Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.04.2024
Exécuté par Sophie & Edouard (administrateur) sur LAPTOP-L9H44I0F (Acer Aspire A317-32) (16-04-2024 17:50:45)
Exécuté depuis C:\Users\sophi\Desktop\FRST64.exe
Profils chargés: Sophie & Edouard
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3447 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(explorer.exe ->) (pCloud International AG -> ) C:\Program Files\pCloud Drive\pCloud.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5c7915eb6b4ff35a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5c7915eb6b4ff35a\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11030.15001.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11030.15001.0_x64__8wekyb3d8bbwe\PhotosApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\sophi\AppData\Local\Microsoft\OneDrive\24.062.0326.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LockScreenContentServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1140000 2020-07-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3302288 2024-02-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.lnk [2195 2023-06-30] () [Fichier non signé]
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Installer\setup.exe [7146552 2024-04-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [391416 2024-03-27] (pCloud International AG -> )
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [MicrosoftEdgeAutoLaunch_6A41901817C056632CE6DFD9A04A243A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-04-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\MountPoints2: {64fa9c78-d728-11ee-950e-e4aaea629772} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\MountPoints2: {a93a2210-1375-11ee-94d7-da63339deae9} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\MountPoints2: {f8b03afa-3ce2-11ec-9457-08979890861c} - "E:\OnePlus_setup.exe" /s
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\WINDOWS\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP DC11 Status Monitor: C:\WINDOWS\system32\hpinkstsDC11LM.dll [391984 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\WINDOWS\system32\HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.123\Installer\chrmstp.exe [2024-04-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\sophi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-01-16]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute:
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {D2CC7121-7B32-4951-9B1A-17B475EBF6ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {B4463785-BEDB-440D-9C2A-A070D0E38217} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {B1B86CB4-A120-4083-A524-B2C4967C1D71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {CD73C03B-E759-45A8-9E65-58C199929B8D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6407.0{0CFF8C33-EAD7-40AF-9AC2-349C457C0D98} => C:\Program Files (x86)\Google\GoogleUpdater\125.0.6407.0\updater.exe [4782880 2024-04-08] (Google LLC -> Google LLC)
Task: {A01BC6DC-600C-4C43-B5C8-4D4616063CA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-02-01] (HP Inc. -> HP Inc.)
Task: {FD604A57-F0CC-49FA-BCEC-53A7B420A961} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-02-01] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {3A645633-A258-443A-AFEB-A9FD49F2CCFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-02-01] (HP Inc. -> HP Inc.)
Task: {AC57FA0B-CB97-4938-B577-49DDE4FAB6EF} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
Task: {DE8DB9BE-545F-4BD1-882D-D273FE61915A} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {1DF5A552-2403-4B8B-A19A-6E6480B03A4F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452976 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {45583234-227C-4A79-9AFD-5EEB59B1E08A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452976 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {921C5340-6B28-42C8-9536-E5C1A38E5FCA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EB3236B-AA86-49BA-83A8-1DD6229EE424} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {782E87E7-6E14-47D1-B73C-51C3934BE5D8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168488 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier)
Task: {B5441D91-7741-40A5-ACA2-E148FA1A9106} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier)
Task: {CFE2CB34-A038-4467-AC3B-D1AD926E4B21} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {440ED7F4-815D-4BFF-BF27-BF94B138D47F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB75C4F3-BD01-463F-BBC1-18A830837628} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC701E64-3E9A-455F-9868-D999F42E283E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {938F351A-AB3B-4644-BF4E-7CB04F91F00B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7F9F4E4-D8AC-4486-A72E-95305FB7E51F} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (Pas de fichier)
Task: {CAF51CDD-D310-46AF-917D-837F7362E7D1} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> )
Task: {80AF095A-7F70-4136-AA17-C3BA95A186F4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{04f99382-2f75-44ea-8b47-05b0546f0ef3}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{81296226-68dc-4b29-96bd-dd756212f41b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{81296226-68dc-4b29-96bd-dd756212f41b}\6427565626F687: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sophi\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\sophi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
Edge Extension: (Edge relevant text changes) - C:\Users\sophi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-30]
FireFox:
========
FF DefaultProfile: jgyun8ak.default
FF ProfilePath: C:\Users\sophi\AppData\Roaming\Mozilla\Firefox\Profiles\jgyun8ak.default [2023-01-18]
FF Extension: (Français Language Pack) - C:\Users\sophi\AppData\Roaming\Mozilla\Firefox\Profiles\jgyun8ak.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2020-04-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-04-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default [2024-04-16]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=ext-chrome-sb
CHR DefaultSearchKeyword: Default -> www.qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (Adobe Acrobat : outils de modif., de conversion et de signature de PDF) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-22]
CHR Extension: (Qwant) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2022-12-28]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2024-04-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-16]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-10-15]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-04-02]
CHR Notifications: Profile 1 -> hxxps://ozecollege.yvelines.fr; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR Extension: (Google Traduction) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-02-23]
CHR Extension: (Mount Everest (1440+ x 900+)) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnlehkcgeooloejojajmeolmhiaeoiej [2024-03-04]
CHR Extension: (Adobe Acrobat : outils de modif., de conversion et de signature de PDF) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-21]
CHR Extension: (Google Docs hors connexion) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-22]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-02-25]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-24]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-16]
CHR HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-04-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14221312 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
S2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2023-12-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-04-19] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 GoogleUpdaterInternalService125.0.6407.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6407.0\updater.exe [4782880 2024-04-08] (Google LLC -> Google LLC)
S2 GoogleUpdaterService125.0.6407.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6407.0\updater.exe [4782880 2024-04-08] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [891328 2024-02-01] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [889896 2024-02-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [886824 2024-02-01] (HP Inc. -> HP Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [890408 2024-02-01] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-07] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-01] (Malwarebytes Inc. -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18035512 2023-10-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3383944 2021-04-27] (BattlEye Innovations e.K. -> )
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé]
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [457768 2022-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R1 cbfsconnect2017; C:\Windows\system32\drivers\cbfsconnect2017.sys [481296 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [2382784 2021-04-27] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [54408 2021-04-28] (GN Netcom A/S -> QTI Ltd)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20496 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-16] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-16 17:50 - 2024-04-16 17:58 - 000028898 _____ C:\Users\sophi\Desktop\FRST.txt
2024-04-16 17:48 - 2024-04-16 17:55 - 000000000 ____D C:\FRST
2024-04-16 17:46 - 2024-04-16 17:46 - 002394112 _____ (Farbar) C:\Users\sophi\Desktop\FRST64.exe
2024-04-12 12:23 - 2024-04-12 12:23 - 000002487 _____ C:\Users\Public\Desktop\pCloud Drive.lnk
2024-04-12 12:23 - 2024-04-12 12:23 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\pCloud Drive.lnk
2024-04-12 12:22 - 2024-04-12 12:23 - 000000000 ____D C:\Program Files\pCloud Drive
2024-04-11 21:06 - 2024-04-11 21:06 - 000809482 _____ C:\WINDOWS\system32\perfh00C.dat
2024-04-11 21:06 - 2024-04-11 21:06 - 000156934 _____ C:\WINDOWS\system32\perfc00C.dat
2024-04-11 18:43 - 2024-04-11 18:43 - 000226164 _____ C:\Users\sophi\Downloads\Conditions_particulières.pdf
2024-04-11 13:46 - 2024-04-11 13:46 - 001547681 _____ C:\Users\sophi\Downloads\passenger_3.pdf
2024-04-11 13:46 - 2024-04-11 13:46 - 001547437 _____ C:\Users\sophi\Downloads\passenger_2.pdf
2024-04-11 13:45 - 2024-04-11 13:45 - 001547533 _____ C:\Users\sophi\Downloads\passenger_1.pdf
2024-04-10 18:29 - 2024-04-10 18:29 - 000178476 _____ C:\Users\sophi\Downloads\CONDITIONS_PARTICULIERES_MRH_MA_MAISON.pdf
2024-04-05 19:07 - 2024-04-05 19:07 - 000367950 _____ C:\Users\sophi\Downloads\do_0_3_0_0_fac-acquittee-dumas-66102fd26bf2d.pdf
2024-04-05 19:05 - 2024-04-05 19:05 - 000888608 _____ C:\Users\sophi\Documents\certificat scolarité eleonore.pdf
2024-04-05 19:05 - 2024-04-05 19:05 - 000367950 _____ C:\Users\sophi\Documents\FAC-ACQUITTEE-DUMAS.pdf
2024-04-05 19:05 - 2024-04-05 19:05 - 000023586 _____ C:\Users\sophi\Documents\ATT_VOY_SCO_DUMAS_402.pdf
2024-04-04 20:25 - 2024-04-04 20:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-04-03 13:27 - 2024-04-03 13:27 - 000100602 _____ C:\Users\sophi\Downloads\Recu-Transaction-424630 (1).pdf
2024-04-03 13:24 - 2024-04-03 13:24 - 000106699 _____ C:\Users\sophi\Downloads\20240403132408-J3B7e9.pdf
2024-04-03 13:23 - 2024-04-03 13:23 - 000106722 _____ C:\Users\sophi\Downloads\20240403132307-J4S7O9.pdf
2024-04-01 20:48 - 2024-04-01 20:48 - 000001792 _____ C:\Users\sophi\Documents\Malwarebytes Compte-rendu d'analyse 2024-04-01 171545.txt
2024-04-01 20:44 - 2024-04-01 20:44 - 000006659 _____ C:\Users\sophi\Documents\AdwCleaner[C00].txt
2024-04-01 16:59 - 2024-04-16 18:09 - 000000000 ____D C:\Users\sophi\AppData\Local\Malwarebytes
2024-04-01 16:58 - 2024-04-01 16:58 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-04-01 16:58 - 2024-04-01 16:58 - 000002085 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-04-01 16:54 - 2024-04-01 16:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-04-01 16:54 - 2024-04-01 16:54 - 000000000 ____D C:\Program Files\Malwarebytes
2024-04-01 16:53 - 2024-04-01 16:53 - 002589624 _____ (Malwarebytes) C:\Users\sophi\Desktop\MBSetup.exe
2024-04-01 16:31 - 2024-04-01 16:51 - 000000000 ____D C:\AdwCleaner
2024-04-01 16:25 - 2024-04-01 16:25 - 008790880 _____ (Malwarebytes) C:\Users\sophi\Desktop\adwcleaner_8.4.2.exe
2024-04-01 16:23 - 2024-04-01 16:23 - 000005975 _____ C:\Users\sophi\Documents\ZHPCleaner.txt
2024-04-01 15:59 - 2024-04-01 15:59 - 000013721 _____ C:\Users\sophi\Desktop\ZHPCleaner (R).html
2024-04-01 15:59 - 2024-04-01 15:59 - 000005961 _____ C:\Users\sophi\Desktop\ZHPCleaner (R).txt
2024-04-01 15:48 - 2024-04-01 15:48 - 000013280 _____ C:\Users\sophi\Desktop\ZHPCleaner (S).html
2024-04-01 15:48 - 2024-04-01 15:48 - 000005671 _____ C:\Users\sophi\Desktop\ZHPCleaner (S).txt
2024-04-01 15:27 - 2024-04-01 15:27 - 000000879 _____ C:\Users\sophi\Desktop\ZHPCleaner.lnk
2024-04-01 15:26 - 2024-04-01 15:26 - 003364000 _____ (Nicolas Coolman) C:\Users\sophi\Downloads\ZHPCleaner.exe
2024-04-01 13:22 - 2024-04-16 13:27 - 000224530 _____ C:\Users\sophi\Desktop\ZHPDiag.txt
2024-04-01 13:02 - 2024-04-16 13:27 - 000000000 ____D C:\Users\sophi\AppData\Roaming\ZHP
2024-04-01 13:02 - 2024-04-16 12:47 - 000000869 _____ C:\Users\sophi\Desktop\ZHPSuite.lnk
2024-04-01 13:02 - 2024-04-01 15:27 - 000000000 ____D C:\Users\sophi\AppData\Local\ZHP
2024-04-01 13:00 - 2024-04-01 13:00 - 003538592 _____ (Nicolas Coolman) C:\Users\sophi\Desktop\ZHPSuite.exe
2024-03-29 17:24 - 2024-03-29 17:24 - 000312628 _____ C:\Users\sophi\Downloads\Réunion avant départ mars 2024 (1).pdf
2024-03-27 22:15 - 2024-03-27 22:15 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-03-27 21:48 - 2024-03-27 21:48 - 000024320 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-27 21:37 - 2024-03-27 21:37 - 000024320 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-24 19:44 - 2024-03-24 19:44 - 000312628 _____ C:\Users\sophi\Downloads\Réunion avant départ mars 2024.pdf
2024-03-22 21:53 - 2024-03-22 21:53 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn (3).pdf
2024-03-22 21:53 - 2024-03-22 21:53 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn (2).pdf
2024-03-22 21:51 - 2024-03-22 21:51 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn.pdf
2024-03-22 21:51 - 2024-03-22 21:51 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn (1).pdf
2024-03-22 19:29 - 2024-03-22 19:29 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\MMC
2024-03-18 23:26 - 2024-03-18 23:26 - 025320090 _____ C:\Users\sophi\Downloads\Beige Illustrated History Presentation.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-16 18:04 - 2020-05-03 15:31 - 000000000 ___RD C:\Users\sophi\Photos
2024-04-16 17:39 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-16 15:36 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-16 15:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-16 13:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-16 13:36 - 2020-03-13 03:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-16 12:52 - 2020-06-23 21:00 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-16 12:52 - 2020-06-23 21:00 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-16 12:37 - 2020-04-30 11:42 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-16 12:37 - 2020-04-30 11:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-16 12:26 - 2022-10-06 23:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-13 21:32 - 2020-05-01 20:51 - 000000000 ____D C:\Users\sophi\AppData\Roaming\KeePass
2024-04-13 16:53 - 2022-10-13 17:38 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-04-13 16:53 - 2022-10-13 17:38 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-04-13 16:53 - 2022-10-07 00:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-13 14:30 - 2022-10-07 00:40 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3746652675-2717016677-3473575924-1001
2024-04-13 14:30 - 2022-10-07 00:40 - 000003410 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3746652675-2717016677-3473575924-1001
2024-04-13 14:30 - 2021-02-25 14:54 - 000002425 _____ C:\Users\sophi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-13 09:45 - 2020-04-30 20:12 - 000000000 ____D C:\Users\sophi\AppData\Local\pCloud
2024-04-12 18:31 - 2020-05-12 13:45 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\Excel
2024-04-12 18:31 - 2020-04-30 12:41 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\Word
2024-04-12 12:25 - 2020-03-13 05:21 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-12 08:09 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-04-12 07:49 - 2020-05-02 17:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-04-12 07:48 - 2022-10-07 00:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-12 07:48 - 2021-02-25 14:46 - 000012288 ___SH C:\DumpStack.log.tmp
2024-04-11 21:09 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-04-11 21:06 - 2022-10-07 00:20 - 001803986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-11 21:01 - 2022-10-06 23:45 - 000700688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-11 20:56 - 2022-10-06 23:57 - 000000000 ____D C:\Users\sophi
2024-04-11 20:54 - 2023-10-16 03:13 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-11 19:29 - 2020-05-01 17:32 - 000000000 ____D C:\Users\sophi\Documents\Edouard
2024-04-10 18:01 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-10 17:39 - 2022-10-06 23:52 - 003213824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-10 17:22 - 2020-05-01 00:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-10 17:08 - 2020-05-01 00:21 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-10 14:35 - 2020-05-05 08:57 - 000000000 ____D C:\Users\sophi\AppData\Local\CrashDumps
2024-04-10 14:22 - 2020-05-03 16:12 - 000000000 ____D C:\Users\sophi\AppData\Local\D3DSCache
2024-04-06 13:14 - 2020-04-30 11:12 - 000000000 ____D C:\Users\sophi\AppData\Local\Packages
2024-04-06 12:12 - 2020-04-30 11:18 - 000000000 ___RD C:\Users\sophi\OneDrive
2024-04-04 20:26 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-04-04 20:26 - 2020-03-13 05:26 - 000000000 ____D C:\Program Files\Microsoft Office
2024-04-04 16:02 - 2022-10-07 00:40 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 16:02 - 2022-10-07 00:40 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-03 16:58 - 2020-05-07 20:50 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2024-04-01 16:58 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-04-01 16:52 - 2020-05-07 20:57 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Hewlett-Packard
2024-04-01 16:52 - 2020-03-13 05:21 - 000000000 ____D C:\Program Files\Acer
2024-04-01 16:52 - 2020-03-13 05:13 - 000000000 ____D C:\ProgramData\Acer
2024-04-01 16:52 - 2020-03-13 05:13 - 000000000 ____D C:\Program Files (x86)\Acer
2024-04-01 16:51 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-03-31 13:34 - 2021-04-29 12:30 - 000000000 ____D C:\Users\sophi\AppData\Local\ElevatedDiagnostics
2024-03-28 14:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-03-27 22:44 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-27 19:45 - 2024-02-19 16:54 - 000000000 ____D C:\Users\sophi\Documents\Assuarnces
2024-03-27 19:42 - 2020-05-11 21:37 - 000000000 ____D C:\Users\sophi\Documents\Sophie
2024-03-25 20:19 - 2020-04-30 12:18 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\Outlook
2024-03-22 20:14 - 2024-02-08 17:39 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2024-03-22 19:51 - 2024-02-08 17:42 - 000001024 ____H C:\AMTAG.BIN
2024-03-20 21:17 - 2024-02-08 17:40 - 000000000 ____D C:\ProgramData\AOMEIPA
2024-03-20 15:45 - 2024-02-08 17:40 - 000000000 ____D C:\ProgramData\boost_interprocess
==================== Fichiers à la racine de certains dossiers ========
2021-04-19 20:49 - 2021-04-27 18:38 - 000001536 _____ () C:\Users\sophi\AppData\Local\GfxMetrics.cfg
2021-04-27 09:34 - 2021-04-27 18:38 - 000206336 _____ () C:\Users\sophi\AppData\Local\GfxMetrics.dat
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Sophie & Edouard (administrateur) sur LAPTOP-L9H44I0F (Acer Aspire A317-32) (16-04-2024 17:50:45)
Exécuté depuis C:\Users\sophi\Desktop\FRST64.exe
Profils chargés: Sophie & Edouard
Plate-forme: Microsoft Windows 11 Famille Version 23H2 22631.3447 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\ai.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\msedgewebview2.exe <6>
(DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(explorer.exe ->) (Open Source Developer, Dominik Reichl -> Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(explorer.exe ->) (pCloud International AG -> ) C:\Program Files\pCloud Drive\pCloud.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_2461d914696db722\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5c7915eb6b4ff35a\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_5c7915eb6b4ff35a\IntelCpHeciSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11030.15001.0_x64__8wekyb3d8bbwe\PhotosService\PhotosService.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11030.15001.0_x64__8wekyb3d8bbwe\PhotosApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\sophi\AppData\Local\Microsoft\OneDrive\24.062.0326.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.450.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LockScreenContentServer.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [1140000 2020-07-30] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [3302288 2024-02-04] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [SoundTouch Music Server] => C:\Program Files (x86)\SoundTouch\SoundTouchMusicServer\SoundTouch Music Server.lnk [2195 2023-06-30] () [Fichier non signé]
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\123.0.2420.97\Installer\setup.exe [7146552 2024-04-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3770504 2017-04-06] (Hewlett Packard -> HP Inc.)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [391416 2024-03-27] (pCloud International AG -> )
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\Run: [MicrosoftEdgeAutoLaunch_6A41901817C056632CE6DFD9A04A243A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-04-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\MountPoints2: {64fa9c78-d728-11ee-950e-e4aaea629772} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\MountPoints2: {a93a2210-1375-11ee-94d7-da63339deae9} - "E:\OnePlus_setup.exe" /s
HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\...\MountPoints2: {f8b03afa-3ce2-11ec-9457-08979890861c} - "E:\OnePlus_setup.exe" /s
HKLM\...\Print\Monitors\HP C511 Status Monitor: C:\WINDOWS\system32\hpinkstsC511LM.dll [333496 2012-12-16] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\...\Print\Monitors\HP DC11 Status Monitor: C:\WINDOWS\system32\hpinkstsDC11LM.dll [391984 2019-03-15] (HP Inc -> HP Inc.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP ENVY 4500 series): C:\WINDOWS\system32\HPDiscoPMC511.dll [763912 2014-07-21] (Hewlett Packard -> Hewlett-Packard Development Company, LP)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.123\Installer\chrmstp.exe [2024-04-16] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.92\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\sophi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2021-01-16]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
BootExecute:
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {D2CC7121-7B32-4951-9B1A-17B475EBF6ED} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe -> C:\Program Files (x86)\Acer\Care Center\-auto
Task: {B4463785-BEDB-440D-9C2A-A070D0E38217} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {B1B86CB4-A120-4083-A524-B2C4967C1D71} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.)
Task: {CD73C03B-E759-45A8-9E65-58C199929B8D} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem125.0.6407.0{0CFF8C33-EAD7-40AF-9AC2-349C457C0D98} => C:\Program Files (x86)\Google\GoogleUpdater\125.0.6407.0\updater.exe [4782880 2024-04-08] (Google LLC -> Google LLC)
Task: {A01BC6DC-600C-4C43-B5C8-4D4616063CA2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-02-01] (HP Inc. -> HP Inc.)
Task: {FD604A57-F0CC-49FA-BCEC-53A7B420A961} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-02-01] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {3A645633-A258-443A-AFEB-A9FD49F2CCFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1161264 2024-02-01] (HP Inc. -> HP Inc.)
Task: {AC57FA0B-CB97-4938-B577-49DDE4FAB6EF} - System32\Tasks\HPCustParticipation HP ENVY 4520 series => C:\Program Files\HP\HP ENVY 4520 series\Bin\HPCustPartic.exe [6438536 2017-04-06] (Hewlett Packard -> HP Inc.)
Task: {DE8DB9BE-545F-4BD1-882D-D273FE61915A} - System32\Tasks\HPEA3JOBS => C:\Program -> Files\HP\HP ePrint\hpeprint.exe /CheckJobs
Task: {1DF5A552-2403-4B8B-A19A-6E6480B03A4F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452976 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {45583234-227C-4A79-9AFD-5EEB59B1E08A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28452976 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
Task: {921C5340-6B28-42C8-9536-E5C1A38E5FCA} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4EB3236B-AA86-49BA-83A8-1DD6229EE424} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309696 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {782E87E7-6E14-47D1-B73C-51C3934BE5D8} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [168488 2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier)
Task: {B5441D91-7741-40A5-ACA2-E148FA1A9106} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier)
Task: {CFE2CB34-A038-4467-AC3B-D1AD926E4B21} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier)
Task: {440ED7F4-815D-4BFF-BF27-BF94B138D47F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FB75C4F3-BD01-463F-BBC1-18A830837628} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AC701E64-3E9A-455F-9868-D999F42E283E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {938F351A-AB3B-4644-BF4E-7CB04F91F00B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MpCmdRun.exe [1654168 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7F9F4E4-D8AC-4486-A72E-95305FB7E51F} - System32\Tasks\Oem\AcerJumpstartTask => "C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe" /default (Pas de fichier)
Task: {CAF51CDD-D310-46AF-917D-837F7362E7D1} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> )
Task: {80AF095A-7F70-4136-AA17-C3BA95A186F4} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [461472 2022-01-03] (Acer Incorporated -> Acer Incorporated)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{04f99382-2f75-44ea-8b47-05b0546f0ef3}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{81296226-68dc-4b29-96bd-dd756212f41b}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{81296226-68dc-4b29-96bd-dd756212f41b}\6427565626F687: [DhcpNameServer] 192.168.0.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\sophi\AppData\Local\Microsoft\Edge\User Data\Default [2024-04-16]
Edge Extension: (Google Docs hors connexion) - C:\Users\sophi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-01]
Edge Extension: (Edge relevant text changes) - C:\Users\sophi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-30]
FireFox:
========
FF DefaultProfile: jgyun8ak.default
FF ProfilePath: C:\Users\sophi\AppData\Roaming\Mozilla\Firefox\Profiles\jgyun8ak.default [2023-01-18]
FF Extension: (Français Language Pack) - C:\Users\sophi\AppData\Roaming\Mozilla\Firefox\Profiles\jgyun8ak.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2020-04-30]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-04-11] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default [2024-04-16]
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://www.qwant.com/?q={searchTerms}&client=ext-chrome-sb
CHR DefaultSearchKeyword: Default -> www.qwant.com
CHR DefaultSuggestURL: Default -> hxxps://api.qwant.com/api/suggest/?q={searchTerms}&client=opensearch
CHR Extension: (Adobe Acrobat : outils de modif., de conversion et de signature de PDF) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-22]
CHR Extension: (Qwant) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2022-12-28]
CHR Extension: (IGRAAL : Cashback & codes promo) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmhkepipobnjllejbafajoemahjejdcm [2024-04-05]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-16]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-10-15]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-04-02]
CHR Notifications: Profile 1 -> hxxps://ozecollege.yvelines.fr; hxxps://www.netflix.com; hxxps://www.youtube.com
CHR Extension: (Google Traduction) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-02-23]
CHR Extension: (Mount Everest (1440+ x 900+)) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bnlehkcgeooloejojajmeolmhiaeoiej [2024-03-04]
CHR Extension: (Adobe Acrobat : outils de modif., de conversion et de signature de PDF) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-03-21]
CHR Extension: (Google Docs hors connexion) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-12-22]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-02-25]
CHR Extension: (Adobe Acrobat : outils de modification, de conversion et de signature de PDF) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2024-02-24]
CHR Extension: (Google Docs hors connexion) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-02-24]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-02-24]
CHR Profile: C:\Users\sophi\AppData\Local\Google\Chrome\User Data\System Profile [2024-04-16]
CHR HKU\S-1-5-21-3746652675-2717016677-3473575924-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [8901968 2021-04-19] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14221312 2024-03-29] (Microsoft Corporation -> Microsoft Corporation)
S2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2023-12-18] (CHENGDU YIWO Tech Development Co., Ltd. -> )
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2021-04-19] (EasyAntiCheat Oy -> Epic Games, Inc)
S2 GoogleUpdaterInternalService125.0.6407.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6407.0\updater.exe [4782880 2024-04-08] (Google LLC -> Google LLC)
S2 GoogleUpdaterService125.0.6407.0; C:\Program Files (x86)\Google\GoogleUpdater\125.0.6407.0\updater.exe [4782880 2024-04-08] (Google LLC -> Google LLC)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [891328 2024-02-01] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [889896 2024-02-01] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [886824 2024-02-01] (HP Inc. -> HP Inc.)
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-08] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [890408 2024-02-01] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-07] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-04-01] (Malwarebytes Inc. -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [18035512 2023-10-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\NisSrv.exe [3199648 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24030.9-0\MsMpEng.exe [133576 2024-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 ACCSvc; "C:\Program Files (x86)\Acer\Care Center\ACCSvc.exe" [X]
S3 QALSvc; "C:\Program Files\Acer\Quick Access Service\QALSvc.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Quick Access Service\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program Service\Framework\UBTService.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [36800 2022-06-02] (Acer Incorporated -> Acer Incorporated)
S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BEDaisy; C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [3383944 2021-04-27] (BattlEye Innovations e.K. -> )
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé]
R1 cbfs20; C:\WINDOWS\System32\drivers\cbfs20.sys [457768 2022-11-09] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc. - www.callback.com)
R1 cbfsconnect2017; C:\Windows\system32\drivers\cbfsconnect2017.sys [481296 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 ddmdrv; C:\WINDOWS\system32\ddmdrv.sys [35760 2023-10-10] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 EasyAntiCheatSys; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.sys [2382784 2021-04-27] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S3 JabraDFU; C:\WINDOWS\System32\Drivers\JabraBcDfuX64.sys [54408 2021-04-28] (GN Netcom A/S -> QTI Ltd)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-04-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-04-01] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [20496 2019-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20936 2024-04-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601376 2024-04-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105760 2024-04-16] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-16 17:50 - 2024-04-16 17:58 - 000028898 _____ C:\Users\sophi\Desktop\FRST.txt
2024-04-16 17:48 - 2024-04-16 17:55 - 000000000 ____D C:\FRST
2024-04-16 17:46 - 2024-04-16 17:46 - 002394112 _____ (Farbar) C:\Users\sophi\Desktop\FRST64.exe
2024-04-12 12:23 - 2024-04-12 12:23 - 000002487 _____ C:\Users\Public\Desktop\pCloud Drive.lnk
2024-04-12 12:23 - 2024-04-12 12:23 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\pCloud Drive.lnk
2024-04-12 12:22 - 2024-04-12 12:23 - 000000000 ____D C:\Program Files\pCloud Drive
2024-04-11 21:06 - 2024-04-11 21:06 - 000809482 _____ C:\WINDOWS\system32\perfh00C.dat
2024-04-11 21:06 - 2024-04-11 21:06 - 000156934 _____ C:\WINDOWS\system32\perfc00C.dat
2024-04-11 18:43 - 2024-04-11 18:43 - 000226164 _____ C:\Users\sophi\Downloads\Conditions_particulières.pdf
2024-04-11 13:46 - 2024-04-11 13:46 - 001547681 _____ C:\Users\sophi\Downloads\passenger_3.pdf
2024-04-11 13:46 - 2024-04-11 13:46 - 001547437 _____ C:\Users\sophi\Downloads\passenger_2.pdf
2024-04-11 13:45 - 2024-04-11 13:45 - 001547533 _____ C:\Users\sophi\Downloads\passenger_1.pdf
2024-04-10 18:29 - 2024-04-10 18:29 - 000178476 _____ C:\Users\sophi\Downloads\CONDITIONS_PARTICULIERES_MRH_MA_MAISON.pdf
2024-04-05 19:07 - 2024-04-05 19:07 - 000367950 _____ C:\Users\sophi\Downloads\do_0_3_0_0_fac-acquittee-dumas-66102fd26bf2d.pdf
2024-04-05 19:05 - 2024-04-05 19:05 - 000888608 _____ C:\Users\sophi\Documents\certificat scolarité eleonore.pdf
2024-04-05 19:05 - 2024-04-05 19:05 - 000367950 _____ C:\Users\sophi\Documents\FAC-ACQUITTEE-DUMAS.pdf
2024-04-05 19:05 - 2024-04-05 19:05 - 000023586 _____ C:\Users\sophi\Documents\ATT_VOY_SCO_DUMAS_402.pdf
2024-04-04 20:25 - 2024-04-04 20:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-04-03 13:27 - 2024-04-03 13:27 - 000100602 _____ C:\Users\sophi\Downloads\Recu-Transaction-424630 (1).pdf
2024-04-03 13:24 - 2024-04-03 13:24 - 000106699 _____ C:\Users\sophi\Downloads\20240403132408-J3B7e9.pdf
2024-04-03 13:23 - 2024-04-03 13:23 - 000106722 _____ C:\Users\sophi\Downloads\20240403132307-J4S7O9.pdf
2024-04-01 20:48 - 2024-04-01 20:48 - 000001792 _____ C:\Users\sophi\Documents\Malwarebytes Compte-rendu d'analyse 2024-04-01 171545.txt
2024-04-01 20:44 - 2024-04-01 20:44 - 000006659 _____ C:\Users\sophi\Documents\AdwCleaner[C00].txt
2024-04-01 16:59 - 2024-04-16 18:09 - 000000000 ____D C:\Users\sophi\AppData\Local\Malwarebytes
2024-04-01 16:58 - 2024-04-01 16:58 - 000002097 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-04-01 16:58 - 2024-04-01 16:58 - 000002085 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-04-01 16:54 - 2024-04-01 16:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-04-01 16:54 - 2024-04-01 16:54 - 000000000 ____D C:\Program Files\Malwarebytes
2024-04-01 16:53 - 2024-04-01 16:53 - 002589624 _____ (Malwarebytes) C:\Users\sophi\Desktop\MBSetup.exe
2024-04-01 16:31 - 2024-04-01 16:51 - 000000000 ____D C:\AdwCleaner
2024-04-01 16:25 - 2024-04-01 16:25 - 008790880 _____ (Malwarebytes) C:\Users\sophi\Desktop\adwcleaner_8.4.2.exe
2024-04-01 16:23 - 2024-04-01 16:23 - 000005975 _____ C:\Users\sophi\Documents\ZHPCleaner.txt
2024-04-01 15:59 - 2024-04-01 15:59 - 000013721 _____ C:\Users\sophi\Desktop\ZHPCleaner (R).html
2024-04-01 15:59 - 2024-04-01 15:59 - 000005961 _____ C:\Users\sophi\Desktop\ZHPCleaner (R).txt
2024-04-01 15:48 - 2024-04-01 15:48 - 000013280 _____ C:\Users\sophi\Desktop\ZHPCleaner (S).html
2024-04-01 15:48 - 2024-04-01 15:48 - 000005671 _____ C:\Users\sophi\Desktop\ZHPCleaner (S).txt
2024-04-01 15:27 - 2024-04-01 15:27 - 000000879 _____ C:\Users\sophi\Desktop\ZHPCleaner.lnk
2024-04-01 15:26 - 2024-04-01 15:26 - 003364000 _____ (Nicolas Coolman) C:\Users\sophi\Downloads\ZHPCleaner.exe
2024-04-01 13:22 - 2024-04-16 13:27 - 000224530 _____ C:\Users\sophi\Desktop\ZHPDiag.txt
2024-04-01 13:02 - 2024-04-16 13:27 - 000000000 ____D C:\Users\sophi\AppData\Roaming\ZHP
2024-04-01 13:02 - 2024-04-16 12:47 - 000000869 _____ C:\Users\sophi\Desktop\ZHPSuite.lnk
2024-04-01 13:02 - 2024-04-01 15:27 - 000000000 ____D C:\Users\sophi\AppData\Local\ZHP
2024-04-01 13:00 - 2024-04-01 13:00 - 003538592 _____ (Nicolas Coolman) C:\Users\sophi\Desktop\ZHPSuite.exe
2024-03-29 17:24 - 2024-03-29 17:24 - 000312628 _____ C:\Users\sophi\Downloads\Réunion avant départ mars 2024 (1).pdf
2024-03-27 22:15 - 2024-03-27 22:15 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs
2024-03-27 21:48 - 2024-03-27 21:48 - 000024320 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-27 21:37 - 2024-03-27 21:37 - 000024320 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-24 19:44 - 2024-03-24 19:44 - 000312628 _____ C:\Users\sophi\Downloads\Réunion avant départ mars 2024.pdf
2024-03-22 21:53 - 2024-03-22 21:53 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn (3).pdf
2024-03-22 21:53 - 2024-03-22 21:53 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn (2).pdf
2024-03-22 21:51 - 2024-03-22 21:51 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn.pdf
2024-03-22 21:51 - 2024-03-22 21:51 - 000029011 _____ C:\Users\sophi\Downloads\20240320_COM_ENT Blog_Semaine des langues_The Strange Story of Finn (1).pdf
2024-03-22 19:29 - 2024-03-22 19:29 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\MMC
2024-03-18 23:26 - 2024-03-18 23:26 - 025320090 _____ C:\Users\sophi\Downloads\Beige Illustrated History Presentation.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-04-16 18:04 - 2020-05-03 15:31 - 000000000 ___RD C:\Users\sophi\Photos
2024-04-16 17:39 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-04-16 15:36 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-04-16 15:36 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-04-16 13:50 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-04-16 13:36 - 2020-03-13 03:54 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-04-16 12:52 - 2020-06-23 21:00 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-04-16 12:52 - 2020-06-23 21:00 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-04-16 12:37 - 2020-04-30 11:42 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-04-16 12:37 - 2020-04-30 11:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-04-16 12:26 - 2022-10-06 23:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-04-13 21:32 - 2020-05-01 20:51 - 000000000 ____D C:\Users\sophi\AppData\Roaming\KeePass
2024-04-13 16:53 - 2022-10-13 17:38 - 000002077 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-04-13 16:53 - 2022-10-13 17:38 - 000002065 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-04-13 16:53 - 2022-10-07 00:40 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-04-13 14:30 - 2022-10-07 00:40 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3746652675-2717016677-3473575924-1001
2024-04-13 14:30 - 2022-10-07 00:40 - 000003410 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3746652675-2717016677-3473575924-1001
2024-04-13 14:30 - 2021-02-25 14:54 - 000002425 _____ C:\Users\sophi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-04-13 09:45 - 2020-04-30 20:12 - 000000000 ____D C:\Users\sophi\AppData\Local\pCloud
2024-04-12 18:31 - 2020-05-12 13:45 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\Excel
2024-04-12 18:31 - 2020-04-30 12:41 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\Word
2024-04-12 12:25 - 2020-03-13 05:21 - 000000000 ____D C:\ProgramData\Package Cache
2024-04-12 08:09 - 2022-05-07 07:22 - 000000000 ____D C:\WINDOWS\INF
2024-04-12 07:49 - 2020-05-02 17:11 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2024-04-12 07:48 - 2022-10-07 00:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-04-12 07:48 - 2021-02-25 14:46 - 000012288 ___SH C:\DumpStack.log.tmp
2024-04-11 21:09 - 2022-05-07 07:17 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2024-04-11 21:06 - 2022-10-07 00:20 - 001803986 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-04-11 21:01 - 2022-10-06 23:45 - 000700688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-04-11 20:56 - 2022-10-06 23:57 - 000000000 ____D C:\Users\sophi
2024-04-11 20:54 - 2023-10-16 03:13 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SystemResources
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-04-11 20:54 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-04-11 19:29 - 2020-05-01 17:32 - 000000000 ____D C:\Users\sophi\Documents\Edouard
2024-04-10 18:01 - 2022-05-07 07:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-04-10 17:39 - 2022-10-06 23:52 - 003213824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-04-10 17:22 - 2020-05-01 00:22 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-04-10 17:08 - 2020-05-01 00:21 - 192651728 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-04-10 14:35 - 2020-05-05 08:57 - 000000000 ____D C:\Users\sophi\AppData\Local\CrashDumps
2024-04-10 14:22 - 2020-05-03 16:12 - 000000000 ____D C:\Users\sophi\AppData\Local\D3DSCache
2024-04-06 13:14 - 2020-04-30 11:12 - 000000000 ____D C:\Users\sophi\AppData\Local\Packages
2024-04-06 12:12 - 2020-04-30 11:18 - 000000000 ___RD C:\Users\sophi\OneDrive
2024-04-04 20:26 - 2022-05-07 07:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-04-04 20:26 - 2020-03-13 05:26 - 000000000 ____D C:\Program Files\Microsoft Office
2024-04-04 16:02 - 2022-10-07 00:40 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-04-04 16:02 - 2022-10-07 00:40 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-04-03 16:58 - 2020-05-07 20:50 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2024-04-01 16:58 - 2022-05-07 07:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-04-01 16:52 - 2020-05-07 20:57 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Hewlett-Packard
2024-04-01 16:52 - 2020-03-13 05:21 - 000000000 ____D C:\Program Files\Acer
2024-04-01 16:52 - 2020-03-13 05:13 - 000000000 ____D C:\ProgramData\Acer
2024-04-01 16:52 - 2020-03-13 05:13 - 000000000 ____D C:\Program Files (x86)\Acer
2024-04-01 16:51 - 2021-06-05 14:10 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2024-03-31 13:34 - 2021-04-29 12:30 - 000000000 ____D C:\Users\sophi\AppData\Local\ElevatedDiagnostics
2024-03-28 14:04 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2024-03-27 22:44 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\system32\DDFs
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-03-27 22:15 - 2022-05-07 07:24 - 000000000 ____D C:\WINDOWS\Provisioning
2024-03-27 19:45 - 2024-02-19 16:54 - 000000000 ____D C:\Users\sophi\Documents\Assuarnces
2024-03-27 19:42 - 2020-05-11 21:37 - 000000000 ____D C:\Users\sophi\Documents\Sophie
2024-03-25 20:19 - 2020-04-30 12:18 - 000000000 ____D C:\Users\sophi\AppData\Roaming\Microsoft\Outlook
2024-03-22 20:14 - 2024-02-08 17:39 - 000000000 ____D C:\Program Files (x86)\AOMEI Partition Assistant
2024-03-22 19:51 - 2024-02-08 17:42 - 000001024 ____H C:\AMTAG.BIN
2024-03-20 21:17 - 2024-02-08 17:40 - 000000000 ____D C:\ProgramData\AOMEIPA
2024-03-20 15:45 - 2024-02-08 17:40 - 000000000 ____D C:\ProgramData\boost_interprocess
==================== Fichiers à la racine de certains dossiers ========
2021-04-19 20:49 - 2021-04-27 18:38 - 000001536 _____ () C:\Users\sophi\AppData\Local\GfxMetrics.cfg
2021-04-27 09:34 - 2021-04-27 18:38 - 000206336 _____ () C:\Users\sophi\AppData\Local\GfxMetrics.dat
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================