Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-06-2021 Exécuté par Benjamin (administrateur) sur CARI-OASIS (Acer Aspire A515-52K) (04-06-2021 09:28:14) Exécuté depuis C:\Users\med\Desktop Profils chargés: Benjamin Platform: Windows 10 Home Version 2004 19041.985 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxCUIService.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_92cf9d9d84f1d3db\igfxEM.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7d6ad0397c5dc3fd\IntelCpHDCPSvc.exe (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_7d6ad0397c5dc3fd\IntelCpHeciSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_8559c34713c70ce4\RstMwService.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avpui.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.8.8.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBar.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.621.4222.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Windows Hardware Compatibility Publisher -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <11> (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\updater-ws.exe (pdfforge GmbH -> pdfforge GmbH) C:\Program Files\PDF Architect 7\ws.exe (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe <6> ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [319520 2018-12-06] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) HKU\S-1-5-21-1524576055-28628056-1756210282-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [109961080 2021-05-25] (Skype Software Sarl -> Skype Technologies S.A.) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [116736 2020-01-29] (pdfforge GmbH) [Fichier non signé] ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {03DE0711-4273-4F08-B8D8-C0E169191E25} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\OS Edition Upgrade event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [480256 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {21049CEB-D5B1-4FF9-B579-35322C60B1F7} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\Win10 S Mode event listener created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [480256 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {2942FA44-8A50-4F22-8918-65EACF37BD95} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\EnterpriseDataProtection\Enterprise data protection enforcement level change => C:\WINDOWS\system32\edpcleanup.exe [171520 2021-02-14] (Microsoft Windows -> Microsoft Corporation) Task: {31CCCA67-4EC3-460E-B5AD-96E03DB134C0} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [473880 2020-07-16] (Acer Incorporated -> Acer Incorporated) Task: {3A489925-3A6C-4E7A-ABA3-FD6AC6367D4B} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\EnterpriseDataProtection\Enterprise data protection network isolation policy change => C:\WINDOWS\system32\edpcleanup.exe [171520 2021-02-14] (Microsoft Windows -> Microsoft Corporation) Task: {540E59E0-E0FF-42BA-93C8-A3F34E8DFEC5} - System32\Tasks\Oem\wlanBrokerTask => C:\Program Files (x86)\Acer\ExpressVPN\wlanBroker.exe [17688 2019-11-16] (Acer Incorporated -> ) Task: {5AF22C95-A986-408E-BBC9-4204EC090411} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation) Task: {629B2FE1-80AC-4DFB-B5B5-117644F21177} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\Schedule to run OMADMClient by client => C:\WINDOWS\system32\omadmclient.exe [437248 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {7A9BB0CD-0C69-4CA4-826A-18F1DF52C640} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23124336 2021-05-21] (Microsoft Corporation -> Microsoft Corporation) Task: {7B5CB24D-FB12-4A0B-BDC3-8F260EF7281F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-02] (Microsoft Corporation -> Microsoft Corporation) Task: {8078FFFD-36B6-428F-98AF-933428284A40} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\Provisioning initiated session => C:\WINDOWS\system32\deviceenroller.exe [480256 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {84793F85-14F0-4326-BA80-4F4812EF3B7D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696304 2021-05-06] (Mozilla Corporation -> Mozilla Foundation) Task: {86DCCFAA-30AE-40D1-850D-E2F1A7B52A9A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\Passport for Work alert created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [480256 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {8A84F52C-8C75-491B-839A-D3052E87AC63} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\PushUpgrade => C:\WINDOWS\system32\deviceenroller.exe [480256 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {8CBBA72B-8896-46D7-AAE4-36B60A1EEFF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.) Task: {A8474A9D-0F52-4FE8-A3E7-BFE303C82561} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [330280 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {DD302050-3AC4-47D0-A95B-15C6CE2E81C5} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [29757392 2021-02-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) Task: {E05A4BCF-8A14-4BFD-8203-9C8F3BF3A82B} - System32\Tasks\RtkAudUService64_BG => C:\Windows\system32\RtkAudUService64.exe [838248 2018-12-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor) Task: {E24E9BA8-1D99-49E4-9BCD-D731F9212D1A} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\Schedule to run OMADMClient by server => C:\WINDOWS\system32\omadmclient.exe [437248 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {EAA0B329-555F-466F-9B56-40FB6C6AFAC3} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\Maintenance Schedule created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [480256 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {EBEF7F55-56FA-4514-BF73-E3A81B097441} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1122200 2021-06-02] (Microsoft Corporation -> Microsoft Corporation) Task: {F3BC90D4-7DC7-4633-A9A7-F7E3BA15DD7E} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\EnterpriseDataProtection\Evaluate enterprise data protection configuration => C:\WINDOWS\system32\edpcleanup.exe [171520 2021-02-14] (Microsoft Windows -> Microsoft Corporation) Task: {FBB6DBED-1495-4F54-84E5-B1B971DF4E10} - System32\Tasks\Microsoft\Windows\EnterpriseMgmt\BC683957-6743-478A-BBC1-4CD09C4240E4\Schedule #3 created by enrollment client => C:\WINDOWS\system32\deviceenroller.exe [480256 2021-04-16] (Microsoft Windows -> Microsoft Corporation) Task: {FF97BDA5-FA4D-46C8-A772-42C5F1560E0E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118088 2021-06-02] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3bda5134-cda5-4c37-8abd-df5b8a5537c0}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5a30c327-615e-409a-bc48-9fa6b6563035}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)] Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)] Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)] Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)] Edge Profile: C:\Users\med\AppData\Local\Microsoft\Edge\User Data\Default [2021-06-01] Edge HKU\S-1-5-21-1524576055-28628056-1756210282-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] FireFox: ======== FF DefaultProfile: r91jbtas.default FF ProfilePath: C:\Users\med\AppData\Roaming\Mozilla\Firefox\Profiles\r91jbtas.default [2021-06-04] FF Homepage: Mozilla\Firefox\Profiles\r91jbtas.default -> hxxps://duckduckgo.com/?t=ffnt&atb=v207-6_r FF Extension: (Dictionnaire français) - C:\Users\med\AppData\Roaming\Mozilla\Firefox\Profiles\r91jbtas.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2021-01-06] FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\med\AppData\Roaming\Mozilla\Firefox\Profiles\r91jbtas.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2021-05-11] FF Extension: (Français Language Pack) - C:\Users\med\AppData\Roaming\Mozilla\Firefox\Profiles\r91jbtas.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2021-04-20] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\med\AppData\Roaming\Mozilla\Firefox\Profiles\r91jbtas.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-05-20] FF Extension: (Amazon Assistant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com.xpi [2017-12-09] [UpdateUrl:hxxps://s3-us-west-2.amazonaws.com/ubp-ubpextension-us-prod/vendor-update/firefox/acer1/updates.json] FF Extension: (Français Language Pack) - C:\Program Files\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org.xpi [2018-09-05] FF Extension: (Mozilla Partner Defaults) - C:\Program Files\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2021-05-06] [] FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-02] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-04-27] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1524576055-28628056-1756210282-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\med\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-1524576055-28628056-1756210282-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\med\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.) R2 AviraOptimizerHost; C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2988544 2020-06-03] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraPhantomVPN; C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [383976 2021-05-06] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AviraUpdaterService; C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [161072 2020-12-16] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\avp.exe [184768 2021-06-03] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11279752 2021-05-21] (Microsoft Corporation -> Microsoft Corporation) S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Cloud 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [646520 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7391408 2021-06-03] (Malwarebytes Inc -> Malwarebytes) R3 PDF Architect 7; C:\Program Files\PDF Architect 7\ws.exe [2579752 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) R2 PDF Architect 7 Update Service; C:\Program Files\PDF Architect 7\updater-ws.exe [1832232 2019-10-07] (pdfforge GmbH -> pdfforge GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé] R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [250032 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-06-03] (Malwarebytes Inc -> Malwarebytes) R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110336 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [211704 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [126216 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab) R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [514840 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [657696 2021-05-08] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1439456 2021-05-08] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [253736 2021-06-03] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab) R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1042712 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [98040 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [112392 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [112904 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85256 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [96008 2021-06-03] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2020-10-22] (AnchorFree Inc -> The OpenVPN Project) R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [263888 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [309104 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [115744 2021-04-15] (Kaspersky Lab JSC -> AO Kaspersky Lab) R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [224880 2021-04-16] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [155912 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [327936 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300808 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-06-03] (Malwarebytes Inc -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-06-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-06-03] (Malwarebytes Inc -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-06-03] (Malwarebytes Inc -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-03] (Malwarebytes Inc -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [157944 2021-06-03] (Malwarebytes Inc -> Malwarebytes) R3 phantomtap; C:\WINDOWS\System32\drivers\phantomtap.sys [45056 2020-03-18] (Avira Operations GmbH & Co. KG -> The OpenVPN Project) S3 RDID1117; C:\WINDOWS\system32\Drivers\RDWM1117.SYS [309888 2015-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Roland Corporation) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-06-04 09:28 - 2021-06-04 09:29 - 000024518 _____ C:\Users\med\Desktop\FRST.txt 2021-06-04 09:26 - 2021-06-04 09:28 - 000000000 ____D C:\FRST 2021-06-04 09:24 - 2021-06-04 09:24 - 002300416 _____ (Farbar) C:\Users\med\Desktop\FRST64.exe 2021-06-03 16:47 - 2021-06-03 16:47 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2021-06-03 16:47 - 2021-06-03 16:47 - 000157944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2021-06-03 16:47 - 2021-06-03 16:47 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2021-06-03 13:06 - 2021-06-03 13:06 - 000001531 _____ C:\Users\med\Desktop\Rapport_Malwarebytes.txt 2021-06-03 13:01 - 2021-06-03 13:01 - 000000000 ____D C:\Users\med\AppData\Local\mbam 2021-06-03 13:00 - 2021-06-03 13:00 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2021-06-03 13:00 - 2021-06-03 13:00 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys 2021-06-03 13:00 - 2021-06-03 13:00 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2021-06-03 13:00 - 2021-06-03 13:00 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys 2021-06-03 13:00 - 2021-06-03 13:00 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2021-06-03 13:00 - 2021-06-03 13:00 - 000002025 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2021-06-03 13:00 - 2021-06-03 13:00 - 000000000 ____D C:\ProgramData\Malwarebytes 2021-06-03 13:00 - 2021-06-03 13:00 - 000000000 ____D C:\Program Files\Malwarebytes 2021-06-03 12:59 - 2021-06-03 12:59 - 002080712 _____ (Malwarebytes) C:\Users\med\Desktop\MBSetup.exe 2021-06-03 12:59 - 2021-06-03 12:59 - 000002614 _____ C:\Users\med\Desktop\AdwCleaner[C00].txt 2021-06-03 12:54 - 2021-06-03 12:55 - 000000000 ____D C:\AdwCleaner 2021-06-03 12:54 - 2021-06-03 12:54 - 008534696 _____ (Malwarebytes) C:\Users\med\Desktop\adwcleaner_8.2.exe 2021-06-03 12:52 - 2021-06-03 12:52 - 000010438 _____ C:\Users\med\Desktop\ZHPCleaner (R).html 2021-06-03 12:52 - 2021-06-03 12:52 - 000003437 _____ C:\Users\med\Desktop\ZHPCleaner (R).txt 2021-06-03 12:49 - 2021-06-03 12:49 - 000010318 _____ C:\Users\med\Desktop\ZHPCleaner (S).html 2021-06-03 12:49 - 2021-06-03 12:49 - 000003377 _____ C:\Users\med\Desktop\ZHPCleaner (S).txt 2021-06-03 12:31 - 2021-06-03 12:31 - 003255448 _____ (Nicolas Coolman) C:\Users\med\Downloads\ZHPCleaner.exe 2021-06-03 12:31 - 2021-06-03 12:31 - 000000877 _____ C:\Users\med\Desktop\ZHPCleaner.lnk 2021-06-03 11:40 - 2021-06-03 11:40 - 000126265 _____ C:\Users\med\Downloads\Call-for-Concept-Notes-En-Ar-.pdf 2021-06-03 09:19 - 2021-06-03 13:16 - 000300427 _____ C:\Users\med\Desktop\ZHPDiag.txt 2021-06-03 09:10 - 2021-06-03 13:16 - 000000000 ____D C:\Users\med\AppData\Roaming\ZHP 2021-06-03 09:10 - 2021-06-03 12:31 - 000000000 ____D C:\Users\med\AppData\Local\ZHP 2021-06-03 09:10 - 2021-06-03 09:10 - 000000867 _____ C:\Users\med\Desktop\ZHPSuite.lnk 2021-06-03 09:09 - 2021-06-03 09:09 - 003469464 _____ (Nicolas Coolman) C:\Users\med\Downloads\ZHPSuite.exe 2021-06-02 10:46 - 2021-06-02 10:46 - 000000000 ___RD C:\Users\med\OneDrive - CARI 2021-05-31 10:41 - 2021-05-31 10:41 - 000840754 _____ C:\Users\med\Downloads\fiche-sanitaire.pdf 2021-05-31 10:15 - 2021-05-31 10:15 - 000025782 _____ C:\Users\med\Downloads\Résultats - questionnaire_bien_etre_et_mal_etre_au_travail (retour equipe).xlsx 2021-05-28 12:46 - 2021-05-28 12:46 - 003654730 _____ C:\Users\med\Downloads\Dossier-de-présentation-TSV-2021-1.pdf 2021-05-28 12:43 - 2021-05-28 12:43 - 001225253 _____ C:\Users\med\Downloads\b60146_9e1d4a7889354befb3df01d397866ba5.pdf 2021-05-28 12:09 - 2021-05-28 12:09 - 000243276 _____ C:\Users\med\Downloads\Dossier-inscription-StudioM-Art.pdf 2021-05-28 12:08 - 2021-05-28 12:09 - 013707899 _____ C:\Users\med\Downloads\Brochure-StudioM.pdf 2021-05-28 11:58 - 2021-05-28 11:58 - 002108314 _____ C:\Users\med\Downloads\80c919_6ff72788c05d4ab1b6b5809b3c35682c.pdf 2021-05-28 11:37 - 2021-05-28 11:37 - 001193698 _____ C:\Users\med\Downloads\Mon Bilan Analyse Personnalité.pdf 2021-05-28 10:02 - 2021-05-28 10:02 - 013463207 _____ C:\Users\med\Downloads\RA2018_iReMMO_VF_Web.pdf 2021-05-28 09:53 - 2021-05-28 09:53 - 010664648 _____ C:\Users\med\Downloads\LA RAHLA 2021 - SAHARA ET SAHEL - NUMERO 236 MARS 2021 - NUMERISE PAGE PAR PAGE.pdf 2021-05-28 09:32 - 2021-05-28 09:32 - 000061500 _____ C:\Users\med\Downloads\La Grande Muraille verte en Afrique, nouvelle marotte de l’Elysée.pdf 2021-05-26 16:29 - 2021-05-26 16:29 - 002233387 _____ C:\Users\med\Downloads\Bulletin adhésion VISA 2021.pdf 2021-05-26 15:11 - 2021-05-26 15:11 - 015912895 _____ C:\Users\med\Downloads\Manuel-de-capitalisation-du-Parcours-FIP-double-page-FR.pdf 2021-05-25 15:24 - 2021-05-25 15:24 - 000155328 _____ C:\Users\med\Downloads\56-447-fichier-avis-ouverture.pdf 2021-05-25 15:17 - 2021-05-25 15:17 - 002761138 _____ C:\Users\med\Downloads\dossier_avril_2021.pdf 2021-05-25 15:14 - 2021-05-25 15:14 - 002776721 _____ C:\Users\med\Downloads\Bilan de la concertation.pdf 2021-05-25 11:40 - 2021-05-25 11:41 - 000000000 ____D C:\Users\med\AppData\Local\WhatsApp 2021-05-25 11:40 - 2021-05-25 11:40 - 130594512 _____ (WhatsApp) C:\Users\med\Downloads\WhatsAppSetup.exe 2021-05-21 16:24 - 2021-05-21 16:24 - 000092011 _____ C:\Users\med\Downloads\Fiche-de-poste-Coordination-Maroc-Le-Partenariat.pdf 2021-05-21 14:54 - 2021-05-21 14:54 - 000773285 _____ C:\Users\med\Downloads\Affiche-Ethioda-converti.pdf 2021-05-21 10:18 - 2021-05-21 10:18 - 007376218 _____ C:\Users\med\Downloads\CA1494FR.pdf 2021-05-20 14:01 - 2021-05-20 14:01 - 000343793 _____ C:\Users\med\Downloads\Convention_CFVA-1-3.pdf 2021-05-20 14:01 - 2021-05-20 14:01 - 000137568 _____ C:\Users\med\Downloads\Convention Centre 001.pdf 2021-05-20 11:50 - 2021-05-20 11:50 - 000035328 _____ C:\Users\med\Downloads\32468-annc-annexe_b_cadre_logique.xls 2021-05-20 11:49 - 2021-05-20 11:49 - 000025600 _____ C:\Users\med\Downloads\Cadre logique AP5PC-2013-03.xls 2021-05-20 11:48 - 2021-05-20 11:48 - 000013157 _____ C:\Users\med\Downloads\2021_Cadre-Logique-vierge-eval.fr_-.xlsx 2021-05-19 16:49 - 2021-05-19 16:49 - 005547458 _____ C:\Users\med\Downloads\rapport_agrisud2020-FR-doublePage.pdf 2021-05-19 15:09 - 2021-05-19 15:09 - 006198026 _____ C:\Users\med\Downloads\200827_Synthèse_DevOasis_Doc_2.pdf 2021-05-19 15:08 - 2021-05-19 15:09 - 001384889 _____ C:\Users\med\Downloads\200717_plaidoyer_DevOasis_FR-AR-APEB.pdf 2021-05-18 19:02 - 2021-05-18 19:02 - 000124086 _____ C:\Users\med\Downloads\document_548746.pdf 2021-05-18 13:59 - 2021-05-18 13:59 - 000476210 _____ C:\Users\med\Downloads\questionnaire spermogramme.pdf 2021-05-18 12:38 - 2021-05-18 12:38 - 000137330 _____ C:\Users\med\Downloads\Devis Palmiers avril 2021.pdf 2021-05-18 10:01 - 2021-05-18 10:01 - 001114842 _____ C:\Users\med\Downloads\Manuel-Marqueur-CAD-Aide-Egalite-HF.pdf 2021-05-17 16:10 - 2021-05-17 16:10 - 000146579 _____ C:\Users\med\Downloads\ACFrOgBH1Zrcu7UIPmyNXNf341NAgVmLB4t0uGG5AVvdBaz3U7SgFlvFjuSleyj61YGQg3F73wEgZnY1gNESxmNrVZ5Bdoy1T1Nzn_S7mhUmnozR8ra2sOjBUhPFEPQ=.pdf 2021-05-17 09:56 - 2021-05-17 09:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2021-05-17 09:56 - 2021-05-17 09:56 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2021-05-17 09:56 - 2021-05-17 09:56 - 001687040 _____ C:\WINDOWS\system32\libcrypto.dll 2021-05-17 09:56 - 2021-05-17 09:56 - 000700928 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll 2021-05-17 09:55 - 2021-05-17 09:55 - 001823816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2021-05-17 09:55 - 2021-05-17 09:55 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2021-05-17 09:55 - 2021-05-17 09:55 - 001314120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2021-05-17 09:55 - 2021-05-17 09:55 - 001163776 _____ C:\WINDOWS\system32\MBR2GPT.EXE 2021-05-17 09:55 - 2021-05-17 09:55 - 000060928 _____ C:\WINDOWS\system32\runexehelper.exe 2021-05-17 09:55 - 2021-05-17 09:55 - 000011351 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim 2021-05-17 09:54 - 2021-05-17 09:54 - 000165888 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe 2021-05-17 09:54 - 2021-05-17 09:54 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe 2021-05-17 09:32 - 2021-05-17 09:32 - 000333771 _____ C:\Users\med\Downloads\appel_candidature_charge_mission_travaux_2021_v_0.pdf 2021-05-12 10:41 - 2021-05-12 10:41 - 000646614 _____ C:\Users\med\Downloads\Liste_des_fournisseurs_de_semences_partenaires_du_GSDM.pdf 2021-05-11 17:52 - 2021-05-11 17:52 - 000632318 _____ C:\Users\med\Downloads\analyse-des-metiers-pour-lesquels-les-demandes-de-financement-sont-les-plus-nombreuses.pdf 2021-05-11 17:51 - 2021-05-11 17:51 - 000196882 _____ C:\Users\med\Downloads\enquete-metier.pdf 2021-05-11 17:41 - 2021-05-11 17:41 - 001037441 _____ C:\Users\med\Downloads\Formations-Audio.pdf 2021-05-11 17:39 - 2021-05-11 17:39 - 000815850 _____ C:\Users\med\Downloads\Technicien-son-en-studio.pdf 2021-05-11 17:27 - 2021-05-11 17:27 - 000817363 _____ C:\Users\med\Downloads\SAE-Paris-Tarifs-Contrat.pdf 2021-05-10 15:50 - 2021-05-10 15:50 - 000379404 _____ C:\Users\med\Downloads\10022419-fiche-garantie-E333R.pdf 2021-05-10 15:50 - 2021-05-10 15:50 - 000175879 _____ C:\Users\med\Downloads\10022419-fiche-garantie-ER1R.pdf 2021-05-10 15:43 - 2021-05-10 15:43 - 000580492 _____ C:\Users\med\Downloads\10022419-carte-de-mutuelle-de-2021.pdf 2021-05-10 15:38 - 2021-05-10 15:38 - 000280290 _____ C:\Users\med\Downloads\CourrierDeVotreCaisse.pdf 2021-05-10 11:13 - 2021-06-02 10:43 - 000000000 ___RD C:\Users\med\CARI 2021-05-10 11:13 - 2021-05-10 11:13 - 000000000 ___HD C:\OneDriveTemp 2021-05-08 18:05 - 2021-05-08 18:05 - 001439456 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2021-05-08 18:05 - 2021-05-08 18:05 - 000657696 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klgse.sys 2021-05-07 16:30 - 2021-05-07 16:30 - 003849506 _____ C:\Users\med\Downloads\strategie_nationale_zones_humides.pdf 2021-05-07 16:24 - 2021-05-07 16:24 - 003611379 _____ C:\Users\med\Downloads\projet_nat_sauvegarde_amenagement_oasis_2006_fr.pdf 2021-05-07 16:21 - 2021-05-07 16:21 - 004077172 _____ C:\Users\med\Downloads\Plan_daction_de_la_Strategie_de_DD_des_Oasis.pdf 2021-05-07 16:21 - 2021-05-07 16:21 - 002045722 _____ C:\Users\med\Downloads\3_1.pdf 2021-05-07 16:12 - 2021-05-07 16:12 - 000137030 _____ C:\Users\med\Downloads\manifeste_raddo_270313.pdf 2021-05-07 10:20 - 2021-05-07 10:20 - 004231522 _____ C:\Users\med\Downloads\1077-droit-des-semences-web-vf_ccordination_sud.pdf 2021-05-07 08:56 - 2021-05-07 08:56 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2021-05-06 15:44 - 2021-05-06 15:44 - 000424793 _____ C:\Users\med\Downloads\FHlIOGARD-140-JANV21.pdf 2021-05-06 15:41 - 2021-05-06 15:41 - 000134905 _____ C:\Users\med\Downloads\NIMES_TOULOUSE_202105071438_SGBXLL.pdf 2021-05-06 09:37 - 2021-06-04 09:28 - 000000000 ____D C:\Program Files\Mozilla Firefox 2021-05-05 13:07 - 2021-05-05 13:08 - 000000000 ____D C:\WINDOWS\Minidump 2021-05-05 13:07 - 2021-05-05 13:07 - 1301661498 _____ C:\WINDOWS\MEMORY.DMP 2021-05-05 13:07 - 2021-05-05 13:07 - 001847212 _____ C:\WINDOWS\Minidump\050521-14390-01.dmp 2021-05-05 13:07 - 2021-05-05 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Cloud 2021-05-05 11:28 - 2021-05-05 11:28 - 000833587 _____ C:\Users\med\Downloads\IKI_Newsletter_04_2021.pdf 2021-05-05 09:42 - 2021-05-05 09:44 - 012994665 _____ C:\Users\med\Downloads\Convention PACO 3 AFD CARI.pdf ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2021-06-04 09:22 - 2020-01-29 17:14 - 000000000 ____D C:\ProgramData\Mozilla 2021-06-04 09:21 - 2020-01-29 15:58 - 000000000 ____D C:\Users\med\AppData\LocalLow\Mozilla 2021-06-04 09:21 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2021-06-04 09:20 - 2021-02-01 13:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2021-06-03 16:51 - 2021-02-01 14:01 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2021-06-03 16:51 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat 2021-06-03 16:51 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat 2021-06-03 16:51 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF 2021-06-03 16:46 - 2021-02-01 14:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2021-06-03 16:46 - 2021-02-01 13:53 - 000008192 ___SH C:\DumpStack.log.tmp 2021-06-03 16:46 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState 2021-06-03 16:46 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2021-06-03 16:46 - 2019-12-07 11:03 - 000008192 _____ C:\WINDOWS\system32\config\ELAM 2021-06-03 13:54 - 2021-02-01 14:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\S-1-5-21-1524576055-28628056-1756210282-1001 2021-06-03 13:00 - 2020-01-29 16:03 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2021-06-03 13:00 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2021-06-03 12:55 - 2020-03-23 17:39 - 000000000 ____D C:\Users\med\Documents\Fichiers Outlook 2021-06-03 12:55 - 2019-03-27 12:16 - 000000000 ____D C:\ProgramData\Acer 2021-06-03 12:55 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated 2021-06-03 10:59 - 2021-02-19 21:09 - 000096008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpnpflt.sys 2021-06-03 10:17 - 2020-01-29 15:48 - 000000000 ____D C:\Users\med\AppData\Local\Packages 2021-06-03 08:45 - 2020-01-29 15:37 - 000000000 ____D C:\Users\med\AppData\Local\Host App Service 2021-06-03 08:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2021-06-02 10:46 - 2021-02-01 13:54 - 000000000 ____D C:\Users\med 2021-06-01 17:48 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2021-05-31 09:37 - 2020-06-25 09:44 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2021-05-31 09:37 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps 2021-05-28 09:30 - 2021-02-23 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2021-05-25 11:58 - 2020-02-12 15:56 - 000000000 ____D C:\Users\med\AppData\Roaming\WhatsApp 2021-05-25 11:41 - 2020-02-12 15:56 - 000002191 _____ C:\Users\med\Desktop\WhatsApp.lnk 2021-05-25 11:41 - 2020-02-12 15:56 - 000000000 ____D C:\Users\med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp 2021-05-25 11:41 - 2020-01-29 17:44 - 000000000 ____D C:\Users\med\AppData\Local\SquirrelTemp 2021-05-25 10:10 - 2021-02-01 14:05 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1524576055-28628056-1756210282-1001 2021-05-25 10:10 - 2021-02-01 13:54 - 000002399 _____ C:\Users\med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2021-05-25 10:10 - 2020-01-29 15:51 - 000000000 ___RD C:\Users\med\OneDrive 2021-05-18 14:00 - 2021-02-18 14:31 - 000150213 _____ C:\Users\med\Downloads\Ordonnance.pdf 2021-05-17 14:50 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF 2021-05-17 14:49 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2021-05-17 14:04 - 2021-02-01 13:53 - 000440856 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2021-05-17 14:04 - 2019-03-27 12:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2021-05-17 14:03 - 2019-12-07 16:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack 2021-05-17 14:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2021-05-17 10:07 - 2019-12-07 16:53 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\OEMDefaultAssociations.dll 2021-05-17 10:07 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2021-05-17 09:34 - 2020-02-06 13:13 - 000002140 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2021-05-17 09:20 - 2020-01-31 18:11 - 000000000 ____D C:\WINDOWS\system32\MRT 2021-05-17 09:03 - 2020-01-31 18:11 - 132732536 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2021-05-12 09:14 - 2020-11-26 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2021-05-10 13:15 - 2021-01-11 10:33 - 000000000 ____D C:\Users\med\Documents\Zoom 2021-05-10 10:45 - 2021-02-10 13:05 - 000002358 _____ C:\Users\med\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk 2021-05-07 16:09 - 2020-01-29 15:51 - 000000000 ____D C:\Users\med\AppData\Local\PlaceholderTileLogoFolder 2021-05-07 08:56 - 2019-03-27 12:21 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2021-05-05 13:10 - 2020-01-29 16:23 - 000000000 ____D C:\Program Files\Common Files\AV 2021-05-05 13:09 - 2021-01-06 12:10 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2021-05-05 13:09 - 2021-01-06 12:10 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================