0305.0002\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-43c8e101.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotificationUx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Windows\Temp\CCleanerBrowserInstallerIncremental-109.0.19987.122.exe946d80b7
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Users\gwlad\Desktop\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(services.exe ->) (WildTangent Inc -> WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(svchost.exe ->) (Dropbox, Inc -> ) C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 2620 series\Bin\HPCustPartic.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21374.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DeviceCensus.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2664_none_7dfa24947c9c0a36\TiWorker.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe
(svchost.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe <2>
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe
(svchost.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [555920 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [402320 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [uTorrent] => C:\Users\gwlad\AppData\Roaming\uTorrent\updates\3.5.5_45395.exe [2005224 2019-11-11] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-06] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4361576 2023-03-17] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [HP OfficeJet Pro 9010 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4072864 2020-10-29] (HP Inc -> HP Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [39159608 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [CCleanerBrowserAutoLaunch_38A5B7C68A62DD6637873EE23A77EFD8] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-24] (Adobe Inc. -> Adobe)
HKLM\...\Print\Monitors\EPSON XP-215 217 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLGE.DLL [179712 2014-12-03] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [115592 2019-02-10] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\Installer\chrmstp.exe [2023-02-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\110.0.5481.180\Installer\chrmstp.exe [2023-03-12] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-10-04]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {01AC299B-FD80-4A77-B4BC-A5B942D81EFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {02610DEE-7C14-4598-904C-3CBA9EA32E28} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {0784C1FE-D6DC-465D-87AC-F5FF0463BBD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-01-10] (HP Inc. -> HP Inc.)
Task: {105B38BD-6D18-424F-8644-FE8744279B44} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [666528 2023-03-03] (Mozilla Corporation -> Mozilla Foundation)
Task: {27BCCA32-8356-4D68-820F-1CA20E477B8F} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [601504 2023-03-03] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {27CF6463-CE34-4FE0-A2F9-F7DFA5B859B5} - System32\Tasks\G2MUpdateTask-S-1-5-21-201739809-433715794-94216092-1001 => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [41536 2016-10-04] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {2CF51C70-1BBD-48CA-A350-8ACF1D0186AD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2F67B99A-59FC-4263-A95A-6BF83CE44BDD} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [474472 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4454A670-E2A3-48FF-8F4E-A9B2A9B4A1CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {468AFCC8-DDA4-47C5-B4FE-4F12DB6249A4} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-07-01] (CyberLink Corp. -> CyberLink Corp.)
Task: {4BD52D95-7CFF-42FE-A79B-8D4B92F65C8F} - System32\Tasks\Toolbox.exe_{4C8B1935-5735-4DAA-AF7A-A1B69E767367} => C:\Program Files\HP\HP DeskJet 2600 series\Bin\Toolbox.exe [6304904 2018-04-17] (Hewlett Packard -> HP Inc.)
Task: {538DD50C-66B0-422D-A36A-AFCC9194C4DD} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {559D2DCE-D0C8-4D3D-B2F9-80903589C8BE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296808 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {57C00A7E-AF31-4F55-8653-20BB6937EE3D} - System32\Tasks\G2MUploadTask-S-1-5-21-201739809-433715794-94216092-1001 => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [41536 2016-10-04] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {580B6182-E43C-4AB6-8058-A8DF9E799513} - System32\Tasks\CCleanerSkipUAC - gwlad => C:\Program Files\CCleaner\CCleaner.exe [33038648 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {5BD2BA32-DD08-449B-876C-04C523909AD9} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [511344 2015-06-19] (Dropbox, Inc -> )
Task: {6AC22294-AC44-4C1D-B41E-5CD39F1EF510} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703544 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9b3194b1-39c5-4705-bd86-53ef1640a0af" --version "6.10.10347" --silent
Task: {6BB6B95D-8491-4696-8DB9-A772D97CAC30} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-24] (Adobe Inc. -> Adobe)
Task: {6C572819-976B-49D5-BED5-5190805CAFDF} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6592376 2016-11-24] (Nero AG -> Nero AG)
Task: {765F93BB-FE79-4124-86F5-DD30B64BD287} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {77388312-C1CC-4E44-8137-49ADC464C454} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149464 2023-01-10] (HP Inc. -> HP Inc.)
Task: {7972FD84-F486-49B4-879A-359F6C099543} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114608 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {7F1B275E-8884-4952-A8DB-46CD19A9329F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26296808 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {86C6578E-4B34-4A04-921F-68EC84BC899B} - System32\Tasks\HPCustParticipation HP Officejet 2620 series => C:\Program Files\HP\HP Officejet 2620 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {8861D3C0-AA23-4AA7-834C-2EF1F5725095} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3277472 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {925AC1CC-92C7-4D57-A7FE-7AC71FC32BE3} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 9010 series => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPCustPartic.exe [6718880 2020-11-03] (HP Inc -> HP Inc.)
Task: {AA01395D-3842-41D7-948D-E9D6CCA1804C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {AA6B3534-5684-48F7-80E3-08EEFDAF48E8} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-03-07] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B81111A3-00A2-4B27-BCC8-8748BEF2B91C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [847392 2023-01-10] (HP Inc. -> HP Inc.)
Task: {B90EA877-B418-41F7-92FE-819C1B604914} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CB7769C8-042A-418D-8442-D37F480209C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-23] (Google Inc -> Google Inc.)
Task: {D6B1FF8A-1260-490F-9F97-D212D092A0BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MpCmdRun.exe [1592184 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E152D4B2-EA16-472A-8B89-A10E3EB77CFF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114608 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2090E24-37EC-4739-8286-5823BC3ABDDB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1560056 2023-02-01] (Adobe Inc. -> Adobe Inc.)
Task: {F842121E-1E2E-4C98-89DE-AE72AA6C725E} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653576 2018-04-17] (Hewlett Packard -> HP Inc.)
Task: {FD2350C7-1AC1-4A5F-9DDD-1884E78432DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-23] (Google Inc -> Google Inc.)
Task: {FFD20D11-FD42-4A97-961C-AD94B77FC1A2} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [517480 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-201739809-433715794-94216092-1001.job => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-201739809-433715794-94216092-1001.job => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5cdc0979-8b49-435d-b0de-67dc9e420423}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7cc08029-bb26-436e-a650-8cdc8744ccde}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gwlad\AppData\Local\Microsoft\Edge\User Data\Default [2023-02-26]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: bQc3wgCb.default
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Oxylane\ONconnect\Profiles\hi2d9p4l.default [2019-02-10]
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\ahghf0cz.default-release-1614620409472 [2023-03-20]
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\bQc3wgCb.default [2019-03-24]
FF NewTab: Mozilla\Firefox\Profiles\bQc3wgCb.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180617__yaff
FF Extension: (Avira Browser Safety) - C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\bQc3wgCb.default\Extensions\abs@avira.com.xpi [2016-02-22] []
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-24] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-02-14] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-24] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] (WildTangent Inc -> )
FF Plugin HKU\S-1-5-21-201739809-433715794-94216092-1001: @citrixonline.com/appdetectorplugin -> C:\Users\gwlad\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-03-07] (Citrix Online -> Citrix Online)
FF Plugin HKU\S-1-5-21-201739809-433715794-94216092-1001: @squareclock.com/SQ3DPlayer_Production_Castorama_Bathroom_Internet -> C:\Users\gwlad\AppData\Local\SquareClock.Production_Castorama_Bathroom_Internet\NPSQ3D.dll [2019-01-29] (DASSAULT SYSTEMES SE -> SquareClock SAS) [Fichier non signé]
FF Plugin HKU\S-1-5-21-201739809-433715794-94216092-1001: @squareclock.com/SQ3DPlayer_Production_Castorama_Dressing_Internet -> C:\Users\gwlad\AppData\Local\SquareClock.Production_Castorama_Dressing_Internet\NPSQ3D.dll [2020-05-29] (DASSAULT SYSTEMES SE -> SquareClock SAS) [Fichier non signé]
Chrome:
=======
CHR Profile: C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default [2023-03-26]
CHR DownloadDir: C:\Users\gwlad\Desktop
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Recherche Google) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-23]
CHR Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-08-27]
CHR Extension: (Protection Web Avira) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-11-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-03-09]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-03-23]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-02-01] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] (Realtek Semiconductor Corp -> )
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\109.0.19987.122\elevation_service.exe [1802832 2023-01-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [12512768 2023-03-20] (Microsoft Corporation -> Microsoft Corporation)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448 2023-02-06] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent Inc -> WildTangent)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [797640 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [796616 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [793000 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [285192 2020-12-18] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [796584 2023-01-10] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9002208 2023-03-09] (Malwarebytes Inc. -> Malwarebytes)
R2 MEmuSVC; C:\Users\gwlad\Desktop\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\NisSrv.exe [3191256 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe [133576 2023-02-20] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; "c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
R3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> )
U0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2023-03-03] (北京铠信神州科技有限责任公司 -> )
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49576 2023-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473336 2023-02-20] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99576 2023-02-20] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; pas de ImagePath
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-03-26 12:52 - 2023-03-26 13:01 - 000040327 _____ C:\Users\gwlad\Desktop\FRST.txt
2023-03-26 12:50 - 2023-03-26 12:58 - 000000000 ____D C:\FRST
2023-03-26 12:49 - 2023-03-26 12:49 - 002379264 _____ (Farbar) C:\Users\gwlad\Desktop\FRST64.exe
2023-03-26 12:46 - 2023-03-26 12:47 - 002080768 _____ (Farbar) C:\Users\gwlad\Desktop\FRST.exe
2023-03-26 12:40 - 2023-03-26 12:41 - 014570799 _____ C:\Users\gwlad\Desktop\Non confirmé 521655.crdownload
2023-03-23 19:21 - 2023-03-23 19:21 - 000000000 ___HD C:\$WinREAgent
2023-03-09 14:12 - 2023-03-09 14:12 - 000243497 _____ C:\Users\gwlad\Downloads\CV Gwladys_230309_131144.pdf
2023-03-04 18:43 - 2023-03-04 18:43 - 000000027 _____ C:\Users\gwlad\AppData\Roaming\epm_user.ini
2023-03-04 18:41 - 2023-03-04 18:41 - 000000000 ____D C:\Users\gwlad\AppData\Local\EPMUI
2023-03-04 18:40 - 2023-03-04 18:40 - 000000000 ____D C:\ProgramData\SystemAcCrux
2023-03-04 18:39 - 2023-03-04 18:39 - 000001378 _____ C:\Users\Public\Desktop\EaseUS Partition Master.lnk
2023-03-04 18:39 - 2023-03-04 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master
2023-03-04 18:36 - 2023-02-06 02:50 - 006035648 _____ C:\WINDOWS\system32\BootMan.exe
2023-03-04 18:36 - 2023-02-06 02:50 - 000025792 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2023-03-04 18:36 - 2022-12-29 14:34 - 000174216 _____ C:\WINDOWS\system32\setupepmdrvx64.exe
2023-03-04 18:36 - 2022-12-29 14:34 - 000030136 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFl.sys
2023-03-04 18:36 - 2022-12-29 14:34 - 000000057 _____ C:\WINDOWS\system32\setupepmdrv.ini
2023-03-04 18:35 - 2023-03-04 18:40 - 000000000 ____D C:\Program Files (x86)\EaseUS
2023-03-04 18:33 - 2023-03-04 18:34 - 110275768 _____ (EaseUS ) C:\Users\gwlad\Desktop\epm_trial_ob_17.8.exe
2023-03-04 18:33 - 2023-03-04 18:33 - 001955944 _____ C:\Users\gwlad\Desktop\epm_trial_installer_20230304.4754a3957824.exe
2023-03-03 16:04 - 2023-03-04 18:52 - 000066560 _____ C:\WINDOWS\dm_batch.bak
2023-03-03 16:04 - 2023-03-04 18:52 - 000000064 _____ C:\WINDOWS\dm.dmap
2023-03-03 15:51 - 2023-03-03 15:53 - 000001068 _____ C:\Users\gwlad\Desktop\IM-Magic Partition Resizer Free.lnk
2023-03-03 15:51 - 2023-03-03 15:51 - 000795408 _____ C:\WINDOWS\system32\im-fre.exe
2023-03-03 15:51 - 2023-03-03 15:51 - 000021208 _____ C:\WINDOWS\system32\MDA_NTDRV.sys
2023-03-03 15:51 - 2023-03-03 15:51 - 000000000 ____D C:\Users\gwlad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IM-Magic Partition Resizer Free
2023-03-03 15:51 - 2023-03-03 15:51 - 000000000 ____D C:\Program Files\IM-Magic
2023-03-03 15:48 - 2022-12-10 14:23 - 012076224 _____ (IM-Magic Inc.) C:\Users\gwlad\Desktop\resizer-free.exe
2023-03-03 15:47 - 2023-03-03 15:47 - 012036051 _____ C:\Users\gwlad\Desktop\resizer-free.zip
2023-03-03 14:57 - 2023-03-04 18:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-03-26 12:58 - 2020-11-28 11:36 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E332CEF8-7F19-4B87-9DF4-C795392BD0D2}
2023-03-26 12:57 - 2016-02-23 20:27 - 000000000 ____D C:\Program Files (x86)\Google
2023-03-26 12:49 - 2020-07-01 11:41 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-03-26 12:49 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-03-26 12:33 - 2017-06-13 10:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-03-26 12:31 - 2018-11-18 20:08 - 000000000 ____D C:\Users\gwlad\AppData\Local\CrashDumps
2023-03-26 12:29 - 2019-03-22 12:24 - 000000000 ____D C:\Program Files\CCleaner
2023-03-26 12:28 - 2016-02-22 15:27 - 000000000 ___RD C:\Users\gwlad\OneDrive
2023-03-26 12:26 - 2020-11-18 22:37 - 000000000 ____D C:\Program Files (x86)\Steam
2023-03-26 12:25 - 2023-02-22 17:52 - 000000000 ____D C:\Users\gwlad\Desktop\LightShow
2023-03-26 12:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-03-26 12:21 - 2017-10-01 19:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-03-26 12:21 - 2016-02-22 15:24 - 000000000 __SHD C:\Users\gwlad\IntelGraphicsProfiles
2023-03-23 19:55 - 2018-04-21 17:40 - 000000000 ____D C:\Users\gwlad\AppData\Local\Packages
2023-03-23 19:49 - 2020-11-28 10:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-03-23 19:21 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-03-23 19:15 - 2021-12-14 12:14 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-201739809-433715794-94216092-1001
2023-03-23 19:15 - 2020-11-28 11:36 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-201739809-433715794-94216092-1001
2023-03-23 19:15 - 2020-11-28 11:05 - 000002420 _____ C:\Users\gwlad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-03-21 19:07 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-03-21 19:03 - 2021-08-19 12:14 - 000000000 ____D C:\Users\gwlad\Documents\YouCam
2023-03-21 19:01 - 2020-03-16 15:45 - 000000000 ____D C:\Users\gwlad\AppData\LocalLow\Mozilla
2023-03-20 22:06 - 2015-10-23 19:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-03-20 22:05 - 2016-02-22 18:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-03-20 21:44 - 2022-09-29 18:17 - 000003468 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-03-20 21:44 - 2022-09-29 18:17 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-03-20 21:44 - 2020-11-28 11:36 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-03-20 21:42 - 2016-02-22 18:52 - 153620824 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-03-20 21:34 - 2020-11-28 11:36 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-03-20 21:34 - 2020-11-28 11:36 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-03-20 21:33 - 2022-12-31 16:24 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2023-03-12 19:23 - 2021-05-03 18:36 - 000000000 ____D C:\Users\gwlad\AppData\Roaming\vlc
2023-03-09 20:17 - 2020-12-03 10:24 - 000000000 ____D C:\Users\gwlad\Desktop\GWLADYS
2023-03-04 18:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Registration
2023-03-04 18:25 - 2022-10-19 20:26 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-03-04 18:25 - 2020-03-16 15:44 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-03-04 18:25 - 2020-03-16 15:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-03-03 15:50 - 2023-02-22 17:48 - 000000000 ____D C:\Users\gwlad\Desktop\a trier
2023-03-03 14:54 - 2021-06-18 10:20 - 000239544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2023-03-03 14:52 - 2019-07-29 18:13 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2023-02-26 10:58 - 2020-11-28 11:36 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
==================== Fichiers à la racine de certains dossiers ========
2023-03-04 18:43 - 2023-03-04 18:43 - 000000027 _____ () C:\Users\gwlad\AppData\Roaming\epm_user.ini
2019-02-09 13:32 - 2023-03-26 12:23 - 000883962 _____ () C:\Users\gwlad\AppData\Local\BTServer.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================