Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.04.2024 01
Exécuté par etcheverry claude (administrateur) sur LAPTOP-CJH29JNF (Acer Aspire E5-575G) (18-05-2024 10:40:55)
Exécuté depuis C:\Users\etcheverry claude\Downloads\FRST64.exe
Profils chargés: etcheverry claude
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4412 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1903344 2016-02-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3057403503-3601175914-1804783804-1001\...\Run: [MicrosoftEdgeAutoLaunch_9CE182208A8FAF46201E4370742B7A8A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\125.0.6422.60\Installer\chrmstp.exe [2024-05-17] () [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {92AF0A4B-4F2E-4060-91A0-75D9F238ED4D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {89654C02-40E0-4C40-BCF7-AB6EF21E8689} - System32\Tasks\{9C5724DC-9084-4B0D-9892-A355EF4A6718} => c:\program files\mozilla firefox\firefox.exe [673696 2024-05-09] (Mozilla Corporation -> Mozilla Corporation) -> hxxps://ui.skype.com/ui/0/7.32.0.104/fr/go/help.faq.installer?LastError=1618
Task: {82845976-EF76-4A02-AF28-A0E3A1B42E04} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> )
Task: {6EBA52FB-F23C-4BCE-BE57-9333536490F9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-06-24] (Acer Incorporated -> )
Task: {C5C0A5B2-5EF2-420F-BF06-A5E09C55E52D} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {DB14F008-390D-4E89-B9D0-7198FDED42E7} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) -> C:\Program Files (x86)\Acer\AOP Framework\\task
Task: {00C42090-6E5F-4236-A555-FAAF654F9084} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {2770F27B-A3CB-4E9C-965B-E7B38CB0FBDB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{FDD2EA0E-2AF4-4A20-93B8-D460B15E4C9B} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {1445924D-0736-4B5C-8CD5-8C7ED1622CC1} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {A3021BA5-5E84-4CC6-9789-D15440A217C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A859029-8FCC-450A-96F0-0ACEB2FBBD19} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4526A40E-DF93-4A75-9098-D2310B6A78E4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [220608 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2404B038-C671-4524-BBA8-FA7B4CFE1AA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [220608 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1BCF621-B139-4B89-8AF9-7B487B7EADF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C32E70B-5B63-49B3-BE7E-7BB16EF9DF57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D20A9746-D3FE-423A-8323-6FD1E49239A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C7C9B36-EF66-47C9-A28B-B531048BC22C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD89D043-A484-469C-B0DC-ECFEB0A20505} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {70FB6D39-FEBB-4805-935B-54616E3F10EC} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3057403503-3601175914-1804783804-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {99D88FF4-E164-4D5F-B709-1EB7B5AB35B1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {98145DC0-57FB-4F49-99B3-DED33DD78C37} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013264 2018-01-05] (NVIDIA Corporation -> ) -> C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\-showOnChangeOnly
Task: {DBC70624-B7BF-4F49-9863-CCCB84C7028D} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [63808 2018-09-26] (Acer Incorporated -> Acer)
Task: {FBAB263C-39AF-4334-A188-345A95E21219} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {3B206266-4661-4D8A-9EDC-EF5924604D92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {51A918CA-36E3-4C9E-B84B-C6207C260A56} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO:)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}: [DhcpDomain] lan
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}\C496675626F687D22445A594E464F4: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}\C496675626F687D22445A594E464F4: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-18]
Edge DownloadDir: Default -> C:\Users\etcheverry claude\Downloads
Edge Extension: (Google Docs hors connexion) - C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-07]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-17]
Edge Extension: (Edge relevant text changes) - C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: cn5h0v4f.default
FF ProfilePath: C:\Users\etcheverry claude\AppData\Roaming\Mozilla\Firefox\Profiles\cn5h0v4f.default [2024-05-12]
FF Homepage: Mozilla\Firefox\Profiles\cn5h0v4f.default -> hxxp://yahoo.fr/
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-12-29] []
FF Extension: (Français Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org [2016-12-29] []
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-12-29] []
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default [2024-05-18]
CHR Notifications: Default -> hxxps://re-captha-version-3-16.live; hxxps://www.paroles.net
CHR StartupUrls: Default -> "hxxps://www.bing.com/?FORM=SLBRDF&PC=SL09"
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2024-04-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-28] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl0e4635e9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B43964C-9656-49B9-96A1-CC241A229444}\MpKslDrv.sys [271648 2024-05-18] (Microsoft Windows -> Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2023-07-19] (Adlice -> )
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-18 10:35 - 2024-05-18 10:40 - 000043467 _____ C:\Users\etcheverry claude\Downloads\Addition.txt
2024-05-18 10:26 - 2024-05-18 10:43 - 000022217 _____ C:\Users\etcheverry claude\Downloads\FRST.txt
2024-05-18 10:25 - 2024-05-18 10:42 - 000000000 ____D C:\FRST
2024-05-18 10:24 - 2024-05-18 10:24 - 002394112 _____ (Farbar) C:\Users\etcheverry claude\Downloads\FRST64.exe
2024-05-15 10:09 - 2024-05-15 10:09 - 000000000 ___HD C:\$WinREAgent
2024-05-09 08:28 - 2024-05-16 11:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-05-01 06:09 - 2024-05-01 06:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-18 10:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-18 10:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-05-18 10:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-18 10:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-18 09:38 - 2023-05-12 11:08 - 000000000 ____D C:\Users\etcheverry claude\AppData\Local\Malwarebytes
2024-05-18 09:35 - 2017-03-22 21:55 - 000000000 ____D C:\Users\etcheverry claude\AppData\Local\CrashDumps
2024-05-18 09:29 - 2017-03-22 18:49 - 000000000 __SHD C:\Users\etcheverry claude\IntelGraphicsProfiles
2024-05-17 16:47 - 2020-08-22 13:14 - 000000000 ____D C:\Users\etcheverry claude
2024-05-17 16:47 - 2016-12-29 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-17 16:27 - 2020-08-22 13:25 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-17 16:27 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-05-17 16:27 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-05-17 16:27 - 2018-06-24 21:31 - 000000000 ____D C:\ProgramData\Packages
2024-05-17 16:27 - 2018-03-03 19:57 - 000000000 ____D C:\Users\etcheverry claude\AppData\Local\Packages
2024-05-17 16:19 - 2020-08-22 13:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-17 16:19 - 2020-08-22 13:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-17 16:19 - 2020-08-22 13:06 - 000008192 ___SH C:\DumpStack.log.tmp
2024-05-17 16:16 - 2021-12-20 14:23 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-17 16:16 - 2017-05-29 16:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-17 10:07 - 2016-12-29 17:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-05-17 09:27 - 2023-01-17 11:05 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-05-17 09:27 - 2020-06-26 12:47 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-17 08:57 - 2018-03-01 20:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-05-16 11:46 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-05-16 11:13 - 2020-08-22 13:06 - 000444552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-16 11:12 - 2016-12-29 18:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-16 11:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-05-16 09:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-16 09:42 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-15 11:09 - 2020-08-22 13:13 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-15 10:05 - 2022-11-16 07:40 - 000000000 ____D C:\Program Files\RUXIM
2024-05-15 09:03 - 2017-04-02 13:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-15 08:47 - 2017-04-02 13:58 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-12 16:04 - 2022-02-12 11:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-09 09:45 - 2016-12-29 18:59 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-08 09:20 - 2020-08-22 13:50 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-08 09:20 - 2020-08-22 13:50 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-07 09:16 - 2021-09-24 10:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-05-01 06:10 - 2017-05-29 16:32 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-20 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
==================== Fichiers à la racine de certains dossiers ========
2019-05-18 10:17 - 2019-05-18 10:17 - 006922240 _____ () C:\Program Files (x86)\GUT6158.tmp
2023-01-09 11:03 - 2023-01-09 11:03 - 000007605 _____ () C:\Users\etcheverry claude\AppData\Local\Resmon.ResmonCfg
2019-03-11 11:23 - 2019-03-11 11:23 - 000000000 _____ () C:\Users\etcheverry claude\AppData\Local\{0A2ED1A0-3C44-4B64-89C3-C45EFDF11BF1}
2019-03-11 11:23 - 2019-03-11 11:23 - 000000000 _____ () C:\Users\etcheverry claude\AppData\Local\{F3987BDA-6D0D-4C02-82A1-743E1BECE6B0}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
Exécuté par etcheverry claude (administrateur) sur LAPTOP-CJH29JNF (Acer Aspire E5-575G) (18-05-2024 10:40:55)
Exécuté depuis C:\Users\etcheverry claude\Downloads\FRST64.exe
Profils chargés: etcheverry claude
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4412 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(C:\Program Files\Acer\Acer Quick Access\QASvc.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxEM.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <17>
(explorer.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(services.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(services.exe ->) (ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(services.exe ->) (Intel(R) CN -> Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHDCPSvc.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\IntelCpHeciSvc.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(svchost.exe ->) (Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(svchost.exe ->) (Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(svchost.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_587befb80671fb38\igfxext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390912 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506176 2018-11-08] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-06-01] (Intel(R) Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart [1903344 2016-02-17] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [Fichier non signé]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3057403503-3601175914-1804783804-1001\...\Run: [MicrosoftEdgeAutoLaunch_9CE182208A8FAF46201E4370742B7A8A] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4081192 2024-05-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\125.0.6422.60\Installer\chrmstp.exe [2024-05-17] () [Fichier non signé]
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {92AF0A4B-4F2E-4060-91A0-75D9F238ED4D} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {89654C02-40E0-4C40-BCF7-AB6EF21E8689} - System32\Tasks\{9C5724DC-9084-4B0D-9892-A355EF4A6718} => c:\program files\mozilla firefox\firefox.exe [673696 2024-05-09] (Mozilla Corporation -> Mozilla Corporation) -> hxxps://ui.skype.com/ui/0/7.32.0.104/fr/go/help.faq.installer?LastError=1618
Task: {82845976-EF76-4A02-AF28-A0E3A1B42E04} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40352 2016-06-24] (Acer Incorporated -> )
Task: {6EBA52FB-F23C-4BCE-BE57-9333536490F9} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4644256 2016-06-24] (Acer Incorporated -> )
Task: {C5C0A5B2-5EF2-420F-BF06-A5E09C55E52D} - System32\Tasks\AcerCMUpdateTask2.5.22250 => C:\Program Files (x86)\Acer\Amundsen\2.5.22250\awc.exe [96904 2022-09-25] (Acer Incorporated -> )
Task: {DB14F008-390D-4E89-B9D0-7198FDED42E7} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2017-03-20] (Acer Incorporated -> Acer Incorporated) -> C:\Program Files (x86)\Acer\AOP Framework\\task
Task: {00C42090-6E5F-4236-A555-FAAF654F9084} - System32\Tasks\FubToolByPLD => C:\OEM\Preload\FubTool\FubTool.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {2770F27B-A3CB-4E9C-965B-E7B38CB0FBDB} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem126.0.6462.0{FDD2EA0E-2AF4-4A20-93B8-D460B15E4C9B} => C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
Task: {1445924D-0736-4B5C-8CD5-8C7ED1622CC1} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {A3021BA5-5E84-4CC6-9789-D15440A217C5} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A859029-8FCC-450A-96F0-0ACEB2FBBD19} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28435936 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {4526A40E-DF93-4A75-9098-D2310B6A78E4} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [220608 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2404B038-C671-4524-BBA8-FA7B4CFE1AA5} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [220608 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1BCF621-B139-4B89-8AF9-7B487B7EADF2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3C32E70B-5B63-49B3-BE7E-7BB16EF9DF57} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D20A9746-D3FE-423A-8323-6FD1E49239A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8C7C9B36-EF66-47C9-A28B-B531048BC22C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpCmdRun.exe [1658408 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CD89D043-A484-469C-B0DC-ECFEB0A20505} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {70FB6D39-FEBB-4805-935B-54616E3F10EC} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3057403503-3601175914-1804783804-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [673696 2024-05-09] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus).
Task: {99D88FF4-E164-4D5F-B709-1EB7B5AB35B1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [33696 2024-05-09] (Mozilla Corporation -> Mozilla Foundation)
Task: {98145DC0-57FB-4F49-99B3-DED33DD78C37} - System32\Tasks\NvNotifier_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\NvNotifier.exe [2013264 2018-01-05] (NVIDIA Corporation -> ) -> C:\Program Files\NVIDIA Corporation\GFExperience.Deployer\-showOnChangeOnly
Task: {DBC70624-B7BF-4F49-9863-CCCB84C7028D} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [63808 2018-09-26] (Acer Incorporated -> Acer)
Task: {FBAB263C-39AF-4334-A188-345A95E21219} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2767152 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {3B206266-4661-4D8A-9EDC-EF5924604D92} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [422704 2016-09-13] (Acer Incorporated -> Acer Incorporated)
Task: {51A918CA-36E3-4C9E-B84B-C6207C260A56} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [216296 2014-03-13] (Acer Incorporated -> TODO:
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}: [DhcpDomain] lan
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}\C496675626F687D22445A594E464F4: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d023894b-27ee-4e0d-962b-07bea24be654}\C496675626F687D22445A594E464F4: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default [2024-05-18]
Edge DownloadDir: Default -> C:\Users\etcheverry claude\Downloads
Edge Extension: (Google Docs hors connexion) - C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-04-07]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-17]
Edge Extension: (Edge relevant text changes) - C:\Users\etcheverry claude\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: cn5h0v4f.default
FF ProfilePath: C:\Users\etcheverry claude\AppData\Roaming\Mozilla\Firefox\Profiles\cn5h0v4f.default [2024-05-12]
FF Homepage: Mozilla\Firefox\Profiles\cn5h0v4f.default -> hxxp://yahoo.fr/
FF Extension: (Amazon Assistant for Firefox) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\abb-acer@amazon.com [2016-12-29] []
FF Extension: (Français Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org [2016-12-29] []
FF Extension: (Mozilla Partner Defaults) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\partnerdefaults@mozilla.com [2016-12-29] []
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default [2024-05-18]
CHR Notifications: Default -> hxxps://re-captha-version-3-16.live; hxxps://www.paroles.net
CHR StartupUrls: Default -> "hxxps://www.bing.com/?FORM=SLBRDF&PC=SL09"
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2024-04-18]
CHR Extension: (Google Docs hors connexion) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-21]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-05-18]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\etcheverry claude\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14248016 2024-05-17] (Microsoft Corporation -> Microsoft Corporation)
S2 GoogleUpdaterInternalService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
S2 GoogleUpdaterService126.0.6462.0; C:\Program Files (x86)\Google\GoogleUpdater\126.0.6462.0\updater.exe [4794656 2024-05-06] (Google LLC -> Google LLC)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8884840 2024-04-20] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [441136 2016-09-13] (Acer Incorporated -> Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [482608 2016-09-13] (Acer Incorporated -> Acer Incorporated)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [295840 2016-05-28] (Acer Incorporated -> acer)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AcerAirplaneModeController; C:\WINDOWS\System32\drivers\AcerAirplaneModeController.sys [30168 2020-05-12] (Acer Incorporated -> Acer Incorporated)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2017-10-20] (Acer Incorporated -> Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-05-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MpKsl0e4635e9; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B43964C-9656-49B9-96A1-CC241A229444}\MpKslDrv.sys [271648 2024-05-18] (Microsoft Windows -> Microsoft Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2017-10-20] (Acer Incorporated -> Acer Incorporated)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2023-07-19] (Adlice -> )
R0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-18 10:35 - 2024-05-18 10:40 - 000043467 _____ C:\Users\etcheverry claude\Downloads\Addition.txt
2024-05-18 10:26 - 2024-05-18 10:43 - 000022217 _____ C:\Users\etcheverry claude\Downloads\FRST.txt
2024-05-18 10:25 - 2024-05-18 10:42 - 000000000 ____D C:\FRST
2024-05-18 10:24 - 2024-05-18 10:24 - 002394112 _____ (Farbar) C:\Users\etcheverry claude\Downloads\FRST64.exe
2024-05-15 10:09 - 2024-05-15 10:09 - 000000000 ___HD C:\$WinREAgent
2024-05-09 08:28 - 2024-05-16 11:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-05-01 06:09 - 2024-05-01 06:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-05-18 10:43 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-05-18 10:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2024-05-18 10:20 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-05-18 10:05 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-05-18 09:38 - 2023-05-12 11:08 - 000000000 ____D C:\Users\etcheverry claude\AppData\Local\Malwarebytes
2024-05-18 09:35 - 2017-03-22 21:55 - 000000000 ____D C:\Users\etcheverry claude\AppData\Local\CrashDumps
2024-05-18 09:29 - 2017-03-22 18:49 - 000000000 __SHD C:\Users\etcheverry claude\IntelGraphicsProfiles
2024-05-17 16:47 - 2020-08-22 13:14 - 000000000 ____D C:\Users\etcheverry claude
2024-05-17 16:47 - 2016-12-29 18:33 - 000000000 ____D C:\ProgramData\NVIDIA
2024-05-17 16:27 - 2020-08-22 13:25 - 001772726 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-05-17 16:27 - 2019-12-07 16:49 - 000793016 _____ C:\WINDOWS\system32\perfh00C.dat
2024-05-17 16:27 - 2019-12-07 16:49 - 000150146 _____ C:\WINDOWS\system32\perfc00C.dat
2024-05-17 16:27 - 2018-06-24 21:31 - 000000000 ____D C:\ProgramData\Packages
2024-05-17 16:27 - 2018-03-03 19:57 - 000000000 ____D C:\Users\etcheverry claude\AppData\Local\Packages
2024-05-17 16:19 - 2020-08-22 13:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-05-17 16:19 - 2020-08-22 13:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-05-17 16:19 - 2020-08-22 13:06 - 000008192 ___SH C:\DumpStack.log.tmp
2024-05-17 16:16 - 2021-12-20 14:23 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-05-17 16:16 - 2017-05-29 16:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-05-17 10:07 - 2016-12-29 17:01 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2024-05-17 09:27 - 2023-01-17 11:05 - 000002284 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-05-17 09:27 - 2020-06-26 12:47 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-05-17 08:57 - 2018-03-01 20:25 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-05-16 11:46 - 2019-12-07 11:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-05-16 11:13 - 2020-08-22 13:06 - 000444552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-05-16 11:12 - 2016-12-29 18:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2024-05-16 11:07 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\F12
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-05-16 11:06 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Portable Devices
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2024-05-16 11:05 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\PrintDialog
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-05-16 11:05 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-05-16 11:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2024-05-16 09:45 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-05-16 09:42 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-05-15 11:09 - 2020-08-22 13:13 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-05-15 10:05 - 2022-11-16 07:40 - 000000000 ____D C:\Program Files\RUXIM
2024-05-15 09:03 - 2017-04-02 13:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-05-15 08:47 - 2017-04-02 13:58 - 196465576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-05-12 16:04 - 2022-02-12 11:47 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-05-09 09:45 - 2016-12-29 18:59 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-05-08 09:20 - 2020-08-22 13:50 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-05-08 09:20 - 2020-08-22 13:50 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-05-07 09:16 - 2021-09-24 10:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2024-05-01 06:10 - 2017-05-29 16:32 - 000000000 ____D C:\Program Files (x86)\Google
2024-04-20 10:17 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\appcompat
==================== Fichiers à la racine de certains dossiers ========
2019-05-18 10:17 - 2019-05-18 10:17 - 006922240 _____ () C:\Program Files (x86)\GUT6158.tmp
2023-01-09 11:03 - 2023-01-09 11:03 - 000007605 _____ () C:\Users\etcheverry claude\AppData\Local\Resmon.ResmonCfg
2019-03-11 11:23 - 2019-03-11 11:23 - 000000000 _____ () C:\Users\etcheverry claude\AppData\Local\{0A2ED1A0-3C44-4B64-89C3-C45EFDF11BF1}
2019-03-11 11:23 - 2019-03-11 11:23 - 000000000 _____ () C:\Users\etcheverry claude\AppData\Local\{F3987BDA-6D0D-4C02-82A1-743E1BECE6B0}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)