Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-03-2022
Exécuté par MARC (administrateur) sur ROMANE-HP (Hewlett-Packard HP Pavilion g7 Notebook PC) (19-03-2022 08:25:35)
Exécuté depuis C:\Users\MARC\Desktop
Profils chargés: MARC
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1526 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{C4BFCD26-6397-4029-AD4F-81BA452C4BB1}\99.0.4844.74_99.0.4844.51_chrome_updater.exe
(C:\Program Files (x86)\Google\Update\Install\{C4BFCD26-6397-4029-AD4F-81BA452C4BB1}\99.0.4844.74_99.0.4844.51_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{C4BFCD26-6397-4029-AD4F-81BA452C4BB1}\CR_D6A0C.tmp\setup.exe <2>
(C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe ->) (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b6c0c6b.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\80BBEBF7-D936-4276-AA22-234BC95010D9\MpSigStub.exe
(C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MARC\AppData\Local\Microsoft\OneDrive\22.033.0213.0002\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b6c0c6b.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(services.exe ->) (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé] C:\Windows\SysWOW64\ezSharedSvcHost.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <4>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(wuauclt.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wimserv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.) [Fichier non signé]
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-27] (EasyBits Software AS -> Easybits)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2740142851-1224122599-804519661-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2740142851-1224122599-804519661-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2740142851-1224122599-804519661-1368\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2740142851-1224122599-804519661-1368\...\Run: [com.squirrel.Teams.Teams] => C:\Users\MARC\AppData\Local\Microsoft\Teams\Update.exe [1790192 2019-08-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2740142851-1224122599-804519661-1368\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31162800 2021-03-16] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109080 2018-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\WINDOWS\system32\hpinkstsB111LM.dll [328552 2012-01-11] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\WINDOWS\system32\hpzlllhn.dll [48640 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\WINDOWS\system32\hpz3lwn7.dll [36352 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\MARC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-12-26]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {026C3DA4-0830-4D40-9C17-9B33DC8FFD4A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {0346B53E-2535-42C0-92C7-1410271B0C77} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {03798928-E0B4-4EAC-AF8B-88518C73C81E} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1285CAEE-681B-4BAD-AF23-E2432B30213F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {134B6813-B919-4D1D-8C52-860AFF21B979} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {1BD8BA2C-D1EE-4636-8F4E-E15F0C403D03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D72B7AA-9BF2-4623-99B6-7D7BFD3C7BA0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A047110-9CFE-45CE-80E3-F4E32D241335} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145944 2022-02-25] (HP Inc. -> HP Inc.)
Task: {2A6F5598-B1C9-4442-88B7-D10098C3A152} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-03-16] (Garmin International, Inc. -> )
Task: {2B1FB2BC-7AE8-4C59-9B2C-E2EA905582E0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {2FB55B86-9423-48D3-B3F7-E360F7DD1439} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {325271A8-7F7D-4AB4-9265-ACE6062F4C21} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {34875839-4E90-4315-8E90-72190E0CBF06} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {34AB9E6A-B7E1-4B28-A58C-BB7456EBB139} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {357511A0-9054-4477-87D7-76EF66DC3883} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {38927583-37F7-40E8-B298-B094BD61F6EF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {3BC04557-C54B-4F5B-9A26-D74C06B196D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3ED32318-AD1C-4CAA-BC7F-0A0FDDCBF152} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F0DC8F0-D892-43F6-A0B3-771006328491} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {3FF44E4F-7135-4EBA-98DF-0ED1E84DAFA8} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION
Task: {40F7E584-62D8-4040-8A9F-011D86307AD1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {41C4AFC7-99FA-4C4F-91BD-CDDC6221D061} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {425143BA-DD52-46B8-B3A1-E8ED4272B631} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {4257F046-EBDA-49A7-B4AD-D108F28F3AF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {46B5D762-02DB-4CCE-893A-E657D48678CD} - System32\Tasks\CCleanerSkipUAC - MARC => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49B334A2-DC84-498F-AF35-2480266309EF} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {4CF61E00-026A-4827-895B-F02A36512C01} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Pas de fichier)
Task: {4D192FCC-2A27-49BE-94A5-738BCF5A4810} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {5009C248-DA09-43DF-868F-3D83BC05F949} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5DAD9CEE-9C7F-4FE0-A134-750E0BEE6BDA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {61D22165-3EBE-4131-960D-5D2EF60C0968} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {62283640-3650-4865-B9C9-7E6626355890} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {681D8066-700B-4EF3-85CD-E681CB37DCDC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {6B340D2E-C2EF-4817-8D1F-1433891425C3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-08] (Avast Software s.r.o. -> Avast Software)
Task: {72DEB8D6-BB6C-4E86-B22B-7B5442945532} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {73D87D4B-FF76-413A-BE9B-2ECEFFC57205} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {74BD8125-DE8B-4D31-B037-8C1DC160BA65} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {760E8B1C-27D9-478F-94B0-26A075D2A69B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {76BB2CFB-828D-4D67-BB07-65507A4A7B8B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {76FD29D8-FDA7-4970-9002-010D6383E943} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {78CAAFC1-F9BF-4719-B1CF-9A00F7C6592E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {7B6F6796-7DF4-42F3-850B-7CDB019E3388} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E9DDCBB-71B5-450E-8733-A085AD095C31} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {7ED94BF6-968F-4241-B42C-5A5CA0E2B0F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {7F4BD970-DEF1-40A1-9775-DF29038E5653} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {827B18F3-B011-4327-A549-ADFE663E5657} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {8A819526-C421-47E0-8CAC-3A614F442A53} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {8F0BF349-363E-4AA6-AFA0-CE172314A77C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9642BAC5-3632-49D9-B96C-A1EAAA2424C8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {9A168B2E-2F09-48EA-9BBE-C86D49C6B4C2} - System32\Tasks\{667F0BE7-EC3A-42C9-A6E0-01E0BE3A58AD} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.5.0.102/fr/abandoninstall?page=tsProgressBar
Task: {9F8219FD-0E17-4D2B-A3F6-E07ED6FFD9AF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {A05A5CBC-7644-47FE-A0A4-D6A8FA88AD08} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {A068EFD2-BFA4-41FB-A1D2-1A09B9910848} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [314032 2022-02-25] (HP Inc. -> HP Inc.)
Task: {A332165A-3C8A-46C4-977D-EF14F5DF40B7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)
Task: {A9765FBE-C790-4A31-87F6-1F3BCD06830D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (Pas de fichier)
Task: {AEBDE765-0F75-4DF9-B17A-B36E1FA7D8C0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {B09F3091-8596-440C-A3E4-BDE83DCDD4CA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B6C035CF-EDE2-4766-A615-F085D4EDDA23} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {B6E65BFE-B5EC-4ADF-9F1B-C2EE974BE54F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {BD227C8B-8178-45C5-95FC-2ADC496A49DA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {C3BD79D0-D32C-47E7-B249-F18B246CCE39} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {C40E1593-FCEE-4825-9D83-17D6F4AAB6B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {C8783EE1-7E5F-40D7-9FD8-7A602C11C5F9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1178600 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8A836A3-2AE7-4239-9922-3C0263DA4D50} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {CC5667AE-AF03-4949-9ED4-E58ADED75785} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {CD2FA5EE-D44E-44E2-96BF-B5184AA41EFA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {CED0AFEE-3E64-423F-A09A-10C685A4C6BC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {D7D95DAB-3BEF-4C30-8272-AFB085EF516F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-09-28] (CyberLink -> CyberLink)
Task: {DDB1DD82-54CE-4DA3-8C6A-A944C15FD56C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {E01F6503-AEB8-4B7C-BD73-90398DB8F3FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E725385B-64E7-41F6-A078-E9D15F20ABFD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {F5510182-3A4B-4EA0-B783-34FA9FB95FF7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {F95824EB-EB84-4F1B-B51F-DCD46F8FA9A0} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {FB631310-E538-4B6B-8006-8B7245538B85} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {FB8AEB84-6461-4CF8-8243-650FD2072D0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {FDC01BC2-49F4-4AD4-8ABE-03352BE14E00} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{07670b36-3878-4da3-90a7-0b7cde298adb}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{9907d39d-12db-489a-86c2-76433adaefab}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\MARC\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-16]
FireFox:
========
FF DefaultProfile: 3hiiob30.default
FF ProfilePath: C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default [2022-03-19]
FF Homepage: Mozilla\Firefox\Profiles\3hiiob30.default -> hxxps://www.google.fr/
FF Extension: (cacaoweb) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\cacaoweb@cacaoweb.org [2018-02-26] [] [non signé]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\firefox@ghostery.com.xpi [2022-02-11]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1227197.dll [2017-02-20] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2740142851-1224122599-804519661-1368: SkypePlugin -> C:\Users\MARC\AppData\Local\SkypePlugin\7.28.0.46\npGatewayNpapi.dll [2016-11-03] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2740142851-1224122599-804519661-1368: SkypePlugin64 -> C:\Users\MARC\AppData\Local\SkypePlugin\7.28.0.46\npGatewayNpapi-x64.dll [2016-11-03] (Microsoft Corporation -> Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default [2022-03-09]
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Slides) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Docs) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-13]
CHR Extension: (Website Logon) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmogjcijkfeahcajecmmegieipfbdcc [2016-09-28]
CHR Extension: (Appel Skype) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-11-21]
CHR Extension: (YouTube) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-28]
CHR Extension: (Sheets) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-17]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-17]
CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-01-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-17]
CHR Extension: (Gmail) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-17]
CHR Profile: C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-28]
CHR Profile: C:\Users\MARC\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-28]
CHR HKLM-x32\...\Chrome\Extension: [bfmogjcijkfeahcajecmmegieipfbdcc] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-17]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-08] (Microsoft Corporation -> Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé]
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [260424 2011-08-19] (AuthenTec, Inc. -> HP)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [761856 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [760864 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [756720 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [760304 2022-02-25] (HP Inc. -> HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2425960 2011-09-01] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [305152 2011-09-08] (IDT, Inc.) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 clwvd; C:\WINDOWS\System32\drivers\clwvd.sys [31088 2010-07-28] (CyberLink -> CyberLink Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
U3 idsvc; pas de ImagePath
S3 MpKslc18d1926; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38A4166D-0042-4840-A9C0-6DA5FD097304}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-19 08:25 - 2022-03-19 08:35 - 000038593 _____ C:\Users\MARC\Desktop\FRST.txt
2022-03-19 08:19 - 2022-03-19 08:34 - 000000000 ___HD C:\$WinREAgent
2022-03-19 08:14 - 2022-03-19 08:14 - 002364928 _____ (Farbar) C:\Users\MARC\Desktop\FRST64.exe
2022-03-16 21:32 - 2022-03-16 21:32 - 000029470 _____ C:\Users\MARC\Desktop\2022-03-16 demande perm conduire.pdf
2022-03-16 18:54 - 2022-03-16 18:54 - 000000000 ____D C:\Users\MARC\AppData\Local\ElevatedDiagnostics
2022-03-09 19:59 - 2022-03-19 07:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-19 08:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-19 08:34 - 2012-08-29 11:51 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-19 08:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-19 08:30 - 2018-09-23 11:54 - 000000000 ____D C:\FRST
2022-03-19 08:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-19 08:24 - 2020-09-14 12:44 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-19 08:24 - 2020-09-14 12:44 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-19 08:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-19 08:21 - 2016-11-19 22:11 - 000000000 ____D C:\Users\MARC\AppData\LocalLow\Mozilla
2022-03-19 08:18 - 2013-08-18 00:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-19 08:10 - 2022-02-12 08:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-19 08:05 - 2018-09-23 13:48 - 000000000 ____D C:\Program Files\CCleaner
2022-03-19 08:04 - 2020-10-24 08:16 - 000000000 ____D C:\Users\MARC\AppData\Local\D3DSCache
2022-03-19 08:00 - 2012-08-25 21:25 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-19 07:57 - 2016-09-02 12:19 - 000000000 ____D C:\Users\MARC\AppData\LocalLow\AuthenTec
2022-03-19 07:56 - 2020-09-05 20:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-19 07:55 - 2020-09-05 19:54 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-19 07:55 - 2016-09-02 08:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-16 22:32 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-03-16 21:07 - 2018-07-29 21:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-16 21:03 - 2021-10-10 19:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-16 21:02 - 2016-09-02 08:33 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-16 20:56 - 2020-09-05 20:01 - 000000000 ____D C:\Users\MARC
2022-03-16 20:54 - 2020-09-05 19:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-16 19:29 - 2021-12-13 20:12 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2740142851-1224122599-804519661-1368
2022-03-16 19:29 - 2020-10-17 16:40 - 000002453 _____ C:\Users\MARC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-16 19:29 - 2020-09-05 20:42 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2740142851-1224122599-804519661-1368
2022-03-16 19:01 - 2020-11-17 18:56 - 000000000 ____D C:\Users\MARC\AppData\Roaming\Zoom
2022-03-16 18:54 - 2012-08-25 22:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-03-16 18:32 - 2020-09-14 12:44 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-16 18:32 - 2020-09-14 12:44 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-09 22:40 - 2020-09-05 20:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-03-09 20:34 - 2021-07-30 09:07 - 000000000 ____D C:\Program Files\HP
2022-02-25 19:38 - 2020-09-05 20:42 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-20 22:12 - 2021-01-22 22:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-18 21:40 - 2020-09-05 20:24 - 002006262 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-18 21:40 - 2019-12-07 15:49 - 000866962 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-18 21:40 - 2019-12-07 15:49 - 000178276 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-18 21:40 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
==================== Fichiers à la racine de certains dossiers ========
2016-09-02 09:44 - 2016-09-02 09:46 - 002312192 _____ () C:\Users\Romane\ZHPDiag3.exe
2020-07-25 19:10 - 2020-07-25 19:10 - 000000218 _____ () C:\Users\MARC\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par MARC (administrateur) sur ROMANE-HP (Hewlett-Packard HP Pavilion g7 Notebook PC) (19-03-2022 08:25:35)
Exécuté depuis C:\Users\MARC\Desktop
Profils chargés: MARC
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1526 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{C4BFCD26-6397-4029-AD4F-81BA452C4BB1}\99.0.4844.74_99.0.4844.51_chrome_updater.exe
(C:\Program Files (x86)\Google\Update\Install\{C4BFCD26-6397-4029-AD4F-81BA452C4BB1}\99.0.4844.74_99.0.4844.51_chrome_updater.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{C4BFCD26-6397-4029-AD4F-81BA452C4BB1}\CR_D6A0C.tmp\setup.exe <2>
(C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe ->) (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCopyAccelerator.exe
(C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b6c0c6b.exe ->) (Accès refusé) [Fichier non signé] C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\80BBEBF7-D936-4276-AA22-234BC95010D9\MpSigStub.exe
(C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MARC\AppData\Local\Microsoft\OneDrive\22.033.0213.0002\Microsoft.SharePoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-b6c0c6b.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
(services.exe ->) (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé] C:\Windows\SysWOW64\ezSharedSvcHost.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(services.exe ->) (Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (AuthenTec, Inc. -> HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <4>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\OLicenseHeartbeat.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <3>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeC2RClient.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotification.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(wuauclt.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wimserv.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (IDT, Inc.) [Fichier non signé]
HKLM\...\Run: [SetDefault] => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [43320 2011-09-30] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-27] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM-x32\...\Run: [HPQuickWebProxy] => C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2011-10-08] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2011-09-15] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé]
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-27] (EasyBits Software AS -> Easybits)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2740142851-1224122599-804519661-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-2740142851-1224122599-804519661-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-2740142851-1224122599-804519661-1368\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35320448 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2740142851-1224122599-804519661-1368\...\Run: [com.squirrel.Teams.Teams] => C:\Users\MARC\AppData\Local\Microsoft\Teams\Update.exe [1790192 2019-08-07] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-2740142851-1224122599-804519661-1368\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31162800 2021-03-16] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [109080 2018-12-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\hpzppwn7: C:\Windows\System32\spool\prtprocs\x64\hpzppwn7.dll [101376 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP B111 Status Monitor: C:\WINDOWS\system32\hpinkstsB111LM.dll [328552 2012-01-11] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\LIDIL hpzlllhn: C:\WINDOWS\system32\hpzlllhn.dll [48640 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\WINDOWS\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\...\Print\Monitors\PCL hpz3lwn7: C:\WINDOWS\system32\hpz3lwn7.dll [36352 2009-07-14] (Microsoft Windows -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-08] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\Users\MARC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-12-26]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {026C3DA4-0830-4D40-9C17-9B33DC8FFD4A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Pas de fichier <==== ATTENTION
Task: {0346B53E-2535-42C0-92C7-1410271B0C77} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {03798928-E0B4-4EAC-AF8B-88518C73C81E} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {1285CAEE-681B-4BAD-AF23-E2432B30213F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {134B6813-B919-4D1D-8C52-860AFF21B979} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc -> Google Inc.)
Task: {1BD8BA2C-D1EE-4636-8F4E-E15F0C403D03} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D72B7AA-9BF2-4623-99B6-7D7BFD3C7BA0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A047110-9CFE-45CE-80E3-F4E32D241335} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145944 2022-02-25] (HP Inc. -> HP Inc.)
Task: {2A6F5598-B1C9-4442-88B7-D10098C3A152} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-03-16] (Garmin International, Inc. -> )
Task: {2B1FB2BC-7AE8-4C59-9B2C-E2EA905582E0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {2FB55B86-9423-48D3-B3F7-E360F7DD1439} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Pas de fichier <==== ATTENTION
Task: {325271A8-7F7D-4AB4-9265-ACE6062F4C21} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Pas de fichier <==== ATTENTION
Task: {34875839-4E90-4315-8E90-72190E0CBF06} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (Pas de fichier)
Task: {34AB9E6A-B7E1-4B28-A58C-BB7456EBB139} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {357511A0-9054-4477-87D7-76EF66DC3883} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {38927583-37F7-40E8-B298-B094BD61F6EF} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {3BC04557-C54B-4F5B-9A26-D74C06B196D2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3ED32318-AD1C-4CAA-BC7F-0A0FDDCBF152} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110968 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F0DC8F0-D892-43F6-A0B3-771006328491} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {3FF44E4F-7135-4EBA-98DF-0ED1E84DAFA8} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> Pas de fichier <==== ATTENTION
Task: {40F7E584-62D8-4040-8A9F-011D86307AD1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {41C4AFC7-99FA-4C4F-91BD-CDDC6221D061} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {425143BA-DD52-46B8-B3A1-E8ED4272B631} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {4257F046-EBDA-49A7-B4AD-D108F28F3AF5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
Task: {46B5D762-02DB-4CCE-893A-E657D48678CD} - System32\Tasks\CCleanerSkipUAC - MARC => C:\Program Files\CCleaner\CCleaner.exe [29453952 2022-01-25] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {49B334A2-DC84-498F-AF35-2480266309EF} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {4CF61E00-026A-4827-895B-F02A36512C01} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe /launch (Pas de fichier)
Task: {4D192FCC-2A27-49BE-94A5-738BCF5A4810} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6481872 2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {5009C248-DA09-43DF-868F-3D83BC05F949} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {5528F22C-2470-4715-ACAE-E274EF6898C7} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5DAD9CEE-9C7F-4FE0-A134-750E0BEE6BDA} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {61D22165-3EBE-4131-960D-5D2EF60C0968} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {62283640-3650-4865-B9C9-7E6626355890} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {681D8066-700B-4EF3-85CD-E681CB37DCDC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {6B340D2E-C2EF-4817-8D1F-1433891425C3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2296088 2022-03-08] (Avast Software s.r.o. -> Avast Software)
Task: {72DEB8D6-BB6C-4E86-B22B-7B5442945532} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Pas de fichier <==== ATTENTION
Task: {73D87D4B-FF76-413A-BE9B-2ECEFFC57205} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [136368 2022-02-25] (HP Inc. -> HP Inc.)
Task: {74BD8125-DE8B-4D31-B037-8C1DC160BA65} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {760E8B1C-27D9-478F-94B0-26A075D2A69B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {76BB2CFB-828D-4D67-BB07-65507A4A7B8B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {76FD29D8-FDA7-4970-9002-010D6383E943} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {78CAAFC1-F9BF-4719-B1CF-9A00F7C6592E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {7B6F6796-7DF4-42F3-850B-7CDB019E3388} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22580696 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E9DDCBB-71B5-450E-8733-A085AD095C31} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Pas de fichier <==== ATTENTION
Task: {7ED94BF6-968F-4241-B42C-5A5CA0E2B0F9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Pas de fichier <==== ATTENTION
Task: {7F4BD970-DEF1-40A1-9775-DF29038E5653} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {827B18F3-B011-4327-A549-ADFE663E5657} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {8A819526-C421-47E0-8CAC-3A614F442A53} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {8F0BF349-363E-4AA6-AFA0-CE172314A77C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9642BAC5-3632-49D9-B96C-A1EAAA2424C8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Pas de fichier <==== ATTENTION
Task: {9A168B2E-2F09-48EA-9BBE-C86D49C6B4C2} - System32\Tasks\{667F0BE7-EC3A-42C9-A6E0-01E0BE3A58AD} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.5.0.102/fr/abandoninstall?page=tsProgressBar
Task: {9F8219FD-0E17-4D2B-A3F6-E07ED6FFD9AF} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Pas de fichier <==== ATTENTION
Task: {A05A5CBC-7644-47FE-A0A4-D6A8FA88AD08} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {A068EFD2-BFA4-41FB-A1D2-1A09B9910848} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [314032 2022-02-25] (HP Inc. -> HP Inc.)
Task: {A332165A-3C8A-46C4-977D-EF14F5DF40B7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-10] (Adobe Inc. -> Adobe)
Task: {A9765FBE-C790-4A31-87F6-1F3BCD06830D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (Pas de fichier)
Task: {AEBDE765-0F75-4DF9-B17A-B36E1FA7D8C0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {B09F3091-8596-440C-A3E4-BDE83DCDD4CA} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (Pas de fichier)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B6C035CF-EDE2-4766-A615-F085D4EDDA23} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {B6E65BFE-B5EC-4ADF-9F1B-C2EE974BE54F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-01-25] (Piriform Software Ltd -> Piriform)
Task: {BD227C8B-8178-45C5-95FC-2ADC496A49DA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {C3BD79D0-D32C-47E7-B249-F18B246CCE39} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Pas de fichier <==== ATTENTION
Task: {C40E1593-FCEE-4825-9D83-17D6F4AAB6B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {C8783EE1-7E5F-40D7-9FD8-7A602C11C5F9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1178600 2022-03-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {C8A836A3-2AE7-4239-9922-3C0263DA4D50} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {CC5667AE-AF03-4949-9ED4-E58ADED75785} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {CD2FA5EE-D44E-44E2-96BF-B5184AA41EFA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Pas de fichier <==== ATTENTION
Task: {CED0AFEE-3E64-423F-A09A-10C685A4C6BC} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe do-task "E7CF176E110C211B"
Task: {D7D95DAB-3BEF-4C30-8272-AFB085EF516F} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-09-28] (CyberLink -> CyberLink)
Task: {DDB1DD82-54CE-4DA3-8C6A-A944C15FD56C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Pas de fichier <==== ATTENTION
Task: {E01F6503-AEB8-4B7C-BD73-90398DB8F3FD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MpCmdRun.exe [979568 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E725385B-64E7-41F6-A078-E9D15F20ABFD} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {F5510182-3A4B-4EA0-B783-34FA9FB95FF7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Pas de fichier <==== ATTENTION
Task: {F95824EB-EB84-4F1B-B51F-DCD46F8FA9A0} - \Microsoft\Windows\Setup\gwx\rundetector -> Pas de fichier <==== ATTENTION
Task: {FB631310-E538-4B6B-8006-8B7245538B85} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {FB8AEB84-6461-4CF8-8243-650FD2072D0B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Pas de fichier <==== ATTENTION
Task: {FDC01BC2-49F4-4AD4-8ABE-03352BE14E00} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{07670b36-3878-4da3-90a7-0b7cde298adb}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{9907d39d-12db-489a-86c2-76433adaefab}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\MARC\AppData\Local\Microsoft\Edge\User Data\Default [2022-03-16]
FireFox:
========
FF DefaultProfile: 3hiiob30.default
FF ProfilePath: C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default [2022-03-19]
FF Homepage: Mozilla\Firefox\Profiles\3hiiob30.default -> hxxps://www.google.fr/
FF Extension: (cacaoweb) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\cacaoweb@cacaoweb.org [2018-02-26] [] [non signé]
FF Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\firefox@ghostery.com.xpi [2022-02-11]
FF Extension: (hotfix-update-xpi-intermediate) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\hotfix-update-xpi-intermediate@mozilla.com.xpi [2019-05-15]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\MARC\AppData\Roaming\Mozilla\Firefox\Profiles\3hiiob30.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-11-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-10] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1227197.dll [2017-02-20] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2740142851-1224122599-804519661-1368: SkypePlugin -> C:\Users\MARC\AppData\Local\SkypePlugin\7.28.0.46\npGatewayNpapi.dll [2016-11-03] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2740142851-1224122599-804519661-1368: SkypePlugin64 -> C:\Users\MARC\AppData\Local\SkypePlugin\7.28.0.46\npGatewayNpapi-x64.dll [2016-11-03] (Microsoft Corporation -> Skype Technologies S.A.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default [2022-03-09]
CHR HomePage: Default -> hxxp://www.google.com/
CHR Extension: (Slides) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Docs) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drive) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-10-13]
CHR Extension: (Website Logon) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfmogjcijkfeahcajecmmegieipfbdcc [2016-09-28]
CHR Extension: (Appel Skype) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-11-21]
CHR Extension: (YouTube) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-28]
CHR Extension: (Sheets) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs hors connexion) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-01-17]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-01-17]
CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-01-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-01-17]
CHR Extension: (Gmail) - C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2022-01-17]
CHR Profile: C:\Users\MARC\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-05-28]
CHR Profile: C:\Users\MARC\AppData\Local\Google\Chrome\User Data\System Profile [2021-05-28]
CHR HKLM-x32\...\Chrome\Extension: [bfmogjcijkfeahcajecmmegieipfbdcc] - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx [2011-08-17]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-10] (Adobe Inc. -> Adobe)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11649952 2022-03-08] (Microsoft Corporation -> Microsoft Corporation)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé]
R2 FPLService; C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe [260424 2011-08-19] (AuthenTec, Inc. -> HP)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [761856 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [760864 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [756720 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [760304 2022-02-25] (HP Inc. -> HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2425960 2011-09-01] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [305152 2011-09-08] (IDT, Inc.) [Fichier non signé]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\NisSrv.exe [3046608 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2202.4-0\MsMpEng.exe [132504 2022-03-16] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 clwvd; C:\WINDOWS\System32\drivers\clwvd.sys [31088 2010-07-28] (CyberLink -> CyberLink Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-03-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [439544 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-03-16] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
U3 idsvc; pas de ImagePath
S3 MpKslc18d1926; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38A4166D-0042-4840-A9C0-6DA5FD097304}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-19 08:25 - 2022-03-19 08:35 - 000038593 _____ C:\Users\MARC\Desktop\FRST.txt
2022-03-19 08:19 - 2022-03-19 08:34 - 000000000 ___HD C:\$WinREAgent
2022-03-19 08:14 - 2022-03-19 08:14 - 002364928 _____ (Farbar) C:\Users\MARC\Desktop\FRST64.exe
2022-03-16 21:32 - 2022-03-16 21:32 - 000029470 _____ C:\Users\MARC\Desktop\2022-03-16 demande perm conduire.pdf
2022-03-16 18:54 - 2022-03-16 18:54 - 000000000 ____D C:\Users\MARC\AppData\Local\ElevatedDiagnostics
2022-03-09 19:59 - 2022-03-19 07:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-19 08:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-19 08:34 - 2012-08-29 11:51 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-19 08:32 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-19 08:30 - 2018-09-23 11:54 - 000000000 ____D C:\FRST
2022-03-19 08:27 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-19 08:24 - 2020-09-14 12:44 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-19 08:24 - 2020-09-14 12:44 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-19 08:24 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-19 08:21 - 2016-11-19 22:11 - 000000000 ____D C:\Users\MARC\AppData\LocalLow\Mozilla
2022-03-19 08:18 - 2013-08-18 00:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-19 08:10 - 2022-02-12 08:16 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-03-19 08:05 - 2018-09-23 13:48 - 000000000 ____D C:\Program Files\CCleaner
2022-03-19 08:04 - 2020-10-24 08:16 - 000000000 ____D C:\Users\MARC\AppData\Local\D3DSCache
2022-03-19 08:00 - 2012-08-25 21:25 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-03-19 07:57 - 2016-09-02 12:19 - 000000000 ____D C:\Users\MARC\AppData\LocalLow\AuthenTec
2022-03-19 07:56 - 2020-09-05 20:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-19 07:55 - 2020-09-05 19:54 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-19 07:55 - 2016-09-02 08:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-16 22:32 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-03-16 21:07 - 2018-07-29 21:42 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-03-16 21:03 - 2021-10-10 19:00 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-16 21:02 - 2016-09-02 08:33 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-16 20:56 - 2020-09-05 20:01 - 000000000 ____D C:\Users\MARC
2022-03-16 20:54 - 2020-09-05 19:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-16 19:29 - 2021-12-13 20:12 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2740142851-1224122599-804519661-1368
2022-03-16 19:29 - 2020-10-17 16:40 - 000002453 _____ C:\Users\MARC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-16 19:29 - 2020-09-05 20:42 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2740142851-1224122599-804519661-1368
2022-03-16 19:01 - 2020-11-17 18:56 - 000000000 ____D C:\Users\MARC\AppData\Roaming\Zoom
2022-03-16 18:54 - 2012-08-25 22:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-03-16 18:32 - 2020-09-14 12:44 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-16 18:32 - 2020-09-14 12:44 - 000003510 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-03-09 22:40 - 2020-09-05 20:42 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2022-03-09 20:34 - 2021-07-30 09:07 - 000000000 ____D C:\Program Files\HP
2022-02-25 19:38 - 2020-09-05 20:42 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-02-20 22:12 - 2021-01-22 22:28 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-02-18 21:40 - 2020-09-05 20:24 - 002006262 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-02-18 21:40 - 2019-12-07 15:49 - 000866962 _____ C:\WINDOWS\system32\perfh00C.dat
2022-02-18 21:40 - 2019-12-07 15:49 - 000178276 _____ C:\WINDOWS\system32\perfc00C.dat
2022-02-18 21:40 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
==================== Fichiers à la racine de certains dossiers ========
2016-09-02 09:44 - 2016-09-02 09:46 - 002312192 _____ () C:\Users\Romane\ZHPDiag3.exe
2020-07-25 19:10 - 2020-07-25 19:10 - 000000218 _____ () C:\Users\MARC\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================