Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2022
Exécuté par Guillaume (administrateur) sur ORDINATEUR-GUIL (HP HP Laptop 17-bs0xx) (05-12-2022 14:38:03)
Exécuté depuis C:\Users\Guillaume\Desktop
Profils chargés: Guillaume
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2251 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\rpbgdownloader.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\c0327636.inf_amd64_fc02dfa5d07908ac\B324667\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0327636.inf_amd64_fc02dfa5d07908ac\B324667\atieclxx.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Mike Edward Moras (www.e-sushi.net)) [Fichier non signé] C:\Program Files (x86)\MiniBin\MiniBin.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealPlayer\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0327636.inf_amd64_fc02dfa5d07908ac\B324667\atiesrxx.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registre (Tous(tes)) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [86016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617808 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3666528 2018-03-27] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [MiniBin] => C:\Program Files (x86)\MiniBin\MiniBin.exe [71168 2014-03-21] (Mike Edward Moras (www.e-sushi.net)) [Fichier non signé]
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [347560 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => c:\program files (x86)\real\realplayer\downloader2.exe [1187752 2021-10-26] (RealNetworks, Inc. -> )
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [58368 2022-06-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [5143288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4515728 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [30870320 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [30870320 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\Run: [f.lux] => C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {3571ed3e-7570-11ec-9a70-30e17136772e} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {65380f2c-5867-11ed-9a9b-30e17136772e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {895aff1d-235b-11ec-9a51-541379cb61bd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {abb98c2c-ba13-11ea-99ed-30e17136772e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {b2e71fc3-0e50-11ed-9a8c-30e17136772e} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Providers\Internet Print Provider: C:\WINDOWS\system32\inetpp.dll [184320 2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINDOWS\system32\win32spl.dll [1320448 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dll [46080 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Appmon: C:\WINDOWS\system32\AppMon.dll [118784 2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Local Port: C:\WINDOWS\system32\localspl.dll [1272320 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\WINDOWS\system32\FXSMON.DLL [49152 2022-08-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\WINDOWS\system32\tcpmon.dll [242688 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\USB Monitor: C:\WINDOWS\system32\usbmon.dll [1172992 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\WSD Port: C:\WINDOWS\system32\APMon.dll [1640960 2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\system32\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\WINDOWS\system32\themeui.dll [2022-08-01] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINDOWS\system32\shell32.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\System32\ie4uinit.exe [2022-03-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.71\Installer\chrmstp.exe [2022-12-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{01A30791-40AE-4653-AB2E-FD210019AE88}] -> C:\WINDOWS\system32\mgmtrefreshcredprov.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1b283861-754f-4022-ad47-a5eaaa618894}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1ee7337f-85ac-45e2-a23c-37c753209769}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{2135f72a-90b5-4ed3-a7f1-8bb705ac276a}] -> C:\WINDOWS\system32\credprovslegacy.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{27FBDB57-B613-4AF2-9D7E-4FA7A66C21AD}] -> C:\WINDOWS\system32\TrustedSignalCredProv.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{2D8B3101-E025-480D-917C-835522C7F628}] ->
HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{48B4E58D-2791-456C-9091-D524C6C706F2}] -> C:\Windows\System32\devicengccredprov.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{600e7adb-da3e-41a4-9225-3c0399e88c0c}] -> C:\WINDOWS\system32\cngcredui.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\Windows\System32\FaceCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8FD7E19C-3BF7-489B-A72C-846AB3678C96}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{A910D941-9DA9-4656-8933-AA1EAE01F76E}] ->
HKLM\Software\...\Authentication\Credential Providers: [{BEC09223-B018-416D-A0AC-523971B639F5}] -> C:\WINDOWS\System32\BioCredProv.dll [2022-03-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C5D7540A-CD51-453B-B22B-05305BA03F07}] -> C:\Windows\System32\cxcredprov.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> C:\Windows\System32\FaceCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{cb82ea12-9f71-446d-89e1-8d0924e1256e}] -> C:\WINDOWS\system32\credprovslegacy.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{D6886603-9D2F-4EB2-B667-1971041FA96B}] -> C:\Windows\System32\ngccredprov.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{e74e57b0-6c6d-44d5-9cda-fb2df5ed7435}] -> C:\WINDOWS\system32\certCredProvider.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\WINDOWS\system32\wlidcredprov.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A1793B-7873-4046-B2A7-1F318747F427}] -> C:\WINDOWS\system32\fidocredprov.dll [2022-06-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\PLAP Providers: [{5537E283-B1E7-4EF8-9C6E-7AB0AFE5056D}] -> C:\WINDOWS\system32\rasplap.dll [2021-03-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\WINDOWS\system32\wlgpclnt.dll [2020-10-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> C:\WINDOWS\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\WINDOWS\system32\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINDOWS\System32\dskquota.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4bcd6cde-777b-48b6-9804-43568e23545d}] -> C:\WINDOWS\System32\TsUsbRedirectionGroupPolicyExtension.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\Windows\System32\iedkcs32.dll [2021-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4D2F9B6F-1E52-4711-A382-6A8B1A003DE6}] -> C:\Windows\System32\tsworkspace.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> C:\WINDOWS\system32\WorkFoldersGPExt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\WINDOWS\system32\dmenrollengine.dll [2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7933F41E-56F8-41d6-A31C-4148A711EE93}] -> C:\WINDOWS\System32\srchadmin.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\Windows\System32\iedkcs32.dll [2021-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINDOWS\system32\scecli.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{8A28E2C5-8D06-49A4-A08C-632DAA493E17}] -> C:\WINDOWS\system32\gpprnext.dll [2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\WINDOWS\system32\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> C:\WINDOWS\system32\pwlauncher.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> C:\WINDOWS\system32\pwlauncher.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\Windows\System32\iedkcs32.dll [2021-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CFF649BD-601D-4361-AD3D-0FC365DB4DB7}] -> C:\WINDOWS\system32\domgmt.dll [2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINDOWS\System32\polstore.dll [2022-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> C:\WINDOWS\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2021-10-26]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {006FF8C9-ECF0-48C9-A8B6-976DE8605792} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\realplayer\downloader2.exe [1187752 2021-10-26] (RealNetworks, Inc. -> )
Task: {0ABC66F8-4AB7-4849-B710-842FD94EC9D5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2644048146-3591290280-456748794-1001 => c:\program files (x86)\real\realplayer\realupgrade.exe [129960 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Guillaume\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {23C4265A-80BD-4C8D-9C83-BB500A1D8A97} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {260108ED-CB08-4793-8314-0A1CEC434900} - System32\Tasks\GoogleUpdateTaskMachineCore1d33ac575abb9de => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-01] (Google Inc -> Google Inc.)
Task: {2B333FEE-44AA-4BF0-9A6B-EA6DB8A2C2CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2FBC0DE0-FC6C-495D-83A0-72AAF914F304} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {506F07B4-38D0-4859-BA37-3DE23416C8D7} - System32\Tasks\CCleanerSkipUAC - Guillaume => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {54BDAE4E-FB87-463B-BDF3-9DD47DC5B635} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2644048146-3591290280-456748794-1004 => C:\Users\Guillaume\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {6CE62FD4-311F-44CC-8F6D-D5EEF7F89DA0} - System32\Tasks\GoogleUpdateTaskMachineUA1d33ac575b07eb5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-01] (Google Inc -> Google Inc.)
Task: {7C879389-4CE5-41BC-9C2E-62E24E3C4465} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9405EEEE-1768-4FE6-A2C9-AC5C611667A8} - System32\Tasks\RtHDVBg_Session => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617808 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9A2FA182-426D-4F7A-B52A-3C17BF9FE4D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {B774B15A-A78A-4431-9E64-2EC5889FF29D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {CDDDCE5F-FC64-4ECD-805C-3E71EDC3E46C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D32FB8C0-ECD9-489C-85E2-90A803A6049E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2644048146-3591290280-456748794-1001 => c:\program files (x86)\real\realplayer\realupgrade.exe [129960 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E4867ED6-D54E-4AC6-A696-429BEC5B94E1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E587BFAE-30F3-4C53-B0BE-A76430CA2BD7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-02-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F9873F71-06D4-4D01-9FF8-350730F0A25C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2644048146-3591290280-456748794-1005 => C:\Users\Guillaume\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{691df93c-2ca0-4943-9379-d0ab7679228d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd0c7a51-e493-4378-ae86-907fc506cb88}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e63f2a8c-1f00-40b3-812a-8301a5e6f60e}: [DhcpNameServer] 192.168.43.1
Edge:
=======
DownloadDir: C:\Users\Guillaume\Desktop
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FireFox:
========
FF DefaultProfile: mqr614be.default
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default [2022-12-05]
FF DownloadDir: D:\Téléchargements
FF Homepage: Mozilla\Firefox\Profiles\mqr614be.default -> hxxps://www.google.fr/webhp?hl=fr&sa=X&ved=0ahUKEwjc2IOk9fvzAhVOyYUKHcr6DJgQPAgI
FF NewTabOverride: Mozilla\Firefox\Profiles\mqr614be.default -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF NewTabOverride: Mozilla\Firefox\Profiles\mqr614be.default -> Disabled: newtaboverride@agenedia.com
FF Extension: (Don't Accept image/webp) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\dont-accept-webp@jeffersonscher.com.xpi [2022-05-03]
FF Extension: (Stop AutoPlay Next for YouTube™) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\jid1-nbzaq9ol2hyY64gGe@jetpack.xpi [2021-02-16]
FF Extension: (New Tab Override) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\newtaboverride@agenedia.com.xpi [2021-11-03]
FF Extension: (Page Saver WE) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\pagesaver@pearlcrescent.com.xpi [2022-07-29]
FF Extension: (uBlock Origin) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\uBlock0@raymondhill.net.xpi [2022-11-14]
FF Extension: (Yosemite_2.0) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{645d2271-a7f6-4cd8-880c-15192b7d9d95}.xpi [2019-07-11]
FF Extension: (New Tab Homepage) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2020-11-17]
FF Extension: (Alpsemite Grey Theme) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{bef387af-0bce-4f4c-bf6b-6ab101f1753b}.xpi [2019-07-11]
FF Extension: (semitransparent grey light) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{cec4ccc4-c6cb-41ab-9e4b-c45d659edaf1}.xpi [2019-07-11]
FF Plugin-x32: @real.com/nppl3260;version=20.0.6.303 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.0.6.303 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2021-10-26] (RealNetworks, Inc. -> RealPlayer)
Chrome:
=======
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default [2022-11-30]
CHR DownloadDir: C:\Users\Guillaume\Desktop
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.kozikaza.com/kaza/fdb832b9-c37d-4046-8e9e-80125e9cc713/3Dplan?noredirect=true#kaza_menu"
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-24]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-26] (Malwarebytes Inc -> Malwarebytes)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [38856 2021-10-18] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [991168 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [215992 2018-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthAudioHF; C:\WINDOWS\System32\drivers\RtkHfp.sys [116232 2016-10-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-10-22] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl0a81c53d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2338C680-251E-4228-B8D0-91AC3A31263A}\MpKslDrv.sys [214280 2022-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslf24372d3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2338C680-251E-4228-B8D0-91AC3A31263A}\MpKslDrv.sys [214280 2022-12-05] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-05 14:38 - 2022-12-05 14:39 - 000036881 _____ C:\Users\Guillaume\Desktop\FRST.txt
2022-12-05 14:36 - 2022-12-05 14:38 - 000000000 ____D C:\FRST
2022-12-05 14:35 - 2022-12-05 14:35 - 002375680 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2022-11-26 09:54 - 2022-11-26 09:57 - 000000000 ____D C:\Users\Guillaume\Desktop\2020 7 Poull Manou Lot 26 60 K
2022-11-26 09:13 - 2022-11-26 09:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-11 09:51 - 2022-11-11 09:51 - 000000000 ___HD C:\$WinREAgent
2022-11-11 09:47 - 2022-11-11 09:47 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-11 09:47 - 2022-11-11 09:47 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-11 09:47 - 2022-11-11 09:47 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-11 09:46 - 2022-11-11 09:46 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 12:35 - 2022-11-09 12:35 - 000000798 _____ C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jumper.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-05 14:38 - 2020-10-09 18:53 - 001926126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-05 14:38 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2022-12-05 14:38 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2022-12-05 14:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-05 14:38 - 2017-10-01 16:56 - 000000000 ____D C:\Users\Guillaume\AppData\LocalLow\Mozilla
2022-12-05 14:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-05 14:32 - 2017-10-01 16:16 - 000000000 ____D C:\Program Files\CCleaner
2022-12-05 14:32 - 2017-10-01 15:54 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-05 14:30 - 2020-10-09 18:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-05 14:30 - 2020-10-09 18:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-05 14:30 - 2020-10-09 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-05 14:30 - 2020-10-09 18:17 - 000000000 ____D C:\Users\Guillaume
2022-12-05 14:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-05 14:30 - 2017-09-30 16:40 - 000000000 __SHD C:\Users\Guillaume\IntelGraphicsProfiles
2022-11-30 16:05 - 2021-10-26 15:08 - 000003596 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2644048146-3591290280-456748794-1001
2022-11-30 16:05 - 2021-10-26 15:08 - 000003534 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2644048146-3591290280-456748794-1001
2022-11-30 13:54 - 2017-10-01 18:11 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\XnView
2022-11-30 13:53 - 2021-02-17 17:17 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-30 13:53 - 2018-07-16 20:06 - 000000000 ____D C:\Users\Guillaume\AppData\Local\CrashDumps
2022-11-30 13:02 - 2020-10-09 18:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-28 10:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-26 13:42 - 2018-11-11 21:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-26 13:42 - 2017-10-01 16:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-26 13:41 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-26 09:12 - 2018-11-12 10:16 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-26 09:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-13 16:31 - 2017-10-01 17:47 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Mp3tag
2022-11-13 11:08 - 2022-05-03 09:37 - 000034205 _____ C:\Users\Guillaume\Desktop\Poids 2022.ods
2022-11-11 10:12 - 2020-10-09 18:42 - 000470520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-11 10:11 - 2017-08-02 01:19 - 000000000 ____D C:\ProgramData\Realtek
2022-11-11 09:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-11 09:51 - 2018-05-02 10:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-11 09:46 - 2020-10-09 18:45 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-11 09:31 - 2017-09-30 18:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-10 22:01 - 2017-09-30 18:23 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 12:35 - 2022-09-14 12:45 - 000000716 _____ C:\Users\Guillaume\Desktop\Jumper.lnk
2022-11-06 11:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-05 12:03 - 2022-10-20 14:31 - 000000000 ____D C:\Users\Guillaume\Desktop\A voir
2022-11-05 12:01 - 2021-10-22 10:25 - 000000000 ____D C:\Users\Guillaume\Desktop\Aeps
==================== Fichiers à la racine de certains dossiers ========
2017-10-01 15:54 - 2017-10-01 15:54 - 004096000 _____ () C:\Program Files (x86)\GUT136D.tmp
2017-09-30 16:40 - 2022-12-05 14:30 - 007868430 _____ () C:\Users\Guillaume\AppData\Local\BTServer.log
2017-10-01 14:41 - 2017-10-01 14:41 - 000000017 _____ () C:\Users\Guillaume\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Guillaume (administrateur) sur ORDINATEUR-GUIL (HP HP Laptop 17-bs0xx) (05-12-2022 14:38:03)
Exécuté depuis C:\Users\Guillaume\Desktop
Profils chargés: Guillaume
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.2251 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\rpbgdownloader.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\c0327636.inf_amd64_fc02dfa5d07908ac\B324667\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0327636.inf_amd64_fc02dfa5d07908ac\B324667\atieclxx.exe
(explorer.exe ->) (F.lux Software LLC -> f.lux Software LLC) C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe
(explorer.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Mike Edward Moras (www.e-sushi.net)) [Fichier non signé] C:\Program Files (x86)\MiniBin\MiniBin.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11>
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealPlayer\downloader2.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0327636.inf_amd64_fc02dfa5d07908ac\B324667\atiesrxx.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtAudioServ.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(services.exe ->) (RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registre (Tous(tes)) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [86016 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617808 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3666528 2018-03-27] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [MiniBin] => C:\Program Files (x86)\MiniBin\MiniBin.exe [71168 2014-03-21] (Mike Edward Moras (www.e-sushi.net)) [Fichier non signé]
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [347560 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => c:\program files (x86)\real\realplayer\downloader2.exe [1187752 2021-10-26] (RealNetworks, Inc. -> )
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe [58368 2022-06-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [5143288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Winlogon: [Shell] C:\Windows\SysWOW64\explorer.exe [4515728 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Policies\Explorer: [ForceActiveDesktopOn] 0
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1
HKLM\...\Policies\Explorer: [NoRecentDocsHistory] 0
HKU\S-1-5-19\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [30870320 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [OneDriveSetup] => C:\Windows\SysWOW64\OneDriveSetup.exe [30870320 2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\Run: [f.lux] => C:\Users\Guillaume\AppData\Local\FluxSoftware\Flux\flux.exe [1511824 2021-02-04] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {3571ed3e-7570-11ec-9a70-30e17136772e} - "H:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {65380f2c-5867-11ed-9a9b-30e17136772e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {895aff1d-235b-11ec-9a51-541379cb61bd} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {abb98c2c-ba13-11ea-99ed-30e17136772e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-2644048146-3591290280-456748794-1001\...\MountPoints2: {b2e71fc3-0e50-11ed-9a8c-30e17136772e} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Providers\Internet Print Provider: C:\WINDOWS\system32\inetpp.dll [184320 2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINDOWS\system32\win32spl.dll [1320448 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\winprint: C:\Windows\System32\spool\prtprocs\x64\winprint.dll [46080 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Appmon: C:\WINDOWS\system32\AppMon.dll [118784 2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Local Port: C:\WINDOWS\system32\localspl.dll [1272320 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Microsoft Shared Fax Monitor: C:\WINDOWS\system32\FXSMON.DLL [49152 2022-08-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\Standard TCP/IP Port: C:\WINDOWS\system32\tcpmon.dll [242688 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\USB Monitor: C:\WINDOWS\system32\usbmon.dll [1172992 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Print\Monitors\WSD Port: C:\WINDOWS\system32\APMon.dll [1640960 2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\system32\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\WINDOWS\system32\themeui.dll [2022-08-01] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\system32\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINDOWS\system32\shell32.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\Windows\System32\ie4uinit.exe [2022-03-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\108.0.5359.71\Installer\chrmstp.exe [2022-12-01] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINDOWS\SysWOW64\unregmp2.exe [2019-12-06] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\mscories.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{01A30791-40AE-4653-AB2E-FD210019AE88}] -> C:\WINDOWS\system32\mgmtrefreshcredprov.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1b283861-754f-4022-ad47-a5eaaa618894}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{1ee7337f-85ac-45e2-a23c-37c753209769}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{2135f72a-90b5-4ed3-a7f1-8bb705ac276a}] -> C:\WINDOWS\system32\credprovslegacy.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{25CBB996-92ED-457e-B28C-4774084BD562}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{27FBDB57-B613-4AF2-9D7E-4FA7A66C21AD}] -> C:\WINDOWS\system32\TrustedSignalCredProv.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{2D8B3101-E025-480D-917C-835522C7F628}] ->
HKLM\Software\...\Authentication\Credential Providers: [{3dd6bec0-8193-4ffe-ae25-e08e39ea4063}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{48B4E58D-2791-456C-9091-D524C6C706F2}] -> C:\Windows\System32\devicengccredprov.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{600e7adb-da3e-41a4-9225-3c0399e88c0c}] -> C:\WINDOWS\system32\cngcredui.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{60b78e88-ead8-445c-9cfd-0b87f74ea6cd}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8AF662BF-65A0-4D0A-A540-A338A999D36F}] -> C:\Windows\System32\FaceCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{8FD7E19C-3BF7-489B-A72C-846AB3678C96}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{94596c7e-3744-41ce-893e-bbf09122f76a}] -> C:\WINDOWS\system32\SmartcardCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{A910D941-9DA9-4656-8933-AA1EAE01F76E}] ->
HKLM\Software\...\Authentication\Credential Providers: [{BEC09223-B018-416D-A0AC-523971B639F5}] -> C:\WINDOWS\System32\BioCredProv.dll [2022-03-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C5D7540A-CD51-453B-B22B-05305BA03F07}] -> C:\Windows\System32\cxcredprov.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> C:\Windows\System32\FaceCredentialProvider.dll [2021-09-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{cb82ea12-9f71-446d-89e1-8d0924e1256e}] -> C:\WINDOWS\system32\credprovslegacy.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{D6886603-9D2F-4EB2-B667-1971041FA96B}] -> C:\Windows\System32\ngccredprov.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{e74e57b0-6c6d-44d5-9cda-fb2df5ed7435}] -> C:\WINDOWS\system32\certCredProvider.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{f64945df-4fa9-4068-a2fb-61af319edd33}] -> C:\WINDOWS\system32\rdpcredentialprovider.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\WINDOWS\system32\wlidcredprov.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{F8A1793B-7873-4046-B2A7-1F318747F427}] -> C:\WINDOWS\system32\fidocredprov.dll [2022-06-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{DDC0EED2-ADBE-40b6-A217-EDE16A79A0DE}] -> C:\WINDOWS\system32\credprovs.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\PLAP Providers: [{5537E283-B1E7-4EF8-9C6E-7AB0AFE5056D}] -> C:\WINDOWS\system32\rasplap.dll [2021-03-20] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\WINDOWS\system32\wlgpclnt.dll [2020-10-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> C:\WINDOWS\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\WINDOWS\system32\fdeploy.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{35378EAC-683F-11D2-A89A-00C04FBBCFA2}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINDOWS\System32\dskquota.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4bcd6cde-777b-48b6-9804-43568e23545d}] -> C:\WINDOWS\System32\TsUsbRedirectionGroupPolicyExtension.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\Windows\System32\iedkcs32.dll [2021-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4D2F9B6F-1E52-4711-A382-6A8B1A003DE6}] -> C:\Windows\System32\tsworkspace.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> C:\WINDOWS\system32\WorkFoldersGPExt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> C:\WINDOWS\system32\dmenrollengine.dll [2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7933F41E-56F8-41d6-A31C-4148A711EE93}] -> C:\WINDOWS\System32\srchadmin.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\Windows\System32\iedkcs32.dll [2021-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINDOWS\system32\scecli.dll [2022-10-24] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{8A28E2C5-8D06-49A4-A08C-632DAA493E17}] -> C:\WINDOWS\system32\gpprnext.dll [2022-07-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\WINDOWS\system32\dot3gpclnt.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> C:\WINDOWS\system32\pwlauncher.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> C:\WINDOWS\system32\pwlauncher.dll [2021-01-22] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\Windows\System32\iedkcs32.dll [2021-11-09] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CFF649BD-601D-4361-AD3D-0FC365DB4DB7}] -> C:\WINDOWS\system32\domgmt.dll [2022-11-11] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINDOWS\System32\polstore.dll [2022-05-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> C:\WINDOWS\system32\auditcse.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> C:\WINDOWS\system32\gptext.dll [2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Lsa: [Authentication Packages] msv1_0
Lsa: [Notification Packages] scecli
SecurityProviders: credssp.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2021-10-26]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
BootExecute: autocheck autochk *
AlternateShell: cmd.exe
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {006FF8C9-ECF0-48C9-A8B6-976DE8605792} - System32\Tasks\RealDownloader Update Check => c:\program files (x86)\real\realplayer\downloader2.exe [1187752 2021-10-26] (RealNetworks, Inc. -> )
Task: {0ABC66F8-4AB7-4849-B710-842FD94EC9D5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2644048146-3591290280-456748794-1001 => c:\program files (x86)\real\realplayer\realupgrade.exe [129960 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {1BCC53CF-FE23-46A5-B81C-5FCE6B3BDF23} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Guillaume\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {23C4265A-80BD-4C8D-9C83-BB500A1D8A97} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {260108ED-CB08-4793-8314-0A1CEC434900} - System32\Tasks\GoogleUpdateTaskMachineCore1d33ac575abb9de => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-01] (Google Inc -> Google Inc.)
Task: {2B333FEE-44AA-4BF0-9A6B-EA6DB8A2C2CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2FBC0DE0-FC6C-495D-83A0-72AAF914F304} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {506F07B4-38D0-4859-BA37-3DE23416C8D7} - System32\Tasks\CCleanerSkipUAC - Guillaume => C:\Program Files\CCleaner\CCleaner.exe [31990800 2022-08-12] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {54BDAE4E-FB87-463B-BDF3-9DD47DC5B635} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2644048146-3591290280-456748794-1004 => C:\Users\Guillaume\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
Task: {6CE62FD4-311F-44CC-8F6D-D5EEF7F89DA0} - System32\Tasks\GoogleUpdateTaskMachineUA1d33ac575b07eb5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-10-01] (Google Inc -> Google Inc.)
Task: {7C879389-4CE5-41BC-9C2E-62E24E3C4465} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9405EEEE-1768-4FE6-A2C9-AC5C611667A8} - System32\Tasks\RtHDVBg_Session => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617808 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {9A2FA182-426D-4F7A-B52A-3C17BF9FE4D7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-08-12] (Piriform Software Ltd -> Piriform)
Task: {B774B15A-A78A-4431-9E64-2EC5889FF29D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [543536 2016-10-13] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {CDDDCE5F-FC64-4ECD-805C-3E71EDC3E46C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpCmdRun.exe [1567360 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D32FB8C0-ECD9-489C-85E2-90A803A6049E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2644048146-3591290280-456748794-1001 => c:\program files (x86)\real\realplayer\realupgrade.exe [129960 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
Task: {E4867ED6-D54E-4AC6-A696-429BEC5B94E1} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-23] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {E587BFAE-30F3-4C53-B0BE-A76430CA2BD7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49032 2018-02-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {F9873F71-06D4-4D01-9FF8-350730F0A25C} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2644048146-3591290280-456748794-1005 => C:\Users\Guillaume\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{691df93c-2ca0-4943-9379-d0ab7679228d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{dd0c7a51-e493-4378-ae86-907fc506cb88}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e63f2a8c-1f00-40b3-812a-8301a5e6f60e}: [DhcpNameServer] 192.168.43.1
Edge:
=======
DownloadDir: C:\Users\Guillaume\Desktop
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
FireFox:
========
FF DefaultProfile: mqr614be.default
FF ProfilePath: C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default [2022-12-05]
FF DownloadDir: D:\Téléchargements
FF Homepage: Mozilla\Firefox\Profiles\mqr614be.default -> hxxps://www.google.fr/webhp?hl=fr&sa=X&ved=0ahUKEwjc2IOk9fvzAhVOyYUKHcr6DJgQPAgI
FF NewTabOverride: Mozilla\Firefox\Profiles\mqr614be.default -> Enabled: {66E978CD-981F-47DF-AC42-E3CF417C1467}
FF NewTabOverride: Mozilla\Firefox\Profiles\mqr614be.default -> Disabled: newtaboverride@agenedia.com
FF Extension: (Don't Accept image/webp) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\dont-accept-webp@jeffersonscher.com.xpi [2022-05-03]
FF Extension: (Stop AutoPlay Next for YouTube™) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\jid1-nbzaq9ol2hyY64gGe@jetpack.xpi [2021-02-16]
FF Extension: (New Tab Override) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\newtaboverride@agenedia.com.xpi [2021-11-03]
FF Extension: (Page Saver WE) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\pagesaver@pearlcrescent.com.xpi [2022-07-29]
FF Extension: (uBlock Origin) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\uBlock0@raymondhill.net.xpi [2022-11-14]
FF Extension: (Yosemite_2.0) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{645d2271-a7f6-4cd8-880c-15192b7d9d95}.xpi [2019-07-11]
FF Extension: (New Tab Homepage) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2020-11-17]
FF Extension: (Alpsemite Grey Theme) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{bef387af-0bce-4f4c-bf6b-6ab101f1753b}.xpi [2019-07-11]
FF Extension: (semitransparent grey light) - C:\Users\Guillaume\AppData\Roaming\Mozilla\Firefox\Profiles\mqr614be.default\Extensions\{cec4ccc4-c6cb-41ab-9e4b-c45d659edaf1}.xpi [2019-07-11]
FF Plugin-x32: @real.com/nppl3260;version=20.0.6.303 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=20.0.6.303 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2021-10-26] (RealNetworks, Inc. -> RealPlayer)
Chrome:
=======
CHR Profile: C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default [2022-11-30]
CHR DownloadDir: C:\Users\Guillaume\Desktop
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.kozikaza.com/kaza/fdb832b9-c37d-4046-8e9e-80125e9cc713/3Dplan?noredirect=true#kaza_menu"
CHR Extension: (Google Docs hors connexion) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-11-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Guillaume\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-24]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [1995184 2020-07-08] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [236864 2022-06-24] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7972536 2022-01-26] (Malwarebytes Inc -> Malwarebytes)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [38856 2021-10-18] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [991168 2021-10-26] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RtkBtAudioServ; C:\WINDOWS\RtkBtAudioServ.exe [215992 2018-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\NisSrv.exe [3191272 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MsMpEng.exe [133544 2022-11-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthAudioHF; C:\WINDOWS\System32\drivers\RtkHfp.sys [116232 2016-10-27] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2019-12-27] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2022-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220568 2022-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-10-22] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl0a81c53d; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2338C680-251E-4228-B8D0-91AC3A31263A}\MpKslDrv.sys [214280 2022-12-05] (Microsoft Windows -> Microsoft Corporation)
S3 MpKslf24372d3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2338C680-251E-4228-B8D0-91AC3A31263A}\MpKslDrv.sys [214280 2022-12-05] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49616 2022-11-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [469288 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [95520 2022-11-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-05 14:38 - 2022-12-05 14:39 - 000036881 _____ C:\Users\Guillaume\Desktop\FRST.txt
2022-12-05 14:36 - 2022-12-05 14:38 - 000000000 ____D C:\FRST
2022-12-05 14:35 - 2022-12-05 14:35 - 002375680 _____ (Farbar) C:\Users\Guillaume\Desktop\FRST64.exe
2022-11-26 09:54 - 2022-11-26 09:57 - 000000000 ____D C:\Users\Guillaume\Desktop\2020 7 Poull Manou Lot 26 60 K
2022-11-26 09:13 - 2022-11-26 09:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-11-11 09:51 - 2022-11-11 09:51 - 000000000 ___HD C:\$WinREAgent
2022-11-11 09:47 - 2022-11-11 09:47 - 000688128 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2022-11-11 09:47 - 2022-11-11 09:47 - 000073216 _____ C:\WINDOWS\system32\nettraceex.dll
2022-11-11 09:47 - 2022-11-11 09:47 - 000012253 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-11-11 09:46 - 2022-11-11 09:46 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-11-09 12:35 - 2022-11-09 12:35 - 000000798 _____ C:\Users\Guillaume\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jumper.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-12-05 14:38 - 2020-10-09 18:53 - 001926126 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-12-05 14:38 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2022-12-05 14:38 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2022-12-05 14:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-12-05 14:38 - 2017-10-01 16:56 - 000000000 ____D C:\Users\Guillaume\AppData\LocalLow\Mozilla
2022-12-05 14:32 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-12-05 14:32 - 2017-10-01 16:16 - 000000000 ____D C:\Program Files\CCleaner
2022-12-05 14:32 - 2017-10-01 15:54 - 000000000 ____D C:\Program Files (x86)\Google
2022-12-05 14:30 - 2020-10-09 18:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-12-05 14:30 - 2020-10-09 18:42 - 000008192 ___SH C:\DumpStack.log.tmp
2022-12-05 14:30 - 2020-10-09 18:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-12-05 14:30 - 2020-10-09 18:17 - 000000000 ____D C:\Users\Guillaume
2022-12-05 14:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-12-05 14:30 - 2017-09-30 16:40 - 000000000 __SHD C:\Users\Guillaume\IntelGraphicsProfiles
2022-11-30 16:05 - 2021-10-26 15:08 - 000003596 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2644048146-3591290280-456748794-1001
2022-11-30 16:05 - 2021-10-26 15:08 - 000003534 _____ C:\WINDOWS\system32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2644048146-3591290280-456748794-1001
2022-11-30 13:54 - 2017-10-01 18:11 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\XnView
2022-11-30 13:53 - 2021-02-17 17:17 - 000000000 ____D C:\WINDOWS\Minidump
2022-11-30 13:53 - 2018-07-16 20:06 - 000000000 ____D C:\Users\Guillaume\AppData\Local\CrashDumps
2022-11-30 13:02 - 2020-10-09 18:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2022-11-28 10:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-11-26 13:42 - 2018-11-11 21:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-11-26 13:42 - 2017-10-01 16:55 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-11-26 13:41 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2022-11-26 09:12 - 2018-11-12 10:16 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-11-26 09:00 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-11-13 16:31 - 2017-10-01 17:47 - 000000000 ____D C:\Users\Guillaume\AppData\Roaming\Mp3tag
2022-11-13 11:08 - 2022-05-03 09:37 - 000034205 _____ C:\Users\Guillaume\Desktop\Poids 2022.ods
2022-11-11 10:12 - 2020-10-09 18:42 - 000470520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-11-11 10:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-11-11 10:11 - 2017-08-02 01:19 - 000000000 ____D C:\ProgramData\Realtek
2022-11-11 09:59 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-11-11 09:51 - 2018-05-02 10:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-11-11 09:46 - 2020-10-09 18:45 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-11-11 09:31 - 2017-09-30 18:23 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-11-10 22:01 - 2017-09-30 18:23 - 146960040 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-11-09 12:35 - 2022-09-14 12:45 - 000000716 _____ C:\Users\Guillaume\Desktop\Jumper.lnk
2022-11-06 11:01 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-11-05 12:03 - 2022-10-20 14:31 - 000000000 ____D C:\Users\Guillaume\Desktop\A voir
2022-11-05 12:01 - 2021-10-22 10:25 - 000000000 ____D C:\Users\Guillaume\Desktop\Aeps
==================== Fichiers à la racine de certains dossiers ========
2017-10-01 15:54 - 2017-10-01 15:54 - 004096000 _____ () C:\Program Files (x86)\GUT136D.tmp
2017-09-30 16:40 - 2022-12-05 14:30 - 007868430 _____ () C:\Users\Guillaume\AppData\Local\BTServer.log
2017-10-01 14:41 - 2017-10-01 14:41 - 000000017 _____ () C:\Users\Guillaume\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================