Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 11-07-2022
Exécuté par Aïcha (administrateur) sur LAPTOP-4HC4E7Q4 (HP HP Notebook) (13-07-2022 18:08:35)
Exécuté depuis C:\Users\Aïcha\Desktop
Profils chargés: Aïcha
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1766 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1790_none_7df2aec07ca10e81\TiWorker.exe
Impossible d'accéder au processus -> VpnUpdate.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8850688 2016-03-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart (Pas de fichier)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [Opera Browser Assistant] => C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [MicrosoftEdgeAutoLaunch_1A88EEAF3B688B620D91AC8B26D0F141] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {ac9d3c30-c61b-11ec-badf-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {ac9d3f2a-c61b-11ec-badf-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {d0cc0f40-1d26-11ec-b9d2-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [509952 2019-08-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\WINDOWS\system32\CNMLMAE.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1338368 2019-08-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [327680 2010-02-05] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-07-11]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {044BEC7B-376C-4B45-B0D6-6F467F0722EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {04A5D012-4934-4731-A878-9CE0D4483032} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1002D295-F068-4738-825B-888B521E917D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
Task: {19CDD105-14FC-4E4E-ADCC-D3B6DFE2784F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22C98CBF-A1AC-4732-BBC9-46A0EF626A7A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier)
Task: {2843064E-8136-46A2-B70E-BF07A1B3E0D0} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-10-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {2CBE7BC2-CDA5-416B-9022-B34EA7711624} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {302AC532-966E-40C7-8764-0752B1FA9265} - System32\Tasks\Opera scheduled assistant Autoupdate 1582724596 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {32867C71-3B34-468C-9FA3-71F75C4B9882} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {34BEA60E-5E9C-4DEF-AF3E-19A7F86E0D69} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {514B95E7-CC26-41AD-8353-4C60436A20DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52D49DC5-0054-482F-AE3C-F0FB1D009A48} - System32\Tasks\HPDAS => C:\Program [Argument = Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]
Task: {5EC5BDED-01A1-4D46-B07C-D18827A85C92} - System32\Tasks\Opera scheduled Autoupdate 1575394450 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software)
Task: {78C92577-025D-4AA7-8E2D-E9672787A0DA} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {81AF02B1-12F9-4F83-BD94-F203470D591E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {82D51C28-3169-4C82-A2DA-4DEDA4ABB05F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {8CC0A316-B823-4A91-8D0F-6814BE838B32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {8ED7A6D9-057C-452D-9BDA-0A0FBD06F808} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4057811618-3854163365-3257520157-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {970A752A-D6B0-4A85-B463-9366B625C87B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {A56F5C9A-F8E1-44DC-BAA0-7BF2F0E4039E} - System32\Tasks\HPCeeScheduleForAïcha => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {C5FC1744-0A38-4ED7-A265-D70968F56467} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier)
Task: {D795DE09-9316-436F-8FF6-3A40D75B5427} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E02F73EB-A5AA-4669-849E-C6451D013605} - System32\Tasks\CCleanerSkipUAC - Aïcha => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E1B4E056-B798-481E-A28D-3D5DED57A241} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8EEB020-C36F-41E5-8C68-725A93254746} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForAïcha.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{e3fa0faa-78f0-46c6-888c-fd6da6e5c0b9}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
DownloadDir: C:\Users\Aïcha\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Aïcha\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-13]
Edge DownloadDir: Default -> C:\Users\Aïcha\Downloads
Edge StartupUrls: Default -> "hxxp://google.com/"
Edge DefaultSearchURL: Default -> hxxps://www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
FireFox:
========
FF DefaultProfile: vk5a6bvu.default-1575304368014
FF ProfilePath: C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014 [2022-07-13]
FF Notifications: Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014 -> hxxps://www.larbredesrefuges.com; hxxps://www.futura-sciences.com; hxxps://www.lemonde.fr; hxxps://www.politis.fr; hxxps://forums.futura-sciences.com; hxxps://www.conforama.fr; hxxps://www.science-et-vie.com
FF Extension: (Tab Suspender) - C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014\Extensions\tabsuspender@michalewiczpiotr.xpi [2020-01-24]
FF Extension: (uBlock Origin) - C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014\Extensions\uBlock0@raymondhill.net.xpi [2022-06-15]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1233203.dll [2018-05-15] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default [2022-07-12]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.sncf-connect.com
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_wnzp01_14_35_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyzztAzy0CtAyB0EtD0CtBtN0D0Tzu0SzyyBtDtN1L2XzutAtFtDtFtCtDtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StByE0A0A0CyCtD0BtG0A0B0AyBtG0ByE0B0EtGyB0F0AtBtGyB0D0DtCyC0FzyzyyB0E0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCyDzzzz0C0A0AtGyBtB0ByDtGyEyD0BtDtGzzzzzy0AtG0EyDtBtCtC0EtDtCtCtAzytC2Q&cr=1185160653&uref=308&ir=
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl"
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-07-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-08]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-06-13]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-04]
CHR HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Opera:
=======
OPR Profile: C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable [2022-07-13]
OPR Notifications: Opera Stable -> hxxps://forums.futura-sciences.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-23]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-06]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-20]
Exécuté par Aïcha (administrateur) sur LAPTOP-4HC4E7Q4 (HP HP Notebook) (13-07-2022 18:08:35)
Exécuté depuis C:\Users\Aïcha\Desktop
Profils chargés: Aïcha
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1766 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\ApplePhotoStreams.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudCKKS.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudDrive.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudPhotos.exe
(explorer.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant\browser_assistant.exe <2>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MusNotifyIcon.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe <2>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(svchost.exe ->) (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_13.4.99.0_x86__nzyj5cx40ttqa\iCloud\secd.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1790_none_7df2aec07ca10e81\TiWorker.exe
Impossible d'accéder au processus -> VpnUpdate.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8850688 2016-03-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [GoogleDriveSync] => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart (Pas de fichier)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [36976728 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [Opera Browser Assistant] => C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4110832 2022-07-06] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [MicrosoftEdgeAutoLaunch_1A88EEAF3B688B620D91AC8B26D0F141] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3601824 2022-07-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {ac9d3c30-c61b-11ec-badf-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {ac9d3f2a-c61b-11ec-badf-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {d0cc0f40-1d26-11ec-b9d2-548ca0548d6a} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [509952 2019-08-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\WINDOWS\system32\CNMLMAE.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1338368 2019-08-02] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [327680 2010-02-05] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\103.0.5060.114\Installer\chrmstp.exe [2022-07-06] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast SecureLine VPN.lnk [2019-07-11]
ShortcutTarget: Avast SecureLine VPN.lnk -> C:\Program Files\AVAST Software\SecureLine\Vpn.exe (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {044BEC7B-376C-4B45-B0D6-6F467F0722EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /taskrestart (Pas de fichier)
Task: {04A5D012-4934-4731-A878-9CE0D4483032} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {1002D295-F068-4738-825B-888B521E917D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe /L Analysis (Pas de fichier)
Task: {19CDD105-14FC-4E4E-ADCC-D3B6DFE2784F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22C98CBF-A1AC-4732-BBC9-46A0EF626A7A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe -task -source HPSA (Pas de fichier)
Task: {2843064E-8136-46A2-B70E-BF07A1B3E0D0} - System32\Tasks\Avast SecureLine VPN Update => c:\program files\avast software\secureline\vpnupdate.exe [1390472 2019-10-24] (AVAST Software s.r.o. -> AVAST Software)
Task: {2CBE7BC2-CDA5-416B-9022-B34EA7711624} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {302AC532-966E-40C7-8764-0752B1FA9265} - System32\Tasks\Opera scheduled assistant Autoupdate 1582724596 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {32867C71-3B34-468C-9FA3-71F75C4B9882} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {34BEA60E-5E9C-4DEF-AF3E-19A7F86E0D69} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2022-06-20] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {514B95E7-CC26-41AD-8353-4C60436A20DC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {52D49DC5-0054-482F-AE3C-F0FB1D009A48} - System32\Tasks\HPDAS => C:\Program [Argument = Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]
Task: {5EC5BDED-01A1-4D46-B07C-D18827A85C92} - System32\Tasks\Opera scheduled Autoupdate 1575394450 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2518008 2022-07-05] (Opera Norway AS -> Opera Software)
Task: {78C92577-025D-4AA7-8E2D-E9672787A0DA} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {81AF02B1-12F9-4F83-BD94-F203470D591E} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {82D51C28-3169-4C82-A2DA-4DEDA4ABB05F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {8CC0A316-B823-4A91-8D0F-6814BE838B32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {8ED7A6D9-057C-452D-9BDA-0A0FBD06F808} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-4057811618-3854163365-3257520157-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214152 2022-06-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {970A752A-D6B0-4A85-B463-9366B625C87B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe /noreport (Pas de fichier)
Task: {A56F5C9A-F8E1-44DC-BAA0-7BF2F0E4039E} - System32\Tasks\HPCeeScheduleForAïcha => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97848 2016-01-22] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {C5FC1744-0A38-4ED7-A265-D70968F56467} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe (Pas de fichier)
Task: {D795DE09-9316-436F-8FF6-3A40D75B5427} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E02F73EB-A5AA-4669-849E-C6451D013605} - System32\Tasks\CCleanerSkipUAC - Aïcha => C:\Program Files\CCleaner\CCleaner.exe [31027800 2022-06-14] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E1B4E056-B798-481E-A28D-3D5DED57A241} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-06-23] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E8EEB020-C36F-41E5-8C68-725A93254746} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForAïcha.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{e3fa0faa-78f0-46c6-888c-fd6da6e5c0b9}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Edge:
=======
DownloadDir: C:\Users\Aïcha\Downloads
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Aïcha\AppData\Local\Microsoft\Edge\User Data\Default [2022-07-13]
Edge DownloadDir: Default -> C:\Users\Aïcha\Downloads
Edge StartupUrls: Default -> "hxxp://google.com/"
Edge DefaultSearchURL: Default -> hxxps://www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
FireFox:
========
FF DefaultProfile: vk5a6bvu.default-1575304368014
FF ProfilePath: C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014 [2022-07-13]
FF Notifications: Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014 -> hxxps://www.larbredesrefuges.com; hxxps://www.futura-sciences.com; hxxps://www.lemonde.fr; hxxps://www.politis.fr; hxxps://forums.futura-sciences.com; hxxps://www.conforama.fr; hxxps://www.science-et-vie.com
FF Extension: (Tab Suspender) - C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014\Extensions\tabsuspender@michalewiczpiotr.xpi [2020-01-24]
FF Extension: (uBlock Origin) - C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\vk5a6bvu.default-1575304368014\Extensions\uBlock0@raymondhill.net.xpi [2022-06-15]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1233203.dll [2018-05-15] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default [2022-07-12]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.sncf-connect.com
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_wnzp01_14_35_ch&cd=2XzuyEtN2Y1L1Qzu0CzztD0A0AzyzztAzy0CtAyB0EtD0CtBtN0D0Tzu0SzyyBtDtN1L2XzutAtFtDtFtCtDtFyEtN1L1CzutCyEtBzytDyD1V1QtN1L1G1B1V1N2Y1L1Qzu2StByE0A0A0CyCtD0BtG0A0B0AyBtG0ByE0B0EtGyB0F0AtBtGyB0D0DtCyC0FzyzyyB0E0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCyDzzzz0C0A0AtGyBtB0ByDtGyEyD0BtDtGzzzzzy0AtG0EyDtBtCtC0EtDtCtCtAzytC2Q&cr=1185160653&uref=308&ir=
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl"
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2022-07-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-08]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2022-06-13]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-12-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-04]
CHR HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
Opera:
=======
OPR Profile: C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable [2022-07-13]
OPR Notifications: Opera Stable -> hxxps://forums.futura-sciences.com
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-05-23]
OPR Extension: (Opera Crypto Wallet) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2022-06-06]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Aïcha\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-09-20]