Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2025 01
Exécuté par jubin (administrateur) sur DESKTOP-NEF653N (HP HP ENVY x360 Convertible 13-ay0xxx) (16-03-2025 11:55:23)
Exécuté depuis C:\Users\jubin\OneDrive\Bureau\FRST64.exe
Profils chargés: jubin
Plate-forme: Microsoft Windows 11 Famille Version 24H2 26100.3476 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Byte Media Sdn. Bhd. -> EPI Software) C:\Users\jubin\AppData\Local\EPISoftware\EpiBrowser\Application\epibrowser.exe <6>
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpnd\expressvpnd.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.26.217.1\vpn\mc-vpn.exe
(C:\Program Files\McAfee\WPS\1.26.217.1\vpn\mc-vpn.exe ->) (McAfee, LLC -> ) C:\Program Files\McAfee\WPS\1.26.217.1\vpn\Bins\x64\wireguard.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.26.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.26.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\133.0.3065.92\msedgewebview2.exe <14>
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.26.217.1\extnhost\mc-extn-browserhost.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\BridgeCommunication.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6\Win32\HPEnhancedLighting.Bg.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.26.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <54>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\Microsoft.SharePoint.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe <2>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25044.2208.3471.2155_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0369254.inf_amd64_6f1e9c11bbc40f12\B369275\atiesrxx.exe
(services.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe
(services.exe ->) (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe
(services.exe ->) (Express Vpn LLC -> ExpressVPN) C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_42.52507.561.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\Win32Process\HPCC.Bg.BackgroundApp.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25021.28.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_42.52507.561.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\HpSystemManagement.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.26.217.1\neo\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.1301.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_238aadee4b6d04be\RtkAudUService64.exe [1262512 2021-06-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [373600 2021-01-18] (Express Vpn LLC -> ExpressVPN)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [126328160 2021-11-23] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [InstallHelper] => C:\Program Files (x86)\Citrix\Citrix Workspace 2409\InstallHelper.exe [683296 2025-01-16] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [AnalyticsSrv] => C:\Program Files (x86)\Citrix\ICA Client\Receiver\AnalyticsSrv.exe [2902368 2025-01-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [3108456 2025-01-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [1067624 2025-01-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-13] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [5007680 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\jubin\AppData\Local\Microsoft\Teams\Update.exe [2589872 2023-11-13] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4693088 2025-03-11] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [EADM] => C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EALauncher.exe [3649120 2025-03-13] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [Microsoft.Lists] => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\Microsoft.SharePoint.exe [1026904 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [MicrosoftEdgeAutoLaunch_220BE881520DC753F08B25121D50D34D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4291128 2025-03-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [EpiBrowserStartup] => C:\Users\jubin\AppData\Local\EPISoftware\EpiBrowser\Application\epibrowser.exe [3726384 2024-10-01] (Byte Media Sdn. Bhd. -> EPI Software)
HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\...\Run: [EpiBrowserUpdate] => C:\Users\jubin\AppData\Local\EPISoftware\EpiBrowser\Application\epibrowser.exe [3726384 2024-10-01] (Byte Media Sdn. Bhd. -> EPI Software)
HKLM\Software\...\AppCompatFlags\Custom\AuthManSvr.exe: [{e06cf029-144b-4f2a-9621-b4f659aa6952}.sdb] -> Citrix Workspace
HKLM\Software\...\AppCompatFlags\InstalledSDB\{e06cf029-144b-4f2a-9621-b4f659aa6952}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{e06cf029-144b-4f2a-9621-b4f659aa6952}.sdb [2024-12-06]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.89\Installer\chrmstp.exe [2025-03-15] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{60f15951-e7ef-11ea-b28e-c4b301b9ed33}] -> C:\Program Files (x86)\Citrix\ICA Client\CitrixEnterpriseBrowser\131.1.1.37\Installer\chrmstp.exe [2025-01-22] (Citrix Systems, Inc. -> Citrix Systems, Inc.)

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0F9CE8BD-DCC8-49FF-B507-328A1529D08C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.)
Task: {1FE617AC-07F0-4807-9455-8384EA63C35A} - System32\Tasks\EpiBrowserStartup-S-1-5-21-2796432278-2229756394-2744373188-1001 => C:\Users\jubin\AppData\Local\EPISoftware\EpiBrowser\Application\epibrowser.exe [3726384 2024-10-01] (Byte Media Sdn. Bhd. -> EPI Software)
Task: {425A1E7F-8F2A-4DC8-A15C-B968E6AE9FDD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6386.0{F4AD85D8-B13C-49BE-B9B2-8B2C5184C8FE} => "C:\Program Files (x86)\Google\GoogleUpdater\125.0.6386.0\updater.exe"  --wake --system --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2 (Pas de fichier)
Task: {03BAC72C-BFD5-4A97-B667-DAA40D3AB660} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{B5AFBD05-BBA5-4FB6-B60E-1272E7434AF6} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC)
Task: {89468B1E-F7B6-4D9E-A690-272AFE2939C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe  (Pas de fichier)
Task: {97460602-A1F3-4DE1-BB7F-EA41BBE40291} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe  /DeviceScanR6 (Pas de fichier)
Task: {68912A3D-F802-49BC-B7AF-807DC3B84492} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2025-01-14] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {6CB5F785-EE75-48D4-B157-E33509BA7153} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1651032 2020-11-05] (HP Inc. -> HP Inc.)
Task: {A697C255-6010-468E-BDBF-5F749760BCC5} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{0F4D9B90-03E9-4FE2-8077-E62C7E928EEB}\HPOneAgent.exe [1169728 2025-02-05] (HP Inc. -> HP Inc; HP Development Company, L.P.)
Task: {5718BA3F-0FDE-4044-89D7-88BE7ABF2E48} - System32\Tasks\HPSupportTool => C:\ProgramData\HP\Telemetry\collectors\hp-telemetry-iolo-collector_ver_4.675.11370\HPSupportAssistant1.exe  (Pas de fichier)
Task: {FCAF5EF2-EC0E-45DB-9860-3EFE9D87ECB5} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {8FD6773D-B5BD-4257-94F3-28CB4132FE61} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {8FD6773D-B5BD-4257-94F3-28CB4132FE61} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {05C231DB-C26A-42FF-B9F1-424B52DFD90A} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {05C231DB-C26A-42FF-B9F1-424B52DFD90A} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {7F491648-CDBA-41F0-8F4D-1D768A7A3F63} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\WPS\1.26.217.1\sustainability\mc-sustainability.exe [963360 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {CFE5CF4B-E7AE-4717-87BB-197AB354EDA9} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.26.217.1\dad\3.27.7\mc-dad.exe [2684320 2025-02-11] (McAfee, LLC -> McAfee, LLC)
Task: {65A0835A-0AA7-49EB-8685-2B81DC469154} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {65A0835A-0AA7-49EB-8685-2B81DC469154} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {2D6E8D01-814B-4EBB-AA24-4A9D0552450E} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {2D6E8D01-814B-4EBB-AA24-4A9D0552450E} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {9236E07F-1584-4DAE-97E9-98AB8F151331} - System32\Tasks\McAfee\WPS\McAfee restart of PC => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {9236E07F-1584-4DAE-97E9-98AB8F151331} - System32\Tasks\McAfee\WPS\McAfee restart of PC => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {4EA4E442-5433-4E69-9D33-6AA4624E75D4} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {D810A0F6-CA7D-4017-9CC4-479921E7605A} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {95CB97EB-1EF5-48F7-AC8F-EC29665EDCE4} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.26.217.1\mc-update.exe [3338752 2025-02-12] (McAfee, LLC -> McAfee, LLC)
Task: {B13300AD-58B9-4649-A743-D184EC4DA6D3} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {7582ADDE-1D85-4F20-9E21-971DE141EFCD} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\WPS\1.26.217.1\mc-wns-client\mc-wns-client.exe [970088 2025-02-12] (McAfee, LLC -> )
Task: {A2C58D94-56B3-4D2E-9AC7-96CE8C17BC74} - System32\Tasks\Meta\Messenger-WSP-Helper-S-1-5-21-2796432278-2229756394-2744373188-1001 => MessengerHelper.exe  --lassie (Pas de fichier)
Task: {FEE82B85-D2B8-49EC-BCD5-405598299FF0} - System32\Tasks\Microsoft\Office\Office Apps Prewarm => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4ABFA9E4-B19F-4153-8F80-6EB0CFA347D1} - System32\Tasks\Microsoft\Office\Office Apps Prewarm Recurring => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {33F7E065-A3C2-4872-BFA3-D63FA97E0226} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {788E0FC8-D699-4E78-8229-4CC4B6555D41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28895464 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CBA636B-B1EB-4C20-9A4C-0EBAD3BA01C7} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5221CC51-8EC6-4C74-B373-CDFBF069D00D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [314512 2025-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF867341-1DE1-4512-8904-E6C9159F9274} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [197256 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {F8C19CE3-9ED1-4C79-9772-75A62E67B2B6} - System32\Tasks\Microsoft\Office\Office Serviceability Manager => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\officesvcmgr.exe [4488544 2025-02-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (Pas de fichier)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (Pas de fichier)
Task: {FD1D1DEE-F612-4850-8819-DAA0019D1CDD} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {49623022-CE17-4D9B-BE05-42C431D8C53D} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2796432278-2229756394-2744373188-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4222800 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {90A9EB8C-3C08-4814-8229-5E8F98169667} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2796432278-2229756394-2744373188-1001 => C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveLauncher.exe [669528 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{59787328-f3f6-4d39-abaf-309998ff2594}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{59787328-f3f6-4d39-abaf-309998ff2594}: [DhcpDomain] lan
Tcpip\..\Interfaces\{59787328-f3f6-4d39-abaf-309998ff2594}\6427565626F687D2347314646444: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9668bee6-8995-4c77-9a96-04552aed5bb5}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a230d696-ea94-4d58-a2d0-3bca64a9b8ae}: [NameServer] 172.17.3.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-16]
Edge Notifications: Default -> hxxps://www.youtube.com
Edge Extension: (wanteeed) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2025-03-15]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (McAfee® WebAdvisor) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2025-03-07]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Signets iCloud) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-11-24]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Google Docs hors connexion) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-15]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Correcteur d’orthographe et reformulateur — LanguageTool) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hfjadhjooeceemgojogkhlppanjkbobc [2025-01-05]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Edge relevant text changes) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge Extension: (Ultimate Video Adblocker) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\onpmkedanliikncfkonkaicicjmkadkh [2022-04-26]hxxps://clients2.google.com/service/update2/crx
Edge Profile: C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Profile 1 [2024-08-05]
Edge Extension: (Google Docs hors connexion) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-22]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\jubin\AppData\Local\Microsoft\Edge\User Data\Profile 1\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-22]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-12-21] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR Profile: C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default [2025-03-16]
CHR Notifications: Default -> hxxps://hobbii.fr; hxxps://www.facebook.com
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (wanteeed) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2025-03-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-02-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Signets iCloud) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2022-11-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs hors connexion) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-03]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Mailtrack et publipostage pour Gmail) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2025-03-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-08-11]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Correcteur d’orthographe et reformulateur — LanguageTool) - C:\Users\jubin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oldceeleldhonbafppcapldpdifcinji [2025-03-14]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\jubin\AppData\Local\Google\Chrome\User Data\System Profile [2023-11-02]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]
CHR HKU\S-1-5-21-2796432278-2229756394-2744373188-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 appprotectionsvc; C:\Program Files (x86)\Citrix\ICA Client\appprotection.exe [764992 2025-01-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13768912 2025-03-10] (Microsoft Corporation -> Microsoft Corporation)
S3 CtxAdpPolicy; C:\Program Files (x86)\Citrix\AppDataProtection\CtxAdpPolicy.exe [330608 2024-10-29] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 CtxPkm; C:\Program Files (x86)\Citrix\AppDataProtection\CtxPkm.exe [1303392 2024-10-29] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 CWAUpdaterService; C:\Program Files (x86)\Citrix\ICA Client\Receiver\UpdaterService.exe [1708320 2025-01-10] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [19012192 2025-03-13] (Electronic Arts, Inc. -> Electronic Arts)
R2 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437088 2021-01-18] (Express Vpn LLC -> ExpressVPN)
R3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\FileSyncHelper.exe [3533648 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [891256 2020-07-30] (HP Inc. -> HP Inc.)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [2338344 2024-12-13] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\AppHelperCap.exe [888416 2025-01-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\DiagsCap.exe [887392 2025-01-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\NetworkCap.exe [883808 2025-01-10] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-03-05] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_c6d849cb3652cdf7\x64\SysInfoCap.exe [887904 2025-01-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.26.217.1\mc-fw-host.exe [2631568 2025-02-12] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.26.217.1\mc-update.exe [3338752 2025-02-12] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [929792 2025-03-13] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.031.0217.0003\OneDriveUpdaterService.exe [3880256 2025-03-13] (Microsoft Corporation -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-11-19] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_49eb6a8a3f603dc1\amdacpafd.sys [361936 2022-02-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0369254.inf_amd64_6f1e9c11bbc40f12\B369275\amdkmdag.sys [83086168 2021-07-13] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
S3 ctxapdriver; C:\WINDOWS\system32\DRIVERS\ctxapdriver.sys [81584 2025-01-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 ctxapinject; C:\WINDOWS\system32\DRIVERS\ctxapinject.sys [128680 2025-01-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S4 ctxapusbfilter; C:\WINDOWS\system32\DRIVERS\ctxapusbfilter.sys [61600 2025-01-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S4 CtxDs2; C:\WINDOWS\System32\drivers\CtxDs2.sys [186800 2024-10-29] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S4 CtxDt2; C:\WINDOWS\System32\drivers\CtxDt2.sys [229400 2024-10-29] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S4 CtxIsolate; C:\WINDOWS\System32\drivers\CtxIsolate.sys [341536 2024-10-29] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S4 CtxSupport; C:\WINDOWS\System32\drivers\CtxSupport.sys [108576 2024-10-29] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
R2 ctxusbm; C:\WINDOWS\system32\DRIVERS\ctxusbmon.sys [164000 2024-12-03] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [37024 2021-01-18] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpnwintun; C:\WINDOWS\System32\drivers\expressvpn-wintun.sys [46824 2021-01-18] (Express VPN International Ltd. -> ExpressVPN)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [19536 2025-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [76024 2025-02-12] (McAfee, LLC -> McAfee, LLC)
S3 polarbear-split-tunneling; C:\Program Files\McAfee\WPS\1.26.217.1\vpn\Drivers\x64\SplitTunnelingDriver.sys [29176 2025-02-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [62352 2019-03-20] (Realtek Semiconductor Corp. -> Realtek)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2025-02-12] (OpenVPN Inc. -> The OpenVPN Project)
R3 tapexpressvpn; C:\WINDOWS\System32\drivers\tapexpressvpn.sys [52904 2021-01-18] (ExprsVPN LLC -> The OpenVPN Project)
S3 usbscan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\usbscan.sys [90112 2025-01-14] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22104 2024-11-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606624 2024-11-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-11-19] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2025-03-15] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2025-03-16 11:55 - 2025-03-16 11:55 - 000039255 _____ C:\Users\jubin\OneDrive\Bureau\FRST.txt
2025-03-16 11:54 - 2025-03-16 11:55 - 000000000 ____D C:\FRST
2025-03-16 11:53 - 2025-03-16 11:54 - 002404352 _____ (Farbar) C:\Users\jubin\OneDrive\Bureau\FRST64.exe
2025-03-16 11:51 - 2025-03-16 11:52 - 002097152 _____ (Farbar) C:\Users\jubin\Downloads\FRST.exe
2025-03-16 11:46 - 2025-03-16 11:46 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-03-15 18:03 - 2025-03-15 18:03 - 000002252 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-03-15 18:01 - 2025-03-15 18:01 - 010697088 _____ (Google LLC) C:\Users\jubin\Downloads\ChromeSetup.exe
2025-03-15 17:57 - 2025-03-15 17:57 - 000000000 ____D C:\Users\jubin\AppData\Local\Microsoft_Corporation
2025-03-15 17:24 - 2025-03-15 17:24 - 000795572 _____ C:\WINDOWS\system32\perfh00C.dat
2025-03-15 17:24 - 2025-03-15 17:24 - 000168524 _____ C:\WINDOWS\system32\perfc00C.dat
2025-03-13 18:33 - 2025-03-13 18:33 - 003430887 _____ C:\Users\jubin\Downloads\MME JUBIN ET MR LEROUX PTZ.pdf
2025-03-11 00:17 - 2025-03-11 00:17 - 000000000 ____D C:\WINDOWS\Windows.SystemToast.PresenceSensing.OnlookerDetection
2025-03-10 17:45 - 2025-03-10 17:45 - 000148357 _____ C:\Users\jubin\Downloads\rjubin_20250310_Proposition d'embauche signée.pdf
2025-03-10 17:35 - 2025-03-10 17:35 - 000077520 _____ C:\Users\jubin\Downloads\rjubin_20250310_Proposition d'embauche.pdf
2025-03-07 20:20 - 2025-03-07 20:20 - 000026489 _____ C:\Users\jubin\Downloads\ATTESTATION LEROUX.pdf
2025-03-07 20:03 - 2025-03-07 20:03 - 001129441 _____ C:\Users\jubin\Downloads\MRH 5-24 C AFOREM RENNES-JUBIN RACHEL-CERFA signé 2 PARTIES.pdf
2025-03-07 20:02 - 2025-03-07 20:02 - 000136900 _____ C:\Users\jubin\Downloads\CERFA - RACHEL JUBIN - SIGNE 2 PARTIES (1).pdf
2025-03-07 19:18 - 2025-03-07 19:18 - 000077575 _____ C:\Users\jubin\Downloads\Bulletins_de_Paie_du_02_2025 Théo.pdf
2025-03-06 18:59 - 2025-03-15 17:32 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-03-06 18:56 - 2025-03-06 18:56 - 000070484 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-03-06 18:56 - 2025-03-06 18:56 - 000070484 _____ C:\WINDOWS\system32\ctac.json
2025-03-06 18:25 - 2025-03-06 18:25 - 000436471 _____ C:\Users\jubin\Downloads\Devis Brico dépôt Menuiseries.jpeg
2025-03-05 20:10 - 2025-03-05 20:10 - 000020047 _____ C:\Users\jubin\Downloads\351001337-facture_351001540 (1).pdf
2025-03-02 20:35 - 2025-03-02 20:38 - 000000000 ___RD C:\Users\jubin\OneDrive\Documents\Commun
2025-03-01 22:42 - 2025-03-01 22:42 - 000003582 _____ C:\WINDOWS\system32\Tasks\EpiBrowserStartup-S-1-5-21-2796432278-2229756394-2744373188-1001
2025-03-01 22:41 - 2025-03-01 22:43 - 000002630 _____ C:\Users\jubin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EpiStart.lnk
2025-03-01 22:41 - 2025-03-01 22:43 - 000000000 ____D C:\Users\jubin\AppData\Local\EPISoftware
2025-02-21 18:24 - 2025-02-21 18:24 - 000234984 _____ C:\Users\jubin\Downloads\devis DEV-2025_02-0169 M. & Mme LEROUX JUBIN.pdf
2025-02-21 18:22 - 2025-02-21 18:22 - 000276795 _____ C:\Users\jubin\Downloads\devis DEV-2025_02-0168 M. & Mme LEROUX JUBIN.pdf
2025-02-21 18:22 - 2025-02-21 18:22 - 000276795 _____ C:\Users\jubin\Downloads\devis DEV-2025_02-0168 M. & Mme LEROUX JUBIN (1).pdf
2025-02-21 18:20 - 2025-02-21 18:20 - 001048113 _____ C:\Users\jubin\Downloads\certificatRGE2025.pdf
2025-02-21 18:20 - 2025-02-21 18:20 - 000356909 _____ C:\Users\jubin\Downloads\Attestation RC décennale 2024.pdf
2025-02-19 19:47 - 2025-02-19 19:47 - 000059606 _____ C:\Users\jubin\Downloads\351001337-facture_351001540.pdf
2025-02-19 19:42 - 2025-02-19 19:42 - 005979840 _____ C:\Users\jubin\Downloads\351001337-dpe_projete.pdf
2025-02-18 19:42 - 2025-02-18 19:42 - 000083864 _____ C:\Users\jubin\Downloads\Devis_202229.pdf
2025-02-15 20:36 - 2025-02-15 20:36 - 013806627 _____ C:\Users\jubin\Downloads\diagnostics (3).pdf
2025-02-15 20:35 - 2025-02-15 20:35 - 010808043 _____ C:\Users\jubin\Downloads\Parasitaire (1).pdf
2025-02-15 20:29 - 2025-02-15 20:29 - 014082438 _____ C:\Users\jubin\Downloads\DIAGNOSTICS (2).pdf
2025-02-15 20:29 - 2025-02-15 20:29 - 002058860 _____ C:\Users\jubin\Downloads\DIAG PARASITAIRE-668506ff52081.pdf
2025-02-15 20:29 - 2025-02-15 20:29 - 000711333 _____ C:\Users\jubin\Downloads\Assainissement.pdf
2025-02-15 20:27 - 2025-02-15 20:27 - 013806627 _____ C:\Users\jubin\Downloads\diagnostics (1).pdf
2025-02-15 20:27 - 2025-02-15 20:27 - 010808043 _____ C:\Users\jubin\Downloads\Parasitaire.pdf
2025-02-15 20:26 - 2025-02-15 20:26 - 004490387 _____ C:\Users\jubin\Downloads\AUDIT ENERGETIQUE.pdf
2025-02-14 18:19 - 2025-02-14 18:19 - 000268336 _____ C:\Users\jubin\Downloads\HPSCAN_20250214171028385_2025-02-14_171217762.pdf
2025-02-14 17:38 - 2025-02-14 17:39 - 000211227 _____ C:\Users\jubin\Downloads\devis plomberie.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2025-03-16 11:56 - 2021-10-22 21:06 - 000000512 _____ C:\Users\Public\amdsfhdcd.bin
2025-03-16 11:48 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-03-16 11:46 - 2022-04-26 12:29 - 000000000 ____D C:\Users\jubin\AppData\Local\SquirrelTemp
2025-03-16 11:45 - 2023-05-14 19:52 - 000000000 ____D C:\Program Files (x86)\Steam
2025-03-16 11:45 - 2021-07-28 02:22 - 000000000 ____D C:\Program Files\Microsoft Office
2025-03-16 11:44 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-03-16 11:44 - 2022-04-26 10:22 - 000000000 ___RD C:\Users\jubin\OneDrive
2025-03-16 11:44 - 2022-04-26 10:21 - 000000000 ____D C:\Users\jubin\AppData\Local\D3DSCache
2025-03-16 11:44 - 2021-06-25 19:10 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-15 18:54 - 2025-01-14 23:17 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-03-15 18:53 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-15 18:13 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2025-03-15 18:06 - 2022-04-26 10:02 - 000000000 ____D C:\Users\jubin\AppData\Local\Packages
2025-03-15 17:51 - 2025-01-14 23:19 - 000000000 ____D C:\Users\jubin\AppData\Roaming\Microsoft\Windows
2025-03-15 17:32 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2025-03-15 17:24 - 2025-01-14 23:24 - 001794074 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-03-15 17:18 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-15 17:16 - 2025-01-14 23:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-03-15 17:16 - 2025-01-14 23:23 - 000001168 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-03-15 17:16 - 2025-01-14 23:17 - 000592184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-03-15 17:16 - 2025-01-14 23:17 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-03-15 17:16 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-03-15 17:16 - 2024-04-01 08:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-03-15 17:16 - 2022-04-27 20:52 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-03-15 17:16 - 2021-06-25 19:10 - 000012288 ___SH C:\DumpStack.log.tmp
2025-03-15 17:15 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-03-15 17:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-03-15 17:15 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-03-13 20:35 - 2025-02-07 18:19 - 000003552 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2796432278-2229756394-2744373188-1001
2025-03-13 20:35 - 2025-01-14 23:28 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2796432278-2229756394-2744373188-1001
2025-03-13 20:35 - 2025-01-14 23:28 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-03-13 20:35 - 2022-04-26 10:46 - 000002177 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-13 20:28 - 2025-01-14 23:28 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2025-03-13 20:28 - 2022-10-14 11:57 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-13 18:40 - 2023-10-13 22:09 - 000000000 ____D C:\ProgramData\EA Desktop
2025-03-11 18:52 - 2025-01-14 23:20 - 003346432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-03-11 04:59 - 2022-04-26 12:29 - 000000000 ____D C:\Users\jubin\AppData\Roaming\Microsoft\Teams
2025-03-11 00:17 - 2025-01-14 23:11 - 000000000 ____D C:\WINDOWS\InboxApps
2025-03-11 00:17 - 2024-04-01 17:37 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-03-11 00:17 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-03-11 00:17 - 2024-04-01 08:21 - 000000000 ____D C:\WINDOWS\servicing
2025-03-10 19:14 - 2022-04-26 12:33 - 000000000 ____D C:\Users\jubin\AppData\Roaming\Microsoft\Word
2025-03-10 18:18 - 2021-10-22 21:12 - 000000000 ____D C:\ProgramData\Package Cache
2025-03-08 11:39 - 2025-01-14 23:28 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-03-08 11:39 - 2025-01-14 23:28 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-07 20:27 - 2022-04-26 10:23 - 000000000 ____D C:\Users\jubin\OneDrive\Documents\Théo
2025-03-07 20:25 - 2022-11-25 00:34 - 000000000 ___RD C:\Users\jubin\OneDrive\Documents\Scanned Documents
2025-03-07 20:04 - 2022-04-26 10:48 - 000000000 ____D C:\Users\jubin\AppData\Roaming\Microsoft\Excel
2025-03-06 19:04 - 2024-04-01 08:26 - 000282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2025-03-05 20:11 - 2024-12-08 12:30 - 000000000 ____D C:\Users\jubin\OneDrive\Documents\Achat maison
2025-03-05 19:23 - 2025-01-14 23:28 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2025-03-05 19:23 - 2023-07-16 15:40 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2025-03-02 20:35 - 2024-07-02 10:10 - 000000000 ____D C:\Users\jubin\OneDrive\Documents\Rachel
2025-02-16 03:37 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-02-15 19:52 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared

==================== Fichiers à la racine de certains dossiers ========

2024-12-19 21:12 - 2025-01-14 21:55 - 000038157 _____ () C:\Users\jubin\AppData\Local\CtxUnleashWinClient.log
2025-01-22 18:40 - 2025-03-16 11:46 - 000440282 _____ () C:\Users\jubin\AppData\Local\CWAFeatureFlagUpdaterV2.log

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================