Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01.07.2024
Exécuté par paull (administrateur) sur MALKO (HP HP Laptop 17-cn0xxx) (08-07-2024 16:10:11)
Exécuté depuis C:\Users\paull\Desktop\FRST64.exe
Profils chargés: paull
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3810 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\BridgeCommunication.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\EoAExperiences.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe <4>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_bee333b3fb02dacb\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9134aba6dded996c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9134aba6dded996c\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8ff8e67ced23ab98\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe <3>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.30.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe [1987544 2024-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [HPOneAgentService] => C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1605136 2024-05-20] (HP Inc. -> HP Inc; HP Development Company, L.P.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [370088 2021-10-08] (EXPRSVPN LLC -> ExpressVPN)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [812856 2024-07-08] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-26] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-26] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-26] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\...\Run: [MicrosoftEdgeAutoLaunch_6CBFA7D17B90FC2210263D475A82C921] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883472 2024-07-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45629344 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [831488 2024-04-26] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-04-13]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {9FD1E822-656C-4467-8962-C81B2E36BBBE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1558984 2024-06-25] (Adobe Inc. -> Adobe Inc.)
Task: {9EFBABB8-0626-42D1-99AD-A5657F8CBDD4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E18CE777-F3DC-4D33-853D-94935594BD60} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "acbe1db5-9dba-48bf-a8a9-b56b05cccec1" --version "6.25.11131" --silent
Task: {E3F2A9A5-4E9C-459F-A58C-971B050E4C26} - System32\Tasks\CCleanerSkipUAC - paull => C:\Program Files\CCleaner\CCleaner.exe [39451552 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B14A3422-2C41-42E6-8C8D-F46304ECA353} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {F8FA13F9-3676-4550-9E2C-CD0649C0015E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {BF87F979-6F95-4016-B589-6226B5DAB073} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {8747DCD4-2769-4ADA-9CF7-5FCBE55A79FD} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {ABD10EB1-6E65-493A-BFE7-9FC0A16659F2} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {65C5050E-E603-4208-86A8-ABDBCE4B2785} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {1937E66C-8A91-410F-BA94-22661BD93286} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {6AD1C661-B61E-492A-B32D-4A1523E103C9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {733A3616-5408-4031-B172-2B3A0FDCE9B7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {BD028095-CABF-490B-AAD4-91DE7830C88A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [258048 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {B419F574-65E2-4CD9-B2E2-B1DD54C21450} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-05-13] (HP Inc. -> HP Inc.)
Task: {70B5EDD7-97A5-40B7-AD2F-6F572EBB3D14} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-05-13] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {005EBA45-15FA-4201-9E0B-53F6F7CA74D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSA Launcher for HDD => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSALauncher.exe [205840 2024-05-13] (HP Inc. -> HP Inc.)
Task: {AAAD55F9-D5AE-4E02-BF88-C47A1005CDA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {CDAA2408-B935-4FD7-93EA-F2260D0E0930} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN4AO463P5 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {112FE946-8D9E-4EFA-BA83-EBB74158239A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {BC00A9BB-CF15-4356-9AD9-9AB4538AE75F} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {8D032AB6-EF72-4667-9CBE-6DA17C9E05F5} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {163DB2D3-B436-4305-90A3-3FB72D6F17CD} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{E3864E7A-058C-4AC3-8331-E2E4F64C69A4}\HPOneAgent.exe [1169488 2024-07-06] (HP Inc. -> HP Inc.)
Task: {7F2B071B-C1F8-4EF7-BEEE-D3138C798152} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C2BD1FD-B422-4381-9D0C-34355BE054D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CF45330-AD96-4257-9B1E-4CDE7AFF8437} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3D97C26-FE72-4CB3-BC3C-11ABE2ADFFD8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {02864C6E-4553-4449-A9D6-F267E720AFB2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169408 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD24F843-3A17-4128-A01A-15A01C63DDC2} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73728 2024-04-26] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {FDF24B78-DC1D-4ACF-A5C9-50540C546F96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1B384B85-26AF-41B1-A940-BCD04C085874} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BFBFF87-AEE9-4A8D-A41F-8F63B2672EB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2679EE8A-6320-4220-A7BE-6323B9052388} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA75EEF8-13F9-4B5C-AF20-D24A1914E556} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34888 2024-07-07] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}\6524A4F4441495: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}\6524A4F4441495: [DhcpDomain] home
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}\D41494452554F5A4F4441495: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\paull\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-08]
Edge StartupUrls: Default -> "hxxps://www.google.fr/"
Edge Extension: (Google Docs hors connexion) - C:\Users\paull\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-03]
Edge Extension: (Edge relevant text changes) - C:\Users\paull\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-03]
FireFox:
========
FF DefaultProfile: 46uzhdzu.default
FF ProfilePath: C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\46uzhdzu.default [2023-05-08]
FF ProfilePath: C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release [2024-07-08]
FF Notifications: Mozilla\Firefox\Profiles\bsgrighg.default-release -> hxxps://particuliers.engie.fr; hxxps://forum-xiaomi.com
FF Extension: (Activist – Balanced) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\activist-balanced-colorway@mozilla.org.xpi [2023-03-22]
FF Extension: (Dictionnaire français) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2022-11-02]
FF Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2024-01-30]
FF Extension: (To Google Translate) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-11-02]
FF Extension: (Google Translator for Firefox) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\translator@zoli.bod.xpi [2024-04-26]
FF Extension: (Flagfox) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2024-07-07]
FF Extension: (OldWood) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{1268dd7d-073e-4bf1-81dc-f1bb0f4f0c2e}.xpi [2022-10-20]
FF Extension: (Dark-ish Rainbow) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{21f69c5d-b9e1-470f-a890-74454e954eee}.xpi [2022-10-20]
FF Extension: (Sahara Sand) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{2ddbcb89-c6c1-4c0e-a146-21ba9bcd99ef}.xpi [2024-02-10]
FF Extension: (Blue Carbon Fiber) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{5ab03bdd-3d91-4c73-801e-607ca27458d0}.xpi [2022-10-20]
FF Extension: (NoScript) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-12-13]
FF Extension: (chrystalize) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{96b7a652-8716-4678-be68-7a8bac53a373}.xpi [2022-10-20]
FF Extension: (Video DownloadHelper) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-07-07]
FF Extension: (A N I M A T E D KITTY CAT) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{cf4e89f2-b8e0-4ad7-932d-7b82d8956543}.xpi [2022-10-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default [2024-05-19]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Docs hors connexion) - C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-18]
CHR Extension: (Assistant Amazon pour Chrome) - C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2023-01-18]
CHR HKLM\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-06-25] (Adobe Inc. -> Adobe Inc.)
S4 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
S4 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437160 2021-10-08] (EXPRSVPN LLC -> ExpressVPN)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1605136 2024-05-20] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\AppHelperCap.exe [928808 2024-06-02] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\DiagsCap.exe [927792 2024-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe [923584 2024-06-02] (HP Inc. -> HP Inc.)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-07-07] (HP Inc. -> HP Inc.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\SysInfoCap.exe [928704 2024-06-02] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8895072 2024-06-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RtkWiFiManServ; C:\WINDOWS\RtkWiFiManServ.exe [821608 2023-12-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S4 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [760776 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [45640 2021-10-08] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [46896 2021-10-08] (Express VPN International Ltd. -> ExpressVPN)
S3 GSCAuxDriver; C:\WINDOWS\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_47dea9773e9dfab7\GSCAuxDriverx64.sys [79960 2022-01-06] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_1027aa064fe1f3f7\TeeDriverGSCW8x64.sys [258096 2022-01-06] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221136 2024-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2021-10-08] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-08 16:10 - 2024-07-08 16:11 - 000029777 _____ C:\Users\paull\Desktop\FRST.txt
2024-07-08 16:09 - 2024-07-08 16:10 - 000000000 ____D C:\FRST
2024-07-08 16:09 - 2024-07-08 16:09 - 002395648 _____ (Farbar) C:\Users\paull\Desktop\FRST64.exe
2024-07-08 14:26 - 2024-07-08 14:26 - 000814504 _____ C:\WINDOWS\system32\perfh00C.dat
2024-07-08 14:26 - 2024-07-08 14:26 - 000167180 _____ C:\WINDOWS\system32\perfc00C.dat
2024-07-07 12:14 - 2024-07-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-07-07 10:39 - 2024-07-08 14:20 - 000000000 ____D C:\Users\paull\AppData\Roaming\Peugeot Update
2024-07-07 10:39 - 2024-07-07 10:39 - 000002394 _____ C:\Users\paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2024-07-07 10:39 - 2024-07-07 10:39 - 000000000 ____D C:\Users\paull\AppData\Roaming\connect_update
2024-07-06 09:31 - 2024-07-06 09:31 - 000354048 _____ C:\WINDOWS\system32\lc.dat
2024-07-06 09:22 - 2024-07-06 09:22 - 000025684 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-07-06 09:21 - 2024-07-06 09:21 - 000025684 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-07-06 09:13 - 2024-07-06 09:17 - 000000000 ___HD C:\$WinREAgent
2024-06-18 12:41 - 2024-03-12 20:24 - 000979376 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000737888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000622040 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000541640 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000481880 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000481040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000390192 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 027984176 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 020708040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001989824 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001989824 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001546328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001546328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001454168 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001454168 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001167552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001167552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 000512704 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 000418496 _____ C:\WINDOWS\system32\ze_loader.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 000179392 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2024-06-18 12:41 - 2024-03-12 20:22 - 000264696 _____ C:\WINDOWS\system32\ControlLib.dll
2024-06-18 12:41 - 2024-03-12 20:22 - 000217320 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2024-06-18 12:41 - 2024-03-12 20:22 - 000217320 _____ C:\WINDOWS\system32\ControlLib32.dll
2024-06-18 12:19 - 2023-10-31 20:11 - 020221040 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPRes.dll
2024-06-18 12:19 - 2023-10-31 20:11 - 004466288 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnh.exe
2024-06-18 12:19 - 2023-10-31 20:11 - 001126504 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2024-06-18 12:19 - 2023-10-31 20:11 - 000428656 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnhService.exe
2024-06-18 12:19 - 2023-10-31 20:11 - 000331376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2024-06-10 14:55 - 2024-06-10 14:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-10 14:34 - 2024-06-10 14:34 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-08 16:10 - 2023-05-13 10:55 - 000000000 ____D C:\Users\paull\AppData\Local\Malwarebytes
2024-07-08 16:09 - 2022-10-19 12:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-07-08 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-07-08 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-08 15:44 - 2022-11-20 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-07-08 15:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-07-08 15:33 - 2022-10-19 11:55 - 000000000 ____D C:\Users\paull\AppData\Local\D3DSCache
2024-07-08 15:25 - 2022-10-20 09:55 - 000000000 ____D C:\Program Files\CCleaner
2024-07-08 15:23 - 2022-11-20 14:37 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-07-08 15:23 - 2022-11-20 14:37 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-07-08 15:23 - 2022-10-20 09:56 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-07-08 15:17 - 2023-01-03 12:13 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-07-08 15:06 - 2022-05-13 06:56 - 000000000 ____D C:\ProgramData\Package Cache
2024-07-08 14:35 - 2022-11-20 14:37 - 000004156 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ACD4BB42-6CA2-48D9-922F-032D2634AB91}
2024-07-08 14:26 - 2022-11-20 14:36 - 001823396 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-07-08 14:26 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-07-08 14:19 - 2022-11-20 14:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-07-08 14:19 - 2022-10-19 11:55 - 000000000 __SHD C:\Users\paull\IntelGraphicsProfiles
2024-07-08 14:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-07-08 14:19 - 2022-03-07 08:33 - 000000000 ____D C:\Intel
2024-07-08 14:19 - 2021-06-25 20:10 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-08 09:33 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-07-08 08:10 - 2023-03-23 11:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-07-08 08:10 - 2022-10-19 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-07-08 08:10 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-07 17:29 - 2022-11-20 14:07 - 000000000 ____D C:\Users\paull
2024-07-07 12:14 - 2022-10-19 12:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-07-07 11:41 - 2022-10-20 14:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-07-07 11:10 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-07-07 10:59 - 2023-01-03 12:13 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-07-07 10:37 - 2022-10-19 11:49 - 000000000 ____D C:\Users\paull\AppData\Local\Packages
2024-07-07 10:36 - 2023-03-21 09:21 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-07-07 10:34 - 2022-11-20 14:33 - 000765864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-06 09:33 - 2023-12-10 11:51 - 000000000 ____D C:\WINDOWS\InboxApps
2024-07-06 09:33 - 2022-11-20 13:47 - 000000000 ____D C:\WINDOWS\HoloShell
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-06 09:26 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-07-06 09:22 - 2022-11-20 14:33 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-07-06 09:06 - 2024-01-30 15:41 - 000003824 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2024-07-06 08:56 - 2022-03-07 08:41 - 000000000 ____D C:\Program Files\Microsoft Office
2024-07-06 08:50 - 2022-11-20 14:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1022526771-515015637-2813598529-1001
2024-07-06 08:50 - 2022-11-20 14:37 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1022526771-515015637-2813598529-1001
2024-07-06 08:50 - 2022-10-19 11:57 - 000002424 _____ C:\Users\paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-06 08:45 - 2021-06-25 20:10 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-20 15:07 - 2022-10-31 12:00 - 000000000 ____D C:\1MALKO
2024-06-18 12:46 - 2023-10-06 10:06 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-06-18 12:31 - 2022-10-20 10:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-18 12:22 - 2022-10-20 10:49 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-10 15:16 - 2022-11-20 13:47 - 000000000 ____D C:\WINDOWS\TextInput
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-06-10 15:16 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-06-10 15:09 - 2022-05-07 12:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-06-10 15:09 - 2022-05-07 12:31 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-06-10 15:09 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2024-06-10 15:09 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2024-06-10 14:43 - 2022-10-20 16:20 - 000000000 ____D C:\Users\paull\AppData\Local\CrashDumps
2024-06-10 14:36 - 2023-04-14 10:06 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-06-10 14:29 - 2022-10-20 11:18 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-06-10 14:25 - 2021-06-25 20:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-10 14:15 - 2022-11-20 14:37 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-10 14:15 - 2022-11-20 14:37 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2023-01-01 16:18 - 2023-01-01 16:18 - 000000017 _____ () C:\Users\paull\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par paull (administrateur) sur MALKO (HP HP Laptop 17-cn0xxx) (08-07-2024 16:10:11)
Exécuté depuis C:\Users\paull\Desktop\FRST64.exe
Profils chargés: paull
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3810 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxEM.exe
(DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\dptf_helper.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\BridgeCommunication.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.5.15.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\EoAExperiences.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe <4>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_bee333b3fb02dacb\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9134aba6dded996c\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9134aba6dded996c\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8ff8e67ced23ab98\jhi_service.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe <3>
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2424.6.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.13200.30.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_e4e95354d5d4b4dd\RtkAudUService64.exe [1987544 2024-05-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech)
HKLM\...\Run: [HPOneAgentService] => C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1605136 2024-05-20] (HP Inc. -> HP Inc; HP Development Company, L.P.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [370088 2021-10-08] (EXPRSVPN LLC -> ExpressVPN)
HKLM-x32\...\RunOnce: [ccleaner_update_helper] => C:\Program Files\CCleaner\ccleaner_update_helper.exe [812856 2024-07-08] (PIRIFORM SOFTWARE LIMITED -> Piriform)
HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-26] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-26] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [539152 2024-04-26] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\...\Run: [MicrosoftEdgeAutoLaunch_6CBFA7D17B90FC2210263D475A82C921] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883472 2024-07-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45629344 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1022526771-515015637-2813598529-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [831488 2024-04-26] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2023-04-13]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {9FD1E822-656C-4467-8962-C81B2E36BBBE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1558984 2024-06-25] (Adobe Inc. -> Adobe Inc.)
Task: {9EFBABB8-0626-42D1-99AD-A5657F8CBDD4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {E18CE777-F3DC-4D33-853D-94935594BD60} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5074848 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Gen Digital Inc. All rights reserved.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "acbe1db5-9dba-48bf-a8a9-b56b05cccec1" --version "6.25.11131" --silent
Task: {E3F2A9A5-4E9C-459F-A58C-971B050E4C26} - System32\Tasks\CCleanerSkipUAC - paull => C:\Program Files\CCleaner\CCleaner.exe [39451552 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {B14A3422-2C41-42E6-8C8D-F46304ECA353} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {F8FA13F9-3676-4550-9E2C-CD0649C0015E} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {BF87F979-6F95-4016-B589-6226B5DAB073} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {8747DCD4-2769-4ADA-9CF7-5FCBE55A79FD} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {ABD10EB1-6E65-493A-BFE7-9FC0A16659F2} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {65C5050E-E603-4208-86A8-ABDBCE4B2785} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {1937E66C-8A91-410F-BA94-22661BD93286} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {6AD1C661-B61E-492A-B32D-4A1523E103C9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {733A3616-5408-4031-B172-2B3A0FDCE9B7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\WINDOWS\system32\cmd.exe [323584 2024-06-10] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {BD028095-CABF-490B-AAD4-91DE7830C88A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [258048 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {B419F574-65E2-4CD9-B2E2-B1DD54C21450} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-05-13] (HP Inc. -> HP Inc.)
Task: {70B5EDD7-97A5-40B7-AD2F-6F572EBB3D14} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-05-13] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {005EBA45-15FA-4201-9E0B-53F6F7CA74D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSA Launcher for HDD => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSALauncher.exe [205840 2024-05-13] (HP Inc. -> HP Inc.)
Task: {AAAD55F9-D5AE-4E02-BF88-C47A1005CDA4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {CDAA2408-B935-4FD7-93EA-F2260D0E0930} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN4AO463P5 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {112FE946-8D9E-4EFA-BA83-EBB74158239A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161744 2024-05-13] (HP Inc. -> HP Inc.)
Task: {BC00A9BB-CF15-4356-9AD9-9AB4538AE75F} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {8D032AB6-EF72-4667-9CBE-6DA17C9E05F5} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {163DB2D3-B436-4305-90A3-3FB72D6F17CD} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{E3864E7A-058C-4AC3-8331-E2E4F64C69A4}\HPOneAgent.exe [1169488 2024-07-06] (HP Inc. -> HP Inc.)
Task: {7F2B071B-C1F8-4EF7-BEEE-D3138C798152} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C2BD1FD-B422-4381-9D0C-34355BE054D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28512448 2024-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {3CF45330-AD96-4257-9B1E-4CDE7AFF8437} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {E3D97C26-FE72-4CB3-BC3C-11ABE2ADFFD8} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {02864C6E-4553-4449-A9D6-F267E720AFB2} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [169408 2024-07-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {CD24F843-3A17-4128-A01A-15A01C63DDC2} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\WINDOWS\system32\rundll32.exe [73728 2024-04-26] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {FDF24B78-DC1D-4ACF-A5C9-50540C546F96} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1B384B85-26AF-41B1-A940-BCD04C085874} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4BFBFF87-AEE9-4A8D-A41F-8F63B2672EB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2679EE8A-6320-4220-A7BE-6323B9052388} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA75EEF8-13F9-4B5C-AF20-D24A1914E556} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34888 2024-07-07] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}\6524A4F4441495: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}\6524A4F4441495: [DhcpDomain] home
Tcpip\..\Interfaces\{8782533f-d3b4-4528-829c-d7cfe8779dd7}\D41494452554F5A4F4441495: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\paull\AppData\Local\Microsoft\Edge\User Data\Default [2024-07-08]
Edge StartupUrls: Default -> "hxxps://www.google.fr/"
Edge Extension: (Google Docs hors connexion) - C:\Users\paull\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-03]
Edge Extension: (Edge relevant text changes) - C:\Users\paull\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-03]
FireFox:
========
FF DefaultProfile: 46uzhdzu.default
FF ProfilePath: C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\46uzhdzu.default [2023-05-08]
FF ProfilePath: C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release [2024-07-08]
FF Notifications: Mozilla\Firefox\Profiles\bsgrighg.default-release -> hxxps://particuliers.engie.fr; hxxps://forum-xiaomi.com
FF Extension: (Activist – Balanced) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\activist-balanced-colorway@mozilla.org.xpi [2023-03-22]
FF Extension: (Dictionnaire français) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2022-11-02]
FF Extension: (Awesome Screenshot: Screen Video Recorder) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\jid0-GXjLLfbCoAx0LcltEdFrEkQdQPI@jetpack.xpi [2024-01-30]
FF Extension: (To Google Translate) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-11-02]
FF Extension: (Google Translator for Firefox) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\translator@zoli.bod.xpi [2024-04-26]
FF Extension: (Flagfox) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2024-07-07]
FF Extension: (OldWood) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{1268dd7d-073e-4bf1-81dc-f1bb0f4f0c2e}.xpi [2022-10-20]
FF Extension: (Dark-ish Rainbow) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{21f69c5d-b9e1-470f-a890-74454e954eee}.xpi [2022-10-20]
FF Extension: (Sahara Sand) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{2ddbcb89-c6c1-4c0e-a146-21ba9bcd99ef}.xpi [2024-02-10]
FF Extension: (Blue Carbon Fiber) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{5ab03bdd-3d91-4c73-801e-607ca27458d0}.xpi [2022-10-20]
FF Extension: (NoScript) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2023-12-13]
FF Extension: (chrystalize) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{96b7a652-8716-4678-be68-7a8bac53a373}.xpi [2022-10-20]
FF Extension: (Video DownloadHelper) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-07-07]
FF Extension: (A N I M A T E D KITTY CAT) - C:\Users\paull\AppData\Roaming\Mozilla\Firefox\Profiles\bsgrighg.default-release\Extensions\{cf4e89f2-b8e0-4ad7-932d-7b82d8956543}.xpi [2022-10-20]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-06-27] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-15] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default [2024-05-19]
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Extension: (Google Docs hors connexion) - C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-01-18]
CHR Extension: (Assistant Amazon pour Chrome) - C:\Users\paull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2023-01-18]
CHR HKLM\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-06-25] (Adobe Inc. -> Adobe Inc.)
S4 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1085856 2024-06-26] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14023752 2024-06-21] (Microsoft Corporation -> Microsoft Corporation)
S4 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437160 2021-10-08] (EXPRSVPN LLC -> ExpressVPN)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [1605136 2024-05-20] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\AppHelperCap.exe [928808 2024-06-02] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\DiagsCap.exe [927792 2024-06-02] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\NetworkCap.exe [923584 2024-06-02] (HP Inc. -> HP Inc.)
S4 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [241104 2024-07-07] (HP Inc. -> HP Inc.)
S4 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_e37f0d22409571ae\x64\SysInfoCap.exe [928704 2024-06-02] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8895072 2024-06-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-05-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RtkWiFiManServ; C:\WINDOWS\RtkWiFiManServ.exe [821608 2023-12-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S4 SECOMNService; C:\WINDOWS\System32\SECOMN64.exe [760776 2022-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Sound Research, Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [45640 2021-10-08] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\WINDOWS\System32\drivers\expressvpn-tun.sys [46896 2021-10-08] (Express VPN International Ltd. -> ExpressVPN)
S3 GSCAuxDriver; C:\WINDOWS\System32\DriverStore\FileRepository\gscauxdriver.inf_amd64_47dea9773e9dfab7\GSCAuxDriverx64.sys [79960 2022-01-06] (Intel Corporation -> Intel Corporation)
S3 GSCx64; C:\WINDOWS\System32\DriverStore\FileRepository\gscheci.inf_amd64_1027aa064fe1f3f7\TeeDriverGSCW8x64.sys [258096 2022-01-06] (Intel Corporation -> Intel Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [25592 2021-09-16] (HP Inc. -> HP Inc.)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [221136 2024-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-10-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [61496 2021-10-08] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22080 2024-06-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [602520 2024-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-10] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-08 16:10 - 2024-07-08 16:11 - 000029777 _____ C:\Users\paull\Desktop\FRST.txt
2024-07-08 16:09 - 2024-07-08 16:10 - 000000000 ____D C:\FRST
2024-07-08 16:09 - 2024-07-08 16:09 - 002395648 _____ (Farbar) C:\Users\paull\Desktop\FRST64.exe
2024-07-08 14:26 - 2024-07-08 14:26 - 000814504 _____ C:\WINDOWS\system32\perfh00C.dat
2024-07-08 14:26 - 2024-07-08 14:26 - 000167180 _____ C:\WINDOWS\system32\perfc00C.dat
2024-07-07 12:14 - 2024-07-07 12:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-07-07 10:39 - 2024-07-08 14:20 - 000000000 ____D C:\Users\paull\AppData\Roaming\Peugeot Update
2024-07-07 10:39 - 2024-07-07 10:39 - 000002394 _____ C:\Users\paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Peugeot Update.lnk
2024-07-07 10:39 - 2024-07-07 10:39 - 000000000 ____D C:\Users\paull\AppData\Roaming\connect_update
2024-07-06 09:31 - 2024-07-06 09:31 - 000354048 _____ C:\WINDOWS\system32\lc.dat
2024-07-06 09:22 - 2024-07-06 09:22 - 000025684 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-07-06 09:21 - 2024-07-06 09:21 - 000025684 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-07-06 09:13 - 2024-07-06 09:17 - 000000000 ___HD C:\$WinREAgent
2024-06-18 12:41 - 2024-03-12 20:24 - 000979376 _____ (Intel Corporation) C:\WINDOWS\system32\libmfxhw64.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000737888 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\libmfxhw32.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000622040 _____ (Intel Corporation) C:\WINDOWS\system32\intel_gfx_api-x64.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000541640 _____ (Intel) C:\WINDOWS\system32\libvpl.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000481880 _____ (Intel) C:\WINDOWS\SysWOW64\libvpl.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000481040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\intel_gfx_api-x86.dll
2024-06-18 12:41 - 2024-03-12 20:24 - 000390192 _____ C:\WINDOWS\SysWOW64\IntelControlLib32.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 027984176 _____ (Intel Corporation) C:\WINDOWS\system32\mfxplugin64_hw.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 020708040 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\mfxplugin32_hw.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001989824 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001989824 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001546328 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001546328 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-06-18 12:41 - 2024-03-12 20:23 - 001454168 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001454168 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001167552 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 001167552 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 000512704 _____ C:\WINDOWS\system32\ze_tracing_layer.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 000418496 _____ C:\WINDOWS\system32\ze_loader.dll
2024-06-18 12:41 - 2024-03-12 20:23 - 000179392 _____ C:\WINDOWS\system32\ze_validation_layer.dll
2024-06-18 12:41 - 2024-03-12 20:22 - 000264696 _____ C:\WINDOWS\system32\ControlLib.dll
2024-06-18 12:41 - 2024-03-12 20:22 - 000217320 _____ C:\WINDOWS\SysWOW64\ControlLib32.dll
2024-06-18 12:41 - 2024-03-12 20:22 - 000217320 _____ C:\WINDOWS\system32\ControlLib32.dll
2024-06-18 12:19 - 2023-10-31 20:11 - 020221040 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPRes.dll
2024-06-18 12:19 - 2023-10-31 20:11 - 004466288 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnh.exe
2024-06-18 12:19 - 2023-10-31 20:11 - 001126504 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynCOM.dll
2024-06-18 12:19 - 2023-10-31 20:11 - 000428656 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPEnhService.exe
2024-06-18 12:19 - 2023-10-31 20:11 - 000331376 _____ (Synaptics Incorporated) C:\WINDOWS\system32\SynTPAPI.dll
2024-06-10 14:55 - 2024-06-10 14:55 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-06-10 14:34 - 2024-06-10 14:34 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-07-08 16:10 - 2023-05-13 10:55 - 000000000 ____D C:\Users\paull\AppData\Local\Malwarebytes
2024-07-08 16:09 - 2022-10-19 12:15 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-07-08 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-07-08 15:45 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-07-08 15:44 - 2022-11-20 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-07-08 15:35 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-07-08 15:33 - 2022-10-19 11:55 - 000000000 ____D C:\Users\paull\AppData\Local\D3DSCache
2024-07-08 15:25 - 2022-10-20 09:55 - 000000000 ____D C:\Program Files\CCleaner
2024-07-08 15:23 - 2022-11-20 14:37 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-07-08 15:23 - 2022-11-20 14:37 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-07-08 15:23 - 2022-10-20 09:56 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-07-08 15:17 - 2023-01-03 12:13 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-07-08 15:06 - 2022-05-13 06:56 - 000000000 ____D C:\ProgramData\Package Cache
2024-07-08 14:35 - 2022-11-20 14:37 - 000004156 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ACD4BB42-6CA2-48D9-922F-032D2634AB91}
2024-07-08 14:26 - 2022-11-20 14:36 - 001823396 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-07-08 14:26 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-07-08 14:19 - 2022-11-20 14:37 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-07-08 14:19 - 2022-10-19 11:55 - 000000000 __SHD C:\Users\paull\IntelGraphicsProfiles
2024-07-08 14:19 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ServiceState
2024-07-08 14:19 - 2022-03-07 08:33 - 000000000 ____D C:\Intel
2024-07-08 14:19 - 2021-06-25 20:10 - 000012288 ___SH C:\DumpStack.log.tmp
2024-07-08 09:33 - 2022-05-07 07:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-07-08 08:10 - 2023-03-23 11:53 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-07-08 08:10 - 2022-10-19 12:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-07-08 08:10 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-07-07 17:29 - 2022-11-20 14:07 - 000000000 ____D C:\Users\paull
2024-07-07 12:14 - 2022-10-19 12:15 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-07-07 11:41 - 2022-10-20 14:08 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-07-07 11:10 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-07-07 10:59 - 2023-01-03 12:13 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-07-07 10:37 - 2022-10-19 11:49 - 000000000 ____D C:\Users\paull\AppData\Local\Packages
2024-07-07 10:36 - 2023-03-21 09:21 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2024-07-07 10:34 - 2022-11-20 14:33 - 000765864 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-07-06 09:33 - 2023-12-10 11:51 - 000000000 ____D C:\WINDOWS\InboxApps
2024-07-06 09:33 - 2022-11-20 13:47 - 000000000 ____D C:\WINDOWS\HoloShell
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\UUS
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-07-06 09:33 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-07-06 09:26 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-07-06 09:22 - 2022-11-20 14:33 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-07-06 09:06 - 2024-01-30 15:41 - 000003824 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2024-07-06 08:56 - 2022-03-07 08:41 - 000000000 ____D C:\Program Files\Microsoft Office
2024-07-06 08:50 - 2022-11-20 14:37 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1022526771-515015637-2813598529-1001
2024-07-06 08:50 - 2022-11-20 14:37 - 000003358 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1022526771-515015637-2813598529-1001
2024-07-06 08:50 - 2022-10-19 11:57 - 000002424 _____ C:\Users\paull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-07-06 08:45 - 2021-06-25 20:10 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-20 15:07 - 2022-10-31 12:00 - 000000000 ____D C:\1MALKO
2024-06-18 12:46 - 2023-10-06 10:06 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-06-18 12:31 - 2022-10-20 10:49 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-06-18 12:22 - 2022-10-20 10:49 - 199048176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-06-10 15:16 - 2022-11-20 13:47 - 000000000 ____D C:\WINDOWS\TextInput
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\setup
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-06-10 15:16 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\BrowserCore
2024-06-10 15:16 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\servicing
2024-06-10 15:09 - 2022-05-07 12:31 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2024-06-10 15:09 - 2022-05-07 12:31 - 000024383 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2024-06-10 15:09 - 2022-05-07 07:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2024-06-10 15:09 - 2022-05-07 07:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll
2024-06-10 14:43 - 2022-10-20 16:20 - 000000000 ____D C:\Users\paull\AppData\Local\CrashDumps
2024-06-10 14:36 - 2023-04-14 10:06 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2024-06-10 14:29 - 2022-10-20 11:18 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-06-10 14:25 - 2021-06-25 20:10 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-06-10 14:15 - 2022-11-20 14:37 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-10 14:15 - 2022-11-20 14:37 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
==================== Fichiers à la racine de certains dossiers ========
2023-01-01 16:18 - 2023-01-01 16:18 - 000000017 _____ () C:\Users\paull\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================