Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2024
Exécuté par Sonia (administrateur) sur SONIA-PC (MSI MS-7788) (16-01-2024 16:09:41)
Exécuté depuis C:\Users\Sonia\Desktop\FRST64.exe
Profils chargés: Sonia
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3803 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163776 2017-08-12] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\Run: [MicrosoftEdgeAutoLaunch_9BEA1969E8FFC2D5F63A95DC1F44169D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4107728 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\MountPoints2: {133e6de4-29fd-11ec-8641-d43d7e7f819f} - "E:\AutoRunCardDetector.exe"
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\WINDOWS\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\WINDOWS\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series XPS: C:\WINDOWS\system32\CNMXLMCK.DLL [409088 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-08-06] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\EPSON Port Handler Monitor: EAPPHPM.dll (Pas de fichier)
HKLM\...\Print\Monitors\EPSON TM-T Receipt6 LM: C:\WINDOWS\system32\EA6LMTMT.DLL [294912 2019-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\95.0.12827.70\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.114\Installer\chrmstp.exe [2023-04-06] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {39167CA6-4FD1-4A11-9C80-18A62F652708} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {590E499F-3126-414E-A8F4-0D7FEACAB5ED} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly (Pas de fichier)
Task: {3EDD08F9-9C6F-4AD3-B15E-6E4E48DEA989} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon (Pas de fichier)
Task: {46AB1B20-7E8D-4EB1-98AB-E236C72B3136} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8BE811D6-89BC-4C93-922C-64910E57230D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "927cd043-e7f0-466a-b678-94e66f659c92" --version "6.19.10858" --silent
Task: {72A5C1D8-8C90-4B72-B2D3-EA47AAB3A5FF} - System32\Tasks\CCleanerSkipUAC - Sonia => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {693701B3-2F93-4406-BDC9-D771008A2835} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (Pas de fichier)
Task: {83DB955F-BE60-49DE-955D-DD0688238487} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C94E7C5C-0249-4B2A-A3E8-76F32B5D713E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F991707F-76DE-4BF9-803B-F8721D569A06} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9AFF3DD-904C-40D0-8A34-7F169FE4AFDC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB59B914-0AE2-4FD6-8454-D064986044B5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {62A3F246-A602-4F3A-A22F-CA7CCA59669E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {0946DB1D-BFA9-4C5C-A993-E6CC71FA2735} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {55A266C5-0BE6-4B65-8520-5A81F10B2A16} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {73CAE728-F446-4CB4-9DFC-FE9EBEF98F9E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (Pas de fichier)
Task: {447EFF30-3B09-43D7-A716-22E51BAD648E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {3D0C0DE4-8D41-4E6B-87A7-9D4074F35066} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {4F4E2368-6574-4618-BE9A-3BD652BD4A01} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {3F224AF0-D5BD-4CC5-A9D5-6B4E09383EAB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {2BFAB57D-85BD-49B2-803F-0B94156F0616} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {3130772D-96B3-4194-BBD9-D487E61C979C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {7929DAEA-DD87-41AF-A695-CB70E32A4153} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {1ABF2C4B-D10B-48F4-8B5D-2C6507E6C032} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {41A7C3FF-EC41-430A-8DF9-B777624C8672} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {01C68216-BADF-443F-8D29-9456753D4428} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {75AF389F-E9C9-4969-947D-A9A5ECC8EB28} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {91F20898-3AA9-458A-8D8B-FA106B54E98C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {BCD54745-A69D-4E71-AD66-7F72E194618F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {53D907AE-EECE-4C2D-B036-E77F7A1D042C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {965A2DCD-8E14-4DD2-97D5-B0341BDED0F6} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {EF3D74F4-DE8A-4AB1-A5B2-936CEEA972A8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {44E9505A-687C-4085-A760-61E8B6F43F76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8C8D415-D8BD-4325-BBB0-40A2819D3DE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5FB871B-5AAA-409C-BEAA-938D90AB6261} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96C46AA3-D5C4-4613-A6CE-FF3D5FD16910} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BAFCDC4-5A3D-4FE3-9BFA-9085E5FDAE54} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-24] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EsgInstallerTask78.job => rundll32 exe url dll FileProtocolHandler https /www enigmasoftware com
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3a19f481-d73c-4166-bedb-67e0004ea328}: [DhcpNameServer] 192.168.171.142
Tcpip\..\Interfaces\{6764d574-b8bf-46d9-81f4-337d91cd36a0}: [DhcpNameServer] 192.168.171.142
Tcpip\..\Interfaces\{8012b529-fdd2-43a3-9505-7fa871f5c059}: [DhcpNameServer] 192.168.220.178
Tcpip\..\Interfaces\{a647d1a5-eb7b-481e-bf77-522081a04810}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a647d1a5-eb7b-481e-bf77-522081a04810}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sonia\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-13]
Edge Notifications: Default -> hxxps://www.tiktok.com
Edge StartupUrls: Default -> "hxxps://www.google.fr/"
Edge Extension: (Google Docs hors connexion) - C:\Users\Sonia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Sonia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-16]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: 0tjkpr92.default-release-1623776384382
FF ProfilePath: C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382 [2024-01-16]
FF Homepage: Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382 -> hxxps://www.google.fr/
FF NetworkProxy: Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382 -> type", 0
FF Extension: (To Google Translate) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-07-06]
FF Extension: (Happy Reptile green) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{a61fa098-1661-4482-a89e-a1bb13ce23c6}.xpi [2022-01-16]
FF Extension: (The Walking Dead - Season 3) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{c47d86c9-bf59-4958-882d-cc44ab24338c}.xpi [2022-01-16]
FF Extension: (Orion Nebula) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{cd34f608-c9ab-4263-8f6f-abf03c5db78f}.xpi [2022-01-16]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-01-12]
FF Extension: (the walking dead theme) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{eae45b6a-750e-4086-86ca-5a9cf7ed9eed}.xpi [2021-06-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-12-28]
BRA HomePage: Default -> hxxps://www.google.fr/
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-05-16]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-07-25]
BRA Extension: (Brave NTP background images) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-02-17]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-07-25]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-07-25]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-07-25]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-07-25]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-07-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-07-25]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-16]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-07-25]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-05-01] (BattlEye Innovations e.K. -> )
S3 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.114\brave_vpn_helper.exe [3018032 2023-04-05] (Brave Software, Inc. -> Brave Software, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10045544 2022-12-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-05-01] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-06-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2014-05-15] (Canon Inc. -> )
S3 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] (Intel(R) Smart Connect software -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-09] (Malwarebytes Inc. -> Malwarebytes)
S3 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-11-15] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [87424 2018-08-09] (D3L -> Dokan Project)
S3 EasyAntiCheat_EOSSys; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.sys [16235480 2023-06-18] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S3 hwusbfake; C:\WINDOWS\System32\DRIVERS\ewusbfake.sys [116224 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MFDriver_Driver; C:\WINDOWS\system32\drivers\MFDriver.sys [32224 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [3772632 2016-01-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2019-12-05] (Intel(R) Smart Connect software -> )
S3 MpKslf1463258; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF94BD59-808F-4ABF-B777-F4034E318015}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 16:09 - 2024-01-16 16:13 - 000029028 _____ C:\Users\Sonia\Desktop\FRST.txt
2024-01-16 16:08 - 2024-01-16 16:11 - 000000000 ____D C:\FRST
2024-01-16 16:06 - 2024-01-16 16:07 - 002389504 _____ (Farbar) C:\Users\Sonia\Desktop\FRST64.exe
2024-01-16 11:49 - 2024-01-16 11:49 - 112984064 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-01-16 10:47 - 2024-01-16 10:47 - 005716268 ____R C:\Users\Sonia\Desktop\419952676_6812575042184189_5556631833997346759_n.mp4
2024-01-14 20:43 - 2024-01-14 20:43 - 000093675 _____ C:\Users\Sonia\Downloads\ticket-2.pdf
2024-01-11 17:40 - 2024-01-11 17:40 - 000000000 ___HD C:\$WinREAgent
2024-01-09 12:59 - 2024-01-09 12:59 - 000135843 _____ C:\Users\Sonia\Downloads\CM AVIGNON - COMPTE GLOBAL.pdf
2024-01-06 23:31 - 2024-01-06 23:31 - 000673902 _____ C:\Users\Sonia\Downloads\Note_A001.pdf
2024-01-06 23:24 - 2024-01-06 23:24 - 000040781 _____ C:\Users\Sonia\Downloads\carte_Fiona_Belotti_4001492.pdf
2024-01-06 23:23 - 2024-01-06 23:23 - 000082284 _____ C:\Users\Sonia\Downloads\ticket-1.pdf
2024-01-06 23:21 - 2024-01-06 23:21 - 000175992 _____ C:\Users\Sonia\Downloads\carte_Sydney_Belotti_4001491.pdf
2024-01-06 23:20 - 2024-01-06 23:20 - 000082204 _____ C:\Users\Sonia\Downloads\ticket.pdf
2023-12-24 11:54 - 2024-01-12 13:09 - 000001257 _____ C:\Users\Sonia\Desktop\Roblox Studio.lnk
2023-12-20 20:03 - 2023-12-20 20:03 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-20 14:15 - 2023-12-20 14:15 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-19 13:41 - 2023-12-19 13:41 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 16:09 - 2021-07-10 15:04 - 000000000 ____D C:\Users\Sonia\AppData\Local\ClassicShell
2024-01-16 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-16 15:47 - 2022-02-10 08:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-16 15:46 - 2023-11-24 18:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-01-16 15:46 - 2021-09-30 23:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-16 11:52 - 2021-07-07 01:10 - 000000000 __SHD C:\Users\Sonia\IntelGraphicsProfiles
2024-01-16 11:51 - 2021-09-30 23:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-16 11:51 - 2021-07-10 05:34 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-16 11:49 - 2022-11-22 21:55 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-01-16 11:48 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-16 11:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-16 11:21 - 2019-12-05 03:56 - 000000000 ____D C:\Users\Sonia\AppData\Local\CrashDumps
2024-01-16 11:07 - 2020-02-07 13:30 - 000000000 ____D C:\Users\Sonia\AppData\Roaming\Microsoft\Excel
2024-01-16 10:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-16 09:47 - 2019-12-05 03:13 - 000000000 ____D C:\Users\Sonia\AppData\Local\ElevatedDiagnostics
2024-01-14 19:39 - 2010-11-21 04:27 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-13 12:35 - 2022-02-10 16:32 - 000000000 ____D C:\Users\Sonia\Downloads\Nouveau dossier
2024-01-12 13:11 - 2023-10-07 08:26 - 000001429 _____ C:\Users\Sonia\Desktop\Roblox Player.lnk
2024-01-12 13:11 - 2020-04-13 19:42 - 000000000 ____D C:\Users\Sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-01-11 17:55 - 2022-01-11 17:09 - 000001147 _____ C:\Users\Sonia\Desktop\Firefox.lnk
2024-01-09 04:02 - 2020-12-30 16:40 - 000000000 ____D C:\Users\Sonia\Desktop\jeux
2024-01-06 23:24 - 2019-12-06 21:09 - 000000000 ____D C:\Users\Sonia\AppData\LocalLow\Adobe
2024-01-06 23:22 - 2023-04-03 08:27 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-06 23:21 - 2022-10-14 12:00 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-12-28 13:39 - 2019-12-05 03:36 - 000000000 ____D C:\Program Files\CCleaner
2023-12-28 10:46 - 2023-07-27 07:12 - 000000000 ____D C:\Users\Sonia\Desktop\Papier Marion
2023-12-22 22:43 - 2021-09-30 22:55 - 000000000 ____D C:\Users\Sonia
2023-12-22 19:58 - 2021-09-30 23:46 - 001923854 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-22 19:58 - 2019-12-07 15:49 - 000831796 _____ C:\WINDOWS\system32\perfh00C.dat
2023-12-22 19:58 - 2019-12-07 15:49 - 000167562 _____ C:\WINDOWS\system32\perfc00C.dat
2023-12-22 19:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-22 06:57 - 2022-09-01 00:09 - 000000000 ____D C:\Users\Sonia\Desktop\Recettes
2023-12-21 08:27 - 2020-08-05 05:02 - 000000000 ____D C:\Users\Sonia\AppData\Local\Packages
2023-12-21 08:24 - 2021-09-30 23:29 - 000637168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-20 20:03 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-20 14:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-20 14:29 - 2019-12-07 15:53 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-20 14:29 - 2019-12-07 15:53 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-12-20 14:16 - 2015-01-08 02:22 - 000416140 __RSH C:\bootmgr
2023-12-20 14:15 - 2021-09-30 23:33 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-19 13:41 - 2021-01-16 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2023-12-19 13:41 - 2019-12-12 19:16 - 000000000 ____D C:\Program Files\Microsoft Office
2023-12-19 12:39 - 2021-07-10 05:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-19 12:11 - 2023-09-18 17:02 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2023-12-19 12:11 - 2022-10-22 14:20 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-12-19 12:11 - 2022-10-22 14:20 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-12-19 12:11 - 2021-11-23 18:17 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
==================== Fichiers à la racine de certains dossiers ========
2021-06-25 01:26 - 2021-06-25 01:26 - 000000000 _____ () C:\Program Files (x86)\temp_files
2021-09-29 09:37 - 2021-09-29 09:37 - 000000572 _____ () C:\Users\Sonia\AppData\Roaming\Avvelenate.wma
2021-03-10 18:52 - 2021-03-10 18:52 - 000000064 _____ () C:\Users\Sonia\AppData\Roaming\changzhi_leidian.data
2022-06-21 13:25 - 2023-04-20 20:23 - 000000024 _____ () C:\Users\Sonia\AppData\Roaming\changzhi_leidianmac.data
2021-09-29 09:37 - 2021-09-29 09:37 - 000005121 _____ () C:\Users\Sonia\AppData\Roaming\Dirvene.wma
2021-09-29 09:37 - 2021-09-29 09:37 - 001253721 _____ () C:\Users\Sonia\AppData\Roaming\Dolcemente.wma
2019-12-05 13:38 - 2019-06-12 16:06 - 000321226 ___SH () C:\Users\Sonia\AppData\Roaming\drfsrei
2021-09-25 17:16 - 2021-09-25 17:16 - 000000498 _____ () C:\Users\Sonia\AppData\Roaming\Hai.bmp
2021-09-29 09:37 - 2021-09-29 09:37 - 000893755 _____ () C:\Users\Sonia\AppData\Roaming\Lume.wma
2021-09-25 17:16 - 2021-09-25 17:16 - 000013313 _____ () C:\Users\Sonia\AppData\Roaming\Mutamento.bmp
2023-09-02 16:57 - 2023-09-02 17:00 - 000000015 _____ () C:\Users\Sonia\AppData\Roaming\obs-virtualcam.txt
2021-09-25 17:16 - 2021-09-25 17:16 - 000912109 _____ () C:\Users\Sonia\AppData\Roaming\Osi.bmp
2021-09-25 17:16 - 2021-09-25 17:16 - 000119008 _____ () C:\Users\Sonia\AppData\Roaming\Raggi.bmp
2021-09-25 17:16 - 2021-09-25 17:16 - 000893722 _____ () C:\Users\Sonia\AppData\Roaming\Tue.bmp
2021-09-30 07:53 - 2021-09-25 17:16 - 000912109 _____ () C:\Users\Sonia\AppData\Roaming\V
2019-12-06 00:40 - 2019-12-06 00:40 - 000000410 _____ () C:\Users\Sonia\AppData\Local\oobelibMkey.log
2020-09-10 19:57 - 2021-07-07 22:44 - 000016438 _____ () C:\Users\Sonia\AppData\Local\partner.bmp
2020-01-16 17:55 - 2020-02-02 04:41 - 000007612 _____ () C:\Users\Sonia\AppData\Local\Resmon.ResmonCfg
2022-06-20 17:04 - 2022-06-20 17:04 - 000000076 _____ () C:\Users\Sonia\AppData\Local\uts.ini
==================== FLock ==============================
2021-07-07 23:50 C:\WINDOWS\SysWOW64\eyjodib
2021-07-07 00:26 C:\WINDOWS\SysWOW64\wfbjcje
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Sonia (administrateur) sur SONIA-PC (MSI MS-7788) (16-01-2024 16:09:41)
Exécuté depuis C:\Users\Sonia\Desktop\FRST64.exe
Profils chargés: Sonia
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3803 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163776 2017-08-12] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé]
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-02] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\Run: [MicrosoftEdgeAutoLaunch_9BEA1969E8FFC2D5F63A95DC1F44169D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4107728 2023-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-624593535-2399248225-214801468-1000\...\MountPoints2: {133e6de4-29fd-11ec-8641-d43d7e7f819f} - "E:\AutoRunCardDetector.exe"
HKLM\...\Windows x64\Print Processors\Canon MX490 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCK.DLL [30208 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor MX490 series: C:\WINDOWS\system32\CNCALCK.DLL [303104 2014-09-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series: C:\WINDOWS\system32\CNMLMCK.DLL [406528 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MX490 series XPS: C:\WINDOWS\system32\CNMXLMCK.DLL [409088 2014-09-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [375296 2014-08-06] (CANON INC.) [Fichier non signé]
HKLM\...\Print\Monitors\EPSON Port Handler Monitor: EAPPHPM.dll (Pas de fichier)
HKLM\...\Print\Monitors\EPSON TM-T Receipt6 LM: C:\WINDOWS\system32\EA6LMTMT.DLL [294912 2019-05-16] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A8504530-742B-42BC-895D-2BAD6406F698}] -> "C:\Program Files (x86)\AVAST Software\Browser\Application\95.0.12827.70\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.114\Installer\chrmstp.exe [2023-04-06] (Brave Software, Inc. -> Brave Software, Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {39167CA6-4FD1-4A11-9C80-18A62F652708} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {590E499F-3126-414E-A8F4-0D7FEACAB5ED} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --hourly (Pas de fichier)
Task: {3EDD08F9-9C6F-4AD3-B15E-6E4E48DEA989} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe --type=heartbeat --logon (Pas de fichier)
Task: {46AB1B20-7E8D-4EB1-98AB-E236C72B3136} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {8BE811D6-89BC-4C93-922C-64910E57230D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "927cd043-e7f0-466a-b678-94e66f659c92" --version "6.19.10858" --silent
Task: {72A5C1D8-8C90-4B72-B2D3-EA47AAB3A5FF} - System32\Tasks\CCleanerSkipUAC - Sonia => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {693701B3-2F93-4406-BDC9-D771008A2835} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe Scan -ScheduleJob -RestrictPrivileges (Pas de fichier)
Task: {83DB955F-BE60-49DE-955D-DD0688238487} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C94E7C5C-0249-4B2A-A3E8-76F32B5D713E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28175336 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {F991707F-76DE-4BF9-803B-F8721D569A06} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9AFF3DD-904C-40D0-8A34-7F169FE4AFDC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [306624 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB59B914-0AE2-4FD6-8454-D064986044B5} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169144 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
Task: {62A3F246-A602-4F3A-A22F-CA7CCA59669E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {0946DB1D-BFA9-4C5C-A993-E6CC71FA2735} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {55A266C5-0BE6-4B65-8520-5A81F10B2A16} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate $(Arg0) (Pas de fichier)
Task: {73CAE728-F446-4CB4-9DFC-FE9EBEF98F9E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 (Pas de fichier)
Task: {447EFF30-3B09-43D7-A716-22E51BAD648E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {3D0C0DE4-8D41-4E6B-87A7-9D4074F35066} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {4F4E2368-6574-4618-BE9A-3BD652BD4A01} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {3F224AF0-D5BD-4CC5-A9D5-6B4E09383EAB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {2BFAB57D-85BD-49B2-803F-0B94156F0616} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {3130772D-96B3-4194-BBD9-D487E61C979C} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {7929DAEA-DD87-41AF-A695-CB70E32A4153} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {1ABF2C4B-D10B-48F4-8B5D-2C6507E6C032} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {41A7C3FF-EC41-430A-8DF9-B777624C8672} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {01C68216-BADF-443F-8D29-9456753D4428} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {75AF389F-E9C9-4969-947D-A9A5ECC8EB28} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec /StartRecording (Pas de fichier)
Task: {91F20898-3AA9-458A-8D8B-FA106B54E98C} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {BCD54745-A69D-4E71-AD66-7F72E194618F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {53D907AE-EECE-4C2D-B036-E77F7A1D042C} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {965A2DCD-8E14-4DD2-97D5-B0341BDED0F6} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {EF3D74F4-DE8A-4AB1-A5B2-936CEEA972A8} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {44E9505A-687C-4085-A760-61E8B6F43F76} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C8C8D415-D8BD-4325-BBB0-40A2819D3DE6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F5FB871B-5AAA-409C-BEAA-938D90AB6261} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {96C46AA3-D5C4-4613-A6CE-FF3D5FD16910} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1BAFCDC4-5A3D-4FE3-9BFA-9085E5FDAE54} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [724384 2023-11-24] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EsgInstallerTask78.job => rundll32 exe url dll FileProtocolHandler https /www enigmasoftware com
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3a19f481-d73c-4166-bedb-67e0004ea328}: [DhcpNameServer] 192.168.171.142
Tcpip\..\Interfaces\{6764d574-b8bf-46d9-81f4-337d91cd36a0}: [DhcpNameServer] 192.168.171.142
Tcpip\..\Interfaces\{8012b529-fdd2-43a3-9505-7fa871f5c059}: [DhcpNameServer] 192.168.220.178
Tcpip\..\Interfaces\{a647d1a5-eb7b-481e-bf77-522081a04810}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{a647d1a5-eb7b-481e-bf77-522081a04810}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Sonia\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-13]
Edge Notifications: Default -> hxxps://www.tiktok.com
Edge StartupUrls: Default -> "hxxps://www.google.fr/"
Edge Extension: (Google Docs hors connexion) - C:\Users\Sonia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-13]
Edge Extension: (Edge relevant text changes) - C:\Users\Sonia\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-16]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: 0tjkpr92.default-release-1623776384382
FF ProfilePath: C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382 [2024-01-16]
FF Homepage: Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382 -> hxxps://www.google.fr/
FF NetworkProxy: Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382 -> type", 0
FF Extension: (To Google Translate) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-07-06]
FF Extension: (Happy Reptile green) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{a61fa098-1661-4482-a89e-a1bb13ce23c6}.xpi [2022-01-16]
FF Extension: (The Walking Dead - Season 3) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{c47d86c9-bf59-4958-882d-cc44ab24338c}.xpi [2022-01-16]
FF Extension: (Orion Nebula) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{cd34f608-c9ab-4263-8f6f-abf03c5db78f}.xpi [2022-01-16]
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-01-12]
FF Extension: (the walking dead theme) - C:\Users\Sonia\AppData\Roaming\Mozilla\Firefox\Profiles\0tjkpr92.default-release-1623776384382\Extensions\{eae45b6a-750e-4086-86ca-5a9cf7ed9eed}.xpi [2021-06-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.391.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-10-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_453.dll [2020-11-11] (Adobe Inc. -> )
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.18 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.9.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2022-10-25] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Brave:
=======
BRA Profile: C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-12-28]
BRA HomePage: Default -> hxxps://www.google.fr/
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-05-16]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-07-25]
BRA Extension: (Brave NTP background images) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-02-17]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2023-07-25]
BRA Extension: (Wallet Data Files Updater) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-07-25]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-07-25]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-07-25]
BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-07-25]
BRA Extension: (Brave NTP sponsored images) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-07-25]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-03-16]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\Sonia\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-07-25]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-11-11] (Adobe Inc. -> Adobe)
S3 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [15044872 2023-05-01] (BattlEye Innovations e.K. -> )
S3 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [174968 2023-02-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveVpnService; C:\Program Files\BraveSoftware\Brave-Browser\Application\112.1.50.114\brave_vpn_helper.exe [3018032 2023-04-05] (Brave Software, Inc. -> Brave Software, Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13233744 2023-12-11] (Microsoft Corporation -> Microsoft Corporation)
S3 EABackgroundService; C:\Program Files\Electronic Arts\EA Desktop\EA Desktop\EABackgroundService.exe [10045544 2022-12-10] (Electronic Arts, Inc. -> Electronic Arts)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [813032 2023-05-01] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 EasyAntiCheat_EOS; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe [943528 2023-06-18] (EasyAntiCheat Oy -> Epic Games, Inc.)
S3 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2014-05-15] (Canon Inc. -> )
S3 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] (Intel(R) Smart Connect software -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8879024 2022-11-09] (Malwarebytes Inc. -> Malwarebytes)
S3 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] (Realtek Semiconductor Corp -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [262880 2021-11-15] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 dokan1; C:\WINDOWS\System32\DRIVERS\dokan1.sys [87424 2018-08-09] (D3L -> Dokan Project)
S3 EasyAntiCheat_EOSSys; C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.sys [16235480 2023-06-18] (EasyAntiCheat Oy -> EasyAntiCheat Oy)
S3 hwusbfake; C:\WINDOWS\System32\DRIVERS\ewusbfake.sys [116224 2009-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-09-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2022-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MFDriver_Driver; C:\WINDOWS\system32\drivers\MFDriver.sys [32224 2023-08-21] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 RtlWlanu; C:\WINDOWS\System32\drivers\rtwlanu.sys [3772632 2016-01-15] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-19] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-19] (Microsoft Windows -> Microsoft Corporation)
S3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2019-12-05] (Intel(R) Smart Connect software -> )
S3 MpKslf1463258; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CF94BD59-808F-4ABF-B777-F4034E318015}\MpKslDrv.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 16:09 - 2024-01-16 16:13 - 000029028 _____ C:\Users\Sonia\Desktop\FRST.txt
2024-01-16 16:08 - 2024-01-16 16:11 - 000000000 ____D C:\FRST
2024-01-16 16:06 - 2024-01-16 16:07 - 002389504 _____ (Farbar) C:\Users\Sonia\Desktop\FRST64.exe
2024-01-16 11:49 - 2024-01-16 11:49 - 112984064 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-01-16 10:47 - 2024-01-16 10:47 - 005716268 ____R C:\Users\Sonia\Desktop\419952676_6812575042184189_5556631833997346759_n.mp4
2024-01-14 20:43 - 2024-01-14 20:43 - 000093675 _____ C:\Users\Sonia\Downloads\ticket-2.pdf
2024-01-11 17:40 - 2024-01-11 17:40 - 000000000 ___HD C:\$WinREAgent
2024-01-09 12:59 - 2024-01-09 12:59 - 000135843 _____ C:\Users\Sonia\Downloads\CM AVIGNON - COMPTE GLOBAL.pdf
2024-01-06 23:31 - 2024-01-06 23:31 - 000673902 _____ C:\Users\Sonia\Downloads\Note_A001.pdf
2024-01-06 23:24 - 2024-01-06 23:24 - 000040781 _____ C:\Users\Sonia\Downloads\carte_Fiona_Belotti_4001492.pdf
2024-01-06 23:23 - 2024-01-06 23:23 - 000082284 _____ C:\Users\Sonia\Downloads\ticket-1.pdf
2024-01-06 23:21 - 2024-01-06 23:21 - 000175992 _____ C:\Users\Sonia\Downloads\carte_Sydney_Belotti_4001491.pdf
2024-01-06 23:20 - 2024-01-06 23:20 - 000082204 _____ C:\Users\Sonia\Downloads\ticket.pdf
2023-12-24 11:54 - 2024-01-12 13:09 - 000001257 _____ C:\Users\Sonia\Desktop\Roblox Studio.lnk
2023-12-20 20:03 - 2023-12-20 20:03 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-20 14:15 - 2023-12-20 14:15 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-19 13:41 - 2023-12-19 13:41 - 000002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-16 16:09 - 2021-07-10 15:04 - 000000000 ____D C:\Users\Sonia\AppData\Local\ClassicShell
2024-01-16 15:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-16 15:47 - 2022-02-10 08:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-01-16 15:46 - 2023-11-24 18:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-01-16 15:46 - 2021-09-30 23:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-01-16 11:52 - 2021-07-07 01:10 - 000000000 __SHD C:\Users\Sonia\IntelGraphicsProfiles
2024-01-16 11:51 - 2021-09-30 23:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-01-16 11:51 - 2021-07-10 05:34 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-16 11:49 - 2022-11-22 21:55 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-01-16 11:48 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-01-16 11:46 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-01-16 11:21 - 2019-12-05 03:56 - 000000000 ____D C:\Users\Sonia\AppData\Local\CrashDumps
2024-01-16 11:07 - 2020-02-07 13:30 - 000000000 ____D C:\Users\Sonia\AppData\Roaming\Microsoft\Excel
2024-01-16 10:16 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-16 09:47 - 2019-12-05 03:13 - 000000000 ____D C:\Users\Sonia\AppData\Local\ElevatedDiagnostics
2024-01-14 19:39 - 2010-11-21 04:27 - 000918944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2024-01-13 12:35 - 2022-02-10 16:32 - 000000000 ____D C:\Users\Sonia\Downloads\Nouveau dossier
2024-01-12 13:11 - 2023-10-07 08:26 - 000001429 _____ C:\Users\Sonia\Desktop\Roblox Player.lnk
2024-01-12 13:11 - 2020-04-13 19:42 - 000000000 ____D C:\Users\Sonia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2024-01-11 17:55 - 2022-01-11 17:09 - 000001147 _____ C:\Users\Sonia\Desktop\Firefox.lnk
2024-01-09 04:02 - 2020-12-30 16:40 - 000000000 ____D C:\Users\Sonia\Desktop\jeux
2024-01-06 23:24 - 2019-12-06 21:09 - 000000000 ____D C:\Users\Sonia\AppData\LocalLow\Adobe
2024-01-06 23:22 - 2023-04-03 08:27 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-01-06 23:21 - 2022-10-14 12:00 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2023-12-28 13:39 - 2019-12-05 03:36 - 000000000 ____D C:\Program Files\CCleaner
2023-12-28 10:46 - 2023-07-27 07:12 - 000000000 ____D C:\Users\Sonia\Desktop\Papier Marion
2023-12-22 22:43 - 2021-09-30 22:55 - 000000000 ____D C:\Users\Sonia
2023-12-22 19:58 - 2021-09-30 23:46 - 001923854 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-22 19:58 - 2019-12-07 15:49 - 000831796 _____ C:\WINDOWS\system32\perfh00C.dat
2023-12-22 19:58 - 2019-12-07 15:49 - 000167562 _____ C:\WINDOWS\system32\perfc00C.dat
2023-12-22 19:58 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-12-22 06:57 - 2022-09-01 00:09 - 000000000 ____D C:\Users\Sonia\Desktop\Recettes
2023-12-21 08:27 - 2020-08-05 05:02 - 000000000 ____D C:\Users\Sonia\AppData\Local\Packages
2023-12-21 08:24 - 2021-09-30 23:29 - 000637168 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-20 20:03 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-20 20:03 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-12-20 14:30 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-20 14:29 - 2019-12-07 15:53 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll
2023-12-20 14:29 - 2019-12-07 15:53 - 000020827 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2023-12-20 14:16 - 2015-01-08 02:22 - 000416140 __RSH C:\bootmgr
2023-12-20 14:15 - 2021-09-30 23:33 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-12-19 13:41 - 2021-01-16 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2023-12-19 13:41 - 2019-12-12 19:16 - 000000000 ____D C:\Program Files\Microsoft Office
2023-12-19 12:39 - 2021-07-10 05:51 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-19 12:11 - 2023-09-18 17:02 - 000263784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_3.dll
2023-12-19 12:11 - 2022-10-22 14:20 - 000095736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2023-12-19 12:11 - 2022-10-22 14:20 - 000075256 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2023-12-19 12:11 - 2021-11-23 18:17 - 000194040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 002754152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 000634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 000214632 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2023-12-19 12:11 - 2021-10-24 20:18 - 000145000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
==================== Fichiers à la racine de certains dossiers ========
2021-06-25 01:26 - 2021-06-25 01:26 - 000000000 _____ () C:\Program Files (x86)\temp_files
2021-09-29 09:37 - 2021-09-29 09:37 - 000000572 _____ () C:\Users\Sonia\AppData\Roaming\Avvelenate.wma
2021-03-10 18:52 - 2021-03-10 18:52 - 000000064 _____ () C:\Users\Sonia\AppData\Roaming\changzhi_leidian.data
2022-06-21 13:25 - 2023-04-20 20:23 - 000000024 _____ () C:\Users\Sonia\AppData\Roaming\changzhi_leidianmac.data
2021-09-29 09:37 - 2021-09-29 09:37 - 000005121 _____ () C:\Users\Sonia\AppData\Roaming\Dirvene.wma
2021-09-29 09:37 - 2021-09-29 09:37 - 001253721 _____ () C:\Users\Sonia\AppData\Roaming\Dolcemente.wma
2019-12-05 13:38 - 2019-06-12 16:06 - 000321226 ___SH () C:\Users\Sonia\AppData\Roaming\drfsrei
2021-09-25 17:16 - 2021-09-25 17:16 - 000000498 _____ () C:\Users\Sonia\AppData\Roaming\Hai.bmp
2021-09-29 09:37 - 2021-09-29 09:37 - 000893755 _____ () C:\Users\Sonia\AppData\Roaming\Lume.wma
2021-09-25 17:16 - 2021-09-25 17:16 - 000013313 _____ () C:\Users\Sonia\AppData\Roaming\Mutamento.bmp
2023-09-02 16:57 - 2023-09-02 17:00 - 000000015 _____ () C:\Users\Sonia\AppData\Roaming\obs-virtualcam.txt
2021-09-25 17:16 - 2021-09-25 17:16 - 000912109 _____ () C:\Users\Sonia\AppData\Roaming\Osi.bmp
2021-09-25 17:16 - 2021-09-25 17:16 - 000119008 _____ () C:\Users\Sonia\AppData\Roaming\Raggi.bmp
2021-09-25 17:16 - 2021-09-25 17:16 - 000893722 _____ () C:\Users\Sonia\AppData\Roaming\Tue.bmp
2021-09-30 07:53 - 2021-09-25 17:16 - 000912109 _____ () C:\Users\Sonia\AppData\Roaming\V
2019-12-06 00:40 - 2019-12-06 00:40 - 000000410 _____ () C:\Users\Sonia\AppData\Local\oobelibMkey.log
2020-09-10 19:57 - 2021-07-07 22:44 - 000016438 _____ () C:\Users\Sonia\AppData\Local\partner.bmp
2020-01-16 17:55 - 2020-02-02 04:41 - 000007612 _____ () C:\Users\Sonia\AppData\Local\Resmon.ResmonCfg
2022-06-20 17:04 - 2022-06-20 17:04 - 000000076 _____ () C:\Users\Sonia\AppData\Local\uts.ini
==================== FLock ==============================
2021-07-07 23:50 C:\WINDOWS\SysWOW64\eyjodib
2021-07-07 00:26 C:\WINDOWS\SysWOW64\wfbjcje
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================