Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.01.2024
Exécuté par DELL (administrateur) sur DESKTOP-DQLMD64 (Dell Inc. OptiPlex 3070) (19-01-2024 12:21:31)
Exécuté depuis C:\Users\DELL\Desktop\FRST64.exe
Profils chargés: DELL
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEM.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_99f6bd58bfe82726\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8bf8ab287ec0df61\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8bf8ab287ec0df61\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_981d034327bfbdcc\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exe <2>
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpsus.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe <3>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DELL\AppData\Local\Microsoft\OneDrive\23.246.1127.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [1774584 2021-02-18] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe [1345104 2021-09-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Canon Toner Status] => C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe [1906784 2018-12-11] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\Run: [MicrosoftEdgeAutoLaunch_6B770857D9B81538FA9524CBB2D560C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854272 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\MountPoints2: {3324ca15-cb65-11eb-be12-806e6f6e6963} - "D:\MInst.exe"
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\MountPoints2: {97b9ba1d-d6a3-11ec-be1f-1e8ee64c88f2} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\MountPoints2: {a3f6bf80-6c05-11ee-be81-a4bb6db6569d} - "F:\AutoRun.exe"
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1804288 2021-07-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C2366315-18CA-4A48-89EB-A028E9C96A3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {F9F554F0-A424-4128-B603-4B18D822E7DA} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1826800 2018-10-29] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {79EBBA96-1C6D-468B-AA2B-23360DF96324} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{EF6CBF1F-0047-4AF6-ADA8-524902D6E117} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {83DA1DD9-5807-44C3-9D45-9120FE18B2B0} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\IntelPTTEKRecertification.exe [862200 2022-12-20] (Intel Corporation -> Intel(R) Corporation)
Task: {26533F2C-2B7B-4685-9CA3-80311CFBF65E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A98CAD7D-C99D-480D-BF1B-CCCAA68423C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2D8716F-3DD4-4793-A5FA-DBC0EFDF125C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {20889F53-D6A5-4AE6-BE50-3C934D1A1BD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B2FE778-F3B2-47D4-8017-9A886B466A62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2493DC02-2CCA-467C-811E-5B4B9B8EC047} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {19B3234A-56ED-490E-AAFC-72EA54707488} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}: [DhcpNameServer] 192.168.119.179
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\255646D69602E4F6475602130335: [DhcpNameServer] 192.168.126.57
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\94D616E6964716: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\960586F6E65602465602472756A7: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\96E677960284F6D656024374733403739323: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\05968756C6: [DhcpNameServer] 192.168.14.112
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\143786910237020786F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\255646D69602E4F64756021313: [DhcpNameServer] 192.168.119.179
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\960586F6E65602465602472756A7: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\96E677960284F6D656024374733403739323: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{8040b2ad-7486-4271-a1dd-200f6e652e0b}: [DhcpNameServer] 192.168.2.17 192.168.2.18
Tcpip\..\Interfaces\{8040b2ad-7486-4271-a1dd-200f6e652e0b}: [DhcpDomain] casablanca.lan
Tcpip\..\Interfaces\{e58c0e6c-2443-4f73-80dc-68d704f88149}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-19]
Edge Extension: (Google Docs hors connexion) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-02]
Edge Extension: (Edge relevant text changes) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default [2024-01-19]
CHR Notifications: Default -> hxxps://espace-client.orange.ma; hxxps://ledesk.ma; hxxps://www.electroplanet.ma; hxxps://www.orange.ma; hxxps://www.youtube.com
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-15]
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-15]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exe [2282864 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpsus.exe [3683928 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
S2 GoogleUpdaterInternalService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242256 2014-08-20] (Huawei Technologies Co., Ltd. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [80720 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [130176 2019-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [259192 2019-05-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klfltdev; C:\Windows\system32\DRIVERS\klfltdev.sys [58496 2019-02-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [399184 2019-02-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1107064 2019-03-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\KES\Bases\klids.sys [188848 2022-06-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1054840 2019-05-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [59216 2019-01-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [52048 2019-01-26] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [46208 2019-01-26] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_KLIF_arkmon; C:\Windows\System32\Drivers\klupd_KLIF_arkmon.sys [376920 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_KLIF_klark; C:\Windows\System32\Drivers\klupd_KLIF_klark.sys [357136 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_KLIF_klbg; C:\Windows\System32\Drivers\klupd_KLIF_klbg.sys [187200 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_KLIF_mark; C:\Windows\System32\Drivers\klupd_KLIF_mark.sys [267824 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_KLIF_swmon; C:\Windows\System32\Drivers\klupd_KLIF_swmon.sys [238120 2022-03-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [105600 2019-02-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [212608 2019-01-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [237904 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 MpKslc72583e4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0BBA39A-519B-4C47-921E-9AD9710B3724}\MpKslDrv.sys [263560 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2023-11-02] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-06] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-19 12:21 - 2024-01-19 12:23 - 000020662 _____ C:\Users\DELL\Desktop\FRST.txt
2024-01-19 12:18 - 2024-01-19 12:22 - 000000000 ____D C:\FRST
2024-01-19 12:17 - 2024-01-19 12:17 - 002389504 _____ (Farbar) C:\Users\DELL\Desktop\FRST64.exe
2024-01-12 12:26 - 2024-01-12 12:26 - 000034063 _____ C:\Users\DELL\Downloads\Situation INDH 31 12 2023 (1).xlsx
2024-01-11 03:29 - 2024-01-11 03:29 - 000000000 ___HD C:\$WinREAgent
2024-01-09 13:41 - 2024-01-09 15:36 - 000000000 _____ C:\Users\DELL\Downloads\DDA5D400
2024-01-08 17:15 - 2024-01-08 17:16 - 000431729 _____ C:\Users\DELL\Downloads\0_Consolidation_Globla_RCS_MI_25-09-2023 (4).xlsx
2024-01-08 16:54 - 2024-01-08 16:54 - 000000000 ____D C:\Windows\InboxApps
2024-01-06 10:55 - 2024-01-06 10:55 - 000016707 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-01-05 16:15 - 2024-01-05 16:16 - 000431729 _____ C:\Users\DELL\Downloads\0_Consolidation_Globla_RCS_MI_25-09-2023 (3).xlsx
2024-01-05 15:59 - 2024-01-05 16:10 - 000033367 _____ C:\Users\DELL\Downloads\Situation INDH 31 12 2023 modifiée.xlsx
2024-01-05 15:19 - 2024-01-05 15:19 - 000060416 _____ C:\Users\DELL\Downloads\INDH 12-2023_finances_RCS_TGR_2.xls
2023-12-26 16:06 - 2023-12-26 16:44 - 000000000 _____ C:\Users\DELL\Downloads\1FAA5100
2023-12-26 16:06 - 2023-12-26 16:44 - 000000000 _____ C:\Users\DELL\Downloads\07AA5100
2023-12-26 12:00 - 2023-12-26 12:00 - 000060928 _____ C:\Users\DELL\Downloads\INDH 12-2023_finances_RCS_TGR.xls
2023-12-26 10:32 - 2023-12-26 11:52 - 000000000 _____ C:\Users\DELL\Downloads\50EE4000
2023-12-25 15:14 - 2023-12-25 15:14 - 000147488 _____ C:\Users\DELL\Downloads\CONSOLIDATION RECAP GLOBAL INDH-CRDH_Imanef.xlsx
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-19 12:20 - 2022-03-15 14:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2024-01-19 12:07 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-19 11:57 - 2019-12-07 14:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-01-19 11:57 - 2019-12-07 14:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-01-19 11:57 - 2019-12-07 14:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-01-19 11:57 - 2019-12-07 14:49 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-01-19 11:57 - 2019-12-07 14:49 - 000000000 ____D C:\Windows\system32\WCN
2024-01-19 11:57 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-01-19 11:57 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-01-19 11:57 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-01-19 11:47 - 2019-12-07 14:51 - 000000000 ____D C:\Windows\OCR
2024-01-19 11:36 - 2020-11-18 22:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-19 10:39 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-19 10:39 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-19 10:34 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-19 02:31 - 2022-03-15 17:04 - 000000000 ____D C:\Windows\SystemTemp
2024-01-18 12:41 - 2021-04-19 15:12 - 000000000 ____D C:\Users\DELL\AppData\Local\Packages
2024-01-18 12:27 - 2021-04-19 15:16 - 000000000 ____D C:\Users\DELL\AppData\Local\PlaceholderTileLogoFolder
2024-01-18 12:27 - 2021-04-19 15:12 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Spelling
2024-01-17 18:33 - 2021-04-19 15:30 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-17 18:32 - 2023-02-20 13:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-01-17 18:32 - 2022-10-17 15:49 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-17 13:03 - 2021-04-19 15:30 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Word
2024-01-17 11:29 - 2022-05-24 14:26 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Excel
2024-01-13 19:29 - 2023-01-19 10:26 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-13 19:29 - 2020-11-18 23:42 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-12 12:46 - 2021-04-19 15:29 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-12 12:01 - 2021-04-19 15:11 - 000000000 ____D C:\Users\DELL
2024-01-12 04:24 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF
2024-01-11 18:50 - 2021-04-19 15:13 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-11 18:50 - 2019-12-07 14:49 - 000755264 _____ C:\Windows\system32\perfh00C.dat
2024-01-11 18:50 - 2019-12-07 14:49 - 000142070 _____ C:\Windows\system32\perfc00C.dat
2024-01-11 18:47 - 2021-04-19 15:54 - 000000000 __SHD C:\Users\DELL\IntelGraphicsProfiles
2024-01-11 18:45 - 2021-04-19 15:34 - 000000000 ____D C:\Intel
2024-01-11 18:45 - 2021-04-19 15:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-11 18:45 - 2020-11-18 23:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-11 18:45 - 2020-11-18 22:39 - 000465856 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-11 18:44 - 2019-12-07 09:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-10 16:29 - 2021-04-19 15:31 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-10 16:29 - 2021-04-19 15:31 - 000000000 ____D C:\Windows\system32\MRT
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-01-08 16:54 - 2022-03-15 14:16 - 000001412 _____ C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Endpoint Security for Windows.lnk
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lv-LV
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lt-LT
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\et-EE
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\es-MX
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\Dism
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\Provisioning
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-01-08 16:54 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\servicing
2024-01-08 13:18 - 2021-04-19 16:06 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\Adobe
2024-01-06 11:01 - 2019-12-07 14:52 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-01-06 11:01 - 2019-12-07 14:52 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-01-06 10:55 - 2020-11-18 23:42 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-01-06 06:10 - 2020-11-18 23:40 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-05 19:07 - 2021-04-19 15:30 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Office
2023-12-26 13:04 - 2022-07-05 15:37 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\PowerPoint
2023-12-22 11:33 - 2023-05-31 11:32 - 000000000 ____D C:\Users\DELL\Desktop\badr rh
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par DELL (administrateur) sur DESKTOP-DQLMD64 (Dell Inc. OptiPlex 3070) (19-01-2024 12:21:31)
Exécuté depuis C:\Users\DELL\Desktop\FRST64.exe
Profils chargés: DELL
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxEM.exe
(explorer.exe ->) (CANON INC. -> CANON INC.) C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Huawei Technologies Co., Ltd. -> ) C:\ProgramData\MobileBrServ\mbbService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_baf36d4852e8e257\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_64d7fcfcde9b9c10\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_99f6bd58bfe82726\RstMwService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_a439e07c373809e2\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8bf8ab287ec0df61\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_8bf8ab287ec0df61\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_981d034327bfbdcc\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exe <2>
(services.exe ->) (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpsus.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe <3>
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxAccounts.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21768.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\DELL\AppData\Local\Microsoft\OneDrive\23.246.1127.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [WavesSvc] => C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [1774584 2021-02-18] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c984e9ce714075ab\RtkAudUService64.exe [1345104 2021-09-09] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Canon Toner Status] => C:\Program Files (x86)\Canon\OIPTonerStatus\CnTnrStsTask.exe [1906784 2018-12-11] (CANON INC. -> CANON INC.)
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\Run: [MicrosoftEdgeAutoLaunch_6B770857D9B81538FA9524CBB2D560C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854272 2024-01-11] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [11556768 2024-01-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\MountPoints2: {3324ca15-cb65-11eb-be12-806e6f6e6963} - "D:\MInst.exe"
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\MountPoints2: {97b9ba1d-d6a3-11ec-be1f-1e8ee64c88f2} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-88931369-858736966-2725105489-1001\...\MountPoints2: {a3f6bf80-6c05-11ee-be81-a4bb6db6569d} - "F:\AutoRun.exe"
HKLM\...\Print\Monitors\CPCA Language Monitor3b: C:\Windows\system32\CNAS0MOK.DLL [1282048 2017-10-20] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\CPCA Language Monitor4: C:\Windows\system32\CNAS0MPK.DLL [1804288 2021-07-01] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.225\Installer\chrmstp.exe [2024-01-19] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {C2366315-18CA-4A48-89EB-A028E9C96A3A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1566200 2023-09-20] (Adobe Inc. -> Adobe Inc.)
Task: {F9F554F0-A424-4128-B603-4B18D822E7DA} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [1826800 2018-10-29] (CANON INC. -> CANON INC.) -> /Config:"C:\Program Files\Canon\OIPPESP\CnpspCfg.xml"
Task: {79EBBA96-1C6D-468B-AA2B-23360DF96324} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem122.0.6253.0{EF6CBF1F-0047-4AF6-ADA8-524902D6E117} => C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
Task: {83DA1DD9-5807-44C3-9D45-9120FE18B2B0} - System32\Tasks\Intel PTT EK Recertification => C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_367008a610747d24\lib\IntelPTTEKRecertification.exe [862200 2022-12-20] (Intel Corporation -> Intel(R) Corporation)
Task: {26533F2C-2B7B-4685-9CA3-80311CFBF65E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {A98CAD7D-C99D-480D-BF1B-CCCAA68423C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {F2D8716F-3DD4-4793-A5FA-DBC0EFDF125C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {20889F53-D6A5-4AE6-BE50-3C934D1A1BD1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8B2FE778-F3B2-47D4-8017-9A886B466A62} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2493DC02-2CCA-467C-811E-5B4B9B8EC047} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {19B3234A-56ED-490E-AAFC-72EA54707488} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}: [DhcpNameServer] 192.168.119.179
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\255646D69602E4F6475602130335: [DhcpNameServer] 192.168.126.57
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\94D616E6964716: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\960586F6E65602465602472756A7: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{4fddedbc-61b3-4ff3-a6fa-b8050380a42d}\96E677960284F6D656024374733403739323: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\05968756C6: [DhcpNameServer] 192.168.14.112
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\143786910237020786F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\255646D69602E4F64756021313: [DhcpNameServer] 192.168.119.179
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\960586F6E65602465602472756A7: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{56135697-ee36-4150-89b1-173bd9d44782}\96E677960284F6D656024374733403739323: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{8040b2ad-7486-4271-a1dd-200f6e652e0b}: [DhcpNameServer] 192.168.2.17 192.168.2.18
Tcpip\..\Interfaces\{8040b2ad-7486-4271-a1dd-200f6e652e0b}: [DhcpDomain] casablanca.lan
Tcpip\..\Interfaces\{e58c0e6c-2443-4f73-80dc-68d704f88149}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-19]
Edge Extension: (Google Docs hors connexion) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-11-02]
Edge Extension: (Edge relevant text changes) - C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-13]
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2022-03-24] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-01-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default [2024-01-19]
CHR Notifications: Default -> hxxps://espace-client.orange.ma; hxxps://ledesk.ma; hxxps://www.electroplanet.ma; hxxps://www.orange.ma; hxxps://www.youtube.com
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-15]
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\System Profile [2022-07-15]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-09-20] (Adobe Inc. -> Adobe Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avp.exe [2282864 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
R2 avpsus; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Endpoint Security for Windows\avpsus.exe [3683928 2019-05-20] (Kaspersky Lab -> AO Kaspersky Lab)
S2 GoogleUpdaterInternalService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService122.0.6253.0; C:\Program Files (x86)\Google\GoogleUpdater\122.0.6253.0\updater.exe [4652320 2024-01-17] (Google LLC -> Google LLC) <==== ATTENTION
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [242256 2014-08-20] (Huawei Technologies Co., Ltd. -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534472 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-01-06] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [80720 2019-04-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [130176 2019-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [37816 2019-01-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [259192 2019-05-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klfltdev; C:\Windows\system32\DRIVERS\klfltdev.sys [58496 2019-02-19] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [399184 2019-02-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [1107064 2019-03-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\KES\Bases\klids.sys [188848 2022-06-16] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1054840 2019-05-18] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [59216 2019-01-28] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [52048 2019-01-26] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [46208 2019-01-26] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_KLIF_arkmon; C:\Windows\System32\Drivers\klupd_KLIF_arkmon.sys [376920 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_KLIF_klark; C:\Windows\System32\Drivers\klupd_KLIF_klark.sys [357136 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_KLIF_klbg; C:\Windows\System32\Drivers\klupd_KLIF_klbg.sys [187200 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_KLIF_mark; C:\Windows\System32\Drivers\klupd_KLIF_mark.sys [267824 2022-06-22] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_KLIF_swmon; C:\Windows\System32\Drivers\klupd_KLIF_swmon.sys [238120 2022-03-15] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [105600 2019-02-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [212608 2019-01-29] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [237904 2019-04-29] (Kaspersky Lab -> AO Kaspersky Lab)
R3 MpKslc72583e4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F0BBA39A-519B-4C47-921E-9AD9710B3724}\MpKslDrv.sys [263560 2024-01-19] (Microsoft Windows -> Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 usbrndis6; C:\Windows\System32\drivers\usb80236.sys [24064 2023-11-02] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [55856 2024-01-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [594304 2024-01-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105856 2024-01-06] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-19 12:21 - 2024-01-19 12:23 - 000020662 _____ C:\Users\DELL\Desktop\FRST.txt
2024-01-19 12:18 - 2024-01-19 12:22 - 000000000 ____D C:\FRST
2024-01-19 12:17 - 2024-01-19 12:17 - 002389504 _____ (Farbar) C:\Users\DELL\Desktop\FRST64.exe
2024-01-12 12:26 - 2024-01-12 12:26 - 000034063 _____ C:\Users\DELL\Downloads\Situation INDH 31 12 2023 (1).xlsx
2024-01-11 03:29 - 2024-01-11 03:29 - 000000000 ___HD C:\$WinREAgent
2024-01-09 13:41 - 2024-01-09 15:36 - 000000000 _____ C:\Users\DELL\Downloads\DDA5D400
2024-01-08 17:15 - 2024-01-08 17:16 - 000431729 _____ C:\Users\DELL\Downloads\0_Consolidation_Globla_RCS_MI_25-09-2023 (4).xlsx
2024-01-08 16:54 - 2024-01-08 16:54 - 000000000 ____D C:\Windows\InboxApps
2024-01-06 10:55 - 2024-01-06 10:55 - 000016707 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-01-05 16:15 - 2024-01-05 16:16 - 000431729 _____ C:\Users\DELL\Downloads\0_Consolidation_Globla_RCS_MI_25-09-2023 (3).xlsx
2024-01-05 15:59 - 2024-01-05 16:10 - 000033367 _____ C:\Users\DELL\Downloads\Situation INDH 31 12 2023 modifiée.xlsx
2024-01-05 15:19 - 2024-01-05 15:19 - 000060416 _____ C:\Users\DELL\Downloads\INDH 12-2023_finances_RCS_TGR_2.xls
2023-12-26 16:06 - 2023-12-26 16:44 - 000000000 _____ C:\Users\DELL\Downloads\1FAA5100
2023-12-26 16:06 - 2023-12-26 16:44 - 000000000 _____ C:\Users\DELL\Downloads\07AA5100
2023-12-26 12:00 - 2023-12-26 12:00 - 000060928 _____ C:\Users\DELL\Downloads\INDH 12-2023_finances_RCS_TGR.xls
2023-12-26 10:32 - 2023-12-26 11:52 - 000000000 _____ C:\Users\DELL\Downloads\50EE4000
2023-12-25 15:14 - 2023-12-25 15:14 - 000147488 _____ C:\Users\DELL\Downloads\CONSOLIDATION RECAP GLOBAL INDH-CRDH_Imanef.xlsx
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-19 12:20 - 2022-03-15 14:15 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2024-01-19 12:07 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\CbsTemp
2024-01-19 11:57 - 2019-12-07 14:52 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2024-01-19 11:57 - 2019-12-07 14:52 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-01-19 11:57 - 2019-12-07 14:52 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2024-01-19 11:57 - 2019-12-07 14:49 - 000000000 ____D C:\Windows\SysWOW64\WCN
2024-01-19 11:57 - 2019-12-07 14:49 - 000000000 ____D C:\Windows\system32\WCN
2024-01-19 11:57 - 2019-12-07 09:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-01-19 11:57 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\SystemResetPlatform
2024-01-19 11:57 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2024-01-19 11:47 - 2019-12-07 14:51 - 000000000 ____D C:\Windows\OCR
2024-01-19 11:36 - 2020-11-18 22:39 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-01-19 10:39 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\AppReadiness
2024-01-19 10:39 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-01-19 10:34 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-01-19 02:31 - 2022-03-15 17:04 - 000000000 ____D C:\Windows\SystemTemp
2024-01-18 12:41 - 2021-04-19 15:12 - 000000000 ____D C:\Users\DELL\AppData\Local\Packages
2024-01-18 12:27 - 2021-04-19 15:16 - 000000000 ____D C:\Users\DELL\AppData\Local\PlaceholderTileLogoFolder
2024-01-18 12:27 - 2021-04-19 15:12 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Spelling
2024-01-17 18:33 - 2021-04-19 15:30 - 000004562 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-01-17 18:32 - 2023-02-20 13:25 - 000002072 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-01-17 18:32 - 2022-10-17 15:49 - 000002084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-01-17 13:03 - 2021-04-19 15:30 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Word
2024-01-17 11:29 - 2022-05-24 14:26 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Excel
2024-01-13 19:29 - 2023-01-19 10:26 - 000002291 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-01-13 19:29 - 2020-11-18 23:42 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-01-12 12:46 - 2021-04-19 15:29 - 000918944 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2024-01-12 12:01 - 2021-04-19 15:11 - 000000000 ____D C:\Users\DELL
2024-01-12 04:24 - 2019-12-07 09:13 - 000000000 ____D C:\Windows\INF
2024-01-11 18:50 - 2021-04-19 15:13 - 001681370 _____ C:\Windows\system32\PerfStringBackup.INI
2024-01-11 18:50 - 2019-12-07 14:49 - 000755264 _____ C:\Windows\system32\perfh00C.dat
2024-01-11 18:50 - 2019-12-07 14:49 - 000142070 _____ C:\Windows\system32\perfc00C.dat
2024-01-11 18:47 - 2021-04-19 15:54 - 000000000 __SHD C:\Users\DELL\IntelGraphicsProfiles
2024-01-11 18:45 - 2021-04-19 15:34 - 000000000 ____D C:\Intel
2024-01-11 18:45 - 2021-04-19 15:03 - 000008192 ___SH C:\DumpStack.log.tmp
2024-01-11 18:45 - 2020-11-18 23:39 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-01-11 18:45 - 2020-11-18 22:39 - 000465856 _____ C:\Windows\system32\FNTCACHE.DAT
2024-01-11 18:44 - 2019-12-07 09:03 - 000524288 _____ C:\Windows\system32\config\BBI
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SystemResources
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\setup
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\ShellExperiences
2024-01-11 18:43 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\bcastdvr
2024-01-10 16:29 - 2021-04-19 15:31 - 189718008 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-01-10 16:29 - 2021-04-19 15:31 - 000000000 ____D C:\Windows\system32\MRT
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\WinMetadata
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\lv-LV
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\lt-LT
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\et-EE
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\es-MX
2024-01-08 16:55 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-01-08 16:54 - 2022-03-15 14:16 - 000001412 _____ C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Endpoint Security for Windows.lnk
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\WinMetadata
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\oobe
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lv-LV
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\lt-LT
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\et-EE
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\es-MX
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\system32\Dism
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\Provisioning
2024-01-08 16:54 - 2019-12-07 09:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2024-01-08 16:54 - 2019-12-07 09:03 - 000000000 ____D C:\Windows\servicing
2024-01-08 13:18 - 2021-04-19 16:06 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\Adobe
2024-01-06 11:01 - 2019-12-07 14:52 - 000023040 _____ (Microsoft Corporation) C:\Windows\system32\OEMDefaultAssociations.dll
2024-01-06 11:01 - 2019-12-07 14:52 - 000020827 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2024-01-06 10:55 - 2020-11-18 23:42 - 003016192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2024-01-06 06:10 - 2020-11-18 23:40 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-01-05 19:07 - 2021-04-19 15:30 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Office
2023-12-26 13:04 - 2022-07-05 15:37 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\PowerPoint
2023-12-22 11:33 - 2023-05-31 11:32 - 000000000 ____D C:\Users\DELL\Desktop\badr rh
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================