Publicité
Publicité
Commentaire : FRST
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2023
Exécuté par User (administrateur) sur LAPTOP-VOHE0TUH (HP HP Laptop) (11-10-2023 01:41:48)
Exécuté depuis C:\Users\User\Downloads\FRST64.exe
Profils chargés: User
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(CompatTelRunner.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(services.exe ->) (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(services.exe ->) (WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.399.369.0.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKU\S-1-5-21-1715825954-4040960361-2716407328-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1715825954-4040960361-2716407328-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2492168 2022-03-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1715825954-4040960361-2716407328-1001\...\Run: [Microsoft Edge Update] => C:\Users\User\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-30] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0231B928-2A62-495F-9F10-1CA00073B872} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {D7232123-91B8-4FA3-A314-F3D35A87F43C} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1AAF6735-B914-416C-8548-503B44A960AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-24] (Google Inc -> Google LLC)
Task: {4FEADD03-83E7-407C-9809-4BE12BC6C3E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-24] (Google Inc -> Google LLC)
Task: {589E0AAC-54B8-4435-A76B-14759EBD3A1C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [412744 2022-07-27] (HP Inc. -> HP Inc.)
Task: {EBF8871A-AAD0-47E5-989C-F6657F196662} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-07-27] (HP Inc. -> HP Inc.)
Task: {8098822C-AB5D-4E6B-85E3-16809E2F5B8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {1245FF93-1FBF-4D4B-9C9F-CFC161B09556} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-07-27] (HP Inc. -> HP Inc.)
Task: {512DA599-62FC-4DEE-ADBF-EA2B8D844276} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {49F55F65-81B9-44E5-8BFE-A5DE45454F1B} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {C1423793-A7C3-4CDC-9EF3-14A1EA894A4C} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [462696 2018-06-01] (HP Inc. -> HP Inc.)
Task: {AE6C7DF1-A8C1-41B1-A9C8-D6D755DFB9CB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {52382B15-1F0E-4974-B270-560253389B1A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4291714-E2F2-44D8-8D4F-5493D610A66C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {12332DCB-270F-4F5B-B3CF-EC91AD3006F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB2DBDAC-D939-4B16-9E99-39DE301283F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4602D886-BFB3-4EB0-A270-746F05D651FE} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001Core{73FA1AB2-090E-45D6-BC79-A7FB95BDBD35} => C:\Users\User\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {55298749-B749-4EC3-81C5-5205817E5BCC} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001UA{796DAAB1-A0D4-48CE-A1E8-CC2C60C9D3B2} => C:\Users\User\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-10-10] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 192.168.213.75
Tcpip\..\Interfaces\{a42d7e05-20a2-43ab-809c-30a079823b6b}: [DhcpNameServer] 192.168.213.75
Tcpip\..\Interfaces\{ee41acc5-7198-4114-820f-a631a7a114f2}: [DhcpNameServer] 192.168.1.254
Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1715825954-4040960361-2716407328-1001 -> about:start
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-10]
Edge DownloadDir: Default -> C:\Users\User\Downloads
Edge HomePage: Default -> edge://newtab/
Edge StartupUrls: Default -> "hxxps://google.fr/"
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-10-11]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.fnac.com
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-24]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-24]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-24]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-10]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-10-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-10]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [448432 2019-11-30] (VMware, Inc. -> VMware, Inc.)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [279664 2019-10-29] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [4361840 2019-10-18] (FabulaTech, LLP -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [761856 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [760864 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [478056 2018-06-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [756720 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [760304 2022-02-25] (HP Inc. -> HP Inc.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [450672 2019-07-26] (FabulaTech, LLP -> VMware)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1579312 2019-11-22] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 MpKsl1afbe595; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CAF7A600-88B0-4D42-B9C0-D27AC91AC252}\MpKslDrv.sys [263560 2023-10-10] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-11 01:41 - 2023-10-11 01:44 - 000019570 _____ C:\Users\User\Downloads\FRST.txt
2023-10-11 01:40 - 2023-10-11 01:43 - 000000000 ____D C:\FRST
2023-10-11 01:38 - 2023-10-11 01:39 - 002383360 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2023-10-11 01:33 - 2023-10-11 01:33 - 000000000 ___HD C:\$WinREAgent
2023-10-11 01:31 - 2023-10-11 01:32 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-10-11 01:31 - 2023-10-11 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-10-11 01:28 - 2023-10-11 01:28 - 005793080 _____ (Crystal Dew World ) C:\Users\User\Downloads\crystaldiskinfo_9-1-1_fr_306038.exe
2023-10-10 14:24 - 2023-10-10 14:25 - 058311208 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup616.exe
2023-10-10 14:09 - 2023-10-10 14:09 - 000004028 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001UA{796DAAB1-A0D4-48CE-A1E8-CC2C60C9D3B2}
2023-10-10 14:09 - 2023-10-10 14:09 - 000003962 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001Core{73FA1AB2-090E-45D6-BC79-A7FB95BDBD35}
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-11 01:38 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-11 01:33 - 2020-06-30 14:18 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Teams
2023-10-11 01:31 - 2018-10-11 07:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-11 01:26 - 2022-01-07 18:18 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-11 01:26 - 2019-09-24 22:25 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-11 01:25 - 2021-05-27 20:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-10-11 01:24 - 2021-05-27 19:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-10 18:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-10 18:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-10 18:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-10 18:24 - 2018-10-11 07:58 - 000000000 ____D C:\ProgramData\Packages
2023-10-10 18:20 - 2019-03-19 12:46 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2023-10-10 18:20 - 2019-03-19 12:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-10 18:17 - 2021-05-27 20:19 - 001923758 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-10 18:17 - 2019-12-07 16:49 - 000834502 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-10 18:17 - 2019-12-07 16:49 - 000168216 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-10 18:13 - 2020-08-25 21:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-10 18:11 - 2021-05-27 19:53 - 000366472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-10 18:10 - 2021-05-27 20:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-10 18:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-10 18:09 - 2021-05-27 19:53 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-10 18:09 - 2019-09-24 22:36 - 000000000 ____D C:\Program Files\CCleaner
2023-10-10 18:08 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-10 18:03 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-10 18:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-10 16:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-10 15:35 - 2021-05-27 19:58 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-10 14:57 - 2021-05-27 20:51 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-10 14:57 - 2021-05-27 20:51 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-10 14:13 - 2019-09-24 22:26 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-10 14:08 - 2020-01-06 20:45 - 000000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2023-10-10 14:07 - 2021-12-11 08:29 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1715825954-4040960361-2716407328-1001
2023-10-10 14:07 - 2021-11-12 09:17 - 000002425 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-10 14:07 - 2021-05-27 20:51 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-10 14:07 - 2021-05-27 20:51 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-10 14:07 - 2021-05-27 20:51 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1715825954-4040960361-2716407328-1001
2023-10-10 14:07 - 2021-04-26 08:45 - 000000000 ___DC C:\WINDOWS\Panther
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par User (administrateur) sur LAPTOP-VOHE0TUH (HP HP Laptop) (11-10-2023 01:41:48)
Exécuté depuis C:\Users\User\Downloads\FRST64.exe
Profils chargés: User
Plate-forme: Microsoft Windows 10 Famille Version 21H2 19044.1889 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(CompatTelRunner.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.312\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
(services.exe ->) (FabulaTech, LLP -> ) C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe
(services.exe ->) (FabulaTech, LLP -> VMware) C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe
(services.exe ->) (WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20970.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.399.369.0.exe
(wuauclt.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11235928 2020-04-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-18] (Realtek Semiconductor Corp. -> Realtek)
HKU\S-1-5-21-1715825954-4040960361-2716407328-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [42614688 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1715825954-4040960361-2716407328-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\User\AppData\Local\Microsoft\Teams\Update.exe [2492168 2022-03-09] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1715825954-4040960361-2716407328-1001\...\Run: [Microsoft Edge Update] => C:\Users\User\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\MicrosoftEdgeUpdateCore.exe [263648 2023-10-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.84\Installer\chrmstp.exe [2022-03-30] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0231B928-2A62-495F-9F10-1CA00073B872} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2022-02-14] (Piriform Software Ltd -> Piriform)
Task: {D7232123-91B8-4FA3-A314-F3D35A87F43C} - System32\Tasks\CCleanerSkipUAC - User => C:\Program Files\CCleaner\CCleaner.exe [35675552 2023-09-08] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {1AAF6735-B914-416C-8548-503B44A960AE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-24] (Google Inc -> Google LLC)
Task: {4FEADD03-83E7-407C-9809-4BE12BC6C3E6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-24] (Google Inc -> Google LLC)
Task: {589E0AAC-54B8-4435-A76B-14759EBD3A1C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [412744 2022-07-27] (HP Inc. -> HP Inc.)
Task: {EBF8871A-AAD0-47E5-989C-F6657F196662} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2022-07-27] (HP Inc. -> HP Inc.)
Task: {8098822C-AB5D-4E6B-85E3-16809E2F5B8F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe /f (Pas de fichier)
Task: {1245FF93-1FBF-4D4B-9C9F-CFC161B09556} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1149512 2022-07-27] (HP Inc. -> HP Inc.)
Task: {512DA599-62FC-4DEE-ADBF-EA2B8D844276} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe /DeviceScanR6 (Pas de fichier)
Task: {49F55F65-81B9-44E5-8BFE-A5DE45454F1B} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644984 2018-07-18] (HP Inc. -> HP Inc.)
Task: {C1423793-A7C3-4CDC-9EF3-14A1EA894A4C} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [462696 2018-06-01] (HP Inc. -> HP Inc.)
Task: {AE6C7DF1-A8C1-41B1-A9C8-D6D755DFB9CB} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {52382B15-1F0E-4974-B270-560253389B1A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F4291714-E2F2-44D8-8D4F-5493D610A66C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {12332DCB-270F-4F5B-B3CF-EC91AD3006F3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DB2DBDAC-D939-4B16-9E99-39DE301283F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpCmdRun.exe [993008 2022-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4602D886-BFB3-4EB0-A270-746F05D651FE} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001Core{73FA1AB2-090E-45D6-BC79-A7FB95BDBD35} => C:\Users\User\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-10-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {55298749-B749-4EC3-81C5-5205817E5BCC} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001UA{796DAAB1-A0D4-48CE-A1E8-CC2C60C9D3B2} => C:\Users\User\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [206288 2023-10-10] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 view-localhost # view localhost server
Tcpip\Parameters: [DhcpNameServer] 192.168.213.75
Tcpip\..\Interfaces\{a42d7e05-20a2-43ab-809c-30a079823b6b}: [DhcpNameServer] 192.168.213.75
Tcpip\..\Interfaces\{ee41acc5-7198-4114-820f-a631a7a114f2}: [DhcpNameServer] 192.168.1.254
Edge:
=======
DownloadDir: C:\Users\User\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-1715825954-4040960361-2716407328-1001 -> about:start
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\User\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-10]
Edge DownloadDir: Default -> C:\Users\User\Downloads
Edge HomePage: Default -> edge://newtab/
Edge StartupUrls: Default -> "hxxps://google.fr/"
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2023-10-11]
CHR Notifications: Default -> hxxps://web.whatsapp.com; hxxps://www.facebook.com; hxxps://www.fnac.com
CHR Extension: (Slides) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-24]
CHR Extension: (Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-24]
CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-03]
CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-24]
CHR Extension: (Sheets) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-10]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2023-10-10]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-02]
CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-03]
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-10]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 client_service; C:\Program Files (x86)\VMware\VMware Horizon View Client\ClientService\horizon_client_service.exe [448432 2019-11-30] (VMware, Inc. -> VMware, Inc.)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [279664 2019-10-29] (FabulaTech, LLP -> )
R2 ftscanmgrhv; C:\Program Files\Common Files\VMware\ScannerRedirection\ftscanmgrhv.exe [4361840 2019-10-18] (FabulaTech, LLP -> )
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [905080 2020-03-18] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [761856 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [760864 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [478056 2018-06-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [756720 2022-02-25] (HP Inc. -> HP Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [760304 2022-02-25] (HP Inc. -> HP Inc.)
S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182128 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 vmwsprrdpwks; C:\Program Files\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [450672 2019-07-26] (FabulaTech, LLP -> VMware)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1579312 2019-11-22] (WildTangent Inc -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-11] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [159864 2021-06-29] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 MpKsl1afbe595; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CAF7A600-88B0-4D42-B9C0-D27AC91AC252}\MpKslDrv.sys [263560 2023-10-10] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167280 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43376 2020-11-11] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-11 01:41 - 2023-10-11 01:44 - 000019570 _____ C:\Users\User\Downloads\FRST.txt
2023-10-11 01:40 - 2023-10-11 01:43 - 000000000 ____D C:\FRST
2023-10-11 01:38 - 2023-10-11 01:39 - 002383360 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2023-10-11 01:33 - 2023-10-11 01:33 - 000000000 ___HD C:\$WinREAgent
2023-10-11 01:31 - 2023-10-11 01:32 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2023-10-11 01:31 - 2023-10-11 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2023-10-11 01:28 - 2023-10-11 01:28 - 005793080 _____ (Crystal Dew World ) C:\Users\User\Downloads\crystaldiskinfo_9-1-1_fr_306038.exe
2023-10-10 14:24 - 2023-10-10 14:25 - 058311208 _____ (Piriform Software Ltd) C:\Users\User\Downloads\ccsetup616.exe
2023-10-10 14:09 - 2023-10-10 14:09 - 000004028 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001UA{796DAAB1-A0D4-48CE-A1E8-CC2C60C9D3B2}
2023-10-10 14:09 - 2023-10-10 14:09 - 000003962 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-1715825954-4040960361-2716407328-1001Core{73FA1AB2-090E-45D6-BC79-A7FB95BDBD35}
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-11 01:38 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-11 01:33 - 2020-06-30 14:18 - 000000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Teams
2023-10-11 01:31 - 2018-10-11 07:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-11 01:26 - 2022-01-07 18:18 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-11 01:26 - 2019-09-24 22:25 - 000000000 ____D C:\Program Files (x86)\Google
2023-10-11 01:25 - 2021-05-27 20:51 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-10-11 01:24 - 2021-05-27 19:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-10 18:32 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-10 18:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-10 18:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-10 18:24 - 2018-10-11 07:58 - 000000000 ____D C:\ProgramData\Packages
2023-10-10 18:20 - 2019-03-19 12:46 - 000000000 __SHD C:\Users\User\IntelGraphicsProfiles
2023-10-10 18:20 - 2019-03-19 12:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-10-10 18:17 - 2021-05-27 20:19 - 001923758 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-10 18:17 - 2019-12-07 16:49 - 000834502 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-10 18:17 - 2019-12-07 16:49 - 000168216 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-10 18:13 - 2020-08-25 21:21 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-10 18:11 - 2021-05-27 19:53 - 000366472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-10 18:10 - 2021-05-27 20:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-10 18:10 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-10-10 18:09 - 2021-05-27 19:53 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-10 18:09 - 2019-09-24 22:36 - 000000000 ____D C:\Program Files\CCleaner
2023-10-10 18:08 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-10 18:04 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-10 18:03 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-10 18:03 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-10 18:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-10 16:15 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-10 15:35 - 2021-05-27 19:58 - 003011072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-10 14:57 - 2021-05-27 20:51 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-10-10 14:57 - 2021-05-27 20:51 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-10-10 14:13 - 2019-09-24 22:26 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-10 14:08 - 2020-01-06 20:45 - 000000000 ____D C:\Users\User\AppData\Roaming\uTorrent
2023-10-10 14:07 - 2021-12-11 08:29 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1715825954-4040960361-2716407328-1001
2023-10-10 14:07 - 2021-11-12 09:17 - 000002425 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-10-10 14:07 - 2021-05-27 20:51 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-10-10 14:07 - 2021-05-27 20:51 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-10-10 14:07 - 2021-05-27 20:51 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1715825954-4040960361-2716407328-1001
2023-10-10 14:07 - 2021-04-26 08:45 - 000000000 ___DC C:\WINDOWS\Panther
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================