RÃ©sultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 11-01-2023
ExÃ©cutÃ© par Emmanuel Michel (administrateur) sur EMMANUEL5MICHEL (LENOVO 20AQ006HUS) (13-01-2023 15:46:41)
ExÃ©cutÃ© depuis C:\Users\Mme OBAMA\OneDrive\Bureau
Profils chargÃ©s: Emmanuel Michel
Plate-forme: Microsoft Windows 10 Professionnel Version 21H2 19044.2364 (X64) Langue: FranÃ§ais (France)
Navigateur par dÃ©faut: Chrome
Mode d'amorÃ§age: Normal

==================== Processus (Avec liste blanche) =================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le processus sera arrÃªtÃ©. Le fichier ne sera pas dÃ©placÃ©.)

() [Fichier non signÃ©] D:\Program Files\Nox\bin\nox_adb.exe
(C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMSVC.exe ->) (Nox Limited Corporation) [Fichier non signÃ©] C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMHandle.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(explorer.exe ->) () [Fichier non signÃ©] D:\Program Files\Nox\bin\MultiPlayerManager.exe
(explorer.exe ->) (Duodian Technology Co. Ltd.) [Fichier non signÃ©] D:\Program Files\Nox\bin\Nox.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <34>
(explorer.exe ->) (Intel(R) pGFX -> ) C:\WINDOWS\System32\igfxTray.exe
(services.exe ->) (Apple Inc.) [Fichier non signÃ©] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\WINDOWS\System32\ibtsiva.exe
(services.exe ->) (Lenovo.) [Fichier non signÃ©] C:\WINDOWS\System32\ibmpmsvc.exe
(services.exe ->) (Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] [Fichier en cours d'utilisation] C:\Program Files\Windows Media Player\wmpnetwk.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\Locator.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\msdtc.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\PerceptionSimulation\PerceptionSimulationService.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\SearchIndexer.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\snmptrap.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\Spectrum.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\spoolsv.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\TieringEngineService.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\vds.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\VSSVC.exe
(services.exe ->) (Microsoft Corporation) [Fichier non signÃ©] C:\WINDOWS\System32\wbem\WmiApSrv.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor) [Fichier non signÃ©] C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Scarlet.Crush Productions) [Fichier non signÃ©] C:\Users\Mme OBAMA\OneDrive\Bureau\ScpServer\bin\ScpService.exe
(services.exe ->) (Synaptics Incorporated) [Fichier non signÃ©] C:\WINDOWS\System32\valWBFPolicyService.exe
(services.exe ->) (Synaptics Incorporated) [Fichier non signÃ©] C:\WINDOWS\System32\valWbioSyncSvc.exe
(svchost.exe ->) (Lenovo -> Lenovo) C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Nox Limited Corporation) [Fichier non signÃ©] C:\Program Files (x86)\Bignox\BigNoxVM\RT\NoxVMSVC.exe
(valWbioSyncSvc.exe ->) (Synaptics Incorporated) [Fichier non signÃ©] C:\Program Files\Synaptics\SynFP\Shared\SensorDBSynch.exe

==================== Registre (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, l'Ã©lÃ©ment de Registre sera restaurÃ© Ã  la valeur par dÃ©faut ou supprimÃ©. Le fichier ne sera pas dÃ©placÃ©.)

HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [455872 2020-06-22] (Power Software Limited -> Power Software Ltd)
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562179520 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [uTorrent] => C:\Users\Mme OBAMA\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-16] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [ut] => C:\Users\Mme OBAMA\AppData\Roaming\uTorrent\uTorrent.exe [2091560 2021-09-16] (BitTorrent Inc -> BitTorrent Inc.)
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44544 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [MicrosoftEdgeAutoLaunch_439BFEE0F5825C99DC4962F8B9E16AE2] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Mme OBAMA\AppData\Local\slack\slack.exe [1445888 2022-07-07] (Slack Technologies Inc.) [Fichier non signÃ©]
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [Application Restart] => C:\Users\Public\Libraries\MSBuild.EXE [1791488 2021-05-07] (Microsoft Corporation) [Fichier non signÃ©]
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [ProtonVPN] => C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.exe [8882280 2022-12-14] (Proton Technologies AG -> ProtonVPN)
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\Run: [NoxMultiPlayer] => D:\Program Files\Nox\bin\MultiPlayerManager.exe [4452352 2023-01-11] () [Fichier non signÃ©]
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\MountPoints2: {46e17994-d64b-11eb-98df-8086f29c1fed} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\MountPoints2: {6d167766-4f0d-11ec-996a-288023065e35} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\...\MountPoints2: {faf72967-41f3-11ec-9956-a9cb8e2d1ecf} - "E:\EMP_UDSe.exe" /autorun
HKU\S-1-5-21-1656645954-2122459023-1707544868-1003\...\Run: [MicrosoftEdgeAutoLaunch_A2BFEDEA1F63FA4511A49D4A3163DDCF] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1656645954-2122459023-1707544868-500\...\Run: [MicrosoftEdgeAutoLaunch_9987CEAFA1939BF8A5BD47FB8E54B0C5] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #1] => C:\WINDOWS\System32\osk.exe [653312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\WINDOWS\System32\osk.exe [653312 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2022-12-18] (Google LLC) [Fichier non signÃ©]

==================== TÃ¢ches planifiÃ©es (Avec liste blanche) ============

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

Task: {0D9F14BA-405B-4113-849A-ED2C0DD4FE30} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26887680 2023-01-04] (Microsoft Corporation) [Fichier non signÃ©]
Task: {0F459FB1-E4A5-436E-8B73-30EFCA5814A3} - System32\Tasks\Opera scheduled assistant Autoupdate 1623825727 => C:\Users\Mme OBAMA\AppData\Local\Programs\Opera\launcher.exe [43296768 2021-09-13] (Opera Software) [Fichier non signÃ©] -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Mme OBAMA\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {19C21C2C-5453-458B-BB0C-8A0DE15DD42D} - System32\Tasks\serveur scamp => C:\xampp\xampp_start.exe [1265664 2013-03-30] (Apache Friends) [Fichier non signÃ©]
Task: {1F915C88-F7ED-4890-AC4A-66D37D489094} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2E4A457B-DBE7-4447-9188-8C88BA78D1E6} - System32\Tasks\Microsoft\Windows\Setup\SnapshotCleanupTask => C:\WINDOWS\System32\OOBE\SetupPlatform\SetupPlatform.exe [1339392 2023-01-06] () [Fichier non signÃ©]
Task: {319C239B-F662-4B38-87C2-6737E4967D16} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\WINDOWS\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe [128976 2022-05-17] (Lenovo -> Lenovo)
Task: {3658AB0C-15AC-4F3E-BCA5-C87CB1CD7F99} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMSync => C:\Program Files\ruxim\ruximics.exe [1048576 2021-05-19] (Microsoft Corporation) [Fichier non signÃ©]
Task: {40AA63D3-6CC5-467D-8E0B-5F2E30B33ED9} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\WINDOWS\SysWOW64\PowerMgrInst.exe [64984 2022-05-17] (Lenovo -> )
Task: {42550A25-F98F-474B-8DF1-D37ED16AF262} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2368792 2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {45F63819-D724-4F79-8C03-FC2C3AE22FA3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2368792 2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {55CC007F-B46F-46DC-82F9-58DDF0557297} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3837008 2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {5623E840-96CD-4EC4-9E3B-4C6C952E76F2} - System32\Tasks\Opera scheduled Autoupdate 1673393705 => C:\Users\Mme OBAMA\AppData\Local\Programs\Opera\launcher.exe [43296768 2021-09-13] (Opera Software) [Fichier non signÃ©]
Task: {768123A7-0300-420A-B722-7C8EC2F3778F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\RUXIM\RUXIMDisplay => C:\Program Files\ruxim\ruximics.exe [1048576 2021-05-19] (Microsoft Corporation) [Fichier non signÃ©]
Task: {7D37E9A0-AD7B-499B-A5D0-965F709E7F1C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {91B71021-66F9-4412-837A-3864CF544ADD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [3837008 2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {962DF59B-40A6-4BE8-9D74-EA58C68D1A91} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [115280 2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {988399A9-01B0-4385-860F-33C6228475D0} - System32\Tasks\Online_KMS_Activation_Script-Renewal => %ProgramData%\Online_KMS_Activation\Activate.cmd Task
Task: {AEECAA80-47F5-4C4D-B4B1-B4CF806D20D1} - System32\Tasks\Opera scheduled Autoupdate 1673035482 => C:\Users\Mme OBAMA\AppData\Local\Programs\Opera\launcher.exe [43296768 2021-09-13] (Opera Software) [Fichier non signÃ©]
Task: {C976646B-848B-47E4-90FC-E45A0517869C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26887680 2023-01-04] (Microsoft Corporation) [Fichier non signÃ©]
Task: {D777B567-BB3B-4111-881C-0CB741022B0C} - System32\Tasks\Microsoft\Windows\Storage Tiers Management\Storage Tiers Management Initialization => {5C9AB547-345D-4175-9AF6-65133463A100} C:\Windows\System32\TieringEngineService.exe [1472000 2021-06-20] (Microsoft Corporation) [Fichier non signÃ©]
Task: {DBA80AE3-B218-415A-BC1F-452B68573332} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [274912 2023-01-06] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {DD910DF8-1CDC-486F-AA6E-7BA44BFAD067} - System32\Tasks\Opera scheduled Autoupdate 1623825720 => C:\Users\Mme OBAMA\AppData\Local\Programs\Opera\launcher.exe [43296768 2021-09-13] (Opera Software) [Fichier non signÃ©]
Task: {DE95FCFB-8D98-4650-8A3D-A5728989F978} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA12D1AB-6D6A-417F-B303-FCBB2B148549} - System32\Tasks\Online_KMS_Activation_Script-Run_Once => %ProgramData%\Online_KMS_Activation\Activate.cmd Task

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier tÃ¢che (.job) sera dÃ©placÃ©. Le fichier exÃ©cutÃ© par la tÃ¢che ne sera pas dÃ©placÃ©.)


==================== Internet (Avec liste blanche) ====================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, s'il s'agit d'un Ã©lÃ©ment du Registre, il sera supprimÃ© ou restaurÃ© Ã  la valeur par dÃ©faut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Hosts: Il y a plus d'un Ã©lÃ©ment dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5efe8dc7-cab7-4aa9-896d-f6162364fc61}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{6e6f4802-ed1d-4ff4-8492-7622d62bacd3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7a5fa152-11b1-4bf9-9361-67d37c9b9fb6}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{f1fb9868-68c6-4c7e-a46f-9a6cedcd2a94}: [DhcpNameServer] 192.168.8.1 192.168.8.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Mme OBAMA\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-13]
Edge Notifications: Default -> hxxps://cpdej.vigilated.space; hxxps://hero-wars.com; hxxps://www.facebook.com; hxxps://www.instagram.com
Edge StartupUrls: Default -> "hxxps://www.google.com/"
Edge Extension: (uBlock Origin) - C:\Users\Mme OBAMA\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-01-13]

FireFox:
========
FF DefaultProfile: 2pouctq1.default
FF ProfilePath: C:\Users\Mme OBAMA\AppData\Roaming\Mozilla\Firefox\Profiles\2pouctq1.default [2023-01-11]
FF Plugin: @java.com/DTPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\dtplugin\npDeployJava1.dll [2021-07-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.291.2 -> C:\Program Files\Java\jre1.8.0_291\bin\plugin2\npjp2.dll [2021-07-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-01-17] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2023-01-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-01-12] (Microsoft Corporation -> Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Default [2023-01-13]
CHR Notifications: Default -> hxxps://mail.proton.me; hxxps://meet.google.com; hxxps://www.facebook.com; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://poshukach.com/search?q={searchTerms}&fr=ps&gp=496724&altserp=1
CHR DefaultSearchKeyword: Default -> poshukach engin search
CHR DefaultSuggestURL: Default -> hxxps://suggest.finditnowonline.com/suggestionfeed/suggestion?format=json&gd=496721&q={searchTerms}
CHR Extension: (uBlock Origin) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2022-12-31]
CHR Extension: (OrangeMonkey) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf [2022-05-23]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-12-08]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-26]
CHR Profile: C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-01-13]
CHR Profile: C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 1 [2023-01-11]
CHR Notifications: Profile 1 -> hxxps://gaming.gentside.com
CHR Extension: (OrangeMonkey) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf [2022-05-25]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-02]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-03-26]
CHR Profile: C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 2 [2023-01-11]
CHR Notifications: Profile 2 -> hxxps://myorange.orange.cm
CHR Extension: (OrangeMonkey) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf [2022-06-15]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-09-06]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-15]
CHR Profile: C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 3 [2023-01-11]
CHR Extension: (OrangeMonkey) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf [2022-06-15]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-15]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-15]
CHR Profile: C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 4 [2023-01-11]
CHR Extension: (OrangeMonkey) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ekmeppjgajofkpiofbebgcbohbmfldaf [2022-06-16]
CHR Extension: (GoogleÂ Docs hors connexion) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-06-16]
CHR Extension: (Paiements via le ChromeÂ WebÂ Store) - C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-06-16]
CHR Profile: C:\Users\Mme OBAMA\AppData\Local\Google\Chrome\User Data\System Profile [2023-01-13]
CHR HKU\S-1-5-21-1656645954-2122459023-1707544868-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ekmeppjgajofkpiofbebgcbohbmfldaf]
CHR HKLM-x32\...\Chrome\Extension: [ekmeppjgajofkpiofbebgcbohbmfldaf]

Opera: 
=======
OPR Profile: C:\Users\Mme OBAMA\AppData\Roaming\Opera Software\Opera Stable [2023-01-11]
StartMenuInternet: (HKU\S-1-5-21-1656645954-2122459023-1707544868-1001) OperaStable - "C:\Users\Mme OBAMA\AppData\Local\Programs\Opera\Launcher.exe"

==================== Services (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [1229312 2021-08-20] (Apple Inc.) [Fichier non signÃ©]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13109248 2023-01-04] (Microsoft Corporation) [Fichier non signÃ©]
S3 cphs; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [1416192 2016-11-23] (Intel Corporation) [Fichier non signÃ©]
S2 diagnosticshub.standardcollector.service; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [1240576 2022-01-17] (Microsoft Corporation) [Fichier non signÃ©]
R2 Ds3Service; C:\Users\Mme OBAMA\OneDrive\Bureau\ScpServer\bin\ScpService.exe [381952 2014-04-03] (Scarlet.Crush Productions) [Fichier non signÃ©]
S2 Fax; C:\WINDOWS\system32\fxssvc.exe [1242624 2022-08-12] (Microsoft Corporation) [Fichier non signÃ©]
S2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [2233344 2017-02-24] (Foxit Software Inc.) [Fichier non signÃ©]
S2 GoogleChromeElevationService; C:\Program Files\Google\Chrome\Application\108.0.5359.125\elevation_service.exe [2290688 2022-12-13] (Google LLC) [Fichier non signÃ©]
R2 IBMPMSVC; C:\WINDOWS\system32\ibmpmsvc.exe [1310720 2017-04-01] (Lenovo.) [Fichier non signÃ©]
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [1488384 2016-11-23] (Intel Corporation) [Fichier non signÃ©]
R2 KiteService; C:\Program Files\Kite\KiteService.exe [140864 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
S2 LPlatSvc; C:\WINDOWS\system32\LPlatSvc.exe [1268736 2017-04-01] (Lenovo.) [Fichier non signÃ©]
S2 MicrosoftEdgeElevationService; C:\Program Files (x86)\Microsoft\Edge\Application\108.0.1462.54\elevation_service.exe [2307584 2022-12-15] (Microsoft Corporation) [Fichier non signÃ©]
S2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [1379328 2014-08-20] () [Fichier non signÃ©]
S2 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [1358848 2022-12-30] (Mozilla Foundation) [Fichier non signÃ©]
R2 MSDTC; C:\WINDOWS\System32\msdtc.exe [1294848 2019-12-07] (Microsoft Corporation) [Fichier non signÃ©]
R2 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [1252352 2021-06-20] (Microsoft Corporation) [Fichier non signÃ©]
S3 ProtonVPN Service; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPNService.exe [401512 2022-12-14] (Proton Technologies AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files (x86)\Proton Technologies\ProtonVPN\ProtonVPN.WireGuardService.exe [328808 2022-12-14] (Proton Technologies AG -> ProtonVPN)
R2 RpcLocator; C:\WINDOWS\system32\locator.exe [1157632 2019-12-07] (Microsoft Corporation) [Fichier non signÃ©]
S2 rsSyncSvc; C:\Program Files\ReasonLabs\Common\rsSyncSvc.exe [1703424 2022-11-16] (Reason Software Company Inc.) [Fichier non signÃ©]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [1452032 2017-09-01] (Realtek Semiconductor) [Fichier non signÃ©]
S2 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1846784 2021-06-20] (Microsoft Corporation) [Fichier non signÃ©]
S2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [1463296 2021-06-20] (Microsoft Corporation) [Fichier non signÃ©]
R2 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [1163264 2019-12-07] (Microsoft Corporation) [Fichier non signÃ©]
R2 spectrum; C:\WINDOWS\system32\spectrum.exe [1455616 2022-08-12] (Microsoft Corporation) [Fichier non signÃ©]
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [1423360 2023-01-06] (Microsoft Corporation) [Fichier non signÃ©]
S2 sppsvc; C:\WINDOWS\system32\sppsvc.exe [5161984 2023-01-06] (Microsoft Corporation) [Fichier non signÃ©]
S2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [1389568 2020-06-24] (Synaptics Incorporated) [Fichier non signÃ©]
R2 TieringEngineService; C:\WINDOWS\system32\TieringEngineService.exe [1472000 2021-06-20] (Microsoft Corporation) [Fichier non signÃ©]
S2 uhssvc; C:\Program Files\Microsoft Update Health Tools\uhssvc.exe [1482752 2022-03-23] (Microsoft Corporation) [Fichier non signÃ©]
R2 valWBFPolicyService; C:\WINDOWS\system32\valWBFPolicyService.exe [1215488 2018-04-25] (Synaptics Incorporated) [Fichier non signÃ©]
R2 valWbioSyncSvc; C:\WINDOWS\system32\valWbioSyncSvc.exe [1186304 2018-04-25] (Synaptics Incorporated) [Fichier non signÃ©]
R2 vds; C:\WINDOWS\System32\vds.exe [1303552 2022-05-20] (Microsoft Corporation) [Fichier non signÃ©]
R2 VSS; C:\WINDOWS\system32\vssvc.exe [2075136 2022-08-12] (Microsoft Corporation) [Fichier non signÃ©]
S2 wbengine; C:\WINDOWS\system32\wbengine.exe [2164736 2021-06-20] (Microsoft Corporation) [Fichier non signÃ©]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wmiApSrv; C:\WINDOWS\system32\wbem\WmiApSrv.exe [1355776 2021-11-12] (Microsoft Corporation) [Fichier non signÃ©]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1534464 2022-08-12] (Microsoft Corporation) [Fichier non signÃ©] [Fichier en cours d'utilisation]
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [1513984 2023-01-06] (Microsoft Corporation) [Fichier non signÃ©]

===================== Pilotes (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [322304 2023-01-06] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\rsdrvx64.sys [26024 2021-03-23] (EldoS Corporation -> EldoS Corporation)
S3 fed4c298; C:\WINDOWS\System32\Drivers\fed4c298.sys [299544 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 klupd_fed4c298a_arkmon_EA04D71E; C:\KVRT2020_Data\Temp\EA04D71EFC0E16AB22C9615549FEE4F2\klupd_fed4c298a_arkmon.sys [382304 2023-01-12] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R2 LdVBoxDrv; C:\Program Files\ldplayerbox\LdVBoxDrv.sys [315232 2023-01-06] (MyTestCertificate -> Oracle Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [23040 2021-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R0 phylock; C:\WINDOWS\System32\drivers\phylock.sys [37488 2016-08-25] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R1 ProtectIt; C:\WINDOWS\System32\drivers\ProtectIt.sys [17472 2018-01-09] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
S3 ProtonVPNCallout; C:\Program Files (x86)\Proton Technologies\ProtonVPN\x64\Win10\ProtonVPN.CalloutDriver.sys [34176 2022-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Proton Technologies AG)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
R1 SMIDriverGen; C:\WINDOWS\system32\DRIVERS\smi.sys [31440 2018-04-25] (Synaptics Inc. -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 TBIMount; C:\WINDOWS\System32\drivers\tbimount.sys [146936 2019-04-25] (Microsoft Windows Hardware Compatibility Publisher -> TeraByte, Inc.)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239664 2021-07-28] (Oracle Corporation -> Oracle Corporation)
S3 VBoxNetFlt; C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys [199000 2023-01-11] (Nox Limited -> Nox Limited Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [233968 2022-01-17] (Nox Limited -> Nox Limited Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [174744 2021-07-28] (Oracle Corporation -> Oracle Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2022-12-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2022-12-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-31] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\system32\DRIVERS\wintun.sys [29680 2022-05-04] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2022-05-04] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
R1 YSDrv; C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [312776 2023-01-11] (Microsoft Windows Hardware Compatibility Publisher -> Nox Limited Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, il sera supprimÃ© du Registre. Le fichier ne sera pas dÃ©placÃ©, sauf s'il est inscrit sÃ©parÃ©ment.)


==================== Un mois (crÃ©Ã©s) (Avec liste blanche) =========

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2023-01-13 15:44 - 2023-01-13 15:50 - 000000000 ____D C:\FRST
2023-01-13 14:46 - 2023-01-13 14:46 - 000000000 ____D C:\Rem-VBSqt
2023-01-13 14:46 - 2023-01-13 14:46 - 000000000 _____ C:\Users\Mme OBAMA\AppData\Roaming\errorlog.txt
2023-01-13 14:17 - 2023-01-13 14:37 - 001624972 _____ C:\WINDOWS\Minidump\011323-65250-01.dmp
2023-01-13 11:52 - 2023-01-13 11:52 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\vscode-sqltools
2023-01-13 11:52 - 2023-01-13 11:52 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\vscode-sqltools
2023-01-13 11:48 - 2023-01-13 11:49 - 001798208 _____ ( ) C:\Users\Mme OBAMA\Downloads\synaptics-touchpad-driver-64bits-19.2.17.59-installer_SET-Gd1.exe
2023-01-13 11:45 - 2023-01-13 11:47 - 000114176 _____ (bartblaze) C:\Users\Mme OBAMA\Downloads\remediate-vbs-worm_8.0.0.exe
2023-01-13 11:17 - 2023-01-13 11:20 - 001507328 _____ C:\Users\Mme OBAMA\Downloads\Non confirmÃ© 437133.crdownload
2023-01-13 10:46 - 2023-01-13 10:46 - 000000000 ___HD C:\$WinREAgent
2023-01-12 23:35 - 2023-01-12 23:35 - 000000000 ____D C:\KVRT2020_Data
2023-01-12 23:21 - 2023-01-12 23:31 - 099724120 _____ (AO Kaspersky Lab) C:\Users\Mme OBAMA\Downloads\KVRT.exe
2023-01-12 21:35 - 2023-01-12 21:36 - 000130599 _____ C:\Users\Mme OBAMA\Downloads\Non confirmÃ© 914558.crdownload
2023-01-12 20:37 - 2023-01-12 20:37 - 000000000 ___HD C:\$GetCurrent
2023-01-12 20:18 - 2023-01-12 20:18 - 000000000 ____D C:\Program Files (x86)\WindowsInstallationAssistant
2023-01-12 18:59 - 2023-01-12 18:59 - 000002558 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002546 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visio.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2023-01-12 18:59 - 2023-01-12 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2023-01-12 14:26 - 2023-01-12 14:35 - 001278332 _____ C:\WINDOWS\Minidump\011223-55031-01.dmp
2023-01-12 06:01 - 2023-01-12 06:01 - 001334272 _____ (Microsoft Corporation) C:\Users\Mme OBAMA\Downloads\SetupProd_OffScrub (1).exe
2023-01-12 00:11 - 2023-01-12 00:11 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\SaRALogs
2023-01-11 23:56 - 2023-01-12 00:15 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2023-01-11 23:43 - 2023-01-12 04:21 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\Deployment
2023-01-11 23:43 - 2023-01-11 23:43 - 001334272 _____ (Microsoft Corporation) C:\Users\Mme OBAMA\Downloads\SetupProd_OffScrub.exe
2023-01-11 23:43 - 2023-01-11 23:43 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\Apps\2.0
2023-01-11 17:49 - 2023-01-11 17:49 - 002202112 _____ C:\Users\Mme OBAMA\Downloads\ResetBrowser-v1.1.exe
2023-01-11 17:13 - 2023-01-11 17:13 - 000000008 __RSH C:\ProgramData\ntuser.pol
2023-01-11 12:25 - 2023-01-11 12:25 - 000048286 _____ C:\Users\Mme OBAMA\Downloads\contacts.vcf
2023-01-11 11:56 - 2023-01-11 11:56 - 000000000 ___HD C:\Users\Mme OBAMA\Downloads\.opera
2023-01-11 11:42 - 2023-01-11 11:42 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\MultiPlayerManager
2023-01-11 09:54 - 2023-01-13 15:13 - 000000300 _____ C:\Users\Mme OBAMA\d4ac4633ebd6440fa397b84f1bc94a3c.7z
2023-01-11 06:51 - 2023-01-11 06:54 - 029730390 _____ C:\Users\Mme OBAMA\Downloads\phoenix-browser-11-8-3-4200.apk
2023-01-11 06:34 - 2023-01-11 06:35 - 033347155 _____ C:\Users\Mme OBAMA\Downloads\wps-pdf-lite-pdf-reader-viewer-and-editor-free-1-9-0.apk
2023-01-11 03:03 - 2023-01-11 03:04 - 014782563 _____ C:\Users\Mme OBAMA\Downloads\google-contacts-3-82-22-493746609.apk
2023-01-11 02:16 - 2023-01-11 02:16 - 000012320 _____ C:\Users\Mme OBAMA\AppData\Roaming\c085e22a367d012b.bin
2023-01-11 00:35 - 2023-01-11 00:35 - 000004304 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1673393705
2023-01-11 00:35 - 2023-01-11 00:35 - 000001538 _____ C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2023-01-11 00:34 - 2023-01-11 00:34 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\NoxSrv
2023-01-11 00:34 - 2023-01-11 00:34 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2023-01-11 00:32 - 2023-01-13 15:26 - 000000000 ____D C:\Users\Mme OBAMA\.BigNox
2023-01-11 00:31 - 2023-01-11 00:31 - 001198488 _____ (Nox Limited Corporation) C:\WINDOWS\system32\VBoxNetFltNobj.dll
2023-01-11 00:31 - 2023-01-11 00:31 - 000199000 _____ (Nox Limited Corporation) C:\WINDOWS\system32\Drivers\VBoxNetFlt.sys
2023-01-11 00:30 - 2023-01-11 00:32 - 000000000 ____D C:\Program Files (x86)\Bignox
2023-01-11 00:20 - 2023-01-11 10:58 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\setup_files
2023-01-10 23:10 - 2023-01-10 23:11 - 002955264 _____ (Farbar) C:\Users\Mme OBAMA\Downloads\FRST64.exe
2023-01-10 22:08 - 2023-01-10 22:55 - 010405376 _____ (Tencent) C:\Users\Mme OBAMA\Downloads\clash-of-clans-tencent-gaming-buddy-2-0-11646-123.exe
2023-01-10 22:08 - 2023-01-10 22:19 - 010400256 _____ (Tencent) C:\Users\Mme OBAMA\Downloads\brawl-stars-tencent-gaming-buddy-2-0-11646-123.exe
2023-01-10 22:08 - 2023-01-10 22:17 - 010400256 _____ (Tencent) C:\Users\Mme OBAMA\Downloads\clash-royale-tencent-gaming-buddy-2-0-11646-123.exe
2023-01-10 22:05 - 2023-01-10 22:05 - 000817168 _____ (BlueStack Systems Inc.) C:\Users\Mme OBAMA\Downloads\bluestacks-app-player-5-10-20-1003.exe
2023-01-10 22:04 - 2023-01-10 23:55 - 739018696 _____ (Duodian Technology Co. Ltd.) C:\Users\Mme OBAMA\Downloads\noxplayer-android-9-7-0-3-8.exe
2023-01-10 22:00 - 2023-01-10 23:53 - 596684208 _____ (Duodian Technology Co. Ltd.) C:\Users\Mme OBAMA\Downloads\noxplayer-7-0-5-1.exe
2023-01-10 20:45 - 2023-01-10 20:45 - 000014248 _____ () C:\Users\Mme OBAMA\Downloads\LaunchBS5LogCollector.exe
2023-01-10 17:18 - 2023-01-10 17:25 - 002196236 _____ C:\WINDOWS\Minidump\011023-55343-01.dmp
2023-01-09 18:10 - 2023-01-10 19:32 - 000000000 ____D C:\ProgramData\Online_KMS_Activation
2023-01-09 18:10 - 2023-01-09 18:10 - 000004338 _____ C:\WINDOWS\system32\Tasks\Online_KMS_Activation_Script-Run_Once
2023-01-08 17:58 - 2023-01-08 17:59 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\AndroidTbox
2023-01-08 16:18 - 2023-01-08 16:18 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\HD-Player
2023-01-08 16:17 - 2023-01-08 20:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tencent Software
2023-01-08 16:17 - 2023-01-08 16:25 - 000000000 ____D C:\ProgramData\Tencent
2023-01-07 23:40 - 2023-01-10 22:52 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2023-01-07 23:40 - 2023-01-10 19:40 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2023-01-07 19:23 - 2023-01-07 19:23 - 000817168 _____ (BlueStack Systems Inc.) C:\Users\Mme OBAMA\Downloads\BlueStacksMicroInstaller_5.10.20.1002_native.exe
2023-01-07 15:34 - 2023-01-07 15:34 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\BSXCache
2023-01-07 15:22 - 2023-01-09 17:55 - 000000000 ____D C:\ProgramData\boost_interprocess
2023-01-07 15:22 - 2023-01-07 23:43 - 000002107 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance Manager.lnk
2023-01-07 15:20 - 2023-01-07 15:20 - 000006899 _____ C:\Users\Mme OBAMA\-1.14-windows.xml
2023-01-07 10:24 - 2023-01-07 23:44 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\BlueStacksSetup
2023-01-07 09:58 - 2023-01-07 10:21 - 000817304 _____ (BlueStack Systems Inc.) C:\Users\Mme OBAMA\Downloads\BlueStacksMicroInstaller_5.10.10.1014_native.exe
2023-01-07 09:01 - 2023-01-07 09:01 - 000000000 ____D C:\Users\Mme OBAMA\OneDrive\Documents\Remo Recover 6.0 Recovery Sessions
2023-01-06 23:11 - 2023-01-07 07:55 - 000000000 ____D C:\Program Files\Remo Recover 6.0
2023-01-06 23:11 - 2023-01-06 23:11 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Remo
2023-01-06 23:11 - 2023-01-06 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Remo Recover
2023-01-06 23:11 - 2021-03-23 17:28 - 000026024 _____ (EldoS Corporation) C:\WINDOWS\system32\Drivers\rsdrvx64.sys
2023-01-06 22:49 - 2023-01-06 22:59 - 055511360 _____ (Remo Software ) C:\Users\Mme OBAMA\Downloads\recover-win.exe
2023-01-06 21:05 - 2023-01-06 21:49 - 000004304 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1673035482
2023-01-06 20:57 - 2023-01-06 20:57 - 000000000 ____D C:\Program Files\ReasonLabs
2023-01-06 20:56 - 2023-01-08 11:36 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LDPlayer4
2023-01-06 20:55 - 2023-01-06 21:38 - 000000000 ____D C:\Program Files\ldplayerbox
2023-01-06 20:54 - 2023-01-06 20:54 - 000000000 ____D C:\Users\Mme OBAMA\OneDrive\Documents\XuanZhi
2023-01-06 20:50 - 2023-01-06 20:50 - 000012320 _____ C:\Users\Mme OBAMA\AppData\Roaming\c085e22ac77ec89.bin
2023-01-06 20:30 - 2023-01-06 20:30 - 005161984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2023-01-06 20:29 - 2023-01-06 20:29 - 001513984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2023-01-06 20:28 - 2023-01-06 20:28 - 001423360 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2023-01-05 13:02 - 2023-01-05 13:02 - 000000000 ____D C:\Temp
2023-01-04 04:09 - 2023-01-04 04:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProtonVPN
2023-01-03 20:17 - 2023-01-03 20:18 - 000000000 ____D C:\serie
2022-12-31 00:25 - 2022-12-31 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2022-12-31 00:25 - 2022-12-31 00:25 - 000000000 ____D C:\Program Files\Dolby Digital Plus
2022-12-31 00:25 - 2022-12-31 00:25 - 000000000 ____D C:\Program Files (x86)\Realtek
2022-12-31 00:24 - 2017-09-01 01:05 - 007181632 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 007104904 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 005402472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 004114088 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 003685880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2022-12-31 00:24 - 2017-09-01 01:05 - 003548624 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 003213840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 002220024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 001991800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 001367728 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 001167896 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000460464 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000387104 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000355512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000339152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000283936 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000161976 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000144200 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000131040 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2022-12-31 00:24 - 2017-09-01 01:05 - 000094184 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2022-12-21 19:14 - 2022-12-21 19:14 - 000000780 _____ C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Settings.lnk
2022-12-19 13:02 - 2022-12-19 13:02 - 000000678 _____ C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\rufus-3.20.lnk
2022-12-19 10:20 - 2022-12-19 10:20 - 000001600 _____ C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PacketTracer7.lnk
2022-12-19 10:17 - 2022-12-19 10:18 - 000000000 ____D C:\Users\Mme OBAMA\Cisco Packet Tracer 7.3.1
2022-12-19 10:16 - 2022-12-19 10:17 - 000000000 ____D C:\Program Files (x86)\Cisco Packet Tracer 7.3.1
2022-12-19 00:30 - 2022-12-19 00:31 - 000000000 ____D C:\Users\Mme OBAMA\OneDrive\Documents\Fax
2022-12-19 00:30 - 2022-12-19 00:30 - 000000000 ___RD C:\Users\Mme OBAMA\OneDrive\Documents\Scanned Documents
2022-12-18 22:00 - 2023-01-12 19:59 - 121110528 _____ C:\WINDOWS\system32\config\SOFTWARE
2022-12-18 21:49 - 2022-12-18 22:00 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2022-12-18 13:21 - 2022-12-18 15:00 - 021473554 _____ C:\Users\Mme OBAMA\Downloads\videoplayback (3).mp4
2022-12-16 06:21 - 2022-12-16 18:35 - 000000000 ____D C:\FFOutput

==================== Un mois (modifiÃ©s) ==================

(Si un Ã©lÃ©ment est inclus dans le fichier fixlist.txt, le fichier/dossier sera dÃ©placÃ©.)

2023-01-13 15:48 - 2021-10-15 08:55 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\Nox
2023-01-13 15:27 - 2021-07-16 18:53 - 000000000 ____D C:\Users\Mme OBAMA\.android
2023-01-13 15:26 - 2022-01-17 21:20 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\NoxSrv
2023-01-13 15:26 - 2022-01-17 21:19 - 000000000 ____D C:\Users\Mme OBAMA\vmlogs
2023-01-13 15:16 - 2021-06-13 11:58 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\CrashDumps
2023-01-13 15:13 - 2021-06-20 02:35 - 000000000 ____D C:\Users\Mme OBAMA
2023-01-13 15:08 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-13 14:37 - 2021-07-02 10:48 - 000000000 ____D C:\WINDOWS\Minidump
2023-01-13 14:20 - 2021-11-09 09:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-01-13 14:17 - 2021-11-01 21:34 - 2246563141 _____ C:\WINDOWS\MEMORY.DMP
2023-01-13 14:17 - 2021-06-20 02:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-13 14:17 - 2021-06-20 02:29 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-13 14:17 - 2021-06-20 02:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-13 14:17 - 2021-05-17 05:53 - 000000000 ____D C:\ProgramData\Synaptics
2023-01-13 14:17 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2023-01-13 13:23 - 2021-06-12 23:19 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Code
2023-01-13 12:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-13 01:16 - 2021-05-13 04:34 - 000000000 ___RD C:\Users\Mme OBAMA\3D Objects
2023-01-12 20:23 - 2022-01-17 19:58 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1656645954-2122459023-1707544868-1001
2023-01-12 20:23 - 2021-06-20 02:50 - 000003400 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1656645954-2122459023-1707544868-1001
2023-01-12 20:23 - 2021-06-20 02:35 - 000002490 _____ C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-12 20:02 - 2021-06-20 02:29 - 005117040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-12 19:59 - 2019-12-07 10:03 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2023-01-12 18:59 - 2021-05-13 04:38 - 000000000 ____D C:\Program Files\Microsoft Office
2023-01-12 18:39 - 2021-08-07 09:18 - 000000000 ____D C:\Users\Mme OBAMA\Downloads\Telegram Desktop
2023-01-12 11:10 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-01-12 08:51 - 2021-10-28 13:41 - 000000000 ____D C:\Users\Mme OBAMA\AppData\LocalLow\Temp
2023-01-12 08:21 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-01-12 03:23 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-12 01:24 - 2021-05-13 06:32 - 000000000 ____D C:\Program Files\Realtek
2023-01-12 00:20 - 2022-11-29 10:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2023-01-11 20:59 - 2021-05-13 05:08 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\vlc
2023-01-11 17:51 - 2021-05-13 05:11 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Mozilla
2023-01-11 17:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-11 14:47 - 2021-06-20 02:50 - 000000000 ____D C:\WINDOWS\system32\Tasks\HardDiskSentinel
2023-01-11 14:47 - 2021-06-16 07:38 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2023-01-11 14:47 - 2021-05-13 04:34 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\Packages
2023-01-11 14:47 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-01-11 14:47 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2023-01-11 10:11 - 2021-06-12 23:18 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Visual Studio Code
2023-01-11 00:37 - 2021-06-16 07:42 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\Opera Software
2023-01-11 00:28 - 2021-06-16 07:36 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Opera Software
2023-01-10 21:05 - 2022-01-30 18:57 - 000000000 ____D C:\Program Files\CDisplayEx
2023-01-10 21:00 - 2022-01-30 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDisplayEx
2023-01-10 14:40 - 2021-06-20 02:45 - 000005874 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-10 14:40 - 2019-12-07 15:50 - 002432852 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-10 14:40 - 2019-12-07 15:50 - 000628910 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-09 18:10 - 2021-11-04 20:24 - 000004744 _____ C:\WINDOWS\system32\Tasks\Online_KMS_Activation_Script-Renewal
2023-01-09 10:51 - 2022-11-28 10:18 - 001020348 ____N C:\WINDOWS\Minidump\010923-44500-01.dmp
2023-01-08 21:49 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-01-08 16:25 - 2021-07-09 23:24 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Tencent
2023-01-07 23:43 - 2021-06-20 02:50 - 000003958 _____ C:\WINDOWS\system32\Tasks\BlueStacksHelper_nxt
2023-01-07 23:39 - 2021-06-12 23:12 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\Bluestacks
2023-01-07 19:24 - 2021-06-12 23:12 - 000000000 ____D C:\Users\Public\BlueStacks
2023-01-07 14:00 - 2021-07-16 11:18 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2023-01-07 14:00 - 2021-07-16 11:15 - 000000000 ____D C:\Program Files (x86)\FormatFactory
2023-01-07 13:59 - 2021-07-01 06:18 - 000000000 ____D C:\Program Files (x86)\CodeBlocks
2023-01-06 22:25 - 2022-11-25 01:53 - 000000000 ____D C:\Program Files\Recuva
2023-01-06 21:57 - 2022-03-24 10:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2023-01-06 21:57 - 2022-02-23 09:41 - 000000000 ____D C:\Program Files (x86)\GanttProject-3.1
2023-01-06 21:57 - 2021-10-27 07:29 - 000000000 ____D C:\Program Files (x86)\iSunshare Windows Password Genius Standard Trial
2023-01-06 21:57 - 2021-09-15 05:37 - 000000000 ____D C:\Program Files (x86)\PCSX2
2023-01-06 21:57 - 2021-08-21 06:54 - 000000000 ____D C:\Program Files (x86)\Steam
2023-01-06 21:57 - 2021-06-13 16:44 - 000000000 ____D C:\Program Files (x86)\Smadav
2023-01-06 21:56 - 2022-04-12 10:43 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-01-06 21:56 - 2022-02-23 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GanttProject
2023-01-06 21:56 - 2021-10-27 07:29 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iSunshare Windows Password Genius Standard Trial
2023-01-06 21:56 - 2021-08-21 06:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2023-01-06 21:56 - 2021-07-16 11:43 - 000000000 ____D C:\Program Files (x86)\TeraByte Drive Image Backup and Restore Suite
2023-01-06 21:52 - 2021-12-24 17:11 - 000000000 ____D C:\Program Files\iTunes
2023-01-06 21:51 - 2021-12-24 17:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2023-01-06 21:39 - 2021-11-08 10:13 - 000000000 ____D C:\Program Files\CodeBlocks
2023-01-06 21:39 - 2021-08-20 20:33 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2023-01-06 21:39 - 2021-08-20 20:32 - 000000000 ____D C:\Program Files (x86)\Bonjour
2023-01-06 21:38 - 2022-05-04 19:15 - 000000000 ____D C:\Program Files\PCHealthCheck
2023-01-06 21:38 - 2021-11-29 08:05 - 000000000 ____D C:\Program Files\PowerISO
2023-01-06 21:38 - 2021-11-16 08:54 - 000000000 ____D C:\Program Files\Notepad++
2023-01-06 21:38 - 2021-08-20 20:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Apple
2023-01-06 21:38 - 2021-07-01 06:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apache NetBeans
2023-01-06 21:38 - 2021-07-01 06:18 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2023-01-06 21:38 - 2021-07-01 05:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2023-01-06 21:38 - 2021-06-12 12:46 - 000000000 ____D C:\Program Files\ruxim
2023-01-06 21:38 - 2021-05-13 06:50 - 000000000 ____D C:\Program Files\WinRAR
2023-01-06 21:36 - 2021-06-26 13:37 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-06 21:32 - 2021-08-31 10:06 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2023-01-06 21:32 - 2021-08-31 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2023-01-06 21:32 - 2021-08-31 09:49 - 000000000 ____D C:\Program Files\Git
2023-01-06 21:23 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Registration
2023-01-06 21:18 - 2022-01-18 08:47 - 000000000 ____D C:\OpenSSL-Win64
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-06 21:15 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-01-06 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-01-06 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-06 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-01-06 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-01-06 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-01-06 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-01-06 21:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-01-06 21:13 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-01-06 21:13 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-01-06 21:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-01-06 21:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-01-06 21:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-01-06 21:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-06 21:13 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-01-06 21:06 - 2019-12-07 15:51 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-01-06 21:04 - 2022-05-09 23:21 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\XuanZhi
2023-01-06 21:01 - 2022-05-10 06:03 - 000000000 ____D C:\Users\Mme OBAMA\.Ld2VirtualBox
2023-01-06 20:43 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-01-06 20:43 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-01-06 20:27 - 2021-06-20 02:33 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-06 19:10 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-06 16:28 - 2021-05-13 05:11 - 000000000 ____D C:\Users\Mme OBAMA\AppData\LocalLow\Mozilla
2023-01-06 16:26 - 2021-06-13 16:44 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Smadav
2023-01-04 10:03 - 2021-06-13 16:44 - 000000000 __SHD C:\[Smad-Cage]
2023-01-04 04:10 - 2022-05-04 21:29 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\ProtonVPN
2023-01-04 04:09 - 2022-05-04 21:29 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Roaming\Proton Technologies AG
2023-01-04 04:09 - 2022-05-04 21:29 - 000000000 ____D C:\Program Files (x86)\Proton Technologies
2022-12-31 05:44 - 2021-05-13 05:11 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-12-31 02:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2022-12-31 02:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-12-31 02:01 - 2021-05-26 13:55 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-12-31 02:00 - 2021-05-26 13:55 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-12-31 01:58 - 2021-05-12 20:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-12-31 00:28 - 2021-05-17 05:56 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2022-12-31 00:25 - 2021-05-17 05:59 - 000312687 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2022-12-31 00:25 - 2021-05-17 05:59 - 000000000 ____D C:\WINDOWS\system32\DAX2
2022-12-31 00:25 - 2021-05-13 06:32 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2022-12-27 19:09 - 2021-06-12 23:42 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-12-26 18:43 - 2021-06-13 04:25 - 000000000 ____D C:\Users\Mme OBAMA\OneDrive\Documents\PPSSPP
2022-12-22 22:45 - 2021-05-17 05:47 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\D3DSCache
2022-12-21 15:24 - 2021-05-13 08:17 - 000000000 ____D C:\ProgramData\Mozilla
2022-12-19 12:15 - 2022-04-12 10:43 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-12-19 10:20 - 2021-06-13 06:53 - 000000752 _____ C:\Users\Mme OBAMA\.packettracer
2022-12-19 10:18 - 2022-12-02 12:55 - 000000000 ____D C:\Users\Mme OBAMA\AppData\Local\PacketTracer7
2022-12-19 00:30 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ModemLogs
2022-12-18 18:06 - 2021-06-26 13:48 - 000002257 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoogleÂ Chrome.lnk
2022-12-18 12:53 - 2019-12-07 10:14 - 000000000 __RHD C:\Users\Public\Libraries

==================== Fichiers Ã  la racine de certains dossiers ========

2023-01-11 02:16 - 2023-01-11 02:16 - 000012320 _____ () C:\Users\Mme OBAMA\AppData\Roaming\c085e22a367d012b.bin
2023-01-06 20:50 - 2023-01-06 20:50 - 000012320 _____ () C:\Users\Mme OBAMA\AppData\Roaming\c085e22ac77ec89.bin
2022-05-10 06:03 - 2022-05-10 06:03 - 000000068 _____ () C:\Users\Mme OBAMA\AppData\Roaming\changzhi_leidian.data
2022-05-10 06:03 - 2022-05-10 06:03 - 000000180 _____ () C:\Users\Mme OBAMA\AppData\Roaming\changzhi_leidianmac.data
2023-01-13 14:46 - 2023-01-13 14:46 - 000000000 _____ () C:\Users\Mme OBAMA\AppData\Roaming\errorlog.txt
2022-01-21 17:50 - 2022-01-21 17:50 - 000000132 _____ () C:\Users\Mme OBAMA\AppData\Roaming\PrÃ©fs Filtre IllExportation AdobeÂ CS6
2021-08-30 12:24 - 2022-11-18 19:21 - 000001716 _____ () C:\Users\Mme OBAMA\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2022-01-25 19:43 - 2022-11-10 12:27 - 000001536 _____ () C:\Users\Mme OBAMA\AppData\Local\GfxMetrics.cfg
2021-11-09 05:56 - 2021-11-09 05:56 - 002816556 _____ (PAN Software                                                ) C:\Users\Mme OBAMA\AppData\Local\install.exe
2022-01-18 18:08 - 2022-04-05 12:36 - 000000205 _____ () C:\Users\Mme OBAMA\AppData\Local\oobelibMkey.log
2021-11-05 10:27 - 2021-11-05 10:56 - 000000128 _____ () C:\Users\Mme OBAMA\AppData\Local\PUTTY.RND
2021-11-05 11:05 - 2021-11-05 11:17 - 000007596 _____ () C:\Users\Mme OBAMA\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas Ã  la vÃ©rification.)

C:\WINDOWS\system32\dllhost.exe EST ABSENT <==== ATTENTION
==================== Fin de FRST.txt ========================