Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2022
Exécuté par ahmed (administrateur) sur LAPTOP-METDILG9 (LENOVO 80K6) (11-03-2022 16:19:05)
Exécuté depuis C:\Users\ahmed\Desktop\Désinfection
Profils chargés: ahmed
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe
(Cloanto Corporation -> Cloanto Corporation) C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <24>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avid Technology, Inc.) [Fichier non signé] C:\Program Files\Avid\Pro Tools\MMERefresh.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Softube AB -> ) C:\Program Files\Softube\InstallerDaemon\InstallerService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Waves Inc -> Waves Audio Ltd.) C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\WavesLocalServer.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-06-25] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro, Inc. -> GoPro)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CloantoSoftwareDirector] => C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe [413000 2015-11-27] (Cloanto Corporation -> Cloanto Corporation)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [50899640 2020-03-27] (Hammer & Chisel Inc. -> Hammer & Chisel, Inc.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:hxxps://www.bing.com/sea (l'élément de données a 176 caractères en plus).
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {392896c1-88b0-11eb-9d2c-1c394716231b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {b2041cbd-5f57-11ec-9d67-1c394716231b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Google Update] => C:\Users\bayal\AppData\Local\Google\Update\1.3.36.112\GoogleUpdateCore.exe [223816 2021-12-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Discord] => C:\Users\bayal\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [MicrosoftEdgeAutoLaunch_F009F001F93CA8AA0F5CFDE9437E5C3D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\MountPoints2: {5f52280c-caf2-11eb-9d3f-1c394716231b} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-04] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {142327AC-8258-46FF-93F5-C1D75E9A900B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {18F9CC10-FC9F-4789-BD51-E8ADE57B1730} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002Core => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {275228BA-F9B3-482F-841A-5B87BA1EF409} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-12] (Google Inc -> Google Inc.)
Task: {28453859-60A7-466E-A206-ECB8F758F119} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9fd4bbd7-b4b4-46ae-beb1-c620c9555f94 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {36ADA023-E19D-482F-8E6B-B178B158E9AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {372108E9-89F9-4585-B0B3-AE4E42883DB6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5969b65d-5412-4150-983d-fd613923f363 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {3E746C60-0DDA-441E-B950-3B84A4A4A7E6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {45F22FE3-4E2D-4236-AF90-20DD004A4B13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {462355F7-6372-47A4-9A6F-AD3156A14B70} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {48C1F5FA-0EBD-4C1E-A0B2-FCA6C2BC0AB5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ahmed.lasfer@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4D67B00F-675B-44DB-8B53-8D81251C95E7} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe /nobrowser (Pas de fichier)
Task: {5241CB3C-C758-48AD-8FB9-A21895BC88A0} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {62836F18-A518-41BF-B6BA-70F673C3A907} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {690ED484-13C1-4554-8CD0-61F6964AEB2E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {76E4F7F5-B27D-404C-B4E8-50EB6A97836E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002UA => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {7792E9AD-BC49-42EC-8D9D-F1A3FF2DC416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {79ED77FC-06C7-488B-8E6E-76588ADFB979} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9fd2a4ee-e3dd-40c4-8b80-a2b548cb6932 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {7B45F09C-5F48-41F4-AC2A-3BD266AD4EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E98E48F-85CE-41ED-AC19-9D5CD1A06C3B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe (Pas de fichier)
Task: {884B5381-EB78-4FFB-A532-DAAFC77484FB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {89630444-05B9-40F7-A6A4-67054B43F7CE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe -update (Pas de fichier)
Task: {8E8DD805-4C2D-4C7A-B0C5-78D4BE8611A0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A44821B3-7AC6-4C22-A0E8-E603B52977C9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\483e0e54-7cf2-482e-8f10-7119cce42877 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D6E09896-B904-4AEE-9583-22FFD370D139} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D75E9C3B-03C1-4E8D-A2F1-2D6B08EEA02A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4E2BEE3-42D1-4C3E-8200-0CA84EDEBD76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-12] (Google Inc -> Google Inc.)
Task: {F8629717-03C6-42D3-A53A-B945612AE37A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\01340140-96d4-41ff-86e6-7c7f6a2535ab => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ec3b97e7-efd3-4666-8135-6bff281b953c}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-40630279-3267804419-453767322-1001 -> hxxp://www.home-explore.com/
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (AdBlock — best ad blocker) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2021-04-08]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-20]
Edge HomePage: Default -> hxxp://www.home-explore.com/
Edge StartupUrls: Default -> "hxxp://www.home-explore.com/"
Edge DefaultSearchURL: Default -> hxxp://www.home-explore.com/search?q={searchTerms}
Edge DefaultSearchKeyword: Default -> home-explore.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 9x3fa2xi.default-1542460915195
FF ProfilePath: C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195 [2022-03-11]
FF Extension: (Facebook Container) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\@contain-facebook.xpi [2021-08-16]
FF Extension: (Enhancer for YouTube™) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2022-01-20]
FF Extension: (Dictionnaire français) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-05-30]
FF Extension: (To Google Translate) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-03-18]
FF Extension: (AdBlock) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-01-03] [] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default [2021-07-02]
CHR Extension: (Slides) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-26]
CHR Extension: (Docs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-26]
CHR Extension: (Google Drive) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-02]
CHR Extension: (YouTube) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-12]
CHR Extension: (Recherche Google) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-12]
CHR Extension: (Sheets) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-02]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-02]
CHR Extension: (Gmail) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-02]
CHR Extension: (Chrome Media Router) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-02]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools\digisptiservice64.exe [197632 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 SoftubeInstallerDaemon; C:\Program Files\Softube\InstallerDaemon\InstallerService.exe [10284824 2019-07-10] (Softube AB -> )
S2 SystemServices; C:\Program Files\qemu\SystemServices.exe [122368 2020-01-08] () [Fichier non signé] <==== ATTENTION
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Apogee; C:\WINDOWS\System32\drivers\Apogee.sys [351808 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 Apogeeks; C:\WINDOWS\System32\drivers\Apogeeks.sys [53312 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 MpKsl60946e50; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37515ACD-D743-483C-9FAA-AB3BEAEB0657}\MpKslDrv.sys [135440 2022-03-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-11 16:18 - 2022-03-11 16:20 - 000000000 ____D C:\FRST
2022-03-11 11:41 - 2022-03-11 11:41 - 000000000 ____D C:\Users\ahmed\AppData\Local\ZHP
2022-03-11 11:36 - 2022-03-11 16:19 - 000000000 ____D C:\Users\ahmed\Desktop\Désinfection
2022-03-11 10:52 - 2022-03-11 10:52 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 10:51 - 2022-03-11 10:51 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 10:50 - 2022-03-11 10:50 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 10:50 - 2022-03-11 10:50 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 10:49 - 2022-03-11 10:49 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 09:50 - 2022-03-11 11:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-11 09:41 - 2022-03-11 09:41 - 000000000 ___HD C:\$WinREAgent
2022-02-25 18:15 - 2022-02-25 18:15 - 000021239 _____ C:\Users\ahmed\Desktop\Balai aspirateur.pdf
2022-02-25 11:33 - 2022-02-25 11:33 - 000000108 ____H C:\Users\ahmed\Desktop\.~lock.Lien c net.doc#
2022-02-23 18:33 - 2022-02-25 09:56 - 001410028 _____ C:\WINDOWS\Minidump\022322-42062-01.dmp
2022-02-10 20:50 - 2022-02-10 20:50 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-09 12:57 - 2022-02-09 12:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-09 12:57 - 2022-02-09 12:57 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-11 16:20 - 2016-03-30 10:35 - 000000000 ____D C:\Users\Public\Pro Tools
2022-03-11 16:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-11 16:06 - 2020-12-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-11 15:36 - 2016-02-12 19:03 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-11 14:12 - 2020-05-26 07:05 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-03-11 12:34 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-11 12:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-11 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-11 12:09 - 2019-10-20 15:01 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\ZHP
2022-03-11 11:34 - 2016-11-19 18:04 - 000000000 ____D C:\Users\ahmed\AppData\LocalLow\Mozilla
2022-03-11 11:26 - 2020-12-01 00:50 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-11 11:26 - 2019-12-07 15:49 - 000776836 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-11 11:26 - 2019-12-07 15:49 - 000145464 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-11 11:25 - 2020-11-29 19:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-03-11 11:25 - 2015-12-27 12:28 - 000000000 __SHD C:\Users\ahmed\IntelGraphicsProfiles
2022-03-11 11:22 - 2020-12-01 00:26 - 005429120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-11 11:21 - 2020-12-01 01:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-11 11:21 - 2020-12-01 00:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-11 11:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-11 11:21 - 2018-11-17 14:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-11 11:20 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 11:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 11:08 - 2020-10-02 09:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 11:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 10:49 - 2020-12-01 00:31 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 10:32 - 2021-11-24 09:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-11 10:28 - 2018-11-17 14:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-11 10:01 - 2018-05-19 15:46 - 000000000 ____D C:\Users\ahmed\AppData\Local\Adobe
2022-03-11 09:55 - 2021-12-11 10:31 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-40630279-3267804419-453767322-1001
2022-03-11 09:55 - 2020-12-01 01:04 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-40630279-3267804419-453767322-1001
2022-03-11 09:55 - 2020-11-30 22:37 - 000002420 _____ C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-10 07:27 - 2021-01-19 19:21 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c7736cf4350e
2022-03-10 07:27 - 2020-12-01 01:04 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-09 19:55 - 2020-06-14 23:48 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-09 19:55 - 2020-06-14 23:48 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-09 18:35 - 2021-02-03 22:30 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-09 18:29 - 2015-09-17 23:39 - 000956732 ____N C:\WINDOWS\Minidump\030922-75828-01.dmp
2022-03-09 13:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-09 12:10 - 2015-12-27 19:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 11:19 - 2015-12-27 19:53 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-25 09:45 - 2020-11-30 22:37 - 000000000 ____D C:\Users\ahmed
2022-02-23 18:33 - 2021-02-03 22:30 - 989954351 _____ C:\WINDOWS\MEMORY.DMP
2022-02-14 21:06 - 2020-10-02 09:58 - 000600944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-14 21:06 - 2020-10-02 09:58 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-02-10 20:50 - 2019-02-13 23:22 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-10 18:18 - 2018-05-19 16:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
==================== Fichiers à la racine de certains dossiers ========
2020-02-25 19:43 - 2020-02-25 19:43 - 003269504 _____ (Nicolas Coolman) C:\Users\ahmed\ZHPDiag3.exe
2016-01-03 17:27 - 2016-03-31 17:27 - 000001472 _____ () C:\Users\ahmed\AppData\Roaming\LAPTOP-METDILG9.MTBF.txt
2021-12-29 13:52 - 2021-12-29 14:03 - 001040888 _____ () C:\Users\ahmed\AppData\Roaming\TI Connect CE-5.6.3.2278-Installation.log
2015-12-27 20:50 - 2016-01-04 21:50 - 000000134 _____ () C:\Users\ahmed\AppData\Roaming\WB.CFG
2016-01-03 17:27 - 2016-03-31 16:54 - 000000681 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManager.log
2016-01-03 17:27 - 2016-03-31 13:11 - 000000973 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManagerPrevious.log
2021-03-21 21:44 - 2021-03-21 21:44 - 000001001 _____ () C:\Users\ahmed\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par ahmed (administrateur) sur LAPTOP-METDILG9 (LENOVO 80K6) (11-03-2022 16:19:05)
Exécuté depuis C:\Users\ahmed\Desktop\Désinfection
Profils chargés: ahmed
Plate-forme: Microsoft Windows 10 Famille Version 21H1 19043.1586 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCopyAccelerator.exe
(Cloanto Corporation -> Cloanto Corporation) C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <24>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Avid Technology, Inc.) [Fichier non signé] C:\Program Files\Avid\Pro Tools\MMERefresh.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Intel Corporation - Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Software Development Products -> Intel(R) Corporation) C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe
(services.exe ->) (PACE Anti-Piracy, Inc. -> PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(services.exe ->) (Softube AB -> ) C:\Program Files\Softube\InstallerDaemon\InstallerService.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2202.10603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21102.11411.0_x64__8wekyb3d8bbwe\Music.UI.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Waves Inc -> Waves Audio Ltd.) C:\ProgramData\Waves Audio\WavesLocalServer\WavesLocalServer.bundle\Contents\Win64\WavesLocalServer.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3743648 2015-06-25] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation - Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [DigidesignMMERefresh] => C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
HKLM\...\Run: [KeePass 2 PreLoad] => C:\Program Files\KeePass Password Safe 2\KeePass.exe [3160256 2021-05-10] (Open Source Developer, Dominik Reichl -> Dominik Reichl)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro, Inc. -> GoPro)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CloantoSoftwareDirector] => C:\Program Files (x86)\Common Files\Cloanto\Software Director\softdir.exe [413000 2015-11-27] (Cloanto Corporation -> Cloanto Corporation)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [50899640 2020-03-27] (Hammer & Chisel Inc. -> Hammer & Chisel, Inc.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\RunOnce: [Application Restart #2] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session -- microsoft-edge:hxxps://www.bing.com/sea (l'élément de données a 176 caractères en plus).
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {392896c1-88b0-11eb-9d2c-1c394716231b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1001\...\MountPoints2: {b2041cbd-5f57-11ec-9d67-1c394716231b} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Google Update] => C:\Users\bayal\AppData\Local\Google\Update\1.3.36.112\GoogleUpdateCore.exe [223816 2021-12-01] (Google LLC -> Google LLC)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [Discord] => C:\Users\bayal\AppData\Local\Discord\Update.exe [1512096 2021-05-24] (Discord Inc. -> GitHub)
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\Run: [MicrosoftEdgeAutoLaunch_F009F001F93CA8AA0F5CFDE9437E5C3D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window /prefetch:5
HKU\S-1-5-21-40630279-3267804419-453767322-1002\...\MountPoints2: {5f52280c-caf2-11eb-9d3f-1c394716231b} - "F:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [53656 2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\99.0.4844.51\Installer\chrmstp.exe [2022-03-04] (Google LLC -> Google LLC)
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {142327AC-8258-46FF-93F5-C1D75E9A900B} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {18F9CC10-FC9F-4789-BD51-E8ADE57B1730} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002Core => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {275228BA-F9B3-482F-841A-5B87BA1EF409} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-12] (Google Inc -> Google Inc.)
Task: {28453859-60A7-466E-A206-ECB8F758F119} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9fd4bbd7-b4b4-46ae-beb1-c620c9555f94 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {36ADA023-E19D-482F-8E6B-B178B158E9AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-17] (Adobe Inc. -> Adobe Inc.)
Task: {372108E9-89F9-4585-B0B3-AE4E42883DB6} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5969b65d-5412-4150-983d-fd613923f363 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {3E746C60-0DDA-441E-B950-3B84A4A4A7E6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [64256 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {45F22FE3-4E2D-4236-AF90-20DD004A4B13} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {462355F7-6372-47A4-9A6F-AD3156A14B70} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [16832 2015-07-08] (LENOVO -> Lenovo)
Task: {48C1F5FA-0EBD-4C1E-A0B2-FCA6C2BC0AB5} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ahmed.lasfer@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {4D67B00F-675B-44DB-8B53-8D81251C95E7} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe /nobrowser (Pas de fichier)
Task: {5241CB3C-C758-48AD-8FB9-A21895BC88A0} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe -autostart (Pas de fichier)
Task: {62836F18-A518-41BF-B6BA-70F673C3A907} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe backgroundagent (Pas de fichier)
Task: {690ED484-13C1-4554-8CD0-61F6964AEB2E} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {76E4F7F5-B27D-404C-B4E8-50EB6A97836E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-40630279-3267804419-453767322-1002UA => C:\Users\bayal\AppData\Local\Google\Update\GoogleUpdate.exe [153752 2016-08-07] (Google Inc -> Google Inc.)
Task: {7792E9AD-BC49-42EC-8D9D-F1A3FF2DC416} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {79ED77FC-06C7-488B-8E6E-76588ADFB979} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9fd2a4ee-e3dd-40c4-8b80-a2b548cb6932 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {7B45F09C-5F48-41F4-AC2A-3BD266AD4EBF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7E98E48F-85CE-41ED-AC19-9D5CD1A06C3B} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe (Pas de fichier)
Task: {884B5381-EB78-4FFB-A532-DAAFC77484FB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {89630444-05B9-40F7-A6A4-67054B43F7CE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\REACHitAgent.exe -update (Pas de fichier)
Task: {8E8DD805-4C2D-4C7A-B0C5-78D4BE8611A0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {A44821B3-7AC6-4C22-A0E8-E603B52977C9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\483e0e54-7cf2-482e-8f10-7119cce42877 => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
Task: {D6E09896-B904-4AEE-9583-22FFD370D139} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D75E9C3B-03C1-4E8D-A2F1-2D6B08EEA02A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MpCmdRun.exe [925848 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E4E2BEE3-42D1-4C3E-8200-0CA84EDEBD76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-12] (Google Inc -> Google Inc.)
Task: {F8629717-03C6-42D3-A53A-B945612AE37A} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\01340140-96d4-41ff-86e6-7c7f6a2535ab => C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{ec3b97e7-efd3-4666-8135-6bff281b953c}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge HomeButtonPage: HKU\S-1-5-21-40630279-3267804419-453767322-1001 -> hxxp://www.home-explore.com/
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (AdBlock — best ad blocker) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.13.0.0_neutral__c1wakc4j0nefm [2021-04-08]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default [2022-02-20]
Edge HomePage: Default -> hxxp://www.home-explore.com/
Edge StartupUrls: Default -> "hxxp://www.home-explore.com/"
Edge DefaultSearchURL: Default -> hxxp://www.home-explore.com/search?q={searchTerms}
Edge DefaultSearchKeyword: Default -> home-explore.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\ahmed\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-20]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: 9x3fa2xi.default-1542460915195
FF ProfilePath: C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195 [2022-03-11]
FF Extension: (Facebook Container) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\@contain-facebook.xpi [2021-08-16]
FF Extension: (Enhancer for YouTube™) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2022-01-20]
FF Extension: (Dictionnaire français) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-05-30]
FF Extension: (To Google Translate) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2019-03-18]
FF Extension: (AdBlock) - C:\Users\ahmed\AppData\Roaming\Mozilla\Firefox\Profiles\9x3fa2xi.default-1542460915195\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2020-02-05]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2016-01-03] [] [non signé]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.11 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-12-24] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default [2021-07-02]
CHR Extension: (Slides) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-26]
CHR Extension: (Docs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-26]
CHR Extension: (Google Drive) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-02]
CHR Extension: (YouTube) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-12]
CHR Extension: (Recherche Google) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-12]
CHR Extension: (Sheets) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-26]
CHR Extension: (Google Docs hors connexion) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-02]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-07-02]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-02]
CHR Extension: (Gmail) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-02]
CHR Extension: (Chrome Media Router) - C:\Users\ahmed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-02]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-17] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
R2 DigiRefresh; C:\Program Files\Avid\Pro Tools\MMERefresh.exe [117760 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
S3 digiSPTIService64; C:\Program Files\Avid\Pro Tools\digisptiservice64.exe [197632 2016-05-09] (Avid Technology, Inc.) [Fichier non signé]
R2 ImControllerService; C:\WINDOWS\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [84240 2022-01-28] (Lenovo -> Lenovo Group Ltd.)
R2 RealSenseDCM; C:\Program Files (x86)\Common Files\Intel\RSDCM\bin\win32\RealSenseDCM.exe [3663512 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R2 SoftubeInstallerDaemon; C:\Program Files\Softube\InstallerDaemon\InstallerService.exe [10284824 2019-07-10] (Softube AB -> )
S2 SystemServices; C:\Program Files\qemu\SystemServices.exe [122368 2020-01-08] () [Fichier non signé] <==== ATTENTION
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u hxxps://activation.paceap.com/InitiateActivation
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 Apogee; C:\WINDOWS\System32\drivers\Apogee.sys [351808 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
R3 Apogeeks; C:\WINDOWS\System32\drivers\Apogeeks.sys [53312 2018-01-04] (Microsoft Windows Hardware Compatibility Publisher -> Thesycon Software Solutions GmbH & Co. KG)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 IXCamera; C:\WINDOWS\system32\DRIVERS\RealSenseDCM.sys [72704 2015-10-15] (Intel(R) Software Development Products -> Intel(R) Corporation)
R3 MpKsl60946e50; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{37515ACD-D743-483C-9FAA-AB3BEAEB0657}\MpKslDrv.sys [135440 2022-03-11] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2022-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [438520 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-10] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] (CyberLink -> "CyberLink)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-11 16:18 - 2022-03-11 16:20 - 000000000 ____D C:\FRST
2022-03-11 11:41 - 2022-03-11 11:41 - 000000000 ____D C:\Users\ahmed\AppData\Local\ZHP
2022-03-11 11:36 - 2022-03-11 16:19 - 000000000 ____D C:\Users\ahmed\Desktop\Désinfection
2022-03-11 10:52 - 2022-03-11 10:52 - 000011911 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-03-11 10:51 - 2022-03-11 10:51 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2022-03-11 10:50 - 2022-03-11 10:50 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-03-11 10:50 - 2022-03-11 10:50 - 002254336 _____ C:\WINDOWS\system32\dwmscene.dll
2022-03-11 10:49 - 2022-03-11 10:49 - 000272896 _____ C:\WINDOWS\system32\TpmTool.exe
2022-03-11 09:50 - 2022-03-11 11:21 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-03-11 09:41 - 2022-03-11 09:41 - 000000000 ___HD C:\$WinREAgent
2022-02-25 18:15 - 2022-02-25 18:15 - 000021239 _____ C:\Users\ahmed\Desktop\Balai aspirateur.pdf
2022-02-25 11:33 - 2022-02-25 11:33 - 000000108 ____H C:\Users\ahmed\Desktop\.~lock.Lien c net.doc#
2022-02-23 18:33 - 2022-02-25 09:56 - 001410028 _____ C:\WINDOWS\Minidump\022322-42062-01.dmp
2022-02-10 20:50 - 2022-02-10 20:50 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-02-09 12:57 - 2022-02-09 12:57 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-02-09 12:57 - 2022-02-09 12:57 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2022-03-11 16:20 - 2016-03-30 10:35 - 000000000 ____D C:\Users\Public\Pro Tools
2022-03-11 16:13 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-03-11 16:06 - 2020-12-01 00:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-03-11 15:36 - 2016-02-12 19:03 - 000000000 ____D C:\Program Files (x86)\Google
2022-03-11 14:12 - 2020-05-26 07:05 - 000000000 ____D C:\ProgramData\boost_interprocess
2022-03-11 12:34 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2022-03-11 12:12 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-03-11 12:11 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-03-11 12:09 - 2019-10-20 15:01 - 000000000 ____D C:\Users\ahmed\AppData\Roaming\ZHP
2022-03-11 11:34 - 2016-11-19 18:04 - 000000000 ____D C:\Users\ahmed\AppData\LocalLow\Mozilla
2022-03-11 11:26 - 2020-12-01 00:50 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-03-11 11:26 - 2019-12-07 15:49 - 000776836 _____ C:\WINDOWS\system32\perfh00C.dat
2022-03-11 11:26 - 2019-12-07 15:49 - 000145464 _____ C:\WINDOWS\system32\perfc00C.dat
2022-03-11 11:25 - 2020-11-29 19:45 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2022-03-11 11:25 - 2015-12-27 12:28 - 000000000 __SHD C:\Users\ahmed\IntelGraphicsProfiles
2022-03-11 11:22 - 2020-12-01 00:26 - 005429120 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-03-11 11:21 - 2020-12-01 01:04 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-03-11 11:21 - 2020-12-01 00:25 - 000008192 ___SH C:\DumpStack.log.tmp
2022-03-11 11:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2022-03-11 11:21 - 2018-11-17 14:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-03-11 11:20 - 2019-12-07 10:03 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-03-11 11:19 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-03-11 11:19 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2022-03-11 11:08 - 2020-10-02 09:58 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-03-11 11:07 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-03-11 10:49 - 2020-12-01 00:31 - 002877952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-03-11 10:32 - 2021-11-24 09:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-03-11 10:28 - 2018-11-17 14:21 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-03-11 10:01 - 2018-05-19 15:46 - 000000000 ____D C:\Users\ahmed\AppData\Local\Adobe
2022-03-11 09:55 - 2021-12-11 10:31 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-40630279-3267804419-453767322-1001
2022-03-11 09:55 - 2020-12-01 01:04 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-40630279-3267804419-453767322-1001
2022-03-11 09:55 - 2020-11-30 22:37 - 000002420 _____ C:\Users\ahmed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-03-10 07:27 - 2021-01-19 19:21 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d6c7736cf4350e
2022-03-10 07:27 - 2020-12-01 01:04 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-03-09 19:55 - 2020-06-14 23:48 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-03-09 19:55 - 2020-06-14 23:48 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-03-09 18:35 - 2021-02-03 22:30 - 000000000 ____D C:\WINDOWS\Minidump
2022-03-09 18:29 - 2015-09-17 23:39 - 000956732 ____N C:\WINDOWS\Minidump\030922-75828-01.dmp
2022-03-09 13:29 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-03-09 12:10 - 2015-12-27 19:53 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-03-09 11:19 - 2015-12-27 19:53 - 145666720 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-02-25 09:45 - 2020-11-30 22:37 - 000000000 ____D C:\Users\ahmed
2022-02-23 18:33 - 2021-02-03 22:30 - 989954351 _____ C:\WINDOWS\MEMORY.DMP
2022-02-14 21:06 - 2020-10-02 09:58 - 000600944 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2022-02-14 21:06 - 2020-10-02 09:58 - 000482120 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2022-02-10 20:50 - 2019-02-13 23:22 - 000000000 ____D C:\ProgramData\Mozilla
2022-02-10 18:18 - 2018-05-19 16:19 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-02-09 18:54 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
==================== Fichiers à la racine de certains dossiers ========
2020-02-25 19:43 - 2020-02-25 19:43 - 003269504 _____ (Nicolas Coolman) C:\Users\ahmed\ZHPDiag3.exe
2016-01-03 17:27 - 2016-03-31 17:27 - 000001472 _____ () C:\Users\ahmed\AppData\Roaming\LAPTOP-METDILG9.MTBF.txt
2021-12-29 13:52 - 2021-12-29 14:03 - 001040888 _____ () C:\Users\ahmed\AppData\Roaming\TI Connect CE-5.6.3.2278-Installation.log
2015-12-27 20:50 - 2016-01-04 21:50 - 000000134 _____ () C:\Users\ahmed\AppData\Roaming\WB.CFG
2016-01-03 17:27 - 2016-03-31 16:54 - 000000681 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManager.log
2016-01-03 17:27 - 2016-03-31 13:11 - 000000973 _____ () C:\Users\ahmed\AppData\Roaming\__AvidCloudManagerPrevious.log
2021-03-21 21:44 - 2021-03-21 21:44 - 000001001 _____ () C:\Users\ahmed\AppData\Local\recently-used.xbel
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================