Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2024
Exécuté par Marianne (administrateur) sur LAPTOP-9D3LNCCA (Packard Bell Easynote ENLG81AP) (06-12-2024 14:59:46)
Exécuté depuis C:\Users\axeli\Downloads\FRST64(2).exe
Profils chargés: Marianne
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4842 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAAdminAgent.exe
(C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QALockHandler.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxEM.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3159567254-3447741846-1408144799-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45359408 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3159567254-3447741846-1408144799-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\axeli\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-02-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3159567254-3447741846-1408144799-1001\...\Run: [MicrosoftEdgeAutoLaunch_B959A5391864374940C87AD2EC586002] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
GroupPolicyUsers\S-1-5-21-3159567254-3447741846-1408144799-1001\User: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1A65C5BF-BFAE-48AF-BB97-E45CB72437F4} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {50B6A292-3F4F-434E-8B60-35E8B4D5AEE3} - System32\Tasks\App Explorer => %LOCALAPPDATA%\Host App Service\Engine\HostAppServiceUpdater.exe /LOGON (Pas de fichier) <==== ATTENTION
Task: {8FC39D7A-28A9-42F2-B45E-C8EEB28D14F9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2564904 2024-11-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {9C0A6990-D519-420D-AE87-3697362F18EF} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) -> C:\Program Files (x86)\Acer\AOP Framework\\task
Task: {D116E73B-5638-4909-A5ED-1DFDA8DA180F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {480A2045-5AEF-4B17-AA45-6530778A4F88} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "01fd55e6-dc96-485f-a829-4826af4bf78f" --version "6.30.11385" --silent
Task: {370571AF-CE2B-44E0-918E-6A39D2BB9E50} - System32\Tasks\CCleanerSkipUAC - axeli => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {41F7CEB7-0D22-404C-812E-F482D80F8B5F} - System32\Tasks\CCleanerSkipUAC - Marianne => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {E46C913F-F8AD-426C-88B6-162A527934C4} - System32\Tasks\DashlaneUpgradeCheck => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {D359A390-68DA-469C-8982-F768BA5D00DF} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {289DE8F6-FDA7-4604-B7FC-6F6D4A488FCE} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{10AD3895-184A-4C48-9942-BEE0C5810C3B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {D2DD6C39-4C90-4E71-8BC0-A9BA477B5157} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe [855352 2016-05-23] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {BE3324B5-9FD0-436F-B6A2-929A98939650} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5BE8E0D-AE06-441E-8670-98F4D0373FF3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D521216-42EC-4363-9DC6-F96BDDAF6F64} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223344 2024-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6880FA52-33A3-4046-9E93-E17595851A30} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223344 2024-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F848E05-BE8D-405A-9D12-217DB73B78DC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [73416 2024-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3246D5E9-ABCB-4448-8F2B-84B5FBE66E16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {070AC74B-DA02-4EF4-BB92-B4EF3CF1E9C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ABE04F89-7075-4BB4-B4C8-E3ED67889538} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8CD5638-D0D1-406E-95B4-CB5396F830AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88F5E18A-856F-4566-9C24-DE3339F1E0E2} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [602176 2024-12-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {F87F251A-8D35-43E6-93E2-773FBD0C1847} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3159567254-3447741846-1408144799-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [602176 2024-12-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {704C0677-D460-4503-AC87-99DAF106FC6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31808 2024-12-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {9D0ABFA0-A033-4C94-8644-D8E8E96EF40A} - System32\Tasks\Power Button => C:\Program Files\Packard Bell\Packard Bell Quick Access\ePowerButton_NB.exe [2766240 2016-07-29] (Acer Incorporated -> Acer Incorporated)
Task: {ED7E7FA6-1398-45FF-9A94-992E1A98CA6E} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [421792 2016-07-29] (Acer Incorporated -> Acer Incorporated)
Task: {D3AC0CD8-3D64-4E5A-B5AA-A7C706B3C51F} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2bf89f1d-d891-4168-b92d-7f38bb87ee2f}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6b277f2f-24d1-4bae-bc61-baae43966f7e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{e330bfa4-c507-4b33-97b2-4fbe4e416f1b}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-24]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-09-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-16]
Edge Extension: (Edge relevant text changes) - C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: zrond5zh.default
FF ProfilePath: C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\zrond5zh.default [2024-01-11]
FF ProfilePath: C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\j9njwjv2.default-release [2024-12-06]
FF Notifications: Mozilla\Firefox\Profiles\j9njwjv2.default-release -> hxxps://www.bienici.com
FF Extension: (AdBlocker Ultimate) - C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\j9njwjv2.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\j9njwjv2.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-09-15]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\axeli\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-11-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\axeli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\axeli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-13]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13652176 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-11-07] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9433496 2024-12-06] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-21] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 QALSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QALSvc.exe [440224 2016-07-29] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [481696 2016-07-29] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232000 2024-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-06 14:59 - 2024-12-06 15:02 - 000021999 _____ C:\Users\axeli\Downloads\FRST.txt
2024-12-06 14:58 - 2024-12-06 15:01 - 000000000 ____D C:\FRST
2024-12-06 14:58 - 2024-12-06 14:58 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(2).exe
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64.exe
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(1).exe
2024-12-06 14:21 - 2024-12-06 14:49 - 000166901 _____ C:\Users\axeli\Desktop\ZHPDiag.txt
2024-12-06 14:21 - 2024-12-06 14:21 - 000366780 _____ C:\Users\axeli\Desktop\ZHPDiag.html
2024-12-06 14:03 - 2024-12-06 14:49 - 000000000 ____D C:\Users\axeli\AppData\Roaming\ZHP
2024-12-06 14:03 - 2024-12-06 14:03 - 000000877 _____ C:\Users\axeli\Desktop\ZHPSuite.lnk
2024-12-06 14:03 - 2024-12-06 14:03 - 000000000 ____D C:\Users\axeli\AppData\Local\ZHP
2024-12-06 14:00 - 2024-12-06 14:00 - 003539144 _____ (Nicolas Coolman) C:\Users\axeli\Downloads\ZHPSuite.exe
2024-12-06 12:15 - 2024-12-06 12:24 - 000000000 ___HD C:\$WinREAgent
2024-11-24 00:49 - 2024-11-24 00:49 - 000000000 ____D C:\Users\axeli\AppData\Local\ElevatedDiagnostics
2024-11-16 15:26 - 2024-11-16 15:30 - 000000000 ____D C:\Users\axeli\Desktop\SIEGE AUTO
2024-11-16 11:55 - 2024-12-06 13:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-11-07 00:57 - 2024-11-07 00:57 - 001006315 _____ C:\Users\axeli\Desktop\MANDAT-DE-PRELEVEMENT-AEL-042023.pdf
2024-09-16 19:36 - 2022-09-30 04:24 - 000050720 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys
2024-09-16 18:53 - 2022-09-30 04:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2024-09-16 18:53 - 2022-09-30 04:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2024-09-14 11:44 - 2024-09-14 11:44 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-06 16:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-06 14:48 - 2024-07-21 09:59 - 000000000 ____D C:\Users\axeli\AppData\Local\Malwarebytes
2024-12-06 14:21 - 2024-01-01 22:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-06 14:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-12-06 13:31 - 2024-01-11 21:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-06 13:14 - 2018-03-11 10:36 - 000000000 ____D C:\Program Files\CCleaner
2024-12-06 13:11 - 2024-01-11 21:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-12-06 13:11 - 2024-01-01 22:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-06 13:11 - 2024-01-01 22:05 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-06 13:11 - 2024-01-01 20:49 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-06 13:10 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-12-06 12:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-06 12:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-06 11:31 - 2017-09-16 15:13 - 000000000 ____D C:\Users\axeli\AppData\Local\CrashDumps
2024-12-06 11:27 - 2024-01-01 17:34 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-06 11:27 - 2024-01-01 17:34 - 000002292 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-12-06 11:07 - 2017-09-17 15:39 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-06 11:05 - 2024-01-01 22:44 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ED0BC073-FE2C-4B38-9872-1819ED34468B}
2024-12-06 10:56 - 2024-01-11 21:57 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-12-03 10:28 - 2024-01-01 22:44 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-03 10:27 - 2024-01-01 22:44 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-24 23:13 - 2018-12-08 23:05 - 000000000 ____D C:\Users\axeli\AppData\Local\D3DSCache
2024-11-24 22:54 - 2024-01-01 21:14 - 000000000 ____D C:\Users\axeli\AppData\Roaming\Microsoft\Windows
2024-11-24 22:06 - 2024-01-01 21:14 - 000000000 ____D C:\Users\axeli
2024-11-24 20:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-11-24 20:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-24 20:10 - 2017-10-09 15:03 - 000000000 ____D C:\Users\axeli\AppData\Local\ConnectedDevicesPlatform
2024-11-24 17:01 - 2017-11-16 18:38 - 000000000 ____D C:\Users\axeli\AppData\Local\Packages
2024-11-24 16:59 - 2018-05-11 10:05 - 000000000 ____D C:\Users\axeli\AppData\Roaming\Zoom
2024-11-24 15:34 - 2024-01-01 12:32 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-11-24 10:41 - 2016-09-18 06:07 - 000000000 ____D C:\Program Files (x86)\Acer
2024-11-23 17:51 - 2016-09-18 04:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-11-23 13:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2024-11-23 13:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2024-11-16 12:30 - 2017-09-17 14:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-16 12:19 - 2017-09-17 14:48 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-16 12:06 - 2024-01-01 22:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-16 12:06 - 2024-01-01 22:44 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-11-07 18:03 - 2024-01-11 19:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-11-07 18:03 - 2024-01-11 19:00 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-11-06 23:55 - 2024-01-01 22:32 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-06 23:55 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-11-06 23:55 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-11-06 23:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
==================== Fichiers à la racine de certains dossiers ========
2017-10-10 12:37 - 2017-11-10 08:12 - 000015872 _____ () C:\Users\axeli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-17 07:10 - 2018-09-17 07:10 - 000000000 _____ () C:\Users\axeli\AppData\Local\{90955A3A-AA82-4376-9C2D-DE2C6ABC6A07}
==================== SigCheckExt =========================
2017-09-17 13:21 - 2017-03-04 06:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2016-05-23 19:04 - 2016-05-23 19:04 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2015-10-30 08:19 - 2017-09-17 12:45 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 08:19 - 2017-09-17 12:45 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(1).exe
2024-12-06 14:58 - 2024-12-06 14:58 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(2).exe
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64.exe
2024-12-06 14:00 - 2024-12-06 14:00 - 003539144 _____ (Nicolas Coolman) C:\Users\axeli\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{b6dfcc50-bb16-11ec-9de7-30e37a18a384}
{cfbaa033-4c30-11ea-9de2-806e6f6e6963}
{cfbaa034-4c30-11ea-9de2-806e6f6e6963}
{cfbaa035-4c30-11ea-9de2-806e6f6e6963}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b1422ae3-a8e8-11ee-9dec-30e37a18a384}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {b6dfcc50-bb16-11ec-9de7-30e37a18a384}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Application logicielle (101fffff)
--------------------------------
identificateur {cfbaa033-4c30-11ea-9de2-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {cfbaa034-4c30-11ea-9de2-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {cfbaa035-4c30-11ea-9de2-806e6f6e6963}
description EFI Network
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {caf966fd-a8e9-11ee-9ded-cb6e9aba0ea3}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b1422ae3-a8e8-11ee-9dec-30e37a18a384}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {caf966fd-a8e9-11ee-9ded-cb6e9aba0ea3}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{caf966fe-a8e9-11ee-9ded-cb6e9aba0ea3}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{caf966fe-a8e9-11ee-9ded-cb6e9aba0ea3}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {b1422ae3-a8e8-11ee-9dec-30e37a18a384}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {caf966fd-a8e9-11ee-9ded-cb6e9aba0ea3}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {caf966fe-a8e9-11ee-9ded-cb6e9aba0ea3}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Marianne (administrateur) sur LAPTOP-9D3LNCCA (Packard Bell Easynote ENLG81AP) (06-12-2024 14:59:46)
Exécuté depuis C:\Users\axeli\Downloads\FRST64(2).exe
Profils chargés: Marianne
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4842 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAAgent.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAAdminAgent.exe
(C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QALockHandler.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxEM.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\OEM\Preload\FubTool\FubTool.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_420c659363620fe7\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3159567254-3447741846-1408144799-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45359408 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3159567254-3447741846-1408144799-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\axeli\AppData\Local\Microsoft\Teams\Update.exe [2324624 2020-02-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3159567254-3447741846-1408144799-1001\...\Run: [MicrosoftEdgeAutoLaunch_B959A5391864374940C87AD2EC586002] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
GroupPolicyUsers\S-1-5-21-3159567254-3447741846-1408144799-1001\User: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {1A65C5BF-BFAE-48AF-BB97-E45CB72437F4} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {50B6A292-3F4F-434E-8B60-35E8B4D5AEE3} - System32\Tasks\App Explorer => %LOCALAPPDATA%\Host App Service\Engine\HostAppServiceUpdater.exe /LOGON (Pas de fichier) <==== ATTENTION
Task: {8FC39D7A-28A9-42F2-B45E-C8EEB28D14F9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2564904 2024-11-23] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {9C0A6990-D519-420D-AE87-3697362F18EF} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) -> C:\Program Files (x86)\Acer\AOP Framework\\task
Task: {D116E73B-5638-4909-A5ED-1DFDA8DA180F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {480A2045-5AEF-4B17-AA45-6530778A4F88} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "01fd55e6-dc96-485f-a829-4826af4bf78f" --version "6.30.11385" --silent
Task: {370571AF-CE2B-44E0-918E-6A39D2BB9E50} - System32\Tasks\CCleanerSkipUAC - axeli => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {41F7CEB7-0D22-404C-812E-F482D80F8B5F} - System32\Tasks\CCleanerSkipUAC - Marianne => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {E46C913F-F8AD-426C-88B6-162A527934C4} - System32\Tasks\DashlaneUpgradeCheck => C:\WINDOWS\system32\net.exe [59904 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {D359A390-68DA-469C-8982-F768BA5D00DF} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {289DE8F6-FDA7-4604-B7FC-6F6D4A488FCE} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{10AD3895-184A-4C48-9942-BEE0C5810C3B} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {D2DD6C39-4C90-4E71-8BC0-A9BA477B5157} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe [855352 2016-05-23] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {BE3324B5-9FD0-436F-B6A2-929A98939650} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5BE8E0D-AE06-441E-8670-98F4D0373FF3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {5D521216-42EC-4363-9DC6-F96BDDAF6F64} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223344 2024-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6880FA52-33A3-4046-9E93-E17595851A30} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [223344 2024-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {6F848E05-BE8D-405A-9D12-217DB73B78DC} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe [73416 2024-11-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3246D5E9-ABCB-4448-8F2B-84B5FBE66E16} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {070AC74B-DA02-4EF4-BB92-B4EF3CF1E9C1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ABE04F89-7075-4BB4-B4C8-E3ED67889538} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F8CD5638-D0D1-406E-95B4-CB5396F830AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88F5E18A-856F-4566-9C24-DE3339F1E0E2} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [602176 2024-12-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {F87F251A-8D35-43E6-93E2-773FBD0C1847} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3159567254-3447741846-1408144799-1001 E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [602176 2024-12-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {704C0677-D460-4503-AC87-99DAF106FC6F} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [31808 2024-12-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {9D0ABFA0-A033-4C94-8644-D8E8E96EF40A} - System32\Tasks\Power Button => C:\Program Files\Packard Bell\Packard Bell Quick Access\ePowerButton_NB.exe [2766240 2016-07-29] (Acer Incorporated -> Acer Incorporated)
Task: {ED7E7FA6-1398-45FF-9A94-992E1A98CA6E} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [421792 2016-07-29] (Acer Incorporated -> Acer Incorporated)
Task: {D3AC0CD8-3D64-4E5A-B5AA-A7C706B3C51F} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472992 2016-06-24] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2bf89f1d-d891-4168-b92d-7f38bb87ee2f}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{6b277f2f-24d1-4bae-bc61-baae43966f7e}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{e330bfa4-c507-4b33-97b2-4fbe4e416f1b}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-24]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-09-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-16]
Edge Extension: (Edge relevant text changes) - C:\Users\axeli\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-25]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: zrond5zh.default
FF ProfilePath: C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\zrond5zh.default [2024-01-11]
FF ProfilePath: C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\j9njwjv2.default-release [2024-12-06]
FF Notifications: Mozilla\Firefox\Profiles\j9njwjv2.default-release -> hxxps://www.bienici.com
FF Extension: (AdBlocker Ultimate) - C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\j9njwjv2.default-release\Extensions\adblockultimate@adblockultimate.net.xpi [2024-07-20]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\axeli\AppData\Roaming\Mozilla\Firefox\Profiles\j9njwjv2.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-09-15]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-09-14] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-06] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\axeli\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-11-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\axeli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\axeli\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-04-13]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13652176 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-11-07] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9433496 2024-12-06] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-07-21] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 QALSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QALSvc.exe [440224 2016-07-29] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [481696 2016-07-29] (Acer Incorporated -> Acer Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232000 2024-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-07-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-08-30] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-06 14:59 - 2024-12-06 15:02 - 000021999 _____ C:\Users\axeli\Downloads\FRST.txt
2024-12-06 14:58 - 2024-12-06 15:01 - 000000000 ____D C:\FRST
2024-12-06 14:58 - 2024-12-06 14:58 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(2).exe
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64.exe
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(1).exe
2024-12-06 14:21 - 2024-12-06 14:49 - 000166901 _____ C:\Users\axeli\Desktop\ZHPDiag.txt
2024-12-06 14:21 - 2024-12-06 14:21 - 000366780 _____ C:\Users\axeli\Desktop\ZHPDiag.html
2024-12-06 14:03 - 2024-12-06 14:49 - 000000000 ____D C:\Users\axeli\AppData\Roaming\ZHP
2024-12-06 14:03 - 2024-12-06 14:03 - 000000877 _____ C:\Users\axeli\Desktop\ZHPSuite.lnk
2024-12-06 14:03 - 2024-12-06 14:03 - 000000000 ____D C:\Users\axeli\AppData\Local\ZHP
2024-12-06 14:00 - 2024-12-06 14:00 - 003539144 _____ (Nicolas Coolman) C:\Users\axeli\Downloads\ZHPSuite.exe
2024-12-06 12:15 - 2024-12-06 12:24 - 000000000 ___HD C:\$WinREAgent
2024-11-24 00:49 - 2024-11-24 00:49 - 000000000 ____D C:\Users\axeli\AppData\Local\ElevatedDiagnostics
2024-11-16 15:26 - 2024-11-16 15:30 - 000000000 ____D C:\Users\axeli\Desktop\SIEGE AUTO
2024-11-16 11:55 - 2024-12-06 13:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-11-07 00:57 - 2024-11-07 00:57 - 001006315 _____ C:\Users\axeli\Desktop\MANDAT-DE-PRELEVEMENT-AEL-042023.pdf
2024-09-16 19:36 - 2022-09-30 04:24 - 000050720 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ss_conn_usb_driver2.sys
2024-09-16 18:53 - 2022-09-30 04:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2024-09-16 18:53 - 2022-09-30 04:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus2.sys
2024-09-14 11:44 - 2024-09-14 11:44 - 000002555 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sticky Notes (new).lnk
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-06 16:29 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-06 14:48 - 2024-07-21 09:59 - 000000000 ____D C:\Users\axeli\AppData\Local\Malwarebytes
2024-12-06 14:21 - 2024-01-01 22:06 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-06 14:09 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-12-06 13:31 - 2024-01-11 21:58 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-06 13:14 - 2018-03-11 10:36 - 000000000 ____D C:\Program Files\CCleaner
2024-12-06 13:11 - 2024-01-11 21:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-12-06 13:11 - 2024-01-01 22:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-06 13:11 - 2024-01-01 22:05 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-06 13:11 - 2024-01-01 20:49 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-06 13:10 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-12-06 12:55 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-06 12:39 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-06 11:31 - 2017-09-16 15:13 - 000000000 ____D C:\Users\axeli\AppData\Local\CrashDumps
2024-12-06 11:27 - 2024-01-01 17:34 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-06 11:27 - 2024-01-01 17:34 - 000002292 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-12-06 11:07 - 2017-09-17 15:39 - 000002311 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-06 11:05 - 2024-01-01 22:44 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{ED0BC073-FE2C-4B38-9872-1819ED34468B}
2024-12-06 10:56 - 2024-01-11 21:57 - 000001244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-12-03 10:28 - 2024-01-01 22:44 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-03 10:27 - 2024-01-01 22:44 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-24 23:13 - 2018-12-08 23:05 - 000000000 ____D C:\Users\axeli\AppData\Local\D3DSCache
2024-11-24 22:54 - 2024-01-01 21:14 - 000000000 ____D C:\Users\axeli\AppData\Roaming\Microsoft\Windows
2024-11-24 22:06 - 2024-01-01 21:14 - 000000000 ____D C:\Users\axeli
2024-11-24 20:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-11-24 20:20 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-24 20:10 - 2017-10-09 15:03 - 000000000 ____D C:\Users\axeli\AppData\Local\ConnectedDevicesPlatform
2024-11-24 17:01 - 2017-11-16 18:38 - 000000000 ____D C:\Users\axeli\AppData\Local\Packages
2024-11-24 16:59 - 2018-05-11 10:05 - 000000000 ____D C:\Users\axeli\AppData\Roaming\Zoom
2024-11-24 15:34 - 2024-01-01 12:32 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2024-11-24 10:41 - 2016-09-18 06:07 - 000000000 ____D C:\Program Files (x86)\Acer
2024-11-23 17:51 - 2016-09-18 04:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-11-23 13:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2024-11-23 13:08 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2024-11-16 12:30 - 2017-09-17 14:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-16 12:19 - 2017-09-17 14:48 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-16 12:06 - 2024-01-01 22:44 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-16 12:06 - 2024-01-01 22:44 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2024-11-07 18:03 - 2024-01-11 19:17 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2024-11-07 18:03 - 2024-01-11 19:00 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-11-06 23:55 - 2024-01-01 22:32 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-06 23:55 - 2019-12-07 15:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-11-06 23:55 - 2019-12-07 15:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-11-06 23:55 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
==================== Fichiers à la racine de certains dossiers ========
2017-10-10 12:37 - 2017-11-10 08:12 - 000015872 _____ () C:\Users\axeli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-17 07:10 - 2018-09-17 07:10 - 000000000 _____ () C:\Users\axeli\AppData\Local\{90955A3A-AA82-4376-9C2D-DE2C6ABC6A07}
==================== SigCheckExt =========================
2017-09-17 13:21 - 2017-03-04 06:57 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2015-10-30 08:19 - 2015-10-30 08:19 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafCdp.dll
2015-10-30 08:18 - 2015-10-30 08:18 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flashlight.dll
2015-10-30 08:19 - 2015-10-30 08:19 - 000018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafCdp.dll
2016-05-23 19:04 - 2016-05-23 19:04 - 000002560 _____ (Intel(R) Corporation) C:\WINDOWS\SysWOW64\IusEventLog.dll
2015-10-30 08:19 - 2017-09-17 12:45 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-10-30 08:19 - 2017-09-17 12:45 - 000635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(1).exe
2024-12-06 14:58 - 2024-12-06 14:58 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64(2).exe
2024-12-06 14:54 - 2024-12-06 14:54 - 002402816 _____ (Farbar) C:\Users\axeli\Downloads\FRST64.exe
2024-12-06 14:00 - 2024-12-06 14:00 - 003539144 _____ (Nicolas Coolman) C:\Users\axeli\Downloads\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{b6dfcc50-bb16-11ec-9de7-30e37a18a384}
{cfbaa033-4c30-11ea-9de2-806e6f6e6963}
{cfbaa034-4c30-11ea-9de2-806e6f6e6963}
{cfbaa035-4c30-11ea-9de2-806e6f6e6963}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b1422ae3-a8e8-11ee-9dec-30e37a18a384}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {b6dfcc50-bb16-11ec-9de7-30e37a18a384}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
Application logicielle (101fffff)
--------------------------------
identificateur {cfbaa033-4c30-11ea-9de2-806e6f6e6963}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {cfbaa034-4c30-11ea-9de2-806e6f6e6963}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {cfbaa035-4c30-11ea-9de2-806e6f6e6963}
description EFI Network
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {caf966fd-a8e9-11ee-9ded-cb6e9aba0ea3}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {b1422ae3-a8e8-11ee-9dec-30e37a18a384}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {caf966fd-a8e9-11ee-9ded-cb6e9aba0ea3}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{caf966fe-a8e9-11ee-9ded-cb6e9aba0ea3}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{caf966fe-a8e9-11ee-9ded-cb6e9aba0ea3}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {b1422ae3-a8e8-11ee-9dec-30e37a18a384}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {caf966fd-a8e9-11ee-9ded-cb6e9aba0ea3}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {caf966fe-a8e9-11ee-9ded-cb6e9aba0ea3}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================