Résultats d'analyse de  Farbar Recovery Scan Tool (FRST) (x64) Version: 19-12-2024 01
Exécuté par Gilian (administrateur) sur VORKE-V1 (Vorke V1) (20-12-2024 19:19:39)
Exécuté depuis C:\Users\Gilian\Desktop\FRST64.exe
Profils chargés: Gilian
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5247 (X64) Langue: Anglais (États-Unis) -> Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <14>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (AnyDesk Software GmbH -> AnyDesk Software GmbH) C:\Program Files (x86)\AnyDesk\AnyDesk.exe
(services.exe ->) (Foxit Software Incorporated -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22113.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.22113.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKU\S-1-5-21-2141265071-2022179729-320011050-1001\...\Run: [Google Photos Backup] => C:\Users\Gilian\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3791704 2018-06-01] (Google Inc -> Google, Inc)
HKU\S-1-5-21-2141265071-2022179729-320011050-1001\...\Run: [GoogleUpdaterTaskUser132.0.6833.0] => C:\Users\Gilian\AppData\Local\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
HKU\S-1-5-21-2141265071-2022179729-320011050-1001\...\Run: [MicrosoftEdgeAutoLaunch_7A657411FAB238BB64C193960D64AAF6] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911208 2024-12-12] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2141265071-2022179729-320011050-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [619520 2024-05-28] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\131.0.6778.205\Installer\chrmstp.exe [2024-12-19] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AnyDesk.lnk [2024-05-27]
ShortcutTarget: AnyDesk.lnk -> C:\Program Files (x86)\AnyDesk\AnyDesk.exe (AnyDesk Software GmbH -> AnyDesk Software GmbH)
GroupPolicyScripts: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {15EF581E-4C90-4866-9321-7F6389841336} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock -> Pas de fichier <==== ATTENTION
Task: {445D93FF-C3C5-40E6-948C-9B965E0C472F} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time -> Pas de fichier <==== ATTENTION
Task: {7348C247-535F-4D3A-9596-B1E67A42877D} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle -> Pas de fichier <==== ATTENTION
Task: {863E6C16-E466-4466-B776-A6DD60BC7E5C} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {8A3C05EA-1F9C-4697-86BE-301F1B330744} - pas de chemin du fichier. <==== ATTENTION
Task: {9BF77242-0CF3-4D18-8990-B8879278891C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 -> Pas de fichier <==== ATTENTION
Task: {EF6E8179-8A66-4870-89C4-CD7CD733BA3C} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon -> Pas de fichier <==== ATTENTION
Task: {F9AD5C8B-981E-401C-8E4C-B2E330CFEEBB} - \Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle -> Pas de fichier <==== ATTENTION
Task: {EF8CCCEA-7939-41FF-A599-C2B92BA02167} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{74207673-F666-4809-8676-DB48DE68239F} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {C4BFC51C-6189-4601-99AD-47D005230685} - System32\Tasks\GoogleUser\GoogleUpdater\GoogleUpdaterTaskUser132.0.6833.0{1D66AF81-D3EB-4A92-BAF6-E58763FEE1E1} => C:\Users\Gilian\AppData\Local\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {0437777D-C528-47C2-9B56-5FCC7B003B11} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-17] (HP Inc. -> HP Inc.)
Task: {452F93B4-D11D-4C87-A8AA-1108AF041105} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [64976 2024-10-17] (HP Inc. -> HP Inc.)
Task: {59C60EBC-8FF6-4C53-B2D5-BB541F33F4E6} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {93611BBA-DD60-4627-BF3A-995956C4F7B9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {27F568FB-E182-47A0-A714-0E2125005726} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {88EA6E64-72FC-46D3-902F-F61E609A8E25} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0FDF5358-6CCC-4D2D-A965-242CF4D2337E} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34368 2024-12-16] (Mozilla Corporation -> Mozilla Foundation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{17526818-1a99-487a-8765-29370819381b}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{17526818-1a99-487a-8765-29370819381b}: [DhcpDomain] numericable.fr
Tcpip\..\Interfaces\{4fd9fa1c-9815-4c9b-83ef-5b431edf311e}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Gilian\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-20]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Gilian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-12-19]
Edge Extension: (Google Docs hors connexion) - C:\Users\Gilian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-07-14]
Edge Extension: (Edge relevant text changes) - C:\Users\Gilian\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: 1l1r5r7u.default
FF ProfilePath: C:\Users\Gilian\AppData\Roaming\Mozilla\Firefox\Profiles\1l1r5r7u.default [2024-12-20]
FF Homepage: Mozilla\Firefox\Profiles\1l1r5r7u.default -> hxxps://www.google.fr/?gws_rd=ssl
FF Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\Gilian\AppData\Roaming\Mozilla\Firefox\Profiles\1l1r5r7u.default\Extensions\firefox@ghostery.com.xpi [2024-12-03]
FF Extension: (Dictionnaire français) - C:\Users\Gilian\AppData\Roaming\Mozilla\Firefox\Profiles\1l1r5r7u.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2020-05-30]
FF Extension: (Language: Français (French)) - C:\Users\Gilian\AppData\Roaming\Mozilla\Firefox\Profiles\1l1r5r7u.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2024-12-18]
FF Extension: (uBlock Origin) - C:\Users\Gilian\AppData\Roaming\Mozilla\Firefox\Profiles\1l1r5r7u.default\Extensions\uBlock0@raymondhill.net.xpi [2024-11-27]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\Gilian\AppData\Roaming\Mozilla\Firefox\Profiles\1l1r5r7u.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-12-19]
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-08-09] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-08-09] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-08-09] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-08-09] (Foxit Software Incorporated -> Foxit Corporation)

Chrome: 
=======
CHR Profile: C:\Users\Gilian\AppData\Local\Google\Chrome\User Data\Default [2024-12-20]
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Extension: (Slides) - C:\Users\Gilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-07-15]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Gilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-12-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Gilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-08]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [5328200 2024-05-27] (AnyDesk Software GmbH -> AnyDesk Software GmbH)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-10-13] (Foxit Software Incorporated -> Foxit Software Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-17] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-11-15] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2023-11-15] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-12-20 19:19 - 2024-12-20 19:21 - 000016201 ____C C:\Users\Gilian\Desktop\FRST.txt
2024-12-20 19:18 - 2024-12-20 19:20 - 000000000 ____D C:\FRST
2024-12-20 19:15 - 2024-12-20 19:15 - 002403840 _____ (Farbar) C:\Users\Gilian\Desktop\FRST64.exe
2024-12-20 10:02 - 2024-12-20 10:02 - 000000000 ____D C:\Program Files\HP
2024-12-19 21:23 - 2024-12-19 21:23 - 000000000 ____D C:\Users\Gilian\AppData\Local\IperiusRemote
2024-12-19 21:20 - 2024-12-19 21:20 - 000086672 _____ C:\Users\Gilian\Downloads\ConnectWiseControl.Client(2).exe
2024-12-19 14:13 - 2024-12-19 14:13 - 000000000 ____D C:\Users\Gilian\AppData\Local\OneDrive
2024-12-19 09:19 - 2024-12-19 14:10 - 000001357 ____C C:\Users\Gilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2024-12-19 07:22 - 2024-12-19 07:22 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-12-19 06:44 - 2024-12-20 15:33 - 082051072 _____ C:\WINDOWS\system32\config\SOFTWARE
2024-12-19 06:20 - 2024-12-19 06:43 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware
2024-12-16 16:16 - 2024-12-19 21:23 - 000000000 ____D C:\ProgramData\IperiusRemote
2024-12-16 16:16 - 2024-12-16 16:16 - 000000920 ____C C:\Users\Gilian\Desktop\ASSISTANCE NO PANIC.lnk
2024-12-16 11:26 - 2024-12-20 15:34 - 000000000 ____D C:\ProgramData\scre..tion_2c2536e5112611c9_0006.0003_b1e6eb5c397a0476
2024-12-15 18:21 - 2024-12-15 18:21 - 000373304 _____ (Mozilla) C:\Users\Gilian\Downloads\Firefox Installer(6).exe
2024-12-15 17:08 - 2024-12-16 11:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2024-12-12 18:13 - 2024-12-12 18:13 - 000373304 _____ (Mozilla) C:\Users\Gilian\Downloads\Firefox Installer(5).exe
2024-12-11 17:28 - 2024-12-11 17:28 - 000022205 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-12-11 17:26 - 2024-12-11 17:26 - 000022205 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-12-11 11:33 - 2024-12-11 11:33 - 000000000 ___HD C:\$WinREAgent
2024-12-09 10:08 - 2024-12-09 10:08 - 000373376 _____ (Mozilla) C:\Users\Gilian\Downloads\Firefox Installer(4).exe
2024-12-08 16:11 - 2024-12-08 16:11 - 000373376 _____ (Mozilla) C:\Users\Gilian\Downloads\Firefox Installer(3).exe
2024-11-29 09:41 - 2024-11-29 09:41 - 000373376 _____ (Mozilla) C:\Users\Gilian\Downloads\Firefox Installer(2).exe
2024-11-29 09:41 - 2024-11-29 09:41 - 000373376 _____ (Mozilla) C:\Users\Gilian\Downloads\Firefox Installer(1).exe
2024-11-28 17:52 - 2024-11-28 17:52 - 000373376 _____ (Mozilla) C:\Users\Gilian\Downloads\Firefox Installer.exe

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-12-20 19:12 - 2022-02-10 17:36 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-20 19:10 - 2023-07-18 10:13 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-12-20 19:10 - 2018-05-31 10:18 - 000000000 ____D C:\Users\Gilian\IntelGraphicsProfiles
2024-12-20 17:33 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-20 17:32 - 2020-07-15 15:27 - 000000000 ___DC C:\Users\Gilian\Desktop\photos telephone
2024-12-20 15:51 - 2020-11-10 19:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-20 15:38 - 2020-11-11 03:28 - 000753560 _____ C:\WINDOWS\system32\perfh00C.dat
2024-12-20 15:38 - 2020-11-11 03:28 - 000141716 _____ C:\WINDOWS\system32\perfc00C.dat
2024-12-20 15:38 - 2020-11-10 19:22 - 001681374 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-20 15:38 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-12-20 15:34 - 2020-11-10 19:36 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-20 15:33 - 2020-11-10 19:13 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-20 15:33 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-12-20 15:31 - 2024-05-27 16:54 - 000000000 ____D C:\Users\Gilian\AppData\Local\Deployment
2024-12-20 11:06 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-20 11:06 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-12-20 10:12 - 2020-01-01 06:51 - 000007628 _____ C:\Users\Gilian\AppData\Local\resmon.resmoncfg
2024-12-19 22:48 - 2021-12-16 17:48 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-19 22:48 - 2019-12-28 18:19 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-19 22:48 - 2019-12-28 18:19 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-12-19 14:21 - 2020-11-10 19:16 - 000000000 ____D C:\Users\Gilian
2024-12-19 07:41 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-12-19 07:22 - 2021-03-25 13:42 - 000000000 ____D C:\Program Files\Malwarebytes
2024-12-18 20:46 - 2019-12-30 07:47 - 000000000 ____D C:\Users\Gilian\AppData\Local\D3DSCache
2024-12-18 20:43 - 2018-05-31 10:18 - 000000000 ___DC C:\Users\Gilian\AppData\Local\Packages
2024-12-18 20:35 - 2021-12-12 17:38 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2141265071-2022179729-320011050-1001
2024-12-18 20:35 - 2020-11-10 19:36 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2141265071-2022179729-320011050-1001
2024-12-18 20:35 - 2020-11-10 19:16 - 000002427 ____C C:\Users\Gilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-16 11:27 - 2023-08-18 15:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-12-16 11:27 - 2016-11-05 17:33 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-12-16 11:24 - 2016-11-05 17:33 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-12-15 17:54 - 2016-11-19 15:38 - 000001285 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk
2024-12-15 15:58 - 2020-08-30 14:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-15 15:58 - 2020-08-30 14:32 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-12-11 18:38 - 2024-05-28 10:13 - 000357280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-12-11 18:36 - 2024-07-11 11:19 - 000000000 ____D C:\WINDOWS\system32\compatrel
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-12-11 18:36 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-12-11 17:34 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-12-11 17:26 - 2020-11-10 19:15 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-28 12:21 - 2016-11-20 21:57 - 000000000 __RDC C:\Users\Gilian\Documents\Scanned Documents
2024-11-25 18:18 - 2020-11-10 19:36 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-25 18:18 - 2020-11-10 19:36 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-24 02:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-24 02:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-24 02:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-24 02:09 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-22 18:39 - 2016-11-05 17:05 - 000000000 ____D C:\WINDOWS\system32\MRT

==================== Fichiers à la racine de certains dossiers ========

2020-08-15 14:39 - 2020-08-15 14:39 - 000005632 _____ () C:\Users\Gilian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-01-01 06:51 - 2024-12-20 10:12 - 000007628 _____ () C:\Users\Gilian\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================