Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-08-2023
Exécuté par gwlad (administrateur) sur DESKTOP-1DIMEJF (HP HP Notebook) (03-09-2023 10:25:27)
Exécuté depuis C:\Users\gwlad\Desktop\FRST64.exe
Profils chargés: gwlad
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\CCleaner Browser\Update\Install\{F09B222A-110B-460A-994A-07042FC85E6A}\CCleanerBrowserInstallerIncremental-115.0.21984.173.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\Install\{F09B222A-110B-460A-994A-07042FC85E6A}\CR_F22AF.tmp\setup.exe <2>
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Google\Update\Install\{AA521581-E461-4A2D-84E5-DE27AD11537E}\116.0.5845.141_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{AA521581-E461-4A2D-84E5-DE27AD11537E}\CR_8D8D5.tmp\setup.exe <2>
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\gwlad\AppData\Roaming\uTorrent\helper\helper.exe
(C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\gwlad\AppData\Roaming\uTorrent\updates\updates\3.6.0_46884\utorrentie.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>
(explorer.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{AA521581-E461-4A2D-84E5-DE27AD11537E}\116.0.5845.141_chrome_installer.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\Install\{F09B222A-110B-460A-994A-07042FC85E6A}\CCleanerBrowserInstallerIncremental-115.0.21984.173.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Users\gwlad\Desktop\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(services.exe ->) (WildTangent Inc -> WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [555920 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [402320 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [uTorrent] => C:\Users\gwlad\AppData\Roaming\uTorrent\uTorrent.exe [1908920 2019-01-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-06] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [HP OfficeJet Pro 9010 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4072864 2020-10-29] (HP Inc -> HP Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [CCleanerBrowserAutoLaunch_38A5B7C68A62DD6637873EE23A77EFD8] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [ut] => C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe [2258952 2023-08-07] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-24] (Adobe Inc. -> Adobe)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\gwlad\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [63608752 2023-09-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\gwlad\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [Uninstall 23.158.0730.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\gwlad\AppData\Local\Microsoft\OneDrive\23.158.0730.0001" [0 2023-09-03] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Print\Monitors\EPSON XP-215 217 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLGE.DLL [179712 2014-12-03] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [115592 2019-02-10] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\115.0.21984.173\Installer\chrmstp.exe [2023-08-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.173\Installer\chrmstp.exe [2023-08-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-10-04]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {A0B539FD-7EC3-45E4-806F-0372F6CE1295} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {6BB6B95D-8491-4696-8DB9-A772D97CAC30} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-24] (Adobe Inc. -> Adobe)
Task: {8861D3C0-AA23-4AA7-834C-2EF1F5725095} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {538DD50C-66B0-422D-A36A-AFCC9194C4DD} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {8A3B0E5B-68A3-4DFF-A23A-AD8059683B5B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8CC9B599-B9DC-4A0B-9570-9ED25C9F84E1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9b3194b1-39c5-4705-bd86-53ef1640a0af" --version "6.15.10623" --silent
Task: {580B6182-E43C-4AB6-8058-A8DF9E799513} - System32\Tasks\CCleanerSkipUAC - gwlad => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {765F93BB-FE79-4124-86F5-DD30B64BD287} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {02610DEE-7C14-4598-904C-3CBA9EA32E28} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {5BD2BA32-DD08-449B-876C-04C523909AD9} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [511344 2015-06-19] (Dropbox, Inc -> )
Task: {27CF6463-CE34-4FE0-A2F9-F7DFA5B859B5} - System32\Tasks\G2MUpdateTask-S-1-5-21-201739809-433715794-94216092-1001 => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [41536 2016-10-04] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {57C00A7E-AF31-4F55-8653-20BB6937EE3D} - System32\Tasks\G2MUploadTask-S-1-5-21-201739809-433715794-94216092-1001 => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [41536 2016-10-04] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {FD2350C7-1AC1-4A5F-9DDD-1884E78432DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-23] (Google Inc -> Google Inc.)
Task: {CB7769C8-042A-418D-8442-D37F480209C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-23] (Google Inc -> Google Inc.)
Task: {B81111A3-00A2-4B27-BCC8-8748BEF2B91C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-07-25] (HP Inc. -> HP Inc.)
Task: {0784C1FE-D6DC-465D-87AC-F5FF0463BBD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-07-25] (HP Inc. -> HP Inc.)
Task: {4454A670-E2A3-48FF-8F4E-A9B2A9B4A1CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {92DB55F1-A05E-436B-962A-3A874FAA3849} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [230960 2023-07-25] (HP Inc. -> HP Inc.)
Task: {A2C1980E-D790-4B87-8D3A-530C4FB8725C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {AA01395D-3842-41D7-948D-E9D6CCA1804C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {F842121E-1E2E-4C98-89DE-AE72AA6C725E} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653576 2018-04-17] (Hewlett Packard -> HP Inc.)
Task: {86C6578E-4B34-4A04-921F-68EC84BC899B} - System32\Tasks\HPCustParticipation HP Officejet 2620 series => C:\Program Files\HP\HP Officejet 2620 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {925AC1CC-92C7-4D57-A7FE-7AC71FC32BE3} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 9010 series => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPCustPartic.exe [6718880 2020-11-03] (HP Inc -> HP Inc.)
Task: {B6BAE375-BE0E-4C45-BDFA-E59BD243F6BC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9852F1B2-962F-426E-B2FD-DAFB4A034F68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {83B35B74-3408-4336-89BB-AAE482ED6831} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124568 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FC3D520-0B94-491F-8C88-5AC55626A0B2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124568 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E7261EB-1E40-4FB8-80F6-EB26AAF76F03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {757030B4-3C77-4B48-B7CB-D916BBF7E074} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {083FC7B2-C95A-4421-ADF3-30A5FF472EEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCD3F163-004F-477A-BD7A-94A1CFBC29F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27BCCA32-8356-4D68-820F-1CA20E477B8F} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [609696 2023-08-17] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {39E9D68F-B83E-4AE5-80A6-24093F904D13} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [683424 2023-08-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {6C572819-976B-49D5-BED5-5190805CAFDF} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6592376 2016-11-24] (Nero AG -> Nero AG)
Task: {4BD52D95-7CFF-42FE-A79B-8D4B92F65C8F} - System32\Tasks\Toolbox.exe_{4C8B1935-5735-4DAA-AF7A-A1B69E767367} => C:\Program Files\HP\HP DeskJet 2600 series\Bin\Toolbox.exe [6304904 2018-04-17] (Hewlett Packard -> HP Inc.)
Task: {FFD20D11-FD42-4A97-961C-AD94B77FC1A2} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [517480 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {2F67B99A-59FC-4263-A95A-6BF83CE44BDD} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [474472 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {468AFCC8-DDA4-47C5-B4FE-4F12DB6249A4} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-07-01] (CyberLink Corp. -> CyberLink Corp.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-201739809-433715794-94216092-1001.job => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-201739809-433715794-94216092-1001.job => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5cdc0979-8b49-435d-b0de-67dc9e420423}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7cc08029-bb26-436e-a650-8cdc8744ccde}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gwlad\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-02]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: bQc3wgCb.default
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Oxylane\ONconnect\Profiles\hi2d9p4l.default [2019-02-10]
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\ahghf0cz.default-release-1614620409472 [2023-08-28]
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\bQc3wgCb.default [2019-03-24]
FF NewTab: Mozilla\Firefox\Profiles\bQc3wgCb.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180617__yaff
FF Extension: (Avira Browser Safety) - C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\bQc3wgCb.default\Extensions\abs@avira.com.xpi [2016-02-22] []
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-24] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-24] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] (WildTangent Inc -> )
FF Plugin HKU\S-1-5-21-201739809-433715794-94216092-1001: @citrixonline.com/appdetectorplugin -> C:\Users\gwlad\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-03-07] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR Profile: C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default [2023-09-03]
CHR DownloadDir: C:\Users\gwlad\Desktop
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://google/"
CHR Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-05-08]
CHR Extension: (Protection Web Avira) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-11-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] (Realtek Semiconductor Corp -> )
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\115.0.21984.173\elevation_service.exe [2037288 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448 2023-02-06] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent Inc -> WildTangent)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888208 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [887192 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883088 2023-07-25] (HP Inc. -> HP Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-08-13] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [887696 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-21] (Malwarebytes Inc. -> Malwarebytes)
R2 MEmuSVC; C:\Users\gwlad\Desktop\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; "c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222672 2023-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2023-03-03] (北京铠信神州科技有限责任公司 -> )
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; pas de ImagePath
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S3 MpKslbc223184; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5AED0B0B-A978-4D5F-8DDA-AD6C96A27E2E}\MpKslDrv.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 10:25 - 2023-09-03 10:30 - 000039225 _____ C:\Users\gwlad\Desktop\FRST.txt
2023-08-28 20:21 - 2023-08-28 20:21 - 000325337 _____ C:\Users\gwlad\Downloads\document.pdf
2023-08-17 18:08 - 2023-08-28 20:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-08-13 20:46 - 2023-08-13 20:46 - 000158010 _____ C:\Users\gwlad\Downloads\Avis_de_situation_81144704400017_13_08_2023 20_46_11.pdf
2023-08-13 20:44 - 2023-08-13 20:44 - 000157679 _____ C:\Users\gwlad\Downloads\Avis_de_situation_81144704400025_13_08_2023 20_44_54.pdf
2023-08-13 20:40 - 2023-08-13 20:40 - 000018423 _____ C:\Users\gwlad\Downloads\Extrait KBis_1725360_.pdf
2023-08-13 18:36 - 2023-08-13 18:36 - 000000000 ___HD C:\$WinREAgent
2023-08-04 12:21 - 2023-08-04 12:21 - 005021250 _____ C:\Users\gwlad\Downloads\ARE Gwladys _230804_122126.pdf
2023-08-04 11:57 - 2023-08-04 11:57 - 000407698 _____ C:\Users\gwlad\Downloads\Document_de_Synthese_J00029500683_v1.pdf
2023-08-04 11:40 - 2023-08-04 11:40 - 000090020 _____ C:\Users\gwlad\Downloads\JUSTIFICATIF_ABONNEMENT_20230804.pdf
2023-08-04 11:31 - 2023-08-04 11:31 - 000010558 _____ C:\Users\gwlad\Downloads\DeclarationNonCondamnationEtFiliation.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 10:46 - 2016-02-22 17:52 - 000000000 ____D C:\Users\gwlad\AppData\Roaming\uTorrent
2023-09-03 10:39 - 2020-11-04 10:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-03 10:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-03 10:35 - 2020-11-28 11:36 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E332CEF8-7F19-4B87-9DF4-C795392BD0D2}
2023-09-03 10:28 - 2023-03-26 12:50 - 000000000 ____D C:\FRST
2023-09-03 10:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-03 10:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-03 10:24 - 2023-05-08 09:53 - 000000000 ____D C:\Users\gwlad\Desktop\FRST-OlderVersion
2023-09-03 10:24 - 2023-03-26 12:49 - 002382336 _____ (Farbar) C:\Users\gwlad\Desktop\FRST64.exe
2023-09-03 10:19 - 2022-01-12 22:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-03 10:19 - 2016-02-23 20:27 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-03 10:07 - 2021-08-19 12:14 - 000000000 ____D C:\Users\gwlad\Documents\YouCam
2023-09-03 10:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-03 10:02 - 2017-06-13 10:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-09-03 09:59 - 2020-11-18 22:37 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-03 09:58 - 2016-02-22 15:27 - 000000000 ___RD C:\Users\gwlad\OneDrive
2023-09-03 09:57 - 2021-12-14 12:14 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-201739809-433715794-94216092-1001
2023-09-03 09:57 - 2020-11-28 11:36 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-201739809-433715794-94216092-1001
2023-09-03 09:57 - 2020-11-28 11:05 - 000002420 _____ C:\Users\gwlad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-03 09:53 - 2022-12-31 16:24 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2023-09-03 09:53 - 2019-03-22 12:24 - 000000000 ____D C:\Program Files\CCleaner
2023-09-03 09:51 - 2019-10-16 20:06 - 000000000 ____D C:\Users\gwlad\AppData\Local\BitTorrentHelper
2023-09-03 09:47 - 2023-05-16 18:54 - 000000000 ____D C:\Users\gwlad\AppData\Local\Malwarebytes
2023-09-03 09:47 - 2017-10-01 19:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-09-03 09:47 - 2016-02-22 15:24 - 000000000 __SHD C:\Users\gwlad\IntelGraphicsProfiles
2023-09-03 09:43 - 2020-11-28 11:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-03 09:43 - 2020-11-28 10:57 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-03 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-28 20:35 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-08-28 20:33 - 2023-06-16 10:36 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-28 20:33 - 2020-03-16 15:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-28 20:20 - 2020-11-28 11:36 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-28 20:19 - 2022-10-19 20:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-28 20:18 - 2023-05-22 18:38 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-28 20:18 - 2022-10-16 17:26 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-28 20:03 - 2020-03-16 15:44 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-28 19:58 - 2020-11-28 10:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-17 18:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-17 18:17 - 2022-09-29 18:17 - 000003468 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-17 18:17 - 2020-11-28 11:36 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-17 18:09 - 2018-09-03 20:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-13 21:22 - 2020-11-28 11:19 - 001839268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-13 21:22 - 2019-12-07 16:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-13 21:22 - 2019-12-07 16:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-13 21:16 - 2020-11-28 10:57 - 000485352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-13 20:49 - 2022-12-31 16:28 - 000002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2023-08-13 20:46 - 2019-03-18 21:35 - 000000000 ____D C:\Users\gwlad\Desktop\LMNP Gwladys
2023-08-13 19:41 - 2020-07-01 11:41 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-13 19:11 - 2020-11-28 11:02 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-13 18:57 - 2020-12-18 21:24 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-08-13 18:57 - 2020-12-14 09:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-08-13 18:28 - 2016-02-22 18:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-13 18:16 - 2015-10-23 19:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-13 18:05 - 2016-02-22 18:52 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-08 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-08-08 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-08-08 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-08 09:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-08 09:08 - 2020-12-03 10:25 - 000000000 ____D C:\Users\gwlad\Desktop\Maison ISTRES
2023-08-08 09:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-07 10:48 - 2020-12-03 10:24 - 000000000 ____D C:\Users\gwlad\Desktop\GWLADYS
2023-08-04 11:47 - 2015-10-23 19:45 - 000000000 ____D C:\Program Files\HP
==================== Fichiers à la racine de certains dossiers ========
2023-03-04 18:43 - 2023-03-04 18:43 - 000000027 _____ () C:\Users\gwlad\AppData\Roaming\epm_user.ini
2019-02-09 13:32 - 2023-09-03 09:48 - 000927093 _____ () C:\Users\gwlad\AppData\Local\BTServer.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{ed55dc34-79fb-11e5-a1fb-ec7a3790a6d4}
{ed55dc35-79fb-11e5-a1fb-ec7a3790a6d4}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {a15d0260-3157-11eb-9f41-a4e363aad12a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {59bf328b-afa5-11e8-8176-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {ed55dc34-79fb-11e5-a1fb-ec7a3790a6d4}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {ed55dc35-79fb-11e5-a1fb-ec7a3790a6d4}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {ed756a88-79a9-11e5-9bca-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {ec0fc404-3157-11eb-9c35-a5c2ae40ee0a}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {a15d0260-3157-11eb-9f41-a4e363aad12a}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {ec0fc404-3157-11eb-9c35-a5c2ae40ee0a}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{ec0fc405-3157-11eb-9c35-a5c2ae40ee0a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{ec0fc405-3157-11eb-9c35-a5c2ae40ee0a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {ecc108ff-1b8a-11e6-9bdd-b05adaea86e9}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{ecc10900-1b8a-11e6-9bdd-b05adaea86e9}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{ecc10900-1b8a-11e6-9bdd-b05adaea86e9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {a15d0260-3157-11eb-9f41-a4e363aad12a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {ec0fc404-3157-11eb-9c35-a5c2ae40ee0a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {ec0fc405-3157-11eb-9c35-a5c2ae40ee0a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par gwlad (administrateur) sur DESKTOP-1DIMEJF (HP HP Notebook) (03-09-2023 10:25:27)
Exécuté depuis C:\Users\gwlad\Desktop\FRST64.exe
Profils chargés: gwlad
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3324 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\CCleaner Browser\Update\Install\{F09B222A-110B-460A-994A-07042FC85E6A}\CCleanerBrowserInstallerIncremental-115.0.21984.173.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\Install\{F09B222A-110B-460A-994A-07042FC85E6A}\CR_F22AF.tmp\setup.exe <2>
(C:\Program Files (x86)\Citrix\ICA Client\concentr.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler.exe
(C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.292\GoogleCrashHandler64.exe
(C:\Program Files (x86)\Google\Update\Install\{AA521581-E461-4A2D-84E5-DE27AD11537E}\116.0.5845.141_chrome_installer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{AA521581-E461-4A2D-84E5-DE27AD11537E}\CR_8D8D5.tmp\setup.exe <2>
(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\BridgeCommunication.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\gwlad\AppData\Roaming\uTorrent\helper\helper.exe
(C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\gwlad\AppData\Roaming\uTorrent\updates\updates\3.6.0_46884\utorrentie.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <38>
(explorer.exe ->) (HP Inc -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Rainberry Inc -> BitTorrent Inc.) C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\Install\{AA521581-E461-4A2D-84E5-DE27AD11537E}\116.0.5845.141_chrome_installer.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe <2>
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\Install\{F09B222A-110B-460A-994A-07042FC85E6A}\CCleanerBrowserInstallerIncremental-115.0.21984.173.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\ENS\ensserver.exe
(services.exe ->) (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe
(services.exe ->) (Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(services.exe ->) (philandro Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe <2>
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Shanghai Microvirt Software Technology Co., Ltd. -> ) C:\Users\gwlad\Desktop\Microvirt\MEmu\MemuService.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(services.exe ->) (WildTangent Inc -> WildTangent, Inc.) C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
(svchost.exe ->) (Citrix Systems, Inc. -> Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(svchost.exe ->) (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8911872 2016-10-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [555920 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [402320 2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [uTorrent] => C:\Users\gwlad\AppData\Roaming\uTorrent\uTorrent.exe [1908920 2019-01-31] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-10-06] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4374376 2023-07-28] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [HP OfficeJet Pro 9010 series (NET)] => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\ScanToPCActivationApp.exe [4072864 2020-10-29] (HP Inc -> HP Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [41584544 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [CCleanerBrowserAutoLaunch_38A5B7C68A62DD6637873EE23A77EFD8] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\Run: [ut] => C:\Users\gwlad\AppData\Roaming\uTorrent\updates\utorrent.exe [2258952 2023-08-07] (Rainberry Inc -> BitTorrent Inc.)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-24] (Adobe Inc. -> Adobe)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\gwlad\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [63608752 2023-09-03] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\gwlad\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier)
HKU\S-1-5-21-201739809-433715794-94216092-1001\...\RunOnce: [Uninstall 23.158.0730.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\gwlad\AppData\Local\Microsoft\OneDrive\23.158.0730.0001" [0 2023-09-03] () <==== ATTENTION [zéro octet Fichier/Dossier]
HKLM\...\Print\Monitors\EPSON XP-215 217 Series 64MonitorBE: C:\WINDOWS\system32\E_ILMBLGE.DLL [179712 2014-12-03] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [432648 2015-07-11] (Microsoft Windows Hardware Compatibility Publisher -> HP)
HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [115592 2019-02-10] (pdfforge GmbH -> pdfforge GmbH)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\115.0.21984.173\Installer\chrmstp.exe [2023-08-13] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\115.0.5790.173\Installer\chrmstp.exe [2023-08-18] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2021-10-04]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (philandro Software GmbH -> AnyDesk Software GmbH)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {A0B539FD-7EC3-45E4-806F-0372F6CE1295} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {6BB6B95D-8491-4696-8DB9-A772D97CAC30} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_371_Plugin.exe [1458232 2020-05-24] (Adobe Inc. -> Adobe)
Task: {8861D3C0-AA23-4AA7-834C-2EF1F5725095} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {538DD50C-66B0-422D-A36A-AFCC9194C4DD} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [3375072 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {8A3B0E5B-68A3-4DFF-A23A-AD8059683B5B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8CC9B599-B9DC-4A0B-9570-9ED25C9F84E1} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "9b3194b1-39c5-4705-bd86-53ef1640a0af" --version "6.15.10623" --silent
Task: {580B6182-E43C-4AB6-8058-A8DF9E799513} - System32\Tasks\CCleanerSkipUAC - gwlad => C:\Program Files\CCleaner\CCleaner.exe [34687904 2023-08-11] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {765F93BB-FE79-4124-86F5-DD30B64BD287} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {02610DEE-7C14-4598-904C-3CBA9EA32E28} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
Task: {5BD2BA32-DD08-449B-876C-04C523909AD9} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [511344 2015-06-19] (Dropbox, Inc -> )
Task: {27CF6463-CE34-4FE0-A2F9-F7DFA5B859B5} - System32\Tasks\G2MUpdateTask-S-1-5-21-201739809-433715794-94216092-1001 => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe [41536 2016-10-04] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {57C00A7E-AF31-4F55-8653-20BB6937EE3D} - System32\Tasks\G2MUploadTask-S-1-5-21-201739809-433715794-94216092-1001 => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe [41536 2016-10-04] (Citrix Online -> Citrix Online, a division of Citrix Systems, Inc.)
Task: {FD2350C7-1AC1-4A5F-9DDD-1884E78432DA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-23] (Google Inc -> Google Inc.)
Task: {CB7769C8-042A-418D-8442-D37F480209C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-23] (Google Inc -> Google Inc.)
Task: {B81111A3-00A2-4B27-BCC8-8748BEF2B91C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [702512 2023-07-25] (HP Inc. -> HP Inc.)
Task: {0784C1FE-D6DC-465D-87AC-F5FF0463BBD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2023-07-25] (HP Inc. -> HP Inc.)
Task: {4454A670-E2A3-48FF-8F4E-A9B2A9B4A1CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {92DB55F1-A05E-436B-962A-3A874FAA3849} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [230960 2023-07-25] (HP Inc. -> HP Inc.)
Task: {A2C1980E-D790-4B87-8D3A-530C4FB8725C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1145896 2023-07-25] (HP Inc. -> HP Inc.)
Task: {AA01395D-3842-41D7-948D-E9D6CCA1804C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {F842121E-1E2E-4C98-89DE-AE72AA6C725E} - System32\Tasks\HPCustParticipation HP DeskJet 2600 series => C:\Program Files\HP\HP DeskJet 2600 series\Bin\HPCustPartic.exe [6653576 2018-04-17] (Hewlett Packard -> HP Inc.)
Task: {86C6578E-4B34-4A04-921F-68EC84BC899B} - System32\Tasks\HPCustParticipation HP Officejet 2620 series => C:\Program Files\HP\HP Officejet 2620 series\Bin\HPCustPartic.exe [5745672 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {925AC1CC-92C7-4D57-A7FE-7AC71FC32BE3} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 9010 series => C:\Program Files\HP\HP OfficeJet Pro 9010 series\Bin\HPCustPartic.exe [6718880 2020-11-03] (HP Inc -> HP Inc.)
Task: {B6BAE375-BE0E-4C45-BDFA-E59BD243F6BC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9852F1B2-962F-426E-B2FD-DAFB4A034F68} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26656848 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {83B35B74-3408-4336-89BB-AAE482ED6831} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124568 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FC3D520-0B94-491F-8C88-5AC55626A0B2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [124568 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {8E7261EB-1E40-4FB8-80F6-EB26AAF76F03} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {757030B4-3C77-4B48-B7CB-D916BBF7E074} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {083FC7B2-C95A-4421-ADF3-30A5FF472EEC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CCD3F163-004F-477A-BD7A-94A1CFBC29F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MpCmdRun.exe [1596320 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27BCCA32-8356-4D68-820F-1CA20E477B8F} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe [609696 2023-08-17] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {39E9D68F-B83E-4AE5-80A6-24093F904D13} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [683424 2023-08-17] (Mozilla Corporation -> Mozilla Foundation)
Task: {6C572819-976B-49D5-BED5-5190805CAFDF} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [6592376 2016-11-24] (Nero AG -> Nero AG)
Task: {4BD52D95-7CFF-42FE-A79B-8D4B92F65C8F} - System32\Tasks\Toolbox.exe_{4C8B1935-5735-4DAA-AF7A-A1B69E767367} => C:\Program Files\HP\HP DeskJet 2600 series\Bin\Toolbox.exe [6304904 2018-04-17] (Hewlett Packard -> HP Inc.)
Task: {FFD20D11-FD42-4A97-961C-AD94B77FC1A2} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [517480 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {2F67B99A-59FC-4263-A95A-6BF83CE44BDD} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [474472 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {468AFCC8-DDA4-47C5-B4FE-4F12DB6249A4} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [515512 2015-07-01] (CyberLink Corp. -> CyberLink Corp.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-201739809-433715794-94216092-1001.job => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-201739809-433715794-94216092-1001.job => C:\Users\gwlad\AppData\Local\Citrix\GoToMeeting\5636\g2mupload.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3: <==== ATTENTION (Restriction - Zones)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5cdc0979-8b49-435d-b0de-67dc9e420423}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7cc08029-bb26-436e-a650-8cdc8744ccde}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\gwlad\AppData\Local\Microsoft\Edge\User Data\Default [2023-07-02]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: bQc3wgCb.default
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Oxylane\ONconnect\Profiles\hi2d9p4l.default [2019-02-10]
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\ahghf0cz.default-release-1614620409472 [2023-08-28]
FF ProfilePath: C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\bQc3wgCb.default [2019-03-24]
FF NewTab: Mozilla\Firefox\Profiles\bQc3wgCb.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10454__180617__yaff
FF Extension: (Avira Browser Safety) - C:\Users\gwlad\AppData\Roaming\Mozilla\Firefox\Profiles\bQc3wgCb.default\Extensions\abs@avira.com.xpi [2016-02-22] []
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_371.dll [2020-05-24] (Adobe Inc. -> )
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2023-08-19] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_371.dll [2020-05-24] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2018-08-20] (Citrix Systems, Inc. -> Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1583.3\npCCleanerBrowserUpdate3.dll [2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] (WildTangent Inc -> )
FF Plugin HKU\S-1-5-21-201739809-433715794-94216092-1001: @citrixonline.com/appdetectorplugin -> C:\Users\gwlad\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-03-07] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR Profile: C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default [2023-09-03]
CHR DownloadDir: C:\Users\gwlad\Desktop
CHR Notifications: Default -> hxxps://www.facebook.com
CHR StartupUrls: Default -> "hxxp://google/"
CHR Extension: (Avast SafePrice | Comparateur de prix, offres, coupons) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2023-05-08]
CHR Extension: (Protection Web Avira) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2022-11-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-06-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-09-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\gwlad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-17]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [3853384 2022-08-12] (philandro Software GmbH -> AnyDesk Software GmbH)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [121560 2015-07-20] (Realtek Semiconductor Corp -> )
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\115.0.21984.173\elevation_service.exe [2037288 2023-08-04] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [208176 2022-12-31] (PIRIFORM SOFTWARE LIMITED -> Piriform Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11878368 2023-08-13] (Microsoft Corporation -> Microsoft Corporation)
R2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [32448 2023-02-06] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent Inc -> WildTangent)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [888208 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [887192 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [883088 2023-07-25] (HP Inc. -> HP Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-08-13] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [887696 2023-07-25] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-10-23] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9283096 2023-08-21] (Malwarebytes Inc. -> Malwarebytes)
R2 MEmuSVC; C:\Users\gwlad\Desktop\Microvirt\MEmu\MemuService.exe [85304 2019-07-02] (Shanghai Microvirt Software Technology Co., Ltd. -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13206544 2020-03-09] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\NisSrv.exe [3104488 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23070.1004-0\MsMpEng.exe [133576 2023-08-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HPSupportSolutionsFrameworkService; "c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 clwvd6; C:\WINDOWS\System32\drivers\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> )
R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R1 EUEDKEPM; C:\WINDOWS\system32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222672 2023-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-02-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 MDA_NTDRV; C:\WINDOWS\system32\MDA_NTDRV.sys [21208 2023-03-03] (北京铠信神州科技有限责任公司 -> )
R1 MEmuDrv; C:\WINDOWS\system32\DRIVERS\MEmuDrv.sys [319192 2019-09-21] (Shanghai Microvirt Software Technology Co., Ltd. -> Maiwei Corporation)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55704 2023-08-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572656 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [104688 2023-08-17] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)
U3 aspnet_state; pas de ImagePath
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus2.sys [X]
S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X]
S3 MpKslbc223184; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5AED0B0B-A978-4D5F-8DDA-AD6C96A27E2E}\MpKslDrv.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 10:25 - 2023-09-03 10:30 - 000039225 _____ C:\Users\gwlad\Desktop\FRST.txt
2023-08-28 20:21 - 2023-08-28 20:21 - 000325337 _____ C:\Users\gwlad\Downloads\document.pdf
2023-08-17 18:08 - 2023-08-28 20:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-08-13 20:46 - 2023-08-13 20:46 - 000158010 _____ C:\Users\gwlad\Downloads\Avis_de_situation_81144704400017_13_08_2023 20_46_11.pdf
2023-08-13 20:44 - 2023-08-13 20:44 - 000157679 _____ C:\Users\gwlad\Downloads\Avis_de_situation_81144704400025_13_08_2023 20_44_54.pdf
2023-08-13 20:40 - 2023-08-13 20:40 - 000018423 _____ C:\Users\gwlad\Downloads\Extrait KBis_1725360_.pdf
2023-08-13 18:36 - 2023-08-13 18:36 - 000000000 ___HD C:\$WinREAgent
2023-08-04 12:21 - 2023-08-04 12:21 - 005021250 _____ C:\Users\gwlad\Downloads\ARE Gwladys _230804_122126.pdf
2023-08-04 11:57 - 2023-08-04 11:57 - 000407698 _____ C:\Users\gwlad\Downloads\Document_de_Synthese_J00029500683_v1.pdf
2023-08-04 11:40 - 2023-08-04 11:40 - 000090020 _____ C:\Users\gwlad\Downloads\JUSTIFICATIF_ABONNEMENT_20230804.pdf
2023-08-04 11:31 - 2023-08-04 11:31 - 000010558 _____ C:\Users\gwlad\Downloads\DeclarationNonCondamnationEtFiliation.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-09-03 10:46 - 2016-02-22 17:52 - 000000000 ____D C:\Users\gwlad\AppData\Roaming\uTorrent
2023-09-03 10:39 - 2020-11-04 10:42 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-09-03 10:39 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-09-03 10:35 - 2020-11-28 11:36 - 000004170 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E332CEF8-7F19-4B87-9DF4-C795392BD0D2}
2023-09-03 10:28 - 2023-03-26 12:50 - 000000000 ____D C:\FRST
2023-09-03 10:25 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-09-03 10:25 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-09-03 10:24 - 2023-05-08 09:53 - 000000000 ____D C:\Users\gwlad\Desktop\FRST-OlderVersion
2023-09-03 10:24 - 2023-03-26 12:49 - 002382336 _____ (Farbar) C:\Users\gwlad\Desktop\FRST64.exe
2023-09-03 10:19 - 2022-01-12 22:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-09-03 10:19 - 2016-02-23 20:27 - 000000000 ____D C:\Program Files (x86)\Google
2023-09-03 10:07 - 2021-08-19 12:14 - 000000000 ____D C:\Users\gwlad\Documents\YouCam
2023-09-03 10:05 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-09-03 10:02 - 2017-06-13 10:13 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2023-09-03 09:59 - 2020-11-18 22:37 - 000000000 ____D C:\Program Files (x86)\Steam
2023-09-03 09:58 - 2016-02-22 15:27 - 000000000 ___RD C:\Users\gwlad\OneDrive
2023-09-03 09:57 - 2021-12-14 12:14 - 000003576 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-201739809-433715794-94216092-1001
2023-09-03 09:57 - 2020-11-28 11:36 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-201739809-433715794-94216092-1001
2023-09-03 09:57 - 2020-11-28 11:05 - 000002420 _____ C:\Users\gwlad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-09-03 09:53 - 2022-12-31 16:24 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2023-09-03 09:53 - 2019-03-22 12:24 - 000000000 ____D C:\Program Files\CCleaner
2023-09-03 09:51 - 2019-10-16 20:06 - 000000000 ____D C:\Users\gwlad\AppData\Local\BitTorrentHelper
2023-09-03 09:47 - 2023-05-16 18:54 - 000000000 ____D C:\Users\gwlad\AppData\Local\Malwarebytes
2023-09-03 09:47 - 2017-10-01 19:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-09-03 09:47 - 2016-02-22 15:24 - 000000000 __SHD C:\Users\gwlad\IntelGraphicsProfiles
2023-09-03 09:43 - 2020-11-28 11:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-09-03 09:43 - 2020-11-28 10:57 - 000008192 ___SH C:\DumpStack.log.tmp
2023-09-03 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-08-28 20:35 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2023-08-28 20:33 - 2023-06-16 10:36 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-08-28 20:33 - 2020-03-16 15:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-08-28 20:20 - 2020-11-28 11:36 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2023-08-28 20:19 - 2022-10-19 20:26 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-08-28 20:18 - 2023-05-22 18:38 - 000002068 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2023-08-28 20:18 - 2022-10-16 17:26 - 000002080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-08-28 20:03 - 2020-03-16 15:44 - 000001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-08-28 19:58 - 2020-11-28 10:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-08-17 18:27 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-08-17 18:17 - 2022-09-29 18:17 - 000003468 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-08-17 18:17 - 2020-11-28 11:36 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-08-17 18:09 - 2018-09-03 20:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-08-13 21:22 - 2020-11-28 11:19 - 001839268 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-08-13 21:22 - 2019-12-07 16:49 - 000794488 _____ C:\WINDOWS\system32\perfh00C.dat
2023-08-13 21:22 - 2019-12-07 16:49 - 000150602 _____ C:\WINDOWS\system32\perfc00C.dat
2023-08-13 21:16 - 2020-11-28 10:57 - 000485352 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-08-13 21:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
2023-08-13 20:49 - 2022-12-31 16:28 - 000002392 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2023-08-13 20:46 - 2019-03-18 21:35 - 000000000 ____D C:\Users\gwlad\Desktop\LMNP Gwladys
2023-08-13 19:41 - 2020-07-01 11:41 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-08-13 19:11 - 2020-11-28 11:02 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-08-13 18:57 - 2020-12-18 21:24 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2023-08-13 18:57 - 2020-12-14 09:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP
2023-08-13 18:28 - 2016-02-22 18:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-08-13 18:16 - 2015-10-23 19:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2023-08-13 18:05 - 2016-02-22 18:52 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-08-08 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-08-08 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-08-08 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-08-08 09:20 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-08-08 09:08 - 2020-12-03 10:25 - 000000000 ____D C:\Users\gwlad\Desktop\Maison ISTRES
2023-08-08 09:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-08-07 10:48 - 2020-12-03 10:24 - 000000000 ____D C:\Users\gwlad\Desktop\GWLADYS
2023-08-04 11:47 - 2015-10-23 19:45 - 000000000 ____D C:\Program Files\HP
==================== Fichiers à la racine de certains dossiers ========
2023-03-04 18:43 - 2023-03-04 18:43 - 000000027 _____ () C:\Users\gwlad\AppData\Roaming\epm_user.ini
2019-02-09 13:32 - 2023-09-03 09:48 - 000927093 _____ () C:\Users\gwlad\AppData\Local\BTServer.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{ed55dc34-79fb-11e5-a1fb-ec7a3790a6d4}
{ed55dc35-79fb-11e5-a1fb-ec7a3790a6d4}
timeout 0
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\bootmgfw.efi
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {a15d0260-3157-11eb-9f41-a4e363aad12a}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Application logicielle (101fffff)
--------------------------------
identificateur {59bf328b-afa5-11e8-8176-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Application logicielle (101fffff)
--------------------------------
identificateur {ed55dc34-79fb-11e5-a1fb-ec7a3790a6d4}
description EFI USB Device
Application logicielle (101fffff)
--------------------------------
identificateur {ed55dc35-79fb-11e5-a1fb-ec7a3790a6d4}
description EFI DVD/CDROM
Application logicielle (101fffff)
--------------------------------
identificateur {ed756a88-79a9-11e5-9bca-806e6f6e6963}
description Internal Hard Disk or Solid State Disk
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {ec0fc404-3157-11eb-9c35-a5c2ae40ee0a}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {a15d0260-3157-11eb-9f41-a4e363aad12a}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {ec0fc404-3157-11eb-9c35-a5c2ae40ee0a}
device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{ec0fc405-3157-11eb-9c35-a5c2ae40ee0a}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{ec0fc405-3157-11eb-9c35-a5c2ae40ee0a}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Chargeur de démarrage Windows
-----------------------------
identificateur {ecc108ff-1b8a-11e6-9bdd-b05adaea86e9}
device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{ecc10900-1b8a-11e6-9bdd-b05adaea86e9}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{ecc10900-1b8a-11e6-9bdd-b05adaea86e9}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {a15d0260-3157-11eb-9f41-a4e363aad12a}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {ec0fc404-3157-11eb-9c35-a5c2ae40ee0a}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {ec0fc405-3157-11eb-9c35-a5c2ae40ee0a}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume4
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================