Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-12-2022
Exécuté par salhi2 (administrateur) sur SALHI2-PC (03-01-2023 22:42:35)
Exécuté depuis C:\Users\salhi2\OneDrive\Bureau
Profils chargés: salhi2
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.2364 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <9>
(NetGear) [Fichier non signé] C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(services.exe ->) (Blue Coat Systems, Inc. -> Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (NetGear) [Fichier non signé] C:\Windows\SysWOW64\WN311BFCS.exe
(services.exe ->) (TunnelBear -> TunnelBear) C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(services.exe ->) (VIA Technologies Inc. -> VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (Pas de fichier)
HKLM-x32\...\Run: [AS00_WN311B] => C:\Program Files\NETGEAR\WN311B\Utility\WN311B.exe [2150400 2007-09-21] (NetGear) [Fichier non signé]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [710264 2020-06-18] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3810445755-1997418923-63204236-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe (Pas de fichier)
HKU\S-1-5-21-3810445755-1997418923-63204236-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3810445755-1997418923-63204236-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3810445755-1997418923-63204236-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3810445755-1997418923-63204236-1000\...\Policies\system: [shell] explorer.exe <==== ATTENTION
HKU\S-1-5-21-3810445755-1997418923-63204236-1005\...\Run: [96223B6629DF6F660C7672E5018C5A8719B7BA7C._service_run] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=service /prefetch:8 [3879848 2022-12-15] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3810445755-1997418923-63204236-1005\...\Run: [Spotify] => C:\Users\2004\AppData\Roaming\Spotify\Spotify.exe [24857736 2021-12-26] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3810445755-1997418923-63204236-1005\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [38916432 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-3810445755-1997418923-63204236-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3810445755-1997418923-63204236-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKLM\...\Print\Monitors\HP ac2a Status Monitor: C:\WINDOWS\system32\hpinkstsac2aLM.dll [476712 2018-01-14] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\108.0.5359.125\Installer\chrmstp.exe [2023-01-03] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-3810445755-1997418923-63204236-1004\User: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {04982EC5-DF6D-4485-80E3-28D1CDFF4492} - System32\Tasks\{D8219C1C-2BBF-49A0-8A3B-E4E7F235CF90} => C:\Users\salhi2\Desktop\1.7.10\HelloNeighbor.exe (Pas de fichier)
Task: {095353B3-329C-4CDC-9751-5646EA3F4E45} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {0D2DAA3B-F3F5-44EE-A6D8-E09614360F58} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {17FB0B77-3C9B-4D0D-B887-1F91AFD3A93A} - System32\Tasks\{013A454E-5358-4107-9D8C-EF9FD458FCDD} => C:\Windows\SysWOW64\dxdiag.exe [222720 2019-12-07] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {18BC9842-32AB-477C-93AF-8CC6D18AEE2F} - System32\Tasks\{A4EF9AD6-BA36-4DFC-A4F7-06167438502C} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {1FF75400-1A20-4B7E-B47A-849FC55A89B5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe $(Arg0) (Pas de fichier)
Task: {2118367E-5C10-4245-81C5-0B59910862F8} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (Pas de fichier)
Task: {23BC4344-1EEE-4A56-8460-C089010BDF54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {247478C2-B867-4B67-A1A5-03D870EE940F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-08-16] (Piriform Software Ltd -> Piriform)
Task: {2A307CF5-D7E3-404A-A527-B1F470B25470} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [752136 2020-10-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {31C4AB25-41DB-48E5-93AF-E27AC393E4BB} - \{398141C1-2084-41AC-9953-0BC95D83B3C4} -> Pas de fichier <==== ATTENTION
Task: {3612362E-7DF0-4305-BBF1-0253BE5F6793} - System32\Tasks\{7C91B887-520D-4F88-AFD4-3CE1ABA68595} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {3A177EFF-0224-4EDF-AD9B-48E03244AEFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B1DA24D-6975-41DF-BE4D-3ADA5DA6A4E9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe /StartRecording (Pas de fichier)
Task: {3C06D2B5-4A80-4040-9063-746606DBB247} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (Pas de fichier)
Task: {3CDB7768-FD4D-4869-962D-0ACDA32C6F30} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2023-01-03] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3D53FE30-04D9-4D04-B6E3-9A50F0A80F6E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (Pas de fichier)
Task: {42D5054C-CCDA-4FD7-80E3-197F4A77D1E3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (Pas de fichier)
Task: {43A6B08B-A3B8-4987-A6C1-7065EEE26E10} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {44C7A181-76AC-494E-84F5-B9922269B71C} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {4F2FD97E-7820-47B3-A6A9-F9A3AAC83CB3} - System32\Tasks\{B27861ED-CBCE-41AA-901F-9D490BCB1FD1} => C:\Windows\system32\pcalua.exe -a C:\Users\salhi2\AppData\Roaming\.azlauncher\minecraftsp\mods\forge-1.7.10-10.13.4.1614-1.7.10-installer-win.exe -d C:\Users\salhi2\AppData\Roaming\.azlauncher\minecraftsp\mods
Task: {50FEFEC5-D513-4584-BEA3-CEEFFBAAA6E2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -SqlLiteRecoveryTask (Pas de fichier)
Task: {5ABE42E0-5C9B-4C88-A1AB-F8F81A19A463} - System32\Tasks\{D12AD1FC-17C5-4597-86B5-CCB88D4209F7} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {5B23CB01-BA0C-4D8A-9BC2-00797A1553B9} - System32\Tasks\{390DA38B-76F4-4600-B0F2-70B92409A17B} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5C4E25EA-4078-4F2F-B646-F99A86B067B3} - System32\Tasks\{8328637C-9F3C-4408-8BCA-6E79691B75A9} => C:\Users\salhi2\Desktop\1.7.10\HelloNeighbor.exe (Pas de fichier)
Task: {6097D8DB-DA6F-4D23-ABDB-2CD48B3FF1F3} - System32\Tasks\{F810CF96-C944-41A4-A632-B7A1CFAF27E7} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {681ADBF3-0A4E-4E0B-A859-A2E48440B2CC} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {681DDBBA-B57C-4B31-A984-A7BAC013F549} - System32\Tasks\{3491CDB8-B793-4AF4-BF05-A98F6DB24D70} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {6ECC0CDA-B0C6-42CC-84CA-9FFAD8C32E26} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (Pas de fichier)
Task: {70B4E2C2-9BC9-4951-B4E9-9A4C99F581C0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {7128C73D-F2CE-4D37-8BDB-C359787114AC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-25] (Google Inc -> Google Inc.)
Task: {71483FE5-7F7F-4785-AB5F-0125262BEEAE} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (Pas de fichier)
Task: {79E21ADA-8489-4994-BCFE-B41C64D82BA9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (Pas de fichier)
Task: {7B1E853D-2F94-42C8-B62D-8CCA6B2FBDAE} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (Pas de fichier)
Task: {808C863C-A352-4DFD-88BD-C029AAEED9F3} - System32\Tasks\{5F2527DB-2896-4A71-9FA7-147457C2F600} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {8A6B473C-902C-4575-9CFD-BFE303009194} - System32\Tasks\{47D0F775-C8D4-47B5-B6BD-82353E4676D7} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {956C26EF-5174-49C7-8CA4-EC15F4B8343A} - System32\Tasks\{2026AB92-128C-4188-AC8B-7D8364B19E2D} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {996A3874-DC32-45A5-AF7C-09F5278CB4EA} - \{BE9C8B9D-EC9B-437B-BB63-81A5CC7C155B} -> Pas de fichier <==== ATTENTION
Task: {99FE3B08-1F5C-424F-B6AD-557EA8194341} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {9B6724CA-98EA-41EA-A0EC-F17428AAFA85} - System32\Tasks\CCleanerSkipUAC - salhi2 => C:\Program Files\CCleaner\CCleaner.exe [32602448 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {9CDC47A7-66EA-4183-82B1-9E6C0163B520} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe -PvrSchedule (Pas de fichier)
Task: {9E2A95B9-3B79-4B5B-8895-C3CF2FCE6431} - System32\Tasks\{9F4B1063-1801-4661-B6B4-8C2D34CC0413} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {A294BC8A-C6D8-47C9-85A6-4B45C70D77D9} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (Pas de fichier)
Task: {A4D20CA6-CD7F-4106-8915-68D5E5E1D9AB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (Pas de fichier)
Task: {AF4B0BAE-D0D1-45ED-9535-741E11107593} - System32\Tasks\{B5A5EBE7-DB33-4064-83B6-35A2825FC11A} => C:\Users\salhi2\Desktop\1.7.10\HelloNeighbor.exe (Pas de fichier)
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B5C05645-17CE-4008-B6AD-FA8A04C28E43} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {B5DA71C7-4E02-4787-9509-8B3AFFF9D9BC} - \Microsoft\Windows\Setup\EOSNotify -> Pas de fichier <==== ATTENTION
Task: {BC2B10E2-B81A-431F-AC82-01BC75FB4B16} - System32\Tasks\{2F1EF3DD-FA98-485C-A6FE-A12FE14091C8} => C:\Windows\system32\pcalua.exe -a "C:\Users\salhi2\Downloads\dxwebsetup (1).exe" -d C:\Users\salhi2\Downloads
Task: {BC4CF004-6299-4084-8053-CD2B296A24CA} - System32\Tasks\{206AA59A-F5EF-4C08-BE12-763EFD87D8FE} => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {C202CAD0-85C7-4E8D-910C-E34EEAEB7405} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (Pas de fichier)
Task: {C7E8978D-CC63-42EB-A41E-6B5CCF039F98} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C9048520-5BAC-4DC8-9B96-4DFCE9DE94B7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4669264 2022-12-09] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --configpath "C:\Program Files\CCleaner\Setup" --guid "07c861b7-f348-4d5c-a7f0-1bf675bc1621" --version "6.07.10191" --silent
Task: {CC32C93F-3A82-40AA-8BC0-F681B0154B49} - System32\Tasks\update-S-1-5-21-3810445755-1997418923-63204236-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {D17E0457-15B7-4A03-88D3-3206540B0EE1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21858176 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {D567608B-E833-45FB-A101-70A556F53C2C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (Pas de fichier)
Task: {D8BAB532-ED26-47AE-9156-F7952544A8B6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe -crl -hms -pscn 15 (Pas de fichier)
Task: {D96151FF-CB09-4E6E-AECB-8FDA0D1652C1} - System32\Tasks\{1569D9CA-8FF5-49F9-9A9F-868F6006EA6E} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {DAB33905-FE52-4309-ADF2-0274AE8E405E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -ObjectStoreRecoveryTask (Pas de fichier)
Task: {DB0B0D01-46B5-4FE5-B875-86F9302C6F86} - System32\Tasks\{307C5F1D-B123-49C1-AC54-64DEF36F4670} => C:\Windows\SysWOW64\dxdiag.exe [222720 2019-12-07] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Task: {DD44C9F9-2F8F-48B9-98DA-439CA2A19383} - System32\Tasks\{8BB6097A-1E12-480B-9BE9-59285B45D719} => C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {E1D2063A-6FD8-4953-9109-267C9E951B14} - System32\Tasks\{EA31491A-5BAE-46E3-B2D2-2DC566873D29} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {E1ED0BB9-FB4B-4CB1-B311-2FD346EBDAED} - System32\Tasks\{27B8939B-8A5D-4D82-90EB-7033FBE42609} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {E262C40C-D680-4594-99F9-50B5F48AF07F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (Pas de fichier)
Task: {E30CED41-415C-4F54-8B79-9CD1074409DB} - System32\Tasks\{F3842808-BEB3-4A49-B7D0-803576C88EF4} => C:\Epic Games\Launcher\Portal\Binaries\Win32\EpicGamesLauncher.exe (Pas de fichier)
Task: {EB7CD4A8-C833-4C44-BBBE-5EA6F2B2BC7C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe /RestartRecording (Pas de fichier)
Task: {F0F1FAF2-E6F0-4399-A2D5-041973F14BC8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (Pas de fichier)
Task: {F155B125-C5DD-4354-BE5A-11A8AD56B35D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -PvrRecoveryTask (Pas de fichier)
Task: {F9437222-9277-46CF-B096-F6971E79BBCA} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)
Task: {FBA89F1B-4233-4D5A-BF64-F688EA31FEA8} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe -MediaCenterRecoveryTask (Pas de fichier)
Task: {FE63F91A-CD9B-4BE3-A412-17572F607F17} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [113496 2021-09-01] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3810445755-1997418923-63204236-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 41.214.140.4 41.214.140.5 8.8.8.8
Tcpip\..\Interfaces\{03f0e703-7e94-4f32-b539-2e73bdbbd692}: [NameServer] 208.67.222.123,208.67.220.123
Tcpip\..\Interfaces\{03f0e703-7e94-4f32-b539-2e73bdbbd692}: [DhcpNameServer] 41.214.140.4 41.214.140.5 8.8.8.8
Tcpip\..\Interfaces\{56e37cb4-61de-41a0-925a-18a2a5042d1c}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{675979b9-6569-43fd-9c17-1bfed7e77c1a}: [DhcpNameServer] 41.214.140.4 41.214.140.5 8.8.8.8

Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\salhi2\AppData\Local\Microsoft\Edge\User Data\Default [2023-01-03]
Edge Extension: (Outlook) - C:\Users\salhi2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bjhmmnoficofgoiacjaajpkfndojknpb [2020-10-16]
Edge Extension: (Word) - C:\Users\salhi2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\hikhggiobiflkdfdgdajcfklmcibbopi [2020-10-16]
Edge Extension: (Excel) - C:\Users\salhi2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\leffmjdabcgaflkikcefahmlgpodjkdm [2020-10-16]
Edge Extension: (PowerPoint) - C:\Users\salhi2\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\opfacbhaojodjaojgocnibmklknchehf [2020-10-16]

FireFox:
========
FF DefaultProfile: cvBfcabP.default
FF ProfilePath: C:\Users\salhi2\AppData\Roaming\Mozilla\Firefox\Profiles\cvBfcabP.default [2023-01-03]
FF Homepage: Mozilla\Firefox\Profiles\cvBfcabP.default -> hxxps://www.youtube.com/
FF Notifications: Mozilla\Firefox\Profiles\cvBfcabP.default -> hxxps://www.verifycaptcha.com; hxxps://mail.google.com; hxxps://allowsubscription.com
FF Extension: (Protection Web Avira) - C:\Users\salhi2\AppData\Roaming\Mozilla\Firefox\Profiles\cvBfcabP.default\Extensions\abs@avira.com.xpi [2020-10-28]
FF Extension: (Bing Search) - C:\Users\salhi2\AppData\Roaming\Mozilla\Firefox\Profiles\cvBfcabP.default\Extensions\bingsearch.full@microsoft.com.xpi [2017-03-12] []
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\salhi2\AppData\Roaming\Mozilla\Firefox\Profiles\cvBfcabP.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-11-27]
FF SearchPlugin: C:\Users\salhi2\AppData\Roaming\Mozilla\Firefox\Profiles\cvBfcabP.default\searchplugins\bing-.xml [2017-03-12]
FF Plugin: @java.com/DTPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\dtplugin\npDeployJava1.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.261.2 -> C:\Program Files\Java\jre1.8.0_261\bin\plugin2\npjp2.dll [2020-10-07] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Default [2023-01-03]
CHR Notifications: Default -> hxxps://www.youtube.com
CHR HomePage: Default -> msn.com
CHR DefaultSearchURL: Default -> hxxps://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSuggestURL: Default -> hxxps://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Extension: (MSN Homepage & Bing Search Engine) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2023-01-03]
CHR Extension: (Protection Web Avira) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2023-01-03]
CHR Extension: (Google Docs hors connexion) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-01-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-15]
CHR Profile: C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-06-15]
CHR Profile: C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-09-03]
CHR HomePage: Profile 1 -> hxxp://www.google.com
CHR Extension: (Slides) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-01-04]
CHR Extension: (Docs) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-01-04]
CHR Extension: (Google Drive) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-01-04]
CHR Extension: (YouTube) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-01-04]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-06-15]
CHR Extension: (Chrome IG Story) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cnmhknopedmipekbmmilfjgpefeonmog [2021-05-02]
CHR Extension: (wanteeed) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\emnoomldgleagdjapdeckpmebokijail [2021-06-15]
CHR Extension: (Sheets) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-01-04]
CHR Extension: (Google Docs hors connexion) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-15]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2021-06-15]
CHR Extension: (Instant Gaming) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbnoedlobifdhbpjkcfhcbdcjhampmne [2021-06-15]
CHR Extension: (Instagram) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2021-01-21]
CHR Extension: (Google Actualités) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mjccgkekbkndpalephkggjcenpembapn [2021-01-21]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-15]
CHR Extension: (Office) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ocdlmjhbenodhlknglojajgokahchlkk [2021-01-21]
CHR Extension: (Gmail) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-01-04]
CHR Extension: (Chrome Media Router) - C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-09-03]
CHR Profile: C:\Users\salhi2\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKU\S-1-5-21-3810445755-1997418923-63204236-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]

Opera:
=======
OPR Profile: C:\Users\salhi2\AppData\Roaming\Opera Software\Opera Stable [2020-09-10]
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.co.ma/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2619096 2016-08-19] (Blue Coat Systems, Inc. -> Blue Coat Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9166736 2021-08-23] (Microsoft Corporation -> Microsoft Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [818304 2020-10-21] (EasyAntiCheat Oy -> Epic Games, Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [224184 2023-01-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [139896 2019-06-19] (TunnelBear -> TunnelBear)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [27760 2017-02-25] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\NisSrv.exe [3191264 2023-01-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2211.5-0\MsMpEng.exe [133592 2023-01-03] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WN311BFCS; C:\Windows\SysWOW64\WN311BFCS.exe [393216 2007-09-21] (NetGear) [Fichier non signé]
S2 AvastWscReporter; "C:\Program Files\Avast Software\Avast\wsc_proxy.exe" /runassvc /rpcserver [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AtiHdmiService; C:\WINDOWS\system32\drivers\AtiHdmi.sys [116736 2017-02-25] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies, Inc.)
S4 bckd; C:\WINDOWS\System32\drivers\bckd.sys [125144 2018-07-21] (Blue Coat Systems, Inc. -> Blue Coat Systems, Inc.)
S3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63al.sys [5170176 2019-12-07] (Microsoft Windows -> Broadcom Corporation)
R2 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv_bgp.sys [315976 2020-03-26] (Bluestack Systems, Inc -> Bluestack System Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] (ASUSTeK Computer Inc. -> )
S3 phantomtap; C:\WINDOWS\System32\DRIVERS\phantomtap.sys [35664 2017-07-13] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2019-06-19] (TunnelBear, Inc. -> The OpenVPN Project)
S3 usbser; C:\Windows\SysWOW64\drivers\usbser.sys [25600 2018-04-19] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2023-01-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [473376 2023-01-03] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [99616 2023-01-03] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-01-03 22:41 - 2023-01-03 22:43 - 000000000 ____D C:\FRST
2023-01-03 21:23 - 2023-01-03 21:23 - 000000000 ___HD C:\$WinREAgent
2023-01-03 21:16 - 2023-01-03 21:16 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-01-03 20:48 - 2023-01-03 20:50 - 000000000 ____D C:\Users\salhi2\OneDrive\Documents\KU
2023-01-03 20:23 - 2023-01-03 21:39 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-03 20:22 - 2023-01-03 20:22 - 000000000 ____D C:\Program Files\Google
2023-01-03 20:19 - 2023-01-03 20:19 - 000000000 ____D C:\Program Files\RUXIM
2023-01-03 20:14 - 2023-01-03 20:29 - 000426740 _____ C:\WINDOWS\Minidump\010323-10546-01.dmp
2023-01-03 19:34 - 2023-01-03 19:34 - 001427176 _____ (Google LLC) C:\Users\salhi2\Downloads\ChromeSetup.exe
2023-01-03 19:11 - 2023-01-03 20:13 - 000000760 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-01-03 19:11 - 2023-01-03 19:11 - 000003472 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-01-03 18:59 - 2023-01-03 18:59 - 000003584 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3810445755-1997418923-63204236-1000
2023-01-03 18:04 - 2023-01-03 18:04 - 000000000 ____D C:\WINDOWS\Options
2023-01-03 18:04 - 2009-09-22 09:30 - 002050208 _____ (Atheros Communications, Inc.) C:\WINDOWS\system32\athwx.sys
2023-01-03 18:03 - 2023-01-03 18:03 - 000000000 ____D C:\ProgramData\TP-LINK
2023-01-03 18:02 - 2023-01-03 18:05 - 000000000 ____D C:\Users\salhi2\Downloads\TL-WN781ND_100714

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2023-01-03 22:42 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2023-01-03 22:31 - 2020-10-04 16:24 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-01-03 22:31 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-01-03 22:28 - 2017-02-25 12:16 - 000000000 ____D C:\Program Files (x86)\Google
2023-01-03 22:20 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-01-03 22:14 - 2020-10-16 18:51 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-01-03 22:14 - 2020-10-04 16:40 - 000000000 ____D C:\ProgramData\Packages
2023-01-03 22:14 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-01-03 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-01-03 22:03 - 2017-02-25 12:32 - 000000000 ____D C:\Program Files\CCleaner
2023-01-03 21:56 - 2020-10-04 16:27 - 001975210 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-01-03 21:56 - 2019-12-07 15:50 - 000866442 _____ C:\WINDOWS\system32\perfh00C.dat
2023-01-03 21:56 - 2019-12-07 15:50 - 000183236 _____ C:\WINDOWS\system32\perfc00C.dat
2023-01-03 21:48 - 2019-11-16 12:41 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2023-01-03 21:47 - 2020-10-04 16:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-01-03 21:47 - 2020-10-04 16:24 - 000008192 ___SH C:\DumpStack.log.tmp
2023-01-03 21:47 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2023-01-03 21:43 - 2020-10-04 16:39 - 000000000 ____D C:\Users\salhi2\AppData\Local\Packages
2023-01-03 21:39 - 2021-01-24 20:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-03 21:37 - 2020-10-04 16:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-01-03 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-01-03 21:37 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-01-03 21:18 - 2020-10-04 16:24 - 000463824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-01-03 21:16 - 2019-12-07 15:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-01-03 21:16 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-01-03 21:16 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemApps
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-01-03 21:16 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-01-03 21:16 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2023-01-03 21:13 - 2019-12-07 10:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2023-01-03 21:13 - 2019-12-07 10:14 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2023-01-03 21:06 - 2017-02-25 00:08 - 000415650 __RSH C:\bootmgr
2023-01-03 21:04 - 2020-10-04 16:27 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-01-03 20:47 - 2020-10-16 18:50 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-01-03 20:47 - 2020-10-16 18:50 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-03 20:31 - 2020-12-15 11:33 - 000000000 ____D C:\WINDOWS\Minidump
2023-01-03 20:20 - 2020-10-04 16:33 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2023-01-03 20:20 - 2020-10-04 16:33 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2023-01-03 20:14 - 2020-12-15 11:33 - 223962504 _____ C:\WINDOWS\MEMORY.DMP
2023-01-03 19:47 - 2020-10-15 07:46 - 148633544 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-01-03 19:47 - 2020-10-04 16:27 - 000000000 ____D C:\Users\salhi2
2023-01-03 19:47 - 2020-09-10 20:22 - 000000000 ____D C:\ProgramData\Avast Software
2023-01-03 19:36 - 2017-02-25 08:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2023-01-03 19:30 - 2020-10-04 16:27 - 000000000 ____D C:\Users\myriam
2023-01-03 19:29 - 2020-09-09 11:32 - 000000000 ____D C:\Users\salhi2\AppData\Local\Floating Sandbox
2023-01-03 19:27 - 2020-10-21 15:01 - 000000000 ____D C:\Users\salhi2\AppData\Local\D3DSCache
2023-01-03 19:27 - 2017-02-25 08:59 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-01-03 19:26 - 2018-06-09 15:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2023-01-03 19:23 - 2020-01-22 18:37 - 000000000 ____D C:\Program Files\Wondershare
2023-01-03 19:20 - 2018-05-05 15:17 - 000000000 ____D C:\PhotoMONTAGE
2023-01-03 19:19 - 2020-03-27 13:38 - 000000000 ____D C:\Program Files\Pactify Launcher
2023-01-03 19:17 - 2020-11-27 11:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2023-01-03 19:17 - 2020-10-28 22:15 - 000000000 ____D C:\ProgramData\Mozilla
2023-01-03 19:11 - 2020-10-07 08:01 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-01-03 19:07 - 2017-02-25 12:16 - 000000000 ____D C:\Users\salhi2\AppData\Local\Google
2023-01-03 18:59 - 2020-10-04 16:43 - 000003366 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3810445755-1997418923-63204236-1000
2023-01-03 18:59 - 2020-10-04 16:27 - 000002459 _____ C:\Users\salhi2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2023-01-01 17:20 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-01-01 16:13 - 2018-01-15 19:59 - 000000000 ____D C:\Users\salhi2\AppData\Local\ElevatedDiagnostics
2023-01-01 15:40 - 2020-04-20 14:32 - 000000000 ____D C:\Users\2004\AppData\Roaming\Spotify

==================== Fichiers à la racine de certains dossiers ========

2017-03-04 20:55 - 2017-03-04 20:55 - 000000849 _____ () C:\Users\salhi2\AppData\Roaming\AdobeWLCMR2Cache.dat
2020-12-04 17:58 - 2020-12-04 17:58 - 000007032 _____ () C:\Users\salhi2\AppData\Local\kdenlive-layoutsrc
2020-12-04 17:58 - 2020-12-04 18:00 - 000003952 _____ () C:\Users\salhi2\AppData\Local\kdenliverc
2020-03-29 14:29 - 2020-03-29 14:29 - 000000003 _____ () C:\Users\salhi2\AppData\Local\updater.log
2020-12-04 17:58 - 2020-12-04 17:58 - 000000533 _____ () C:\Users\salhi2\AppData\Local\user-places.xbel
2020-12-04 17:58 - 2020-12-04 17:58 - 000000000 _____ () C:\Users\salhi2\AppData\Local\user-places.xbel.tbcache
2020-03-29 14:29 - 2020-05-08 15:37 - 000000059 _____ () C:\Users\salhi2\AppData\Local\UserProducts.xml
2018-05-26 22:54 - 2018-05-26 22:54 - 000000000 _____ () C:\Users\salhi2\AppData\Local\{1001C00B-C01A-4896-AB12-D50A7C85D4BC}
2018-05-25 22:45 - 2018-05-25 22:45 - 000000000 _____ () C:\Users\salhi2\AppData\Local\{26BD68AA-DB2B-474E-AE34-EFCC38C06ED8}
2018-06-03 23:00 - 2018-06-03 23:00 - 000000000 _____ () C:\Users\salhi2\AppData\Local\{5BD05A43-319A-4437-AFD5-DD63BBB9BC93}
2017-09-10 22:22 - 2017-09-10 22:22 - 000000000 _____ () C:\Users\salhi2\AppData\Local\{820136F1-B6ED-40F6-B2B7-17E26AAC1477}
2018-04-05 21:51 - 2018-04-05 21:51 - 000000000 _____ () C:\Users\salhi2\AppData\Local\{C9368021-8F88-4E66-92DE-0AA373B40720}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================