Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-10-2023
Exécuté par Hicham EL YASSAMI (administrateur) sur DESKTOP-OK4R9TS (LENOVO HuronRiver Platform) (28-10-2023 17:43:00)
Exécuté depuis C:\Users\Hicham EL YASSAMI\Desktop\FRST64.exe
Profils chargés: Hicham EL YASSAMI
Plate-forme: Microsoft Windows 10 Entreprise Version 22H2 19045.3633 (X64) Langue: Français (France)
Navigateur par défaut: Vivaldi
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\Application\vivaldi.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3634_none_7df7259c7c9ebb58\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617848 2021-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoThumbnailCache] 0
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\...\Policies\system: [legalnoticecaption] Notice
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [AllowBlockingAppsAtShutdown] 0
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 0
HKLM\Software\Policies\...\system: [DisableLogonBackgroundImage] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Run: [MicrosoftEdgeAutoLaunch_F9816B909F3BEF94D627E080887BFB2F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [32148992 2023-10-22] (The qBittorrent Project) [Fichier non signé]
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [DisableThumbnailCache] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] () [Fichier non signé]
HKLM\...\Print\Monitors\HP1100LM: HP1100LM.DLL (Pas de fichier)
IFEO\osppsvc.exe: [VerifierDlls]
IFEO\SppExtComObj.exe: [VerifierDlls]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {14a610ab-cb0c-4b41-8525-09f979ceff01} - pas de chemin du fichier. <==== ATTENTION
Task: {5620BB06-69F8-4C10-82FE-47461182DB60} - System32\Tasks\Auslogics\Driver Updater\Scan => C:\Windows\system32\rundll32.exe [71680 2023-10-12] (Microsoft Windows -> Microsoft Corporation) -> TaskSchedulerHelper.dll,RunTask "DriverUpdater.exe" "/UseTray /Schedule"
Task: {425E84F4-73E9-4308-BA37-64518499A240} - System32\Tasks\createexplorershellunelevatedtask => C:\Windows\explorer.exe [5340232 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
Task: {5FD584B1-F3FD-4432-B0A2-876B8130E446} - System32\Tasks\divxupdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68048 2023-07-12] (DIVX LLC -> DivX, LLC)
Task: {0BBF1FDE-0867-487B-A5EB-C740F61C0FE7} - System32\Tasks\GMHAutoScan => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2460416 2023-01-25] (Glarysoft LTD -> Glarysoft Ltd) [Fichier non signé]
Task: {D876CFB6-CCDD-4EFF-997E-DEEBBC864A11} - System32\Tasks\GUMalwareHunter => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [976128 2023-01-15] (Glarysoft LTD -> Glarysoft Ltd)
Task: {24B6A651-1301-47B4-9A26-0D6BC6A41984} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh1kMgxEF => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [493568 2023-10-12] (Microsoft Windows -> Microsoft Corporation) -> -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\WINDOWS\System32\EBEB.tmp\EBEC.tmp.ps1" <==== ATTENTION
Task: {44CC14B8-A636-4BB6-B168-52248754D328} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
Task: {A0E7B764-0F25-4D86-9F53-455658924E31} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {CC5A053D-B136-4604-B9AF-B0E0DBEF20CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D28374D6-3627-4892-A58C-109A91E01EF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D6F7F27-7C4F-4794-B5DD-A5A4AF84FA7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78BDF96E-5898-453C-9746-397C4B594E24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E6E652F-5F14-4706-86BC-B5DA8E492F2D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
Task: {C6A7F9A8-F3D8-498E-87EC-3C58C1E91828} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [Fichier non signé]
Task: {6ADE64B8-5B34-49B1-A920-A8A2801D226E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [21858344 2023-10-24] (Goversoft LLC -> Goversoft LLC)
Task: {C30D4025-37F5-4EC2-B9D7-37769B12E55F} - System32\Tasks\VivaldiUpdateCheck-69c66825a50bec2d => C:\Program Files\Application\update_notifier.exe [3323792 2022-07-05] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {381A56F6-66EC-4C16-856D-86A3928EE086} - System32\Tasks\VivaldiUpdateCheck-a560412cde79c901 => C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\Application\update_notifier.exe [3722640 2023-10-25] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {00C6CDC3-534C-4AC0-8D7B-AC4BB2C756F5} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [8539568 2023-09-08] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {18E535CB-9476-465A-9E6C-CD40191033F7} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [9148336 2023-07-24] (Lespeed Technology Co., Ltd -> wisecleaner.com)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1878432772-2778965815-2811720544-1001] => 127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2b407692-fa1e-446d-8bfc-d371e8b942b5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{392a9a5d-7863-4454-a059-0e06456ec899}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{392a9a5d-7863-4454-a059-0e06456ec899}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{412fe735-eb3f-435e-812f-272513d79c75}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-28]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
Edge Extension: (Edge relevant text changes) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-22]
Edge Extension: (AVG Online Security) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lacbjnnibafcbpogdcpfdpmajfkdampi [2023-10-25]
Edge Extension: (uBlock Origin) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-10-17]
Edge Extension: (360 Internet Protection) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\okdacpiidbbphpjpfmecjjhicomjdeie [2023-08-25]
Edge Extension: (Google Sheets) - C:\Users\Public\Microsoft\Edge\User Data\Default\Extension\malacbjcfpcpbpecmedkrenqjpelflrl\9.1.4._0 [2023-04-23]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: v5fzfwbc.default
FF DefaultProfile: dy0aw016.default
FF ProfilePath: C:\Users\Hicham EL YASSAMI\AppData\Roaming\Mozilla\SeaMonkey\Profiles\v5fzfwbc.default [2023-08-13]
FF ProfilePath: C:\Users\Hicham EL YASSAMI\AppData\Roaming\Ghostery Browser\Profiles\dy0aw016.default [2023-05-14]
FF ProfilePath: C:\Users\Hicham EL YASSAMI\AppData\Roaming\Ghostery Browser\Profiles\vmqx3r3h.default-release [2023-05-14]
FF DownloadDir: C:\Users\Hicham EL YASSAMI\Desktop\Downloads
FF Homepage: Ghostery Browser\Profiles\vmqx3r3h.default-release -> moz-extension://d3de2e7e-c5ed-49a0-9cab-e491bff39dcb/index.html
FF HomepageOverride: Ghostery Browser\Profiles\vmqx3r3h.default-release -> Enabled: newtab@ghostery.com
FF NewTabOverride: Ghostery Browser\Profiles\vmqx3r3h.default-release -> Enabled: newtab@ghostery.com
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) [Fichier non signé]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) [Fichier non signé]
Vivaldi:
=======
VIV Profile: C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\User Data\Default [2023-10-28]
VIV DownloadDir: C:\Users\Hicham EL YASSAMI\Desktop\Apps
VIV Notifications: Default -> hxxps://www.youtube.com
VIV HomePage: Default -> hxxps://vivaldi.com/
VIV DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&{ddg:Referral}
VIV DefaultSearchKeyword: Default -> d
VIV DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
VIV Extension: (uBlock Origin) - C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-10-27]
VIV Extension: (Avast Online Security & Privacy) - C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-10-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [110664 2022-11-19] (Shenzhen Moyea Software -> Leawo Software)
S3 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Fichier non signé]
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [1102080 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S3 QHProtected; C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe [3082096 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [199896 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [110800 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [360664 2022-10-24] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [58200 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S0 360elam64; C:\WINDOWS\System32\DRIVERS\360elam64.sys [17000 2023-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> 360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [540416 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2023-03-15] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [99896 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [238304 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-08-08] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2023-06-30] (Microsoft Corporation) [Fichier non signé]
S3 ce64ca53; C:\WINDOWS\System32\Drivers\ce64ca53.sys [299544 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 disproc; C:\WINDOWS\System32\drivers\360disproc64.sys [92896 2022-10-28] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [45056 2022-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [42976 2022-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [81432 2023-01-05] (Intel Corporation -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [29048 2022-11-17] (Microsoft Windows Hardware Compatibility Publisher -> OEM)
S3 klupd_ce64ca53a_arkmon_EA04D71E; C:\logs\tron\raw_logs\Temp\EA04D71EFC0E16AB22C9615549FEE4F2\klupd_ce64ca53a_arkmon.sys [382304 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [29168 2022-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2022-11-17] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [205552 2021-02-12] (RH Software Ltd -> Ray Hinchliffe)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-02-22] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [986496 2012-09-20] (北京中星微电子有限公司 -> Vimicro Corporation)
S3 vmuvcflt; C:\WINDOWS\System32\Drivers\vmuvcflt.sys [8320 2010-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2023-10-16] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [48472 2023-10-17] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
U1 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-28 17:43 - 2023-10-28 17:45 - 000023655 _____ C:\Users\Hicham EL YASSAMI\Desktop\FRST.txt
2023-10-28 17:34 - 2023-10-28 17:44 - 000000000 ____D C:\FRST
2023-10-28 17:32 - 2023-10-28 17:32 - 002383360 _____ (Farbar) C:\Users\Hicham EL YASSAMI\Desktop\FRST64.exe
2023-10-28 16:20 - 2023-10-28 16:20 - 000000000 ___HD C:\$WinREAgent
2023-10-28 14:52 - 2023-10-28 14:53 - 000555800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-27 19:52 - 2023-10-27 19:52 - 000003912 _____ C:\WINDOWS\system32\Tasks\VivaldiUpdateCheck-a560412cde79c901
2023-10-27 19:51 - 2023-10-27 19:51 - 000002454 _____ C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2023-10-27 19:51 - 2023-10-27 19:51 - 000002417 _____ C:\Users\Hicham EL YASSAMI\Desktop\Vivaldi.lnk
2023-10-27 19:50 - 2023-10-27 19:52 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi
2023-10-27 19:27 - 2023-10-27 19:27 - 000000527 _____ C:\Users\Hicham EL YASSAMI\.vivaldi_reporting_data
2023-10-26 10:59 - 2023-10-26 10:59 - 001933072 _____ (O&O Software GmbH) C:\Users\Hicham EL YASSAMI\Desktop\ShutUp10.exe
2023-10-25 19:29 - 2023-10-25 19:29 - 011258368 _____ (HiBitSoftware) C:\Users\Hicham EL YASSAMI\Desktop\HiBit Uninstaller.exe
2023-10-25 16:29 - 2023-10-25 21:36 - 000001828 _____ C:\Users\Hicham EL YASSAMI\Desktop\Edge.lnk
2023-10-25 04:53 - 2023-10-25 04:53 - 000000376 __RSH C:\ProgramData\ntuser.pol
2023-10-24 18:38 - 2023-10-24 22:21 - 000002488 _____ C:\WINDOWS\system32\Tasks\PrivaZer_SkipUAC
2023-10-24 18:35 - 2023-10-24 18:35 - 000000000 ____D C:\WINDOWS\system32\EBEB.tmp
2023-10-24 18:34 - 2023-10-24 18:34 - 000001963 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2023-10-24 18:33 - 2023-10-24 19:39 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\PrivaZer
2023-10-24 18:33 - 2023-10-24 18:35 - 000000000 ____D C:\Program Files (x86)\PrivaZer
2023-10-24 18:33 - 2023-10-24 18:33 - 000001975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2023-10-24 18:33 - 2023-10-24 18:33 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2023-10-24 18:33 - 2023-10-24 18:33 - 000000000 ____D C:\ProgramData\privazer
2023-10-23 08:07 - 2023-10-28 14:57 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\qBittorrent
2023-10-23 08:07 - 2023-10-23 08:08 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\qBittorrent
2023-10-23 08:07 - 2023-10-23 08:07 - 000000858 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2023-10-23 08:07 - 2023-10-23 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-10-23 08:07 - 2023-10-23 08:07 - 000000000 ____D C:\Program Files\qBittorrent
2023-10-22 09:39 - 2023-10-22 11:09 - 000000000 ____D C:\Users\Hicham EL YASSAMI\.smtube
2023-10-22 09:39 - 2023-10-22 09:39 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\smtube
2023-10-22 09:35 - 2023-10-22 11:09 - 000000000 ____D C:\Users\Hicham EL YASSAMI\.smplayer
2023-10-22 09:34 - 2023-10-22 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2023-10-22 09:34 - 2023-10-22 09:38 - 000000000 ____D C:\Program Files\SMPlayer
2023-10-22 09:34 - 2023-10-22 09:34 - 000000818 _____ C:\Users\Public\Desktop\SMPlayer.lnk
2023-10-21 10:23 - 2023-10-21 10:24 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Taken
2023-10-18 18:47 - 2023-10-18 10:56 - 000416140 __RSH C:\bootmgr
2023-10-18 18:47 - 2019-12-07 09:08 - 000000001 ___SH C:\BOOTNXT
2023-10-17 09:50 - 2023-10-17 09:50 - 000048472 _____ (WiseCleaner.com) C:\WINDOWS\WiseRegNotify.sys
2023-10-16 21:57 - 2023-10-16 21:57 - 000033864 _____ (wisecleaner.com) C:\WINDOWS\WiseHDInfo64.dll
2023-10-16 09:26 - 2023-10-16 09:26 - 000003824 _____ C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job
2023-10-16 09:26 - 2023-10-16 09:26 - 000003660 _____ C:\WINDOWS\system32\Tasks\Wise Care 365.job
2023-10-16 08:09 - 2023-10-25 15:55 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Wise Care 365
2023-10-16 07:59 - 2023-10-16 07:59 - 000001244 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2023-10-16 07:59 - 2023-10-16 07:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2023-10-15 10:29 - 2023-10-15 16:11 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\The Hunger Games (film series)
2023-10-14 19:56 - 2023-10-14 19:59 - 000000000 ____D C:\Users\Hicham EL YASSAMI\.dbus-keyrings
2023-10-14 19:51 - 2023-10-14 19:51 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\fontconfig
2023-10-14 11:06 - 2023-10-14 11:07 - 000000000 ____D C:\Program Files\sqlite
2023-10-13 15:34 - 2023-10-13 15:34 - 000000218 _____ C:\Users\Hicham EL YASSAMI\AppData\Local\recently-used.xbel
2023-10-13 15:31 - 2023-10-21 11:07 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Expend4bles (2023)
2023-10-13 15:17 - 2023-10-19 22:05 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Indiana Jones and the Dial of Destiny (2023)
2023-10-12 06:29 - 2023-10-12 06:29 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Daum
2023-10-12 06:28 - 2023-10-12 06:44 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\PotPlayerMini64
2023-10-12 06:28 - 2023-10-12 06:28 - 000000989 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2023-10-12 06:28 - 2023-10-12 06:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PotPlayer
2023-10-12 06:28 - 2023-10-12 06:28 - 000000000 ____D C:\Program Files\DAUM
2023-10-11 12:34 - 2023-10-11 12:34 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\LibreOffice
2023-10-11 12:29 - 2023-10-11 12:29 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 7.6.lnk
2023-10-11 12:29 - 2023-10-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.6
2023-10-11 12:25 - 2023-10-11 12:26 - 000000000 ____D C:\Program Files\LibreOffice
2023-10-10 20:18 - 2023-10-10 20:18 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\WZDT
2023-10-10 20:15 - 2023-10-16 09:29 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Nico Mak Computing
2023-10-10 11:44 - 2023-10-10 14:37 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\The Tragedy of Macbeth (2021)
2023-10-08 12:39 - 2023-10-08 12:39 - 000001239 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2023-10-08 12:39 - 2023-10-08 12:39 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center
2023-10-08 12:39 - 2023-10-08 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2023-10-08 12:39 - 2022-10-24 08:45 - 000360664 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2023-10-04 16:31 - 2023-10-04 16:31 - 000000000 ____D C:\MATS
2023-10-04 13:03 - 2023-10-04 13:03 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Prison Break
2023-10-04 07:50 - 2021-10-07 00:32 - 000043024 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2023-10-03 10:12 - 2023-10-27 23:08 - 097779712 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-10-03 10:12 - 2023-10-27 23:08 - 000442368 _____ C:\WINDOWS\system32\config\DEFAULT
2023-10-03 10:12 - 2023-10-27 23:08 - 000073728 _____ C:\WINDOWS\system32\config\SAM
2023-10-03 10:12 - 2023-10-03 10:12 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2023-10-02 12:40 - 2023-10-28 17:19 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\XnViewMP
2023-10-02 12:39 - 2023-10-02 12:39 - 000001724 _____ C:\Users\Hicham EL YASSAMI\Desktop\XnViewMP.lnk
2023-10-02 12:39 - 2023-10-02 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnViewMP
2023-10-02 12:39 - 2023-10-02 12:39 - 000000000 ____D C:\Program Files\XnViewMP
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-28 17:24 - 2023-08-02 12:01 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Year 2023
2023-10-28 16:47 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-28 16:47 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-28 16:46 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-28 16:22 - 2023-06-30 15:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-28 16:21 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-28 15:06 - 2023-06-10 12:34 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\LocalLow\360WD
2023-10-28 14:52 - 2023-09-25 20:11 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-28 14:52 - 2023-06-30 15:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-28 14:52 - 2023-06-30 15:18 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2023-10-27 23:08 - 2019-12-07 09:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-27 19:49 - 2023-02-04 23:10 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Mozilla
2023-10-27 19:49 - 2023-02-04 23:10 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Mozilla
2023-10-27 19:27 - 2023-06-30 15:25 - 000000000 ____D C:\Users\Hicham EL YASSAMI
2023-10-27 14:21 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-27 13:42 - 2022-05-14 09:50 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\D3DSCache
2023-10-26 11:56 - 2023-07-01 19:41 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\HiBit Uninstaller
2023-10-26 11:48 - 2022-05-23 07:29 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\CrashDumps
2023-10-26 10:33 - 2022-05-14 11:17 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\ZHP
2023-10-26 00:59 - 2023-06-10 12:34 - 000000000 _RSHD C:\360SANDBOX
2023-10-25 11:56 - 2022-12-08 09:49 - 000002689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-25 11:49 - 2023-06-30 13:48 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-25 11:43 - 2022-07-10 20:26 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Google
2023-10-25 06:07 - 2022-05-13 23:42 - 000000000 ____D C:\ProgramData\Package Cache
2023-10-25 06:06 - 2023-01-24 22:33 - 000000000 ____D C:\Program Files\dotnet
2023-10-23 13:49 - 2023-06-10 12:34 - 000000000 ____D C:\ProgramData\360safe
2023-10-22 07:05 - 2023-06-30 15:38 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-22 07:05 - 2019-12-07 14:50 - 000792972 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-22 07:05 - 2019-12-07 14:50 - 000150102 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-19 11:08 - 2023-06-08 22:49 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Torrents
2023-10-18 11:08 - 2019-12-07 14:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-10-18 11:08 - 2019-12-07 14:50 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-10-18 11:08 - 2019-12-07 14:50 - 000000000 ____D C:\WINDOWS\system32\fr
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-18 10:54 - 2023-06-30 15:23 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-16 09:27 - 2023-07-18 14:41 - 000000000 ____D C:\Program Files (x86)\Wise
2023-10-16 09:26 - 2023-07-18 14:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2023-10-15 21:07 - 2022-05-13 22:41 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Packages
2023-10-15 21:07 - 2022-05-13 22:41 - 000000000 ____D C:\ProgramData\Packages
2023-10-15 21:05 - 2023-08-15 09:51 - 000000000 ____D C:\Program Files\CopyFilenames
2023-10-15 21:00 - 2022-07-26 00:18 - 000000000 ____D C:\Program Files (x86)\HP
2023-10-15 11:54 - 2022-05-14 11:17 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\ZHP
2023-10-15 07:51 - 2023-02-04 15:31 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Geek Uninstaller
2023-10-15 07:51 - 2022-11-18 11:33 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\SquirrelTemp
2023-10-15 07:51 - 2022-11-02 17:12 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\HTML Help
2023-10-15 07:51 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-14 14:38 - 2023-08-07 14:56 - 000000000 ____D C:\Program Files (x86)\7-Zip
2023-10-14 14:38 - 2023-06-10 12:36 - 000000000 ____D C:\ProgramData\360Quarant
2023-10-14 14:38 - 2022-11-07 18:30 - 000000000 __SHD C:\$360Section
2023-10-13 08:03 - 2022-06-18 07:31 - 000000000 ___RD C:\Users\Hicham EL YASSAMI\Desktop\MOVIES I
2023-10-13 07:38 - 2022-05-13 22:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-10-13 04:10 - 2019-12-07 14:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\IME
2023-10-13 04:07 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-13 04:06 - 2019-12-07 14:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-13 04:06 - 2019-12-07 14:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-13 04:06 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-13 04:06 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-13 04:06 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-12 15:55 - 2023-07-23 22:17 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Digiarty
2023-10-12 09:59 - 2023-06-21 20:22 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2023-10-12 09:01 - 2022-05-14 23:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-12 08:51 - 2022-05-14 23:08 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-12 05:50 - 2022-05-17 17:08 - 000000035 _____ C:\Users\Hicham
2023-10-10 21:12 - 2023-07-25 22:52 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Session Storage
2023-10-10 21:12 - 2023-07-25 22:40 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Platform Notifications
2023-10-09 10:56 - 2023-06-10 13:23 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\360safe
2023-10-05 14:53 - 2022-05-13 20:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-04 17:04 - 2022-12-25 21:43 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\ElevatedDiagnostics
2023-10-04 16:46 - 2022-05-14 08:51 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-04 16:45 - 2019-12-07 09:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-10-04 14:35 - 2023-09-22 10:11 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Golda (2023)
2023-10-03 21:41 - 2022-05-22 21:48 - 000000000 ____D C:\ProgramData\ProductData
2023-10-03 11:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\Help
2023-10-03 10:12 - 2023-08-10 17:35 - 012845056 _____ C:\Users\Hicham EL YASSAMI\NTUSER.bak
2023-10-02 17:19 - 2023-07-05 15:21 - 000000000 ____D C:\WINDOWS\Minidump
2023-10-01 18:58 - 2023-02-18 15:06 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\LocalLow\Mozilla
==================== Fichiers à la racine de certains dossiers ========
2022-04-23 20:32 - 2022-04-23 20:32 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2022-08-13 22:06 - 2022-08-13 22:05 - 000003910 _____ () C:\ProgramData\get11.cmd
2023-06-29 16:16 - 2023-06-29 17:28 - 000000012 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
2023-07-07 14:17 - 2023-07-10 11:29 - 000000045 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Apps.ini
2023-07-25 22:40 - 2023-07-25 22:40 - 000020480 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Cookies
2023-07-25 22:40 - 2023-07-25 22:40 - 000000000 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Cookies-journal
2023-07-25 22:40 - 2023-08-17 17:47 - 000000337 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Network Persistent State
2023-07-25 22:40 - 2023-07-25 22:40 - 000000075 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\user_prefs.json
2023-07-25 22:40 - 2023-07-25 22:40 - 000131072 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Visited Links
2022-06-02 16:09 - 2022-06-03 00:45 - 000000027 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\.sdpl-system-config4
2023-10-13 15:34 - 2023-10-13 15:34 - 000000218 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\recently-used.xbel
2023-01-08 18:13 - 2023-01-08 18:13 - 000000017 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\resmon.resmoncfg
2022-11-30 21:45 - 2022-11-30 22:58 - 000000385 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\rtb.json
2023-02-01 20:17 - 2023-02-02 10:15 - 000000309 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\Temp.png
2022-07-19 20:23 - 2022-07-19 20:23 - 000062350 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\Tempfm.ico
2023-03-20 19:30 - 2023-03-20 19:30 - 000000003 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\updater.log
2023-03-20 19:30 - 2023-03-20 19:30 - 000000424 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\UserProducts.xml
2023-07-03 21:22 - 2023-07-04 22:31 - 043646976 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\videocatalog-230703.vcat
==================== FCheck ================================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-05-14] <==== ATTENTION (zéro octet Fichier/Dossier)
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Hicham EL YASSAMI (administrateur) sur DESKTOP-OK4R9TS (LENOVO HuronRiver Platform) (28-10-2023 17:43:00)
Exécuté depuis C:\Users\Hicham EL YASSAMI\Desktop\FRST64.exe
Profils chargés: Hicham EL YASSAMI
Plate-forme: Microsoft Windows 10 Entreprise Version 22H2 19045.3633 (X64) Langue: Français (France)
Navigateur par défaut: Vivaldi
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(explorer.exe ->) (Vivaldi Technologies AS -> Vivaldi Technologies AS) C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\Application\vivaldi.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(services.exe ->) (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Microsoft Update Health Tools\uhssvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.3634_none_7df7259c7c9ebb58\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617848 2021-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [413000 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [NoThumbnailCache] 0
HKLM\...\Policies\Explorer: [DisableThumbnailCache] 0
HKLM\...\Policies\Explorer: [HideSCAMeetNow] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\...\Policies\system: [legalnoticecaption] Notice
HKLM\Software\Policies\...\system: [EnableActivityFeed] 0
HKLM\Software\Policies\...\system: [PublishUserActivities] 0
HKLM\Software\Policies\...\system: [UploadUserActivities] 0
HKLM\Software\Policies\...\system: [AllowClipboardHistory] 0
HKLM\Software\Policies\...\system: [AllowCrossDeviceClipboard] 0
HKLM\Software\Policies\...\system: [AllowBlockingAppsAtShutdown] 0
HKLM\Software\Policies\...\system: [DisableAcrylicBackgroundOnLogon] 0
HKLM\Software\Policies\...\system: [DisableLogonBackgroundImage] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Run: [MicrosoftEdgeAutoLaunch_F9816B909F3BEF94D627E080887BFB2F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4187176 2023-10-24] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Run: [qBittorrent] => C:\Program Files\qBittorrent\qbittorrent.exe [32148992 2023-10-22] (The qBittorrent Project) [Fichier non signé]
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideSCAVolume] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [DisableThumbnailCache] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [HideSCAMeetNow] 1
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1878432772-2778965815-2811720544-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\HP1100PrintProc: C:\Windows\System32\spool\prtprocs\x64\HP1100PP.DLL [74240 2012-08-31] () [Fichier non signé]
HKLM\...\Print\Monitors\HP1100LM: HP1100LM.DLL (Pas de fichier)
IFEO\osppsvc.exe: [VerifierDlls]
IFEO\SppExtComObj.exe: [VerifierDlls]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {14a610ab-cb0c-4b41-8525-09f979ceff01} - pas de chemin du fichier. <==== ATTENTION
Task: {5620BB06-69F8-4C10-82FE-47461182DB60} - System32\Tasks\Auslogics\Driver Updater\Scan => C:\Windows\system32\rundll32.exe [71680 2023-10-12] (Microsoft Windows -> Microsoft Corporation) -> TaskSchedulerHelper.dll,RunTask "DriverUpdater.exe" "/UseTray /Schedule"
Task: {425E84F4-73E9-4308-BA37-64518499A240} - System32\Tasks\createexplorershellunelevatedtask => C:\Windows\explorer.exe [5340232 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
Task: {5FD584B1-F3FD-4432-B0A2-876B8130E446} - System32\Tasks\divxupdate => C:\Program Files (x86)\Common Files\DivX Shared\DivX Update\DivXUpdate.exe [68048 2023-07-12] (DIVX LLC -> DivX, LLC)
Task: {0BBF1FDE-0867-487B-A5EB-C740F61C0FE7} - System32\Tasks\GMHAutoScan => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2460416 2023-01-25] (Glarysoft LTD -> Glarysoft Ltd) [Fichier non signé]
Task: {D876CFB6-CCDD-4EFF-997E-DEEBBC864A11} - System32\Tasks\GUMalwareHunter => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [976128 2023-01-15] (Glarysoft LTD -> Glarysoft Ltd)
Task: {24B6A651-1301-47B4-9A26-0D6BC6A41984} - System32\Tasks\Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh1kMgxEF => C:\Windows\system32\WindowsPowerShell\v1.0\powershell.exe [493568 2023-10-12] (Microsoft Windows -> Microsoft Corporation) -> -WindowStyle Hidden -ExecutionPolicy Bypass -File "C:\WINDOWS\System32\EBEB.tmp\EBEC.tmp.ps1" <==== ATTENTION
Task: {44CC14B8-A636-4BB6-B168-52248754D328} - System32\Tasks\Microsoft\Windows\ConsentUX\UnifiedConsent\UnifiedConsentSyncTask => {82aa0895-198a-4c1b-b2d1-c16894218afb} C:\WINDOWS\System32\unifiedconsent.dll [278016 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
Task: {A0E7B764-0F25-4D86-9F53-455658924E31} - System32\Tasks\Microsoft\Windows\WaaSMedic\MaintenanceWork => {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32}
Task: {CC5A053D-B136-4604-B9AF-B0E0DBEF20CC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D28374D6-3627-4892-A58C-109A91E01EF7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5D6F7F27-7C4F-4794-B5DD-A5A4AF84FA7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {78BDF96E-5898-453C-9746-397C4B594E24} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MpCmdRun.exe [1596304 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E6E652F-5F14-4706-86BC-B5DA8E492F2D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Refresh Group Policy Cache => {07369A67-07A6-4608-ABEA-379491CB7C46} C:\Windows\System32\UpdatePolicy.dll [251904 2023-10-18] (Microsoft Windows -> Microsoft Corporation)
Task: {C6A7F9A8-F3D8-498E-87EC-3C58C1E91828} - System32\Tasks\npcapwatchdog => C:\Program Files\Npcap\CheckStatus.bat [1145 2021-03-24] () [Fichier non signé]
Task: {6ADE64B8-5B34-49B1-A920-A8A2801D226E} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [21858344 2023-10-24] (Goversoft LLC -> Goversoft LLC)
Task: {C30D4025-37F5-4EC2-B9D7-37769B12E55F} - System32\Tasks\VivaldiUpdateCheck-69c66825a50bec2d => C:\Program Files\Application\update_notifier.exe [3323792 2022-07-05] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {381A56F6-66EC-4C16-856D-86A3928EE086} - System32\Tasks\VivaldiUpdateCheck-a560412cde79c901 => C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\Application\update_notifier.exe [3722640 2023-10-25] (Vivaldi Technologies AS -> Vivaldi Technologies AS)
Task: {00C6CDC3-534C-4AC0-8D7B-AC4BB2C756F5} - System32\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [8539568 2023-09-08] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
Task: {18E535CB-9476-465A-9E6C-CD40191033F7} - System32\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [9148336 2023-07-24] (Lespeed Technology Co., Ltd -> wisecleaner.com)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-1878432772-2778965815-2811720544-1001] => 127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2b407692-fa1e-446d-8bfc-d371e8b942b5}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{392a9a5d-7863-4454-a059-0e06456ec899}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{392a9a5d-7863-4454-a059-0e06456ec899}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{412fe735-eb3f-435e-812f-272513d79c75}: [DhcpNameServer] 192.168.1.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default [2023-10-28]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
Edge Extension: (Edge relevant text changes) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-09-22]
Edge Extension: (AVG Online Security) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lacbjnnibafcbpogdcpfdpmajfkdampi [2023-10-25]
Edge Extension: (uBlock Origin) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2023-10-17]
Edge Extension: (360 Internet Protection) - C:\Users\Hicham EL YASSAMI\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\okdacpiidbbphpjpfmecjjhicomjdeie [2023-08-25]
Edge Extension: (Google Sheets) - C:\Users\Public\Microsoft\Edge\User Data\Default\Extension\malacbjcfpcpbpecmedkrenqjpelflrl\9.1.4._0 [2023-04-23]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: v5fzfwbc.default
FF DefaultProfile: dy0aw016.default
FF ProfilePath: C:\Users\Hicham EL YASSAMI\AppData\Roaming\Mozilla\SeaMonkey\Profiles\v5fzfwbc.default [2023-08-13]
FF ProfilePath: C:\Users\Hicham EL YASSAMI\AppData\Roaming\Ghostery Browser\Profiles\dy0aw016.default [2023-05-14]
FF ProfilePath: C:\Users\Hicham EL YASSAMI\AppData\Roaming\Ghostery Browser\Profiles\vmqx3r3h.default-release [2023-05-14]
FF DownloadDir: C:\Users\Hicham EL YASSAMI\Desktop\Downloads
FF Homepage: Ghostery Browser\Profiles\vmqx3r3h.default-release -> moz-extension://d3de2e7e-c5ed-49a0-9cab-e491bff39dcb/index.html
FF HomepageOverride: Ghostery Browser\Profiles\vmqx3r3h.default-release -> Enabled: newtab@ghostery.com
FF NewTabOverride: Ghostery Browser\Profiles\vmqx3r3h.default-release -> Enabled: newtab@ghostery.com
FF Plugin: @java.com/DTPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\dtplugin\npDeployJava1.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.381.2 -> C:\Program Files\Java\jre-1.8\bin\plugin2\npjp2.dll [2023-06-14] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) [Fichier non signé]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [2022-06-01] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) [Fichier non signé]
Vivaldi:
=======
VIV Profile: C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\User Data\Default [2023-10-28]
VIV DownloadDir: C:\Users\Hicham EL YASSAMI\Desktop\Apps
VIV Notifications: Default -> hxxps://www.youtube.com
VIV HomePage: Default -> hxxps://vivaldi.com/
VIV DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}&{ddg:Referral}
VIV DefaultSearchKeyword: Default -> d
VIV DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
VIV Extension: (uBlock Origin) - C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-10-27]
VIV Extension: (Avast Online Security & Privacy) - C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-10-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 CdRomAccessAgentService; C:\Program Files (x86)\Common Files\cdagtsvc\cdagtsvc_v1.0.0_x86.exe [110664 2022-11-19] (Shenzhen Moyea Software -> Leawo Software)
S3 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2358800 2022-05-19] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [136704 2009-06-24] (HP) [Fichier non signé]
S3 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [230352 2023-09-12] (HP Inc. -> HP Inc.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [1102080 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S3 QHProtected; C:\Program Files (x86)\360\Total Security\safemon\WscReg.exe [3082096 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> Qihoo 360 Technology Co. Ltd.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-10-18] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\NisSrv.exe [3116904 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23090.2008-0\MsMpEng.exe [133584 2023-10-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [199896 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [110800 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [360664 2022-10-24] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [58200 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S0 360elam64; C:\WINDOWS\System32\DRIVERS\360elam64.sys [17000 2023-03-15] (Microsoft Windows Early Launch Anti-malware Publisher -> 360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [540416 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 360netmon; C:\WINDOWS\System32\DRIVERS\360netmon.sys [96424 2023-03-15] (Qihoo 360 Software (Beijing) Company Limited -> 360.cn)
R1 adgnetworkwfpdrv; C:\WINDOWS\System32\drivers\adgnetworkwfpdrv.sys [99896 2022-04-11] (Microsoft Windows Hardware Compatibility Publisher -> Adguard Software Ltd)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2017-11-16] (AnchorFree Inc -> The OpenVPN Project)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [238304 2023-03-15] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [282624 2023-08-08] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [147968 2023-06-30] (Microsoft Corporation) [Fichier non signé]
S3 ce64ca53; C:\WINDOWS\System32\Drivers\ce64ca53.sys [299544 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 disproc; C:\WINDOWS\System32\drivers\360disproc64.sys [92896 2022-10-28] (Beijing Qihu Technology Co., Ltd. -> 360.cn)
R1 ElbyCDIO; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [42616 2017-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [45056 2022-10-25] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [42976 2022-10-12] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [81432 2023-01-05] (Intel Corporation -> Intel Corporation)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [29048 2022-11-17] (Microsoft Windows Hardware Compatibility Publisher -> OEM)
S3 klupd_ce64ca53a_arkmon_EA04D71E; C:\logs\tron\raw_logs\Temp\EA04D71EFC0E16AB22C9615549FEE4F2\klupd_ce64ca53a_arkmon.sys [382304 2023-08-02] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [29168 2022-05-25] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.)
R3 necbatt; C:\WINDOWS\System32\drivers\necbatt.sys [34880 2022-11-17] (NEC Personal Computers, Ltd. -> NEC Personal Computers, Ltd.)
S3 npcap; C:\WINDOWS\system32\DRIVERS\npcap.sys [71736 2021-08-30] (Insecure.Com LLC -> Insecure.Com LLC.)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [205552 2021-02-12] (RH Software Ltd -> Ray Hinchliffe)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2021-02-22] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 VClone; C:\WINDOWS\System32\drivers\VClone.sys [44544 2020-02-22] (Microsoft Windows Hardware Compatibility Publisher -> Elaborate Bytes AG)
R3 vm331avs; C:\WINDOWS\System32\Drivers\vm331avs.sys [986496 2012-09-20] (北京中星微电子有限公司 -> Vimicro Corporation)
S3 vmuvcflt; C:\WINDOWS\System32\Drivers\vmuvcflt.sys [8320 2010-09-27] (Microsoft Windows Hardware Compatibility Publisher -> Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-10-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [572712 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105872 2023-10-05] (Microsoft Windows -> Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [33864 2023-10-16] (Beijing Lang Xingda Network Technology Co., Ltd -> wisecleaner.com)
S3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [48472 2023-10-17] (Lespeed Technology Co., Ltd -> WiseCleaner.com)
U1 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-28 17:43 - 2023-10-28 17:45 - 000023655 _____ C:\Users\Hicham EL YASSAMI\Desktop\FRST.txt
2023-10-28 17:34 - 2023-10-28 17:44 - 000000000 ____D C:\FRST
2023-10-28 17:32 - 2023-10-28 17:32 - 002383360 _____ (Farbar) C:\Users\Hicham EL YASSAMI\Desktop\FRST64.exe
2023-10-28 16:20 - 2023-10-28 16:20 - 000000000 ___HD C:\$WinREAgent
2023-10-28 14:52 - 2023-10-28 14:53 - 000555800 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-10-27 19:52 - 2023-10-27 19:52 - 000003912 _____ C:\WINDOWS\system32\Tasks\VivaldiUpdateCheck-a560412cde79c901
2023-10-27 19:51 - 2023-10-27 19:51 - 000002454 _____ C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2023-10-27 19:51 - 2023-10-27 19:51 - 000002417 _____ C:\Users\Hicham EL YASSAMI\Desktop\Vivaldi.lnk
2023-10-27 19:50 - 2023-10-27 19:52 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Vivaldi
2023-10-27 19:27 - 2023-10-27 19:27 - 000000527 _____ C:\Users\Hicham EL YASSAMI\.vivaldi_reporting_data
2023-10-26 10:59 - 2023-10-26 10:59 - 001933072 _____ (O&O Software GmbH) C:\Users\Hicham EL YASSAMI\Desktop\ShutUp10.exe
2023-10-25 19:29 - 2023-10-25 19:29 - 011258368 _____ (HiBitSoftware) C:\Users\Hicham EL YASSAMI\Desktop\HiBit Uninstaller.exe
2023-10-25 16:29 - 2023-10-25 21:36 - 000001828 _____ C:\Users\Hicham EL YASSAMI\Desktop\Edge.lnk
2023-10-25 04:53 - 2023-10-25 04:53 - 000000376 __RSH C:\ProgramData\ntuser.pol
2023-10-24 18:38 - 2023-10-24 22:21 - 000002488 _____ C:\WINDOWS\system32\Tasks\PrivaZer_SkipUAC
2023-10-24 18:35 - 2023-10-24 18:35 - 000000000 ____D C:\WINDOWS\system32\EBEB.tmp
2023-10-24 18:34 - 2023-10-24 18:34 - 000001963 _____ C:\Users\Public\Desktop\PrivaZer.lnk
2023-10-24 18:33 - 2023-10-24 19:39 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\PrivaZer
2023-10-24 18:33 - 2023-10-24 18:35 - 000000000 ____D C:\Program Files (x86)\PrivaZer
2023-10-24 18:33 - 2023-10-24 18:33 - 000001975 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk
2023-10-24 18:33 - 2023-10-24 18:33 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer
2023-10-24 18:33 - 2023-10-24 18:33 - 000000000 ____D C:\ProgramData\privazer
2023-10-23 08:07 - 2023-10-28 14:57 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\qBittorrent
2023-10-23 08:07 - 2023-10-23 08:08 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\qBittorrent
2023-10-23 08:07 - 2023-10-23 08:07 - 000000858 _____ C:\Users\Public\Desktop\qBittorrent.lnk
2023-10-23 08:07 - 2023-10-23 08:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2023-10-23 08:07 - 2023-10-23 08:07 - 000000000 ____D C:\Program Files\qBittorrent
2023-10-22 09:39 - 2023-10-22 11:09 - 000000000 ____D C:\Users\Hicham EL YASSAMI\.smtube
2023-10-22 09:39 - 2023-10-22 09:39 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\smtube
2023-10-22 09:35 - 2023-10-22 11:09 - 000000000 ____D C:\Users\Hicham EL YASSAMI\.smplayer
2023-10-22 09:34 - 2023-10-22 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMPlayer
2023-10-22 09:34 - 2023-10-22 09:38 - 000000000 ____D C:\Program Files\SMPlayer
2023-10-22 09:34 - 2023-10-22 09:34 - 000000818 _____ C:\Users\Public\Desktop\SMPlayer.lnk
2023-10-21 10:23 - 2023-10-21 10:24 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Taken
2023-10-18 18:47 - 2023-10-18 10:56 - 000416140 __RSH C:\bootmgr
2023-10-18 18:47 - 2019-12-07 09:08 - 000000001 ___SH C:\BOOTNXT
2023-10-17 09:50 - 2023-10-17 09:50 - 000048472 _____ (WiseCleaner.com) C:\WINDOWS\WiseRegNotify.sys
2023-10-16 21:57 - 2023-10-16 21:57 - 000033864 _____ (wisecleaner.com) C:\WINDOWS\WiseHDInfo64.dll
2023-10-16 09:26 - 2023-10-16 09:26 - 000003824 _____ C:\WINDOWS\system32\Tasks\Wise Turbo Checker.job
2023-10-16 09:26 - 2023-10-16 09:26 - 000003660 _____ C:\WINDOWS\system32\Tasks\Wise Care 365.job
2023-10-16 08:09 - 2023-10-25 15:55 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Wise Care 365
2023-10-16 07:59 - 2023-10-16 07:59 - 000001244 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2023-10-16 07:59 - 2023-10-16 07:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2023-10-15 10:29 - 2023-10-15 16:11 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\The Hunger Games (film series)
2023-10-14 19:56 - 2023-10-14 19:59 - 000000000 ____D C:\Users\Hicham EL YASSAMI\.dbus-keyrings
2023-10-14 19:51 - 2023-10-14 19:51 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\fontconfig
2023-10-14 11:06 - 2023-10-14 11:07 - 000000000 ____D C:\Program Files\sqlite
2023-10-13 15:34 - 2023-10-13 15:34 - 000000218 _____ C:\Users\Hicham EL YASSAMI\AppData\Local\recently-used.xbel
2023-10-13 15:31 - 2023-10-21 11:07 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Expend4bles (2023)
2023-10-13 15:17 - 2023-10-19 22:05 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Indiana Jones and the Dial of Destiny (2023)
2023-10-12 06:29 - 2023-10-12 06:29 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Daum
2023-10-12 06:28 - 2023-10-12 06:44 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\PotPlayerMini64
2023-10-12 06:28 - 2023-10-12 06:28 - 000000989 _____ C:\Users\Public\Desktop\PotPlayer.lnk
2023-10-12 06:28 - 2023-10-12 06:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PotPlayer
2023-10-12 06:28 - 2023-10-12 06:28 - 000000000 ____D C:\Program Files\DAUM
2023-10-11 12:34 - 2023-10-11 12:34 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\LibreOffice
2023-10-11 12:29 - 2023-10-11 12:29 - 000001197 _____ C:\Users\Public\Desktop\LibreOffice 7.6.lnk
2023-10-11 12:29 - 2023-10-11 12:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 7.6
2023-10-11 12:25 - 2023-10-11 12:26 - 000000000 ____D C:\Program Files\LibreOffice
2023-10-10 20:18 - 2023-10-10 20:18 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\WZDT
2023-10-10 20:15 - 2023-10-16 09:29 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Nico Mak Computing
2023-10-10 11:44 - 2023-10-10 14:37 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\The Tragedy of Macbeth (2021)
2023-10-08 12:39 - 2023-10-08 12:39 - 000001239 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2023-10-08 12:39 - 2023-10-08 12:39 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360 Security Center
2023-10-08 12:39 - 2023-10-08 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2023-10-08 12:39 - 2022-10-24 08:45 - 000360664 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2023-10-04 16:31 - 2023-10-04 16:31 - 000000000 ____D C:\MATS
2023-10-04 13:03 - 2023-10-04 13:03 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Prison Break
2023-10-04 07:50 - 2021-10-07 00:32 - 000043024 _____ (Synaptics Incorporated) C:\WINDOWS\system32\Drivers\Smb_driver_Intel.sys
2023-10-03 10:12 - 2023-10-27 23:08 - 097779712 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-10-03 10:12 - 2023-10-27 23:08 - 000442368 _____ C:\WINDOWS\system32\config\DEFAULT
2023-10-03 10:12 - 2023-10-27 23:08 - 000073728 _____ C:\WINDOWS\system32\config\SAM
2023-10-03 10:12 - 2023-10-03 10:12 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.rhk
2023-10-02 12:40 - 2023-10-28 17:19 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\XnViewMP
2023-10-02 12:39 - 2023-10-02 12:39 - 000001724 _____ C:\Users\Hicham EL YASSAMI\Desktop\XnViewMP.lnk
2023-10-02 12:39 - 2023-10-02 12:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnViewMP
2023-10-02 12:39 - 2023-10-02 12:39 - 000000000 ____D C:\Program Files\XnViewMP
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2023-10-28 17:24 - 2023-08-02 12:01 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Year 2023
2023-10-28 16:47 - 2019-12-07 09:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-10-28 16:47 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-10-28 16:46 - 2019-12-07 09:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-10-28 16:22 - 2023-06-30 15:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-10-28 16:21 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-10-28 15:06 - 2023-06-10 12:34 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\LocalLow\360WD
2023-10-28 14:52 - 2023-09-25 20:11 - 000008192 ___SH C:\DumpStack.log.tmp
2023-10-28 14:52 - 2023-06-30 15:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-10-28 14:52 - 2023-06-30 15:18 - 000001134 _____ C:\WINDOWS\system32\config\VSMIDK
2023-10-27 23:08 - 2019-12-07 09:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2023-10-27 19:49 - 2023-02-04 23:10 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Mozilla
2023-10-27 19:49 - 2023-02-04 23:10 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Mozilla
2023-10-27 19:27 - 2023-06-30 15:25 - 000000000 ____D C:\Users\Hicham EL YASSAMI
2023-10-27 14:21 - 2019-12-07 09:13 - 000000000 ____D C:\WINDOWS\INF
2023-10-27 13:42 - 2022-05-14 09:50 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\D3DSCache
2023-10-26 11:56 - 2023-07-01 19:41 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\HiBit Uninstaller
2023-10-26 11:48 - 2022-05-23 07:29 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\CrashDumps
2023-10-26 10:33 - 2022-05-14 11:17 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\ZHP
2023-10-26 00:59 - 2023-06-10 12:34 - 000000000 _RSHD C:\360SANDBOX
2023-10-25 11:56 - 2022-12-08 09:49 - 000002689 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-10-25 11:49 - 2023-06-30 13:48 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-10-25 11:43 - 2022-07-10 20:26 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Google
2023-10-25 06:07 - 2022-05-13 23:42 - 000000000 ____D C:\ProgramData\Package Cache
2023-10-25 06:06 - 2023-01-24 22:33 - 000000000 ____D C:\Program Files\dotnet
2023-10-23 13:49 - 2023-06-10 12:34 - 000000000 ____D C:\ProgramData\360safe
2023-10-22 07:05 - 2023-06-30 15:38 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-10-22 07:05 - 2019-12-07 14:50 - 000792972 _____ C:\WINDOWS\system32\perfh00C.dat
2023-10-22 07:05 - 2019-12-07 14:50 - 000150102 _____ C:\WINDOWS\system32\perfc00C.dat
2023-10-19 11:08 - 2023-06-08 22:49 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Torrents
2023-10-18 11:08 - 2019-12-07 14:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2023-10-18 11:08 - 2019-12-07 14:50 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-10-18 11:08 - 2019-12-07 14:50 - 000000000 ____D C:\WINDOWS\system32\fr
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SystemResources
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\setup
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-10-18 11:08 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-10-18 10:54 - 2023-06-30 15:23 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2023-10-16 09:27 - 2023-07-18 14:41 - 000000000 ____D C:\Program Files (x86)\Wise
2023-10-16 09:26 - 2023-07-18 14:41 - 000000000 ____D C:\WINDOWS\system32\Tasks\WiseCleaner
2023-10-15 21:07 - 2022-05-13 22:41 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\Packages
2023-10-15 21:07 - 2022-05-13 22:41 - 000000000 ____D C:\ProgramData\Packages
2023-10-15 21:05 - 2023-08-15 09:51 - 000000000 ____D C:\Program Files\CopyFilenames
2023-10-15 21:00 - 2022-07-26 00:18 - 000000000 ____D C:\Program Files (x86)\HP
2023-10-15 11:54 - 2022-05-14 11:17 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\ZHP
2023-10-15 07:51 - 2023-02-04 15:31 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Geek Uninstaller
2023-10-15 07:51 - 2022-11-18 11:33 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\SquirrelTemp
2023-10-15 07:51 - 2022-11-02 17:12 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Microsoft\HTML Help
2023-10-15 07:51 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-10-14 14:38 - 2023-08-07 14:56 - 000000000 ____D C:\Program Files (x86)\7-Zip
2023-10-14 14:38 - 2023-06-10 12:36 - 000000000 ____D C:\ProgramData\360Quarant
2023-10-14 14:38 - 2022-11-07 18:30 - 000000000 __SHD C:\$360Section
2023-10-13 08:03 - 2022-06-18 07:31 - 000000000 ___RD C:\Users\Hicham EL YASSAMI\Desktop\MOVIES I
2023-10-13 07:38 - 2022-05-13 22:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-10-13 04:12 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-10-13 04:10 - 2019-12-07 14:53 - 000000000 ___SD C:\WINDOWS\system32\AppV
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\et-EE
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\Com
2023-10-13 04:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\Provisioning
2023-10-13 04:07 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\IME
2023-10-13 04:07 - 2019-12-07 09:03 - 000000000 ____D C:\WINDOWS\servicing
2023-10-13 04:06 - 2019-12-07 14:53 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-10-13 04:06 - 2019-12-07 14:53 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-10-13 04:06 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Windows Defender
2023-10-13 04:06 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files\Common Files\System
2023-10-13 04:06 - 2019-12-07 09:14 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-10-12 15:55 - 2023-07-23 22:17 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Digiarty
2023-10-12 09:59 - 2023-06-21 20:22 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2023-10-12 09:01 - 2022-05-14 23:09 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-10-12 08:51 - 2022-05-14 23:08 - 181553176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2023-10-12 05:50 - 2022-05-17 17:08 - 000000035 _____ C:\Users\Hicham
2023-10-10 21:12 - 2023-07-25 22:52 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Session Storage
2023-10-10 21:12 - 2023-07-25 22:40 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\Platform Notifications
2023-10-09 10:56 - 2023-06-10 13:23 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Roaming\360safe
2023-10-05 14:53 - 2022-05-13 20:07 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-10-04 17:04 - 2022-12-25 21:43 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\Local\ElevatedDiagnostics
2023-10-04 16:46 - 2022-05-14 08:51 - 000918960 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2023-10-04 16:45 - 2019-12-07 09:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-10-04 14:35 - 2023-09-22 10:11 - 000000000 ____D C:\Users\Hicham EL YASSAMI\Desktop\Golda (2023)
2023-10-03 21:41 - 2022-05-22 21:48 - 000000000 ____D C:\ProgramData\ProductData
2023-10-03 11:10 - 2019-12-07 09:14 - 000000000 ____D C:\WINDOWS\Help
2023-10-03 10:12 - 2023-08-10 17:35 - 012845056 _____ C:\Users\Hicham EL YASSAMI\NTUSER.bak
2023-10-02 17:19 - 2023-07-05 15:21 - 000000000 ____D C:\WINDOWS\Minidump
2023-10-01 18:58 - 2023-02-18 15:06 - 000000000 ____D C:\Users\Hicham EL YASSAMI\AppData\LocalLow\Mozilla
==================== Fichiers à la racine de certains dossiers ========
2022-04-23 20:32 - 2022-04-23 20:32 - 000000259 _____ () C:\ProgramData\fontcacheev1.dat
2022-08-13 22:06 - 2022-08-13 22:05 - 000003910 _____ () C:\ProgramData\get11.cmd
2023-06-29 16:16 - 2023-06-29 17:28 - 000000012 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\2457fe3357cbf1220231e8917326f70f
2023-07-07 14:17 - 2023-07-10 11:29 - 000000045 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Apps.ini
2023-07-25 22:40 - 2023-07-25 22:40 - 000020480 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Cookies
2023-07-25 22:40 - 2023-07-25 22:40 - 000000000 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Cookies-journal
2023-07-25 22:40 - 2023-08-17 17:47 - 000000337 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Network Persistent State
2023-07-25 22:40 - 2023-07-25 22:40 - 000000075 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\user_prefs.json
2023-07-25 22:40 - 2023-07-25 22:40 - 000131072 _____ () C:\Users\Hicham EL YASSAMI\AppData\Roaming\Visited Links
2022-06-02 16:09 - 2022-06-03 00:45 - 000000027 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\.sdpl-system-config4
2023-10-13 15:34 - 2023-10-13 15:34 - 000000218 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\recently-used.xbel
2023-01-08 18:13 - 2023-01-08 18:13 - 000000017 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\resmon.resmoncfg
2022-11-30 21:45 - 2022-11-30 22:58 - 000000385 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\rtb.json
2023-02-01 20:17 - 2023-02-02 10:15 - 000000309 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\Temp.png
2022-07-19 20:23 - 2022-07-19 20:23 - 000062350 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\Tempfm.ico
2023-03-20 19:30 - 2023-03-20 19:30 - 000000003 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\updater.log
2023-03-20 19:30 - 2023-03-20 19:30 - 000000424 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\UserProducts.xml
2023-07-03 21:22 - 2023-07-04 22:31 - 043646976 _____ () C:\Users\Hicham EL YASSAMI\AppData\Local\videocatalog-230703.vcat
==================== FCheck ================================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
FCheck: C:\WINDOWS\SysWOW64\version_IObitDel.dll [2022-05-14] <==== ATTENTION (zéro octet Fichier/Dossier)
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================