Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-12-2023
Ran by HP (administrator) on DESKTOP-PT40IUP (HP HP EliteBook 820 G3) (11-12-2023 14:06:38)
Running from C:\Users\HP\Desktop\FRST64.exe
Loaded Profiles: HP
Platform: Microsoft Windows 10 Professionnel Version 22H2 19045.3693 (X64) Language: French (France) -> English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SmartAudio3.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxEM.exe
(DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HotKeyServiceUWP.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPHotkeyNotification.exe
(explorer.exe ->) () [File not signed] [File is in use] C:\ProgramData\Systeme\Systeme.exe
(explorer.exe ->) (Figma, Inc. -> ) C:\Users\HP\AppData\Local\FigmaAgent\figma_agent.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.109.3209.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <6>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Winfiles\bin\javaw.exe
(services.exe ->) (Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAudioAnalytics.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_38cfab2b652e4701\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_c2ac023763d5d3ad\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_51f685305808e3a5\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_cad1db73e8c782a6\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Synaptics Incorporated -> Conexant Systems, Inc) C:\Windows\CxSvc\CxMonSvc.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2348.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Conexant Systems LLC -> Conexant) C:\Windows\System32\MicTray64.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_11.2310.8.0_x64__8wekyb3d8bbwe\Microsoft.Media.Player.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [124599048 2021-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (No File)
HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2591152 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\Run: [Rave] => "C:\Users\HP\AppData\Local\Programs\rave-desktop\Rave.exe" --hidden (No File)
HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\Run: [Figma Agent] => C:\Users\HP\AppData\Local\FigmaAgent\figma_agent.exe [6806072 2023-11-29] (Figma, Inc. -> )
HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\Run: [Poisson18] => C:\ProgramData\Systeme\Systeme.exe [742871 2012-08-02] () [File not signed] [File is in use]
HKU\S-1-5-21-1312067145-2974934266-877005598-1002\...\Run: [MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788736 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1312067145-2974934266-877005598-1009\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2591152 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1312067145-2974934266-877005598-1009\...\Run: [com.squirrel.Teams.Teams] => C:\Users\Open Session\AppData\Local\Microsoft\Teams\Update.exe [2588520 2023-07-21] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-1312067145-2974934266-877005598-1009\...\Run: [MicrosoftEdgeAutoLaunch_AE21A4DAD83C3A5DEABED54CF6328954] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3788736 2023-12-07] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\119.0.6045.200\Installer\chrmstp.exe [2023-12-08] (Google LLC -> Google LLC)
IFEO\osppsvc.exe: [VerifierDlls] SppExtComObjHook.dll
IFEO\SppExtComObj.exe: [VerifierDlls] SppExtComObjHook.dll
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Winexe.exe [2022-05-08] () [File not signed] [File is in use]
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Winfiles [2023-08-02]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {6C1718F7-0D14-4952-B4F4-2D8DDA61037C} - System32\Tasks\AdobeAAMUpdater-1.0-DESKTOP-PT40IUP-HP => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe  -mode=scheduled (No File)
Task: {2C895760-F32C-4737-971E-FDF856513E9D} - System32\Tasks\GoogleUpdateTaskMachineCore{C2D32985-3EDB-4D54-9C20-A2A856012C75} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-29] (Google LLC -> Google LLC)
Task: {EAE8172B-CD32-424B-BEB6-D665A97DE241} - System32\Tasks\GoogleUpdateTaskMachineUA{444DDEE2-7D5E-4FA8-BD2D-307A4C2B9ADA} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-01-29] (Google LLC -> Google LLC)
Task: {47ABC58E-1904-4AE7-B973-C2457BE92BCE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {73317570-3E3A-41A7-9800-0888F76A3C3D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5E4936BA-956E-4E56-A81E-2E440DF6F4AD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {93FF7178-5487-4ED1-BB1D-A4ACE0AA5558} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {499428E7-0F04-4B33-BCE1-6AF71C39238E} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-10] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF44BDBC-009B-4BB1-B234-C31E425612A4} - System32\Tasks\Microsoft\Windows\Conexant\MicTray => C:\Windows\System32\MicTray64.exe [2938448 2020-07-02] (Conexant Systems LLC -> Conexant)
Task: {8589B25E-89B7-44D8-99F7-67CEE7B6B110} - System32\Tasks\Microsoft\Windows\Conexant\SA3 => C:\Program Files\CONEXANT\SA3\HP-NB-AIO\SACpl.exe [1832280 2017-06-07] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
Task: {617D1B3E-E0B3-49A8-BE49-9E768E495B64} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9517EACA-16C9-4161-AE08-DED7D1BF8D79} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93282771-FF00-45C3-8149-A2CF1A6F8A49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {09E21A83-7421-4381-BEC4-0D5587B23A6B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0469EA62-8E50-4F22-AB4B-63200392A021} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-11-16] (Microsoft Windows -> Microsoft Corporation)
Task: {0DC42D0D-23EE-424F-A55B-D56FF7DAB0DC} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {2DE74DD0-6DFE-4793-A331-947E71239118} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1312067145-2974934266-877005598-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {6B277653-28CC-44F9-B0D5-E00F5EC665C2} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1312067145-2974934266-877005598-1009 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130832 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
Task: {D6119940-D488-4A3F-9316-D87F5713FBD9} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1312067145-2974934266-877005598-500 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe  /reporting (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{557d8b78-19a9-4113-82fd-1b6f8ab107a6}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e37c14fb-c5e8-4a06-a11c-93c2d8583fab}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2023-12-11]
Edge Notifications: Default -> hxxps://www.facebook.com; hxxps://www.tiktok.com
Edge Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-08-28]
Edge Extension: (Edge relevant text changes) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-30]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-10] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Profile 4
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-07-30]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 10 [2023-11-26]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-05]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2023-10-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 10\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-25]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-12-08]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-07]
CHR Extension: (Loom â Screen Recorder & Screen Capture) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\liecbddmkiiihnedobmlmillhodjkdmb [2023-05-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-11]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-12-11]
CHR Extension: (PayPal Honey: Automatic Coupons & Cash Back) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2023-11-16]
CHR Extension: (Meta Pixel Helper) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2023-10-06]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-10-17]
CHR Extension: (Read Aloud: A Text to Speech Voice Reader) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hdhinadidafjejdhmfkjgnolgimiaplp [2023-12-02]
CHR Extension: (Voice to Text) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jdcdafhjjjfnkoeilnjmnadadaoehgdc [2023-03-08]
CHR Extension: (ChatGPT for Google) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\jgjaeacdkonaoafenlfkkkmbaopkbilf [2023-12-08]
CHR Extension: (Grammarly: Grammar Checker and AI Writing App) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2023-12-08]
CHR Extension: (AVG Online Security) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nbmoafcmbajniiapeidgficgifbfmjfo [2023-02-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-11]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2023-10-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 CxMonSvc; C:\Windows\CxSvc\CxMonSvc.exe [56496 2020-09-09] (Synaptics Incorporated -> Conexant Systems, Inc)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\23.226.1031.0003\FileSyncHelper.exe [3509792 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
R2 HotKeyServiceUWP; C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HotKeyServiceUWP.exe [1494472 2023-09-13] (HP Inc. -> HP Inc.)
R2 HPAudioAnalytics; C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\HPAudioAnalytics.exe [542664 2023-09-13] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_02c16d71fe8a4b6a\LanWlanWwanSwitchingServiceUWP.exe [606664 2023-09-13] (HP Inc. -> HP Inc.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\23.226.1031.0003\OneDriveUpdaterService.exe [3846064 2023-11-18] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534584 2023-11-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-08] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [280064 2022-10-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [147968 2022-04-15] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 MpKsl99765c1f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55BF7F23-99B7-4F7F-BB57-0137A82FF618}\MpKslDrv.sys [263560 2023-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 MpKsld3cb21a3; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55BF7F23-99B7-4F7F-BB57-0137A82FF618}\MpKslDrv.sys [263560 2023-12-11] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2023-12-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-08] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [40104 2022-06-17] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-11 14:06 - 2023-12-11 14:07 - 000022527 _____ C:\Users\HP\Desktop\FRST.txt
2023-12-11 14:06 - 2023-12-11 14:07 - 000000000 ____D C:\FRST
2023-12-11 14:03 - 2023-12-11 14:03 - 002385408 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2023-12-10 22:24 - 2023-12-10 22:25 - 030906990 _____ C:\Users\HP\Downloads\Marketing Territorial de la Province de MEDIOUNA.pdf
2023-12-10 13:52 - 2023-12-10 13:52 - 000008606 _____ C:\Users\HP\AppData\Local\recently-used.xbel
2023-12-10 01:03 - 2023-12-10 01:03 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2023-12-08 15:05 - 2023-12-08 16:22 - 901392473 _____ C:\Users\HP\Downloads\Ep 6.mp4
2023-12-08 15:04 - 2023-12-08 15:33 - 1391585103 _____ C:\Users\HP\Downloads\Ep 5.mp4
2023-12-08 13:22 - 2023-12-08 13:22 - 000000000 ____D C:\Users\HP\Documents\ModÃ¨les Office personnalisÃ©s
2023-11-25 20:17 - 2023-11-25 20:17 - 000000000 _____ C:\Users\HP\.gtk-bookmarks
2023-11-16 18:47 - 2023-11-16 18:47 - 000000000 ___HD C:\$WinREAgent
2023-11-14 13:31 - 2023-11-14 13:35 - 165503775 _____ C:\Users\HP\Downloads\Ø§ÙØ´ÙØ® Ø³Ø¹Ø¯ Ø§ÙØºØ§ÙØ¯Ù - Ø³ÙØ±Ø© Ø§ÙØ¨ÙØ±Ø© (Ø§ÙÙØ³Ø®Ø© Ø§ÙØ£ØµÙÙØ©)  _ Sheikh Saad Al Ghamdi - Surat Al Baqarah.mp4

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2023-12-11 14:04 - 2022-01-29 19:43 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-11 14:04 - 2021-12-21 18:12 - 000000000 ____D C:\Windows\SystemTemp
2023-12-11 14:00 - 2021-12-21 18:08 - 001770906 _____ C:\Windows\system32\PerfStringBackup.INI
2023-12-11 14:00 - 2019-12-07 15:49 - 000792972 _____ C:\Windows\system32\perfh00C.dat
2023-12-11 14:00 - 2019-12-07 15:49 - 000150102 _____ C:\Windows\system32\perfc00C.dat
2023-12-11 14:00 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-12-11 13:55 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-11 13:53 - 2022-04-27 21:37 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2023-12-11 13:53 - 2022-04-27 21:37 - 000000000 ____D C:\Intel
2023-12-11 13:53 - 2022-01-29 19:43 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2023-12-11 13:53 - 2022-01-28 16:17 - 000000000 ___RD C:\Users\HP\OneDrive
2023-12-11 13:53 - 2022-01-28 16:17 - 000000000 ____D C:\Users\HP
2023-12-11 13:53 - 2021-12-21 17:58 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-11 13:53 - 2021-12-21 17:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-12-11 13:53 - 2021-12-21 17:58 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-12-11 13:53 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2023-12-11 13:23 - 2022-01-28 16:17 - 000000000 ____D C:\Users\HP\AppData\Local\D3DSCache
2023-12-10 22:23 - 2022-01-28 16:17 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2023-12-10 22:09 - 2023-04-28 18:55 - 000000000 ____D C:\Users\HP\Desktop\School Projects
2023-12-10 17:22 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-12-10 13:59 - 2023-03-31 16:13 - 000000000 ____D C:\Users\HP\AppData\Local\babl-0.1
2023-12-10 13:52 - 2023-03-31 21:05 - 000000000 ____D C:\Users\HP\AppData\Local\gtk-2.0
2023-12-10 13:15 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-10 13:14 - 2022-02-02 17:06 - 000000000 ____D C:\Users\HP\AppData\Roaming\hpqLog
2023-12-10 01:04 - 2021-12-21 18:18 - 000000000 ____D C:\Program Files\Microsoft Office
2023-12-10 01:04 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-09 18:31 - 2023-02-10 14:46 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\PowerPoint
2023-12-09 18:31 - 2022-05-13 00:39 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Office
2023-12-09 17:56 - 2022-05-13 00:39 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Word
2023-12-09 14:54 - 2023-04-28 11:44 - 000000000 ____D C:\ProgramData\Systeme
2023-12-08 23:34 - 2021-12-21 17:58 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-08 22:56 - 2021-12-21 17:58 - 000000000 ____D C:\Windows\system32\Drivers\wd
2023-12-08 12:59 - 2022-01-29 19:43 - 000003960 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA{444DDEE2-7D5E-4FA8-BD2D-307A4C2B9ADA}
2023-12-08 12:59 - 2022-01-29 19:43 - 000003836 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore{C2D32985-3EDB-4D54-9C20-A2A856012C75}
2023-12-02 21:03 - 2023-02-15 21:34 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2023-11-28 16:51 - 2022-01-28 16:17 - 000000000 ____D C:\Users\HP\AppData\Local\Publishers
2023-11-28 16:51 - 2021-12-21 18:01 - 000000000 ____D C:\ProgramData\Packages
2023-11-28 16:45 - 2022-01-29 19:42 - 000000000 ____D C:\Users\HP\AppData\Local\PlaceholderTileLogoFolder
2023-11-23 23:07 - 2023-02-17 13:31 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Excel
2023-11-18 15:34 - 2023-03-12 12:52 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1312067145-2974934266-877005598-1009
2023-11-18 15:34 - 2022-01-29 19:42 - 000003592 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1312067145-2974934266-877005598-1002
2023-11-18 15:34 - 2021-12-21 18:21 - 000003194 _____ C:\Windows\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2023-11-18 15:34 - 2021-12-21 18:21 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-11-17 15:45 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-11-17 00:54 - 2019-12-07 10:03 - 001048576 _____ C:\Windows\system32\config\BBI
2023-11-17 00:51 - 2021-12-21 17:58 - 000449288 _____ C:\Windows\system32\FNTCACHE.DAT
2023-11-17 00:49 - 2019-12-07 15:52 - 000000000 ___SD C:\Windows\system32\AppV
2023-11-17 00:49 - 2019-12-07 15:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-11-17 00:49 - 2019-12-07 15:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-11-17 00:49 - 2019-12-07 15:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-11-17 00:49 - 2019-12-07 15:49 - 000000000 ____D C:\Windows\SysWOW64\fr
2023-11-17 00:49 - 2019-12-07 15:49 - 000000000 ____D C:\Windows\system32\fr
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\F12
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\SysWOW64\DiagSvcs
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\UNP
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\F12
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\PrintDialog
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\PerceptionSimulation
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Com
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Sysprep
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\ShellExperiences
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lv-LV
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\lt-LT
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\et-EE
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\es-MX
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Com
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\appraiser
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellComponents
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\Provisioning
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\IME
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-11-17 00:49 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-11-17 00:49 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2023-11-16 19:06 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-11-16 19:05 - 2019-12-07 15:52 - 000023552 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2023-11-16 19:05 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msclmd.dll
2023-11-16 19:05 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2023-11-16 18:58 - 2021-12-21 18:01 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-11-15 00:52 - 2022-01-31 13:26 - 000000000 ____D C:\Windows\system32\MRT
2023-11-15 00:47 - 2022-01-31 13:26 - 182871392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2022-10-05 11:32 - 2023-02-10 18:59 - 000000205 _____ () C:\Users\HP\AppData\Local\oobelibMkey.log
2023-12-10 13:52 - 2023-12-10 13:52 - 000008606 _____ () C:\Users\HP\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================