Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2024
Exécuté par Aïcha (administrateur) sur LAPTOP-4HC4E7Q4 (HP HP Notebook) (19-02-2024 16:32:42)
Exécuté depuis C:\Users\Aïcha\Downloads\FRST64(2).exe
Profils chargés: Aïcha
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3930 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Windows\SysWOW64\esif_uf.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.372\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(services.exe ->) (Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(services.exe ->) (Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp -> ) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2401.3.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8850688 2016-03-01] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [229592 2015-07-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\Run: [Opera Browser Assistant] => C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4002208 2024-02-12] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\...\MountPoints2: {462109e0-69e0-11e8-b913-806e6f6e6963} - "E:\EasySetup.exe"
HKLM\...\Windows x64\Print Processors\Canon MG5200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDAE.DLL [28672 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\Canon TS3300 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDG3.DLL [506368 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5200 series: C:\WINDOWS\system32\CNMLMAE.DLL [361472 2010-08-25] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS3300 series: C:\WINDOWS\system32\CNMLMG3.DLL [1334784 2023-06-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\WINDOWS\system32\CNMN6PPM.DLL [327680 2010-02-05] (CANON INC.) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {2CBE7BC2-CDA5-416B-9022-B34EA7711624} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {32867C71-3B34-468C-9FA3-71F75C4B9882} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-07] (Google Inc -> Google Inc.)
Task: {8CC0A316-B823-4A91-8D0F-6814BE838B32} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {82D51C28-3169-4C82-A2DA-4DEDA4ABB05F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {52D49DC5-0054-482F-AE3C-F0FB1D009A48} - System32\Tasks\HPDAS => C:\Program -> Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs
Task: {840A242E-897B-48F6-AD64-87E24D42A970} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-02-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D088514D-9DB0-4281-BE1A-E7B2858D927D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-02-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F41AC77E-316A-474C-81C9-DB64EA1DB9CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-02-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {034289A6-0B0E-4E49-8CF4-E1EE918C97C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2024-02-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {538407E5-6269-4C47-83D0-ED6B6ABD9367} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-06] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {0DDD7ECD-0C7C-4AB2-A3F3-14A51C92AC9A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {7909D99E-AB74-4856-8C27-7C3E6DF2F3D8} - System32\Tasks\Opera scheduled assistant Autoupdate 1582724596 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2358688 2024-02-12] (Opera Norway AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\Aïcha\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {C4D0E7E0-B8A3-4F82-A26A-11A96A906480} - System32\Tasks\Opera scheduled Autoupdate 1575394450 => C:\Users\Aïcha\AppData\Local\Programs\Opera\launcher.exe [2358688 2024-02-12] (Opera Norway AS -> Opera Software)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\6427565626F687D2142463233403: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\6427565675966696: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\6627565626F687C6962656: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\960586F6E656024656021496368616: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\C496675626F687D233433483: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\C496675626F687D233433483: [DhcpDomain] home
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\F62716E67656: [DhcpNameServer] 193.252.165.234
Tcpip\..\Interfaces\{c9435c41-0b27-4489-bf20-69921e0ed2d7}\F62716E67656: [DhcpDomain] orange-hotspot
Tcpip\..\Interfaces\{e3fa0faa-78f0-46c6-888c-fd6da6e5c0b9}: [DhcpNameServer] 212.27.40.241 212.27.40.240

Edge:
=======
Edge Profile: C:\Users\Aïcha\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-18]
Edge DownloadDir: Default -> C:\Users\Aïcha\Downloads
Edge StartupUrls: Default -> "hxxp://google.com/"
Edge DefaultSearchURL: Default -> hxxps://www.google.fr/search?q={searchTerms}&ie={inputEncoding?}&oe={outputEncoding?}
Edge Extension: (Edge relevant text changes) - C:\Users\Aïcha\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-07]

FireFox:
========
FF DefaultProfile: 8r1enpzp.default-1680186465040
FF ProfilePath: C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\8r1enpzp.default-1680186465040 [2024-02-19]
FF Notifications: Mozilla\Firefox\Profiles\8r1enpzp.default-1680186465040 -> hxxps://paldenshangpalaboulaye.org; hxxps://www.greenweez.com; hxxps://www.courrierinternational.com; hxxps://www.forumfr.com; hxxps://forums.futura-sciences.com
FF Extension: (Ecosia – Le moteur de recherche qui plante des arbres) - C:\Users\Aïcha\AppData\Roaming\Mozilla\Firefox\Profiles\8r1enpzp.default-1680186465040\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2024-01-05]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1233203.dll [2018-05-15] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.10 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.12 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default [2024-02-14]
CHR Notifications: Default -> hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.huffingtonpost.fr; hxxps://www.sncf-connect.com
CHR StartupUrls: Default -> "hxxps://www.google.fr/?gws_rd=ssl"
CHR Extension: (Google Docs hors connexion) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-23]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-28]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Aïcha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-04]
CHR HKU\S-1-5-21-4057811618-3854163365-3257520157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [127192 2015-11-19] (Realtek Semiconductor Corp -> )
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [445432 2021-04-19] (Canon Inc. -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2024-02-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2024-02-06] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R3 BthAudioHF; C:\WINDOWS\system32\drivers\RtkHfp.sys [104688 2015-09-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation)
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [154112 2021-10-15] (Microsoft Corporation) [Fichier non signé]
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2024-02-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2024-02-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2024-02-06] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S3 MpKsl0065ca36; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl2c9d3898; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl33ce24a2; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl342eb7af; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl38076f81; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl51965eee; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl51e195f9; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl5319d122; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl6738b6f8; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl6f73dcc4; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl70741513; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl773b7990; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl7797fa60; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl77df2dba; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl7f28b78a; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl83ee5032; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsl87375d61; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsla610ae98; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsla7ea4085; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKslb2096de1; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKslb4bb29e0; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKslbda8ae09; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKslc059cea2; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKslc2e40512; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKslcaf58d47; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsld414ddfb; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]
S3 MpKsld7cb524c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9F90DF2C-31C5-427D-A791-345D1031E65E}\MpKslDrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-02-19 16:32 - 2024-02-19 16:40 - 000021980 _____ C:\Users\Aïcha\Downloads\FRST.txt
2024-02-19 16:28 - 2024-02-19 16:28 - 002386944 _____ (Farbar) C:\Users\Aïcha\Downloads\FRST64(2).exe
2024-02-19 16:16 - 2024-02-19 16:16 - 002386944 _____ (Farbar) C:\Users\Aïcha\Downloads\FRST64.exe
2024-02-19 16:16 - 2024-02-19 16:16 - 002386944 _____ (Farbar) C:\Users\Aïcha\Downloads\FRST64(1).exe
2024-02-18 18:42 - 2024-02-18 18:42 - 000000000 ___HD C:\$WinREAgent
2024-02-16 22:18 - 2024-02-16 22:18 - 000145976 _____ C:\Users\Aïcha\Downloads\tract -2.pdf
2024-02-16 22:18 - 2024-02-16 22:18 - 000145976 _____ C:\Users\Aïcha\Desktop\education Gaza.pdf
2024-02-16 15:31 - 2024-02-16 15:31 - 012520949 _____ C:\Users\Aïcha\Desktop\bull palestine.pdf
2024-02-16 15:30 - 2024-02-16 15:31 - 012520949 _____ C:\Users\Aïcha\Downloads\bull palestine.pdf
2024-02-14 11:10 - 2024-02-14 11:11 - 001552437 _____ C:\Users\Aïcha\Downloads\tract (1).pdf
2024-02-14 11:03 - 2024-02-14 11:03 - 001552437 _____ C:\Users\Aïcha\Downloads\tract.pdf
2024-02-14 09:48 - 2024-02-14 09:48 - 000014362 _____ C:\Users\Aïcha\Downloads\deposit-proof-MXNYEB28.pdf
2024-02-14 09:48 - 2024-02-14 09:48 - 000014362 _____ C:\Users\Aïcha\Desktop\deposit-proof-MXNYEB28.pdf
2024-02-12 12:39 - 2024-02-12 12:39 - 000256539 _____ C:\Users\Aïcha\Desktop\186-20240209-pre-01-00-fr.pdf
2024-02-12 11:44 - 2024-02-12 11:44 - 000145976 _____ C:\Users\Aïcha\Downloads\tract -1-1.pdf
2024-02-12 11:42 - 2024-02-12 11:42 - 000145976 _____ C:\Users\Aïcha\Downloads\tract -1.pdf
2024-02-12 11:26 - 2024-02-12 11:26 - 000145976 _____ C:\Users\Aïcha\Downloads\tract .pdf
2024-02-10 23:14 - 2024-02-10 23:14 - 000001087 _____ C:\Users\Public\Desktop\ClipGrab.lnk
2024-02-09 18:26 - 2024-02-09 18:26 - 000030208 _____ C:\Users\Aïcha\Downloads\2024 02 07 CR réunion MAN 71.dot
2024-02-09 18:26 - 2024-02-09 18:26 - 000025670 _____ C:\Users\Aïcha\Desktop\Sans nom 1.odt
2024-02-09 18:15 - 2024-02-09 18:15 - 000086362 _____ C:\Users\Aïcha\Downloads\AA rapport financier 2023.pdf
2024-02-09 18:15 - 2024-02-09 18:15 - 000038948 _____ C:\Users\Aïcha\Downloads\COMPTES AU 31 DECEMBRE 2023.odt
2024-02-06 17:19 - 2024-02-07 11:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-02-05 19:55 - 2024-02-05 19:56 - 000009275 _____ C:\Users\Aïcha\Desktop\exister.odt
2024-02-04 09:44 - 2024-02-04 09:44 - 000014480 _____ C:\Users\Aïcha\Documents\deposit-proof-MVNREB46 ressencement.pdf
2024-01-29 20:04 - 2024-01-29 20:04 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2024-01-29 20:04 - 2024-01-29 20:04 - 000002248 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2024-01-29 11:40 - 2024-01-29 11:40 - 000727714 _____ C:\Users\Aïcha\Desktop\IMG_20240129_0001.pdf
2024-01-24 16:24 - 2024-01-24 16:25 - 000000000 ____D C:\Users\Aïcha\Desktop\info + pdf divers
2024-01-24 12:22 - 2024-01-24 12:22 - 000007407 _____ C:\Users\Aïcha\Desktop\domisol fevrier.PDF
2024-01-22 12:51 - 2024-01-22 12:54 - 000023675 _____ C:\Users\Aïcha\Documents\guerrière de la paix.odt

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-02-19 16:39 - 2023-10-25 18:17 - 000000000 ____D C:\FRST
2024-02-19 16:38 - 2021-12-16 12:57 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-19 16:38 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-19 16:38 - 2018-06-07 19:35 - 000000000 ____D C:\Program Files (x86)\Google
2024-02-19 16:26 - 2018-06-07 13:52 - 000000000 ____D C:\Users\Aïcha\Documents\papiers SLIMANE
2024-02-19 15:25 - 2022-02-10 15:03 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-19 15:22 - 2020-08-25 15:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-19 15:22 - 2020-08-25 15:21 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-19 15:22 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-02-19 15:22 - 2018-06-07 01:36 - 000000000 __SHD C:\Users\Aïcha\IntelGraphicsProfiles
2024-02-19 15:22 - 2018-06-07 01:31 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2024-02-19 13:45 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-02-19 13:24 - 2020-08-25 15:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-19 12:16 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-19 09:46 - 2023-11-01 22:24 - 000000000 ____D C:\Users\Aïcha\Desktop\PALESTINE
2024-02-18 18:44 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-16 12:36 - 2018-06-07 13:51 - 000000000 ____D C:\Users\Aïcha\Documents\COLLECTIF
2024-02-16 10:19 - 2018-06-07 19:36 - 000002306 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 19:53 - 2020-08-25 15:55 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1575394450
2024-02-15 19:53 - 2019-12-03 18:34 - 000001474 _____ C:\Users\Aïcha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2024-02-14 20:13 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-14 11:19 - 2022-03-03 10:22 - 000000000 ____D C:\Users\Aïcha\AppData\Roaming\Telegram Desktop
2024-02-13 19:41 - 2023-10-19 10:47 - 000004460 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1582724596
2024-02-10 23:14 - 2021-05-13 17:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClipGrab
2024-02-10 23:14 - 2021-05-13 17:58 - 000000000 ____D C:\Program Files (x86)\ClipGrab
2024-02-10 09:16 - 2020-08-25 15:41 - 001926118 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-10 09:16 - 2019-12-07 15:49 - 000834610 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-10 09:16 - 2019-12-07 15:49 - 000168324 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-08 20:46 - 2020-08-25 15:29 - 000000000 ____D C:\Users\Aïcha
2024-02-08 14:32 - 2018-06-07 13:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-08 14:32 - 2018-06-07 13:47 - 189718008 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-07 15:07 - 2021-11-30 13:48 - 000000000 ____D C:\ProgramData\CanonIJPLM
2024-02-07 11:20 - 2020-08-25 15:21 - 000735728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-07 11:19 - 2018-06-07 13:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-07 11:14 - 2019-12-07 10:14 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2024-02-07 11:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-07 11:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-07 11:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-07 11:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-02-07 11:14 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-07 10:06 - 2018-06-24 10:18 - 000000000 ____D C:\Users\Aïcha\AppData\Local\ElevatedDiagnostics
2024-02-07 09:22 - 2018-06-07 13:36 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-06 17:26 - 2018-06-12 21:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-02-05 12:49 - 2018-06-06 22:42 - 000000000 ____D C:\ProgramData\Realtek
2024-02-02 20:16 - 2020-08-25 15:55 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-02-02 20:16 - 2020-08-25 15:55 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-02-02 09:30 - 2020-08-25 15:55 - 000003884 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2024-02-02 09:30 - 2020-08-25 15:55 - 000003760 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2024-01-29 20:04 - 2018-08-15 19:21 - 000000000 ____D C:\Program Files\Google
2024-01-29 11:39 - 2021-12-06 12:52 - 000000000 ____D C:\Users\Aïcha\canondossier
2024-01-24 17:23 - 2019-01-24 20:41 - 000000000 ____D C:\Users\Aïcha\AppData\Roaming\vlc
2024-01-24 16:21 - 2018-12-21 13:41 - 000000000 ____D C:\Users\Aïcha\Documents\recettes
2024-01-24 16:20 - 2018-06-07 13:52 - 000000000 ____D C:\Users\Aïcha\Documents\papier aicha
2024-01-24 16:19 - 2018-06-07 13:52 - 000000000 ____D C:\Users\Aïcha\Documents\bien etre med douce
2024-01-24 10:19 - 2018-06-07 13:51 - 000000000 ____D C:\Users\Aïcha\Documents\AROMAZONE
2024-01-24 08:36 - 2019-03-28 09:27 - 000000000 ____D C:\Users\Aïcha\Documents\papiers Maman diver
2024-01-23 12:42 - 2019-11-27 10:01 - 000000000 ____D C:\Users\Aïcha\Documents\OPAC
2024-01-23 11:46 - 2020-11-23 13:35 - 000000000 ____D C:\Users\Aïcha\Documents\MMA
2024-01-23 11:43 - 2023-05-24 09:22 - 000000000 ____D C:\Users\Aïcha\Documents\MMA HABITATION

==================== Fichiers à la racine de certains dossiers ========

2018-06-07 01:36 - 2024-02-19 15:49 - 007682047 _____ () C:\Users\Aïcha\AppData\Local\BTServer.log
2019-07-13 09:47 - 2019-07-13 09:47 - 000000000 _____ () C:\Users\Aïcha\AppData\Local\{2077C79C-0ED0-458E-9BF0-A1C20ED9698A}
2020-11-09 12:42 - 2020-11-09 12:42 - 000000000 _____ () C:\Users\Aïcha\AppData\Local\{C77271EE-B9D1-416A-A523-1C3FF9D4AD90}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ========================