Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-08-2023
Exécuté par guigonnet (administrateur) sur GUIGONNET-HP (Hewlett-Packard SG3-110FR-m) (10-08-2023 10:02:40)
Exécuté depuis C:\Users\guigonnet\Desktop\FRST64.exe
Profils chargés: guigonnet
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(C:\Program Files\hp\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(explorer.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(explorer.exe ->) (Facebook, Inc. -> Facebook Inc.) C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé] C:\Windows\SysWOW64\ezSharedSvcHost.exe
(services.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3266_none_7e25389a7c7bcadb\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-25] (Google Inc -> Google Inc.)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [Facebook Update] => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-23] (Facebook, Inc. -> Facebook Inc.)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41572768 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [Chromium] => "c:\users\guigonnet\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [4185600 2017-10-05] (The Chromium Authors) [Fichier non signé]
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31325464 2023-06-14] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [MicrosoftEdgeAutoLaunch_44DE98AC332DFC3755678ACEF1561713] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4088256 2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Policies\system: [DisableChangePassword] 0
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {5E12D53B-B1F6-4101-B201-3BF8764451FF} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION
Task: {A5BEB8FA-2325-401F-A91D-42AC39A62A19} - System32\Tasks\{83D4E435-7D43-4356-898F-BAA004D1BAE6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [828368 2022-03-12] (Microsoft Corporation -> Microsoft Corporation) -> hxxp://ui.skype.com/ui/0/4.1.0.179.161/fr/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded <==== ATTENTION
Task: {ADF3B2E3-DB6C-4D24-BB76-DCA2403B5B18} - System32\Tasks\{B26A793C-0C6C-4F56-AF07-0A0402017BB8} => C:\Windows\system32\pcalua.exe [53760 2023-06-15] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: {C7D3934F-A6AB-444A-9CEE-040A1F263A75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {F6809807-57D9-4061-BF94-36A6BE204085} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w (Pas de fichier)
Task: {5E87924A-D01F-4FFF-862A-11F436BEC8E7} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w (Pas de fichier)
Task: {62AD57B4-2F2F-4797-9ED5-C6886D72103F} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [29305736 ] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6A53D717-ADF3-4FFC-AE5E-F643D21AF11A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {6DD63304-1735-4DDC-BA51-8110443A752E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9A35F408-5CEB-4E6D-9ADC-992B78023947} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "548c9fed-b7d3-4cb5-a86e-503c3a271461" --version "6.14.10584" --silent
Task: {0C2E00DC-3D72-433C-B125-85908F4E8AF7} - System32\Tasks\CCleanerSkipUAC - guigonnet => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {11BC8042-62B9-42D0-9391-BA29BED44148} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001Core => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-23] (Facebook, Inc. -> Facebook Inc.)
Task: {0FFB7C03-E314-4928-9F02-03A1DFA1A711} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001UA => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-23] (Facebook, Inc. -> Facebook Inc.)
Task: {16B96542-66FF-4418-911D-AB5196A3C7AC} - System32\Tasks\File Helper => C:\Program Files (x86)\File Helper\File Helper.lnk --scan --stack=from-scheduler (Pas de fichier)
Task: {F38C7EC2-BD88-42B6-A39D-8E2B712BE3EF} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2023-06-14] (Garmin International, Inc. -> )
Task: {7E869AE0-9BB2-434B-9D59-098C55EAD75B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc -> Google Inc.)
Task: {D401A491-F83C-4C58-B67D-64E6637BB438} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc -> Google Inc.)
Task: {389ECA5D-BB6D-42C4-8328-38FF2E16729B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-07-25] (HP Inc. -> HP Inc.)
Task: {817D8E49-D5D4-4384-AB93-01546B5BD471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-07-25] (HP Inc. -> HP Inc.)
Task: {F67B67E9-23E4-464D-BA57-72B007F117E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {FED4D376-2869-42C8-A3FA-C386A8BC7214} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {17F6D676-A6A9-41F3-B74F-5343415826E0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E2138863-FC0C-4B62-B4F5-0B0B0EE91D91} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {E2138863-FC0C-4B62-B4F5-0B0B0EE91D91} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {E2138863-FC0C-4B62-B4F5-0B0B0EE91D91} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {D7B2E636-ED5F-4225-B36F-CFFF3C75C3B1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {AB6770D5-E7A9-4844-AED8-E3897D7D705A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {BE172366-376D-420A-B829-39102B44E119} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {0171B355-DCAA-47F2-8DCF-E4338AE33D5B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {41FD5C8F-58A5-492E-99BB-C6801229647C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {BF3D53F4-43E0-4D0C-A56F-6A1C2AF1ABD9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {194F8A1E-F960-48E5-B0DC-DCC4B9F28811} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (Pas de fichier)
Task: {47A95D6E-0689-4120-9718-FF738028FD71} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {F45B2F18-EF12-4EBB-9A2D-3BBA4DE9F2DB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {159B8DA6-F700-4395-9FB5-18C5084D26A0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {BB51A39F-3F6A-48A1-B2B9-3D9D8352E742} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {F7774E4E-E2DC-4F12-AA9D-96BBDB0FA9DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {BC2D8DCB-3F80-4B6A-BB77-64AD0C9FE011} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {B95009F2-9FC8-4773-B161-A80273B906E7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {ABC08509-EE08-4ECB-9E6D-D9C3B8CBF5C9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {4D8D44EF-B9CE-43A3-B44B-DF51FDF2C828} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {D0BBD07D-3B51-42F4-A9FC-718BBFD7CB23} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {9FDFCAF0-9C37-4D3D-9B2E-59D452107A9B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {07F4F8D5-35D6-43EC-AA4A-BDA956518FC2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {C6B84258-B030-484D-93DE-6150F06E6083} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {2638FA20-5731-4379-89A5-587F1FA2FA77} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {2DC6B415-0844-4A5C-8BAC-8DE2C71A7204} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {4C94B7E3-325B-4F0C-93E4-25D226B13863} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {48BC28C0-CB1F-431B-BF7B-7DF3D3D5384A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {3E7D614C-C421-4882-8897-8A6F71EEAB3A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3E043D78-5DD3-47D2-9AD5-887CE7437CD5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {339CED31-64FB-41B5-84A0-AE96F306E880} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A8649D38-112D-4C1A-8978-E0A971013B9C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {40CA7169-406A-45C9-AC60-101DDA44D0E9} - System32\Tasks\Microsoft_Hardware_Launch_IcePick_exe => C:\Program Files (x86)\Microsoft LifeCam\IcePick.exe (Pas de fichier)
Task: {E052D97E-2C99-47C0-A71A-A1A1220CF5D5} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [686496 2023-08-07] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {648ED8E3-AF68-4199-AD75-809A61F5E205} - System32\Tasks\Mozilla\Firefox Default Browser Agent 79F8C7CFDEC6A171 => C:\Users\guigonnet\AppData\Local\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {000E693E-A27D-4A1F-8530-5EB752A5FEEB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {3A729199-D414-4DE7-AA68-0DDAE7B9AEF1} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [156144 2010-02-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {4CB7FE32-E8B9-495B-B155-5DD84CE856D2} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [517416 2010-04-29] (CyberLink -> CyberLink)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001Core.job => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001UA.job => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\File Helper.job => C:\Program Files (x86)\File Helper\File Helper.lnk
Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a4c68629-a4ae-486d-955c-b82c988b1ff7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E161EF23-B79B-4D80-9990-E8AEADED1411}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\guigonnet\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-10]
Edge Extension: (Edge relevant text changes) - C:\Users\guigonnet\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-09]
FireFox:
========
FF DefaultProfile: 5oz29dvb.default-1683527861855
FF ProfilePath: C:\Users\guigonnet\AppData\Roaming\TomTom\HOME\Profiles\6xh3fza1.default [2013-05-14]
FF Extension: (Emulator) - C:\Users\guigonnet\AppData\Roaming\TomTom\HOME\Profiles\6xh3fza1.default\Extensions\Navcore.8.080.9662@tomtom.com [2013-01-09] [] [non signé]
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\guigonnet\AppData\Roaming\Mozilla\Firefox\Profiles\nouwnuon.default-release [2023-08-10]
FF ProfilePath: C:\Users\guigonnet\AppData\Roaming\Mozilla\Firefox\Profiles\5oz29dvb.default-1683527861855 [2023-08-10]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-103404184-2111900240-3690104040-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\guigonnet\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2011-11-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2011-11-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2011-11-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2011-11-10]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default [2023-08-10]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-09]
CHR Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-08-09]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-07-28]
CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaialadjjkjjkdhfmehfgmgkoeniabam [2023-08-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-14]
CHR Extension: (SConnect) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjhbkkaddmmnkghdnnmkjcgpphnopnfk [2023-05-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-103404184-2111900240-3690104040-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-103404184-2111900240-3690104040-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaialadjjkjjkdhfmehfgmgkoeniabam]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888208 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [887192 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883088 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [887696 2023-07-25] (HP Inc. -> HP Inc.)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9278784 2023-08-09] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [871752 2023-07-28] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies -> AVG Technologies)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [199640 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77752 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-08-09] (Malwarebytes Inc. -> Malwarebytes)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [23536 2010-01-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 SMIGrabber3C; C:\WINDOWS\System32\Drivers\SmiUsbGrabber3C.sys [821888 2011-01-26] (SOMAGIC (HANGZHOU) TECHNOLOGY CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-10 08:50 - 2023-08-10 09:05 - 000063838 _____ C:\Users\guigonnet\Desktop\Addition.txt
2023-08-10 08:45 - 2023-08-10 10:06 - 000032438 _____ C:\Users\guigonnet\Desktop\FRST.txt
2023-08-10 08:44 - 2023-08-10 10:05 - 000000000 ____D C:\FRST
2023-08-10 08:41 - 2023-08-10 08:43 - 002384896 _____ (Farbar) C:\Users\guigonnet\Desktop\FRST64.exe
2023-08-09 23:33 - 2023-08-09 23:33 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-08-09 17:58 - 2023-08-09 17:58 - 000428296 _____ C:\Users\guigonnet\Desktop\ZHPDiag.html
2023-08-09 17:41 - 2023-08-09 17:41 - 000006644 _____ C:\Users\guigonnet\Desktop\malware.txt
2023-08-09 17:20 - 2023-08-10 06:58 - 000000000 ____D C:\Users\guigonnet\AppData\Local\Malwarebytes
2023-08-09 17:20 - 2023-08-09 17:20 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-09 17:20 - 2023-08-09 17:20 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-09 17:20 - 2023-08-09 17:20 - 000000000 ____D C:\Users\guigonnet\AppData\Local\mbam
2023-08-09 17:13 - 2023-08-09 17:13 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-09 17:10 - 2023-08-09 17:10 - 002606880 _____ (Malwarebytes) C:\Users\guigonnet\Desktop\MBSetup.exe
2023-08-09 16:59 - 2023-08-09 16:55 - 000008672 _____ C:\Users\guigonnet\Desktop\AdwCleaner[C02].txt
2023-08-09 16:46 - 2023-08-09 16:54 - 000000000 ____D C:\AdwCleaner
2023-08-09 16:44 - 2023-08-09 16:44 - 008791352 _____ (Malwarebytes) C:\Users\guigonnet\Desktop\adwcleaner_8.4.0.exe
2023-08-09 16:27 - 2023-08-09 16:27 - 000022692 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (R).html
2023-08-09 16:27 - 2023-08-09 16:27 - 000012533 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (R).txt
2023-08-09 16:22 - 2023-08-09 16:22 - 000022552 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (S).html
2023-08-09 16:22 - 2023-08-09 16:22 - 000012428 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (S).txt
2023-08-09 16:04 - 2023-08-09 16:04 - 000000929 _____ C:\Users\guigonnet\Desktop\ZHPCleaner.lnk
2023-08-09 12:35 - 2023-08-09 17:58 - 000344683 _____ C:\Users\guigonnet\Desktop\ZHPDiag.txt
2023-08-09 12:20 - 2023-08-09 16:04 - 000000000 ____D C:\Users\guigonnet\AppData\Local\ZHP
2023-08-09 12:20 - 2023-08-09 12:20 - 000000919 _____ C:\Users\guigonnet\Desktop\ZHPSuite.lnk
2023-08-09 08:47 - 2023-08-09 08:47 - 000000000 ___HD C:\$WinREAgent
2023-08-07 23:22 - 2023-08-09 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-08-06 15:53 - 2023-08-06 15:53 - 000000000 ____D C:\Users\guigonnet\Downloads\8 MACIF
2023-07-31 11:53 - 2023-07-31 11:59 - 000000000 ____D C:\WINDOWS\Minidump
2023-07-31 11:53 - 2023-07-31 11:58 - 001051524 _____ C:\WINDOWS\Minidump\073123-36890-01.dmp
2023-07-31 11:53 - 2023-07-31 11:53 - 680076379 _____ C:\WINDOWS\MEMORY.DMP
2023-07-31 11:52 - 2023-07-31 11:52 - 000000112 ___SH C:\bootTel.dat
2023-07-31 11:52 - 2023-07-31 11:52 - 000000000 __SHD C:\found.000
2023-07-27 10:59 - 2023-07-27 10:59 - 000002985 _____ C:\Users\guigonnet\Desktop\%REACT_APP_NAME%.lnk
2023-07-26 16:00 - 2023-07-26 16:00 - 000003107 _____ C:\Users\guigonnet\Desktop\Forum informatique, aide informatique - CNET France - Forums CNET France.lnk
2023-07-25 15:08 - 2023-07-25 15:08 - 000003085 _____ C:\Users\guigonnet\Desktop\Accueil de Cjoint.com.lnk
2023-07-24 09:46 - 2023-07-24 09:46 - 000001969 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2023-07-14 10:00 - 2023-07-14 10:00 - 000269558 _____ C:\Users\guigonnet\Downloads\report-07_01_2023-07_14_2023.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-10 10:00 - 2021-04-25 17:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-10 09:43 - 2021-12-31 17:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-10 09:43 - 2010-09-02 14:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-10 08:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-10 06:59 - 2013-09-02 11:01 - 000000000 ____D C:\Program Files\CCleaner
2023-08-09 23:32 - 2021-04-25 18:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-09 23:32 - 2021-04-25 17:57 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-09 23:31 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-09 23:19 - 2010-06-10 03:01 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-08-09 17:58 - 2013-11-09 00:04 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\ZHP
2023-08-09 17:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-09 17:13 - 2013-11-08 11:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-09 16:54 - 2010-08-16 16:55 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\Hewlett-Packard
2023-08-09 16:54 - 2010-06-10 12:26 - 000000000 ___HD C:\hp
2023-08-09 16:54 - 2010-06-10 03:18 - 000000000 ____D C:\Program Files (x86)\Cyberlink
2023-08-09 16:54 - 2010-06-10 02:57 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-08-09 14:14 - 2010-06-10 03:02 - 000000000 ____D C:\Program Files\hp
2023-08-09 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-09 11:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-09 10:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-09 10:01 - 2021-04-25 18:15 - 001923774 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-09 10:01 - 2019-12-07 16:49 - 000831776 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-09 10:01 - 2019-12-07 16:49 - 000167542 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-09 09:55 - 2021-04-25 17:57 - 000476400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-09 09:54 - 2023-05-08 08:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-09 09:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-09 09:36 - 2021-04-25 18:01 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 08:29 - 2019-08-07 10:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 08:22 - 2021-04-25 18:01 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-09 08:22 - 2021-04-25 18:01 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-09 08:15 - 2013-04-15 18:44 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-08 17:21 - 2019-08-07 09:53 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2023-08-08 15:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-08 08:19 - 2023-05-08 08:33 - 000001335 _____ C:\Users\guigonnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-08 08:18 - 2023-05-08 08:37 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-06 17:15 - 2019-10-05 09:57 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\vlc
2023-08-06 08:56 - 2010-08-16 11:18 - 000004826 _____ C:\Users\guigonnet\AppData\Roaming\wklnhst.dat
2023-08-05 09:08 - 2021-12-26 10:20 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-103404184-2111900240-3690104040-1001
2023-08-05 09:08 - 2021-04-25 18:21 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-103404184-2111900240-3690104040-1001
2023-08-05 09:08 - 2021-04-25 16:54 - 000002479 _____ C:\Users\guigonnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-02 17:08 - 2023-05-13 17:06 - 000000000 ____D C:\Users\guigonnet\AppData\Local\Mozilla Firefox
2023-08-02 17:07 - 2023-05-08 08:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-01 23:37 - 2021-04-25 18:21 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-01 23:37 - 2021-04-25 18:21 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-31 23:41 - 2021-04-25 16:54 - 000000000 ____D C:\Users\guigonnet
2023-07-28 23:14 - 2021-04-25 18:21 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-07-27 08:39 - 2010-08-15 17:00 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-25 08:09 - 2019-08-08 15:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-07-24 12:04 - 2016-01-14 14:45 - 000000000 ____D C:\ProgramData\Garmin
2023-07-24 11:56 - 2022-09-20 23:23 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-24 09:46 - 2021-12-31 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2023-07-24 09:46 - 2021-04-25 18:21 - 000003626 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2023-07-24 09:46 - 2016-01-14 14:45 - 000000000 ____D C:\Program Files (x86)\Garmin
2023-07-24 09:46 - 2016-01-14 14:34 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-20 08:36 - 2022-10-21 09:47 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-13 17:33 - 2021-04-25 18:21 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-07-13 17:32 - 2022-10-14 17:42 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-13 17:32 - 2022-10-14 17:42 - 000002067 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
==================== Fichiers à la racine de certains dossiers ========
2023-06-08 08:23 - 2023-06-08 08:39 - 091298080 _____ (LifeScan, Inc.) C:\Users\guigonnet\otrdtt_patient_windows-x32_FR.exe
2010-08-16 11:18 - 2023-08-06 08:56 - 000004826 _____ () C:\Users\guigonnet\AppData\Roaming\wklnhst.dat
2015-08-20 19:40 - 2015-10-28 23:38 - 000005120 _____ () C:\Users\guigonnet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par guigonnet (administrateur) sur GUIGONNET-HP (Hewlett-Packard SG3-110FR-m) (10-08-2023 10:02:40)
Exécuté depuis C:\Users\guigonnet\Desktop\FRST64.exe
Profils chargés: guigonnet
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(C:\Program Files\hp\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(explorer.exe ->) (Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(explorer.exe ->) (Facebook, Inc. -> Facebook Inc.) C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé] C:\Windows\SysWOW64\ezSharedSvcHost.exe
(services.exe ->) (Hewlett-Packard Company) [Fichier non signé] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\hp\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3266_none_7e25389a7c7bcadb\TiWorker.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe (Pas de fichier)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-12-25] (Google Inc -> Google Inc.)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [Facebook Update] => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-23] (Facebook, Inc. -> Facebook Inc.)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41572768 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [Chromium] => "c:\users\guigonnet\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session [4185600 2017-10-05] (The Chromium Authors) [Fichier non signé]
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31325464 2023-06-14] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Run: [MicrosoftEdgeAutoLaunch_44DE98AC332DFC3755678ACEF1561713] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4088256 2023-08-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-103404184-2111900240-3690104040-1001\...\Policies\system: [DisableChangePassword] 0
HKLM\...\Windows x64\Print Processors\Canon MP250 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD9W.DLL [28672 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP250 series: C:\Windows\system32\CNMLM9W.DLL [336896 2010-04-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.171\Installer\chrmstp.exe [2023-08-07] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {5E12D53B-B1F6-4101-B201-3BF8764451FF} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION
Task: {A5BEB8FA-2325-401F-A91D-42AC39A62A19} - System32\Tasks\{83D4E435-7D43-4356-898F-BAA004D1BAE6} => C:\Program Files (x86)\Internet Explorer\iexplore.exe [828368 2022-03-12] (Microsoft Corporation -> Microsoft Corporation) -> hxxp://ui.skype.com/ui/0/4.1.0.179.161/fr/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded <==== ATTENTION
Task: {ADF3B2E3-DB6C-4D24-BB76-DCA2403B5B18} - System32\Tasks\{B26A793C-0C6C-4F56-AF07-0A0402017BB8} => C:\Windows\system32\pcalua.exe [53760 2023-06-15] (Microsoft Windows -> Microsoft Corporation) -> -a "C:\Program Files (x86)\ZHPDiag\ZHPhep.exe" -d "C:\Program Files (x86)\ZHPDiag"
Task: {C7D3934F-A6AB-444A-9CEE-040A1F263A75} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {F6809807-57D9-4061-BF94-36A6BE204085} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w (Pas de fichier)
Task: {5E87924A-D01F-4FFF-862A-11F436BEC8E7} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe /w (Pas de fichier)
Task: {62AD57B4-2F2F-4797-9ED5-C6886D72103F} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\RadeonInstaller.exe [29305736 ] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {6A53D717-ADF3-4FFC-AE5E-F643D21AF11A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2144664 2023-08-01] (Avast Software s.r.o. -> Avast Software)
Task: {6DD63304-1735-4DDC-BA51-8110443A752E} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9A35F408-5CEB-4E6D-9ADC-992B78023947} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "548c9fed-b7d3-4cb5-a86e-503c3a271461" --version "6.14.10584" --silent
Task: {0C2E00DC-3D72-433C-B125-85908F4E8AF7} - System32\Tasks\CCleanerSkipUAC - guigonnet => C:\Program Files\CCleaner\CCleaner.exe [34677664 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {11BC8042-62B9-42D0-9391-BA29BED44148} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001Core => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-23] (Facebook, Inc. -> Facebook Inc.)
Task: {0FFB7C03-E314-4928-9F02-03A1DFA1A711} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001UA => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-23] (Facebook, Inc. -> Facebook Inc.)
Task: {16B96542-66FF-4418-911D-AB5196A3C7AC} - System32\Tasks\File Helper => C:\Program Files (x86)\File Helper\File Helper.lnk --scan --stack=from-scheduler (Pas de fichier)
Task: {F38C7EC2-BD88-42B6-A39D-8E2B712BE3EF} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2023-06-14] (Garmin International, Inc. -> )
Task: {7E869AE0-9BB2-434B-9D59-098C55EAD75B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc -> Google Inc.)
Task: {D401A491-F83C-4C58-B67D-64E6637BB438} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2016-01-14] (Google Inc -> Google Inc.)
Task: {389ECA5D-BB6D-42C4-8328-38FF2E16729B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-07-25] (HP Inc. -> HP Inc.)
Task: {817D8E49-D5D4-4384-AB93-01546B5BD471} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-07-25] (HP Inc. -> HP Inc.)
Task: {F67B67E9-23E4-464D-BA57-72B007F117E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {FED4D376-2869-42C8-A3FA-C386A8BC7214} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {17F6D676-A6A9-41F3-B74F-5343415826E0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {E2138863-FC0C-4B62-B4F5-0B0B0EE91D91} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(1): %windir%\system32\compattelrunner.exe -> -m:aeinv.dll -f:UpdateSoftwareInventoryW invsvc
Task: {E2138863-FC0C-4B62-B4F5-0B0B0EE91D91} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(2): %windir%\system32\compattelrunner.exe -> -m:appraiser.dll -f:DoScheduledTelemetryRun
Task: {E2138863-FC0C-4B62-B4F5-0B0B0EE91D91} - System32\Tasks\Microsoft\Windows\Application Experience\MareBackup => Command(3): %windir%\system32\compattelrunner.exe -> -m:aemarebackup.dll -f:BackupMareData
Task: {D7B2E636-ED5F-4225-B36F-CFFF3C75C3B1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {AB6770D5-E7A9-4844-AED8-E3897D7D705A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {BE172366-376D-420A-B829-39102B44E119} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {0171B355-DCAA-47F2-8DCF-E4338AE33D5B} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {41FD5C8F-58A5-492E-99BB-C6801229647C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {BF3D53F4-43E0-4D0C-A56F-6A1C2AF1ABD9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {194F8A1E-F960-48E5-B0DC-DCC4B9F28811} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (Pas de fichier)
Task: {47A95D6E-0689-4120-9718-FF738028FD71} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {F45B2F18-EF12-4EBB-9A2D-3BBA4DE9F2DB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {159B8DA6-F700-4395-9FB5-18C5084D26A0} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {BB51A39F-3F6A-48A1-B2B9-3D9D8352E742} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {F7774E4E-E2DC-4F12-AA9D-96BBDB0FA9DB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {BC2D8DCB-3F80-4B6A-BB77-64AD0C9FE011} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {B95009F2-9FC8-4773-B161-A80273B906E7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {ABC08509-EE08-4ECB-9E6D-D9C3B8CBF5C9} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {4D8D44EF-B9CE-43A3-B44B-DF51FDF2C828} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {D0BBD07D-3B51-42F4-A9FC-718BBFD7CB23} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {9FDFCAF0-9C37-4D3D-9B2E-59D452107A9B} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec /RestartRecording (Pas de fichier)
Task: {07F4F8D5-35D6-43EC-AA4A-BDA956518FC2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {C6B84258-B030-484D-93DE-6150F06E6083} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {2638FA20-5731-4379-89A5-587F1FA2FA77} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {2DC6B415-0844-4A5C-8BAC-8DE2C71A7204} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {4C94B7E3-325B-4F0C-93E4-25D226B13863} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {48BC28C0-CB1F-431B-BF7B-7DF3D3D5384A} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {3E7D614C-C421-4882-8897-8A6F71EEAB3A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3E043D78-5DD3-47D2-9AD5-887CE7437CD5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {339CED31-64FB-41B5-84A0-AE96F306E880} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {A8649D38-112D-4C1A-8978-E0A971013B9C} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {40CA7169-406A-45C9-AC60-101DDA44D0E9} - System32\Tasks\Microsoft_Hardware_Launch_IcePick_exe => C:\Program Files (x86)\Microsoft LifeCam\IcePick.exe (Pas de fichier)
Task: {E052D97E-2C99-47C0-A71A-A1A1220CF5D5} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [686496 2023-08-07] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {648ED8E3-AF68-4199-AD75-809A61F5E205} - System32\Tasks\Mozilla\Firefox Default Browser Agent 79F8C7CFDEC6A171 => C:\Users\guigonnet\AppData\Local\Mozilla Firefox\default-browser-agent.exe [732064 2023-05-13] (Mozilla Corporation -> Mozilla Foundation)
Task: {000E693E-A27D-4A1F-8530-5EB752A5FEEB} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [733088 2023-08-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {3A729199-D414-4DE7-AA68-0DDAE7B9AEF1} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [156144 2010-02-02] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
Task: {4CB7FE32-E8B9-495B-B155-5DD84CE856D2} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [517416 2010-04-29] (CyberLink -> CyberLink)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001Core.job => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-103404184-2111900240-3690104040-1001UA.job => C:\Users\guigonnet\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\File Helper.job => C:\Program Files (x86)\File Helper\File Helper.lnk
Task: C:\WINDOWS\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdrcui.exe5-fh scripts\monthly.xml
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a4c68629-a4ae-486d-955c-b82c988b1ff7}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E161EF23-B79B-4D80-9990-E8AEADED1411}: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\guigonnet\AppData\Local\Microsoft\Edge\User Data\Default [2023-08-10]
Edge Extension: (Edge relevant text changes) - C:\Users\guigonnet\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-08-09]
FireFox:
========
FF DefaultProfile: 5oz29dvb.default-1683527861855
FF ProfilePath: C:\Users\guigonnet\AppData\Roaming\TomTom\HOME\Profiles\6xh3fza1.default [2013-05-14]
FF Extension: (Emulator) - C:\Users\guigonnet\AppData\Roaming\TomTom\HOME\Profiles\6xh3fza1.default\Extensions\Navcore.8.080.9662@tomtom.com [2013-01-09] [] [non signé]
FF Extension: (Pas de nom) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [non trouvé(e)]
FF ProfilePath: C:\Users\guigonnet\AppData\Roaming\Mozilla\Firefox\Profiles\nouwnuon.default-release [2023-08-10]
FF ProfilePath: C:\Users\guigonnet\AppData\Roaming\Mozilla\Firefox\Profiles\5oz29dvb.default-1683527861855 [2023-08-10]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google) [Fichier non signé]
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-01] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-103404184-2111900240-3690104040-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\guigonnet\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2011-11-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2011-11-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2011-11-10]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2011-11-10]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default [2023-08-10]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2023-08-09]
CHR Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-08-09]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2023-07-28]
CHR Extension: (Moteur de recherche Microsoft Bing) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaialadjjkjjkdhfmehfgmgkoeniabam [2023-08-09]
CHR Extension: (Google Docs hors connexion) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-21]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-01-14]
CHR Extension: (SConnect) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjhbkkaddmmnkghdnnmkjcgpphnopnfk [2023-05-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\guigonnet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-06]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKU\S-1-5-21-103404184-2111900240-3690104040-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-103404184-2111900240-3690104040-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gaialadjjkjjkdhfmehfgmgkoeniabam]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChromeSp.crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1074080 2023-07-12] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-01-25] (EasyBits Software AS -> EasyBits Software AS) [Fichier non signé]
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888208 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [887192 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883088 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [887696 2023-07-25] (HP Inc. -> HP Inc.)
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-01-22] (Hewlett-Packard Company) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9278784 2023-08-09] (Malwarebytes Inc. -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [871752 2023-07-28] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\NisSrv.exe [3244928 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23050.9-0\MsMpEng.exe [133576 2023-07-25] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies -> AVG Technologies)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223176 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-08-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [199640 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77752 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-08-09] (Malwarebytes Inc. -> Malwarebytes)
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [23536 2010-01-19] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
S3 SMIGrabber3C; C:\WINDOWS\System32\Drivers\SmiUsbGrabber3C.sys [821888 2011-01-26] (SOMAGIC (HANGZHOU) TECHNOLOGY CO., LTD. -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2023-07-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [498944 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99608 2023-07-25] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-10 08:50 - 2023-08-10 09:05 - 000063838 _____ C:\Users\guigonnet\Desktop\Addition.txt
2023-08-10 08:45 - 2023-08-10 10:06 - 000032438 _____ C:\Users\guigonnet\Desktop\FRST.txt
2023-08-10 08:44 - 2023-08-10 10:05 - 000000000 ____D C:\FRST
2023-08-10 08:41 - 2023-08-10 08:43 - 002384896 _____ (Farbar) C:\Users\guigonnet\Desktop\FRST64.exe
2023-08-09 23:33 - 2023-08-09 23:33 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2023-08-09 17:58 - 2023-08-09 17:58 - 000428296 _____ C:\Users\guigonnet\Desktop\ZHPDiag.html
2023-08-09 17:41 - 2023-08-09 17:41 - 000006644 _____ C:\Users\guigonnet\Desktop\malware.txt
2023-08-09 17:20 - 2023-08-10 06:58 - 000000000 ____D C:\Users\guigonnet\AppData\Local\Malwarebytes
2023-08-09 17:20 - 2023-08-09 17:20 - 000002039 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-08-09 17:20 - 2023-08-09 17:20 - 000002027 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2023-08-09 17:20 - 2023-08-09 17:20 - 000000000 ____D C:\Users\guigonnet\AppData\Local\mbam
2023-08-09 17:13 - 2023-08-09 17:13 - 000000000 ____D C:\Program Files\Malwarebytes
2023-08-09 17:10 - 2023-08-09 17:10 - 002606880 _____ (Malwarebytes) C:\Users\guigonnet\Desktop\MBSetup.exe
2023-08-09 16:59 - 2023-08-09 16:55 - 000008672 _____ C:\Users\guigonnet\Desktop\AdwCleaner[C02].txt
2023-08-09 16:46 - 2023-08-09 16:54 - 000000000 ____D C:\AdwCleaner
2023-08-09 16:44 - 2023-08-09 16:44 - 008791352 _____ (Malwarebytes) C:\Users\guigonnet\Desktop\adwcleaner_8.4.0.exe
2023-08-09 16:27 - 2023-08-09 16:27 - 000022692 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (R).html
2023-08-09 16:27 - 2023-08-09 16:27 - 000012533 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (R).txt
2023-08-09 16:22 - 2023-08-09 16:22 - 000022552 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (S).html
2023-08-09 16:22 - 2023-08-09 16:22 - 000012428 _____ C:\Users\guigonnet\Desktop\ZHPCleaner (S).txt
2023-08-09 16:04 - 2023-08-09 16:04 - 000000929 _____ C:\Users\guigonnet\Desktop\ZHPCleaner.lnk
2023-08-09 12:35 - 2023-08-09 17:58 - 000344683 _____ C:\Users\guigonnet\Desktop\ZHPDiag.txt
2023-08-09 12:20 - 2023-08-09 16:04 - 000000000 ____D C:\Users\guigonnet\AppData\Local\ZHP
2023-08-09 12:20 - 2023-08-09 12:20 - 000000919 _____ C:\Users\guigonnet\Desktop\ZHPSuite.lnk
2023-08-09 08:47 - 2023-08-09 08:47 - 000000000 ___HD C:\$WinREAgent
2023-08-07 23:22 - 2023-08-09 09:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-08-06 15:53 - 2023-08-06 15:53 - 000000000 ____D C:\Users\guigonnet\Downloads\8 MACIF
2023-07-31 11:53 - 2023-07-31 11:59 - 000000000 ____D C:\WINDOWS\Minidump
2023-07-31 11:53 - 2023-07-31 11:58 - 001051524 _____ C:\WINDOWS\Minidump\073123-36890-01.dmp
2023-07-31 11:53 - 2023-07-31 11:53 - 680076379 _____ C:\WINDOWS\MEMORY.DMP
2023-07-31 11:52 - 2023-07-31 11:52 - 000000112 ___SH C:\bootTel.dat
2023-07-31 11:52 - 2023-07-31 11:52 - 000000000 __SHD C:\found.000
2023-07-27 10:59 - 2023-07-27 10:59 - 000002985 _____ C:\Users\guigonnet\Desktop\%REACT_APP_NAME%.lnk
2023-07-26 16:00 - 2023-07-26 16:00 - 000003107 _____ C:\Users\guigonnet\Desktop\Forum informatique, aide informatique - CNET France - Forums CNET France.lnk
2023-07-25 15:08 - 2023-07-25 15:08 - 000003085 _____ C:\Users\guigonnet\Desktop\Accueil de Cjoint.com.lnk
2023-07-24 09:46 - 2023-07-24 09:46 - 000001969 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2023-07-14 10:00 - 2023-07-14 10:00 - 000269558 _____ C:\Users\guigonnet\Downloads\report-07_01_2023-07_14_2023.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-08-10 10:00 - 2021-04-25 17:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-10 09:43 - 2021-12-31 17:43 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-08-10 09:43 - 2010-09-02 14:33 - 000000000 ____D C:\Program Files (x86)\Google
2023-08-10 08:19 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-08-10 06:59 - 2013-09-02 11:01 - 000000000 ____D C:\Program Files\CCleaner
2023-08-09 23:32 - 2021-04-25 18:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-08-09 23:32 - 2021-04-25 17:57 - 000008192 ___SH C:\DumpStack.log.tmp
2023-08-09 23:31 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-08-09 23:19 - 2010-06-10 03:01 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2023-08-09 17:58 - 2013-11-09 00:04 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\ZHP
2023-08-09 17:19 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-08-09 17:13 - 2013-11-08 11:17 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-08-09 16:54 - 2010-08-16 16:55 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\Hewlett-Packard
2023-08-09 16:54 - 2010-06-10 12:26 - 000000000 ___HD C:\hp
2023-08-09 16:54 - 2010-06-10 03:18 - 000000000 ____D C:\Program Files (x86)\Cyberlink
2023-08-09 16:54 - 2010-06-10 02:57 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2023-08-09 14:14 - 2010-06-10 03:02 - 000000000 ____D C:\Program Files\hp
2023-08-09 11:24 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-08-09 11:13 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-08-09 10:33 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-09 10:01 - 2021-04-25 18:15 - 001923774 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-09 10:01 - 2019-12-07 16:49 - 000831776 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-09 10:01 - 2019-12-07 16:49 - 000167542 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-09 09:55 - 2021-04-25 17:57 - 000476400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-09 09:54 - 2023-05-08 08:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-09 09:51 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-09 09:49 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-08-09 09:36 - 2021-04-25 18:01 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-09 08:29 - 2019-08-07 10:29 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-09 08:22 - 2021-04-25 18:01 - 000002448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-09 08:22 - 2021-04-25 18:01 - 000002286 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2023-08-09 08:15 - 2013-04-15 18:44 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-08 17:21 - 2019-08-07 09:53 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2023-08-08 15:58 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-08 08:19 - 2023-05-08 08:33 - 000001335 _____ C:\Users\guigonnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-08 08:18 - 2023-05-08 08:37 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-06 17:15 - 2019-10-05 09:57 - 000000000 ____D C:\Users\guigonnet\AppData\Roaming\vlc
2023-08-06 08:56 - 2010-08-16 11:18 - 000004826 _____ C:\Users\guigonnet\AppData\Roaming\wklnhst.dat
2023-08-05 09:08 - 2021-12-26 10:20 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-103404184-2111900240-3690104040-1001
2023-08-05 09:08 - 2021-04-25 18:21 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-103404184-2111900240-3690104040-1001
2023-08-05 09:08 - 2021-04-25 16:54 - 000002479 _____ C:\Users\guigonnet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-08-02 17:08 - 2023-05-13 17:06 - 000000000 ____D C:\Users\guigonnet\AppData\Local\Mozilla Firefox
2023-08-02 17:07 - 2023-05-08 08:33 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-01 23:37 - 2021-04-25 18:21 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-08-01 23:37 - 2021-04-25 18:21 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-31 23:41 - 2021-04-25 16:54 - 000000000 ____D C:\Users\guigonnet
2023-07-28 23:14 - 2021-04-25 18:21 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-07-27 08:39 - 2010-08-15 17:00 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-07-25 08:09 - 2019-08-08 15:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-07-24 12:04 - 2016-01-14 14:45 - 000000000 ____D C:\ProgramData\Garmin
2023-07-24 11:56 - 2022-09-20 23:23 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-07-24 09:46 - 2021-12-31 16:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2023-07-24 09:46 - 2021-04-25 18:21 - 000003626 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2023-07-24 09:46 - 2016-01-14 14:45 - 000000000 ____D C:\Program Files (x86)\Garmin
2023-07-24 09:46 - 2016-01-14 14:34 - 000000000 ____D C:\ProgramData\Package Cache
2023-07-20 08:36 - 2022-10-21 09:47 - 000003474 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-07-13 17:33 - 2021-04-25 18:21 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-07-13 17:32 - 2022-10-14 17:42 - 000002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-07-13 17:32 - 2022-10-14 17:42 - 000002067 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-07-12 13:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
==================== Fichiers à la racine de certains dossiers ========
2023-06-08 08:23 - 2023-06-08 08:39 - 091298080 _____ (LifeScan, Inc.) C:\Users\guigonnet\otrdtt_patient_windows-x32_FR.exe
2010-08-16 11:18 - 2023-08-06 08:56 - 000004826 _____ () C:\Users\guigonnet\AppData\Roaming\wklnhst.dat
2015-08-20 19:40 - 2015-10-28 23:38 - 000005120 _____ () C:\Users\guigonnet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================