Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2024
Exécuté par DRUGEON (administrateur) sur WIN (Acer Aspire XC-703) (04-01-2024 05:03:14)
Exécuté depuis C:\Users\DRUGEON\Downloads\FRST64.exe
Profils chargés: DRUGEON
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3803 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\BSD Concept\Heredis 2022\Heredis22.exe ->) (HEREDIS S.C.O.P -> Heredis) C:\Program Files (x86)\BSD Concept\Heredis 2022\CefSubProcess.exe <11>
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\CyberGhost 8\Dashboard.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files\CyberGhost 8\Data\Cef\116.0.23\x64\CefSharp.BrowserSubprocess.exe <4>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe <2>
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (HEREDIS S.C.O.P -> Heredis) C:\Program Files (x86)\BSD Concept\Heredis 2022\Heredis22.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [MicrosoftEdgeAutoLaunch_ECD50FDAB034E6D8681A75DE84938709] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371080 2023-12-30] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCR.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6800 series: C:\WINDOWS\system32\CNMLMCR.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2023-12-27] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {7C3A52B5-F1ED-4F1D-99ED-62AF0571FBE6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {AD17BC0B-C2F3-42AF-9698-636076890649} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C0D19D91-CECB-4752-AD24-A62B2836E33C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "fe8afac5-6e9f-49da-893c-0881566671ef" --version "6.19.10858" --silent
Task: {E20CB980-96BC-4C54-A315-23360657C627} - System32\Tasks\CCleanerSkipUAC - DRUGEON => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {72733B59-0854-45C2-9A0B-A5E0815E75D1} - System32\Tasks\GoogleUpdateTaskMachineCore{91902BEB-6609-45B3-A04B-533190F3C6B9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-19] (Google LLC -> Google LLC)
Task: {B84E3A6D-CBDD-4ADB-8362-CFDAD8ECB5C9} - System32\Tasks\GoogleUpdateTaskMachineUA{20C16E85-AB0E-427D-AD7E-36D91883ECBB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-19] (Google LLC -> Google LLC)
Task: {7498E87F-0E08-4B5E-AF64-6E0EE0703F36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E2D0F8A-F37D-43EE-A3C4-29CBFB507247} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {140275EB-DAD8-4B19-8B5C-74BB2188EA29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9060C20D-E291-41DE-9A60-276693B07970} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33C22C0D-7AEA-4B49-B394-FFC25BE957E0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-12-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {419EE7BF-95A9-42B1-8D59-60605EAB2E1E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {9FED1626-0A30-49CA-88B2-131BAF102666} - System32\Tasks\Mozilla\Firefox Default Browser Agent 6E51FBD3059A1CB3 => C:\Users\DRUGEON\AppData\Local\Mozilla Firefox\default-browser-agent.exe [35232 2023-11-29] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0327f8cc-3b24-475c-90ba-ea05d79c7efb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0327f8cc-3b24-475c-90ba-ea05d79c7efb}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-20]
Edge Extension: (Google Docs hors connexion) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-13]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-13]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: liyqn5w6.default
FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743 [2024-01-02]
FF Homepage: Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743 -> hxxps://actu.orange.fr/
FF Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743\Extensions\uBlock0@raymondhill.net.xpi [2023-12-19]
FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\liyqn5w6.default [2023-12-13]
FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704 [2024-01-04]
FF Homepage: Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704 -> hxxps://actu.orange.fr/
FF Extension: (Privacy Badger) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-12-31]
FF Extension: (Correcteur d’orthographe et de grammaire — LanguageTool) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\languagetool-webextension@languagetool.org.xpi [2023-12-19]
FF Extension: (Simple Translate) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\simple-translate@sienori.xpi [2023-12-31]
FF Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\uBlock0@raymondhill.net.xpi [2023-12-22]
Chrome:
=======
CHR Profile: C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default [2024-01-03]
CHR Extension: (Google Traduction) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-12-19]
CHR Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-12-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-19]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [73160 2023-12-30] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-20] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2023-12-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 pelmouse; C:\WINDOWS\System32\drivers\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\System32\drivers\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 pelvendr; C:\WINDOWS\System32\drivers\pelvendr.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 phidmice; C:\WINDOWS\System32\drivers\phidmice.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 pmouself; C:\WINDOWS\System32\drivers\pmouself.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pvendrlf; C:\WINDOWS\System32\drivers\pvendrlf.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-03 16:37 - 2024-01-03 16:37 - 008791352 _____ (Malwarebytes) C:\Users\DRUGEON\Downloads\adwcleaner_8.4.0.exe
2024-01-03 04:18 - 2024-01-03 04:18 - 000001066 _____ C:\Users\DRUGEON\Downloads\NAdc2adY5tD_Addition.txt---Raccourci.lnk.download
2024-01-03 04:18 - 2024-01-03 04:18 - 000001026 _____ C:\Users\DRUGEON\Downloads\NAdc1c8UQhD_FRST.txt---Raccourci.lnk.download
2024-01-03 04:18 - 2024-01-03 04:18 - 000001026 _____ C:\Users\DRUGEON\Downloads\NAdc1c8UQhD_FRST.txt---Raccourci.lnk(1).download
2024-01-02 17:21 - 2024-01-02 17:21 - 000001066 _____ C:\Users\DRUGEON\OneDrive\Bureau\Addition.txt - Raccourci.lnk
2024-01-02 17:21 - 2024-01-02 17:21 - 000001026 _____ C:\Users\DRUGEON\OneDrive\Bureau\FRST.txt - Raccourci.lnk
2024-01-02 17:15 - 2024-01-02 17:18 - 000039498 _____ C:\Users\DRUGEON\Downloads\Addition.txt
2024-01-02 17:11 - 2024-01-04 05:05 - 000017559 _____ C:\Users\DRUGEON\Downloads\FRST.txt
2024-01-02 17:10 - 2024-01-04 05:04 - 000000000 ____D C:\FRST
2024-01-02 17:10 - 2024-01-02 17:10 - 002387456 _____ (Farbar) C:\Users\DRUGEON\Downloads\FRST64.exe
2024-01-02 16:52 - 2024-01-02 16:52 - 003369120 _____ (Nicolas Coolman) C:\Users\DRUGEON\Downloads\ZHPDiag3.exe
2024-01-02 16:52 - 2024-01-02 16:52 - 000000877 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPDiag.lnk
2024-01-02 12:42 - 2024-01-02 12:42 - 000011042 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPCleaner (S).html
2024-01-02 12:26 - 2024-01-02 12:26 - 000000887 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPCleaner.lnk
2024-01-02 12:25 - 2024-01-02 12:25 - 003363488 _____ (Nicolas Coolman) C:\Users\DRUGEON\Downloads\ZHPCleaner.exe
2024-01-01 16:59 - 2024-01-01 16:59 - 000000000 ____D C:\ProgramData\CyberGhost
2023-12-30 20:05 - 2023-12-30 20:05 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(3).exe
2023-12-30 20:04 - 2023-12-30 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8
2023-12-30 20:03 - 2023-12-30 20:03 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(2).exe
2023-12-30 17:41 - 2023-12-30 17:41 - 000190356 _____ C:\Users\DRUGEON\Downloads\CR_202311070952_7541_B8011206979-1.pdf
2023-12-30 17:40 - 2023-12-30 17:40 - 000190356 _____ C:\Users\DRUGEON\Downloads\CR_202311070952_7541_B8011206979.pdf
2023-12-30 17:38 - 2023-12-30 17:38 - 000122662 _____ C:\Users\DRUGEON\Downloads\CR_202312261545_7541_B8011206979.pdf
2023-12-28 10:48 - 2024-01-02 15:00 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\CrashDumps
2023-12-28 10:45 - 2023-12-28 10:47 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\AVG
2023-12-28 10:45 - 2023-12-28 10:45 - 000000000 ____D C:\ProgramData\TEMP
2023-12-27 16:46 - 2023-12-27 16:47 - 000000000 ____D C:\AdwCleaner
2023-12-21 15:02 - 2023-12-21 15:02 - 000003537 _____ C:\Users\DRUGEON\Downloads\LOGO-LBP-digital-fd-glass-RVB.svg
2023-12-20 18:37 - 2023-12-20 18:37 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\OpenOffice
2023-12-20 18:30 - 2023-12-31 19:42 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2023-12-20 18:21 - 2023-12-20 18:22 - 133763120 _____ C:\Users\DRUGEON\Downloads\Apache_OpenOffice_4.1.8_Win_x86_install_fr(1).exe
2023-12-20 12:22 - 2024-01-04 04:55 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Malwarebytes
2023-12-20 12:22 - 2023-12-20 12:22 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-12-20 12:22 - 2023-12-20 12:22 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\mbam
2023-12-20 12:21 - 2023-12-20 12:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-12-20 12:21 - 2023-12-20 12:21 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-20 12:18 - 2023-12-20 12:18 - 002094168 _____ (Malwarebytes) C:\Users\DRUGEON\Downloads\MBSetup-4.4.0.222.exe
2023-12-19 16:11 - 2023-12-19 16:11 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\InputMethod
2023-12-19 15:21 - 2023-12-21 21:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-19 14:49 - 2023-12-27 17:00 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-19 14:49 - 2023-12-19 14:49 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Google
2023-12-19 14:48 - 2024-01-04 04:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-19 14:48 - 2023-12-19 14:54 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{20C16E85-AB0E-427D-AD7E-36D91883ECBB}
2023-12-19 14:48 - 2023-12-19 14:54 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{91902BEB-6609-45B3-A04B-533190F3C6B9}
2023-12-19 14:48 - 2023-12-19 14:48 - 001376304 _____ (Google LLC) C:\Users\DRUGEON\Downloads\ChromeSetup.exe
2023-12-19 14:48 - 2023-12-19 14:48 - 000000000 ____D C:\Program Files\Google
2023-12-19 14:39 - 2023-12-19 14:39 - 002590568 _____ (LogMeIn, Inc.) C:\Users\DRUGEON\Downloads\Support-LogMeInRescue(1).exe
2023-12-19 08:04 - 2023-12-21 21:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-12-19 08:04 - 2023-12-19 16:43 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-19 08:04 - 2023-12-19 08:04 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2023-12-19 07:56 - 2023-12-19 07:56 - 000350136 _____ (Mozilla) C:\Users\DRUGEON\Downloads\Firefox Installer (1).exe
2023-12-19 06:59 - 2023-12-19 07:00 - 133763120 _____ C:\Users\DRUGEON\Downloads\Apache_OpenOffice_4.1.8_Win_x86_install_fr.exe
2023-12-19 06:49 - 2023-12-19 06:49 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Opera Software
2023-12-19 06:47 - 2023-12-19 06:47 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Opera Software
2023-12-17 14:20 - 2023-12-17 14:20 - 000000000 ___HD C:\$SysReset
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ___RD C:\Users\DRUGEON\OneDrive\Documents\Notes
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\WindowsFacile-JeuxXP_W10
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Telechargement à consever
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\sports
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Scanned Documents
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\PHOTOS
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\PERSO
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\ORDINATEUR
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Nouveau dossier
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\My Digital Editions
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Mots de passe
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe!App
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\mes favoris
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Maison St HO
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Justificatif du règlement de l'amende_fichiers
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Genealogie
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\FreshStart
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\FeedbackHub
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Fax
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Favoris
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Enregistrements audio
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\E-cigarette
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\CyberLink
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\COURRIER
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Compte ameli
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\BSD Concept
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\auto
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\arnaque
2023-12-15 19:27 - 2023-12-15 19:27 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(1).exe
2023-12-15 19:11 - 2023-12-30 20:04 - 000001077 _____ C:\Users\DRUGEON\OneDrive\Bureau\CyberGhost 8.lnk
2023-12-15 19:09 - 2023-12-15 19:09 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup.exe
2023-12-15 17:56 - 2023-12-15 17:56 - 000820069 _____ C:\Users\DRUGEON\Downloads\DEFAUT HEREDIS FEUILLE CENTRALE BLOQUEE.htm
2023-12-15 17:56 - 2023-12-15 17:56 - 000000000 ____D C:\Users\DRUGEON\Downloads\DEFAUT HEREDIS FEUILLE CENTRALE BLOQUEE_fichiers
2023-12-15 17:40 - 2023-12-20 10:33 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet
2023-12-15 17:40 - 2023-12-19 15:18 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\LogMeIn Rescue Applet
2023-12-15 17:39 - 2023-12-15 17:39 - 002590568 _____ (LogMeIn, Inc.) C:\Users\DRUGEON\Downloads\Support-LogMeInRescue.exe
2023-12-15 17:16 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-15 16:56 - 2023-12-15 16:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-12-15 15:13 - 2023-12-15 15:13 - 000001369 _____ C:\Users\DRUGEON\OneDrive\Bureau\licence CCleaner - Raccourci.lnk
2023-12-15 14:44 - 2023-12-15 17:18 - 000000280 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2023-12-15 14:44 - 2023-12-15 14:44 - 000003164 _____ C:\WINDOWS\system32\Tasks\CCleanerClean
2023-12-15 14:36 - 2023-12-15 14:36 - 000000000 ____D C:\ProgramData\Piriform
2023-12-15 14:27 - 2024-01-03 03:58 - 000000000 ____D C:\Program Files\CCleaner
2023-12-15 14:27 - 2023-12-27 16:25 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-15 14:27 - 2023-12-15 17:18 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-15 14:27 - 2023-12-15 14:27 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-15 14:27 - 2023-12-15 14:27 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - DRUGEON
2023-12-15 14:27 - 2023-12-15 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-12-15 14:07 - 2023-12-15 14:07 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-15 13:41 - 2023-12-15 13:41 - 000000000 ___HD C:\$WinREAgent
2023-12-15 01:57 - 2023-12-19 21:33 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\D3DSCache
2023-12-15 00:55 - 2023-12-15 00:55 - 077809272 _____ (Piriform Software Ltd) C:\Users\DRUGEON\Downloads\ccsetup619_pro_trial.exe
2023-12-14 22:56 - 2023-12-14 22:56 - 000003764 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{BDC5706F-D5C5-4513-A46D-2226DF56CC84}
2023-12-14 22:56 - 2023-12-14 22:56 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{C008BE34-0E97-49A8-89CA-C7698C44053D}
2023-12-14 22:55 - 2023-12-14 22:55 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-12-14 18:28 - 2024-01-02 17:00 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\ZHP
2023-12-14 18:28 - 2024-01-02 16:52 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\ZHP
2023-12-14 17:00 - 2023-12-14 17:01 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\MMC
2023-12-14 16:54 - 2023-12-14 16:54 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\PlaceholderTileLogoFolder
2023-12-14 16:25 - 2023-12-27 17:47 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-14 16:25 - 2023-12-15 19:12 - 000000000 ____D C:\Program Files\TAP-Windows
2023-12-14 16:25 - 2023-12-14 16:25 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\IsolatedStorage
2023-12-14 16:24 - 2024-01-04 05:02 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\CyberGhost
2023-12-14 16:24 - 2023-12-30 20:07 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\CyberGhost
2023-12-14 16:24 - 2023-12-30 20:04 - 000000000 ____D C:\Program Files\CyberGhost 8
2023-12-14 15:43 - 2023-12-14 15:43 - 000056689 _____ C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.](1).htm
2023-12-14 07:03 - 2023-12-14 07:03 - 000000000 ____D C:\ProgramData\PLUG
2023-12-14 06:54 - 2023-12-14 06:54 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Backup
2023-12-14 06:49 - 2023-12-28 10:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-12-14 03:29 - 2023-12-14 03:29 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\OneDrive
2023-12-14 03:15 - 2023-12-14 03:15 - 000001371 _____ C:\Users\DRUGEON\OneDrive\Bureau\carte d'identite - Raccourci.lnk
2023-12-14 03:12 - 2023-12-14 03:12 - 000949779 _____ C:\Users\DRUGEON\Downloads\covid.pdf
2023-12-14 03:08 - 2023-12-14 03:08 - 000600758 _____ C:\Users\DRUGEON\Downloads\PIECE D'IDENTITE personnelle.pdf
2023-12-14 03:04 - 2023-12-14 03:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-12-14 03:03 - 2023-12-14 03:03 - 000000000 ____D C:\Program Files\RUXIM
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc.htm
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (3).htm
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (2).htm
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (1).htm
2023-12-14 00:54 - 2023-12-19 09:09 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\BSD Concept
2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\ProgramData\Apple
2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\Program Files\Bonjour
2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\Program Files (x86)\Bonjour
2023-12-14 00:52 - 2023-12-19 09:48 - 000000000 ____D C:\Program Files (x86)\BSD Concept
2023-12-14 00:39 - 2023-12-14 00:41 - 000000000 ____D C:\Program Files\Defraggler
2023-12-13 22:37 - 2023-12-21 17:32 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Spelling
2023-12-13 21:45 - 2023-12-19 16:43 - 000001283 _____ C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-13 21:45 - 2023-12-19 15:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Mozilla Firefox
2023-12-13 21:45 - 2023-12-13 21:45 - 000002352 _____ C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2023-12-13 21:19 - 2024-01-04 05:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-13 21:19 - 2023-12-19 08:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-12-13 21:19 - 2023-12-13 21:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Mozilla
2023-12-13 21:19 - 2023-12-13 21:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Mozilla
2023-12-13 21:18 - 2023-12-13 21:18 - 000350136 _____ (Mozilla) C:\Users\DRUGEON\Downloads\Firefox Installer.exe
2023-12-13 21:02 - 2023-12-13 21:02 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Comms
2023-12-13 21:00 - 2023-12-13 21:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-12-13 20:57 - 2023-12-13 20:57 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Publishers
2023-12-13 20:56 - 2023-12-19 12:01 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Packages
2023-12-13 20:56 - 2023-12-14 16:54 - 000000000 ____D C:\ProgramData\Packages
2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Network
2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Adobe
2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\VirtualStore
2023-12-13 20:55 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\ConnectedDevicesPlatform
2023-12-13 20:55 - 2023-12-13 20:55 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2023-12-13 20:55 - 2023-12-13 20:55 - 000000020 ___SH C:\Users\DRUGEON\ntuser.ini
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\Default User
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\All Users
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Modèles
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Menu Démarrer
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Bureau
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Program Files\Fichiers communs
2023-12-13 20:25 - 2023-12-28 11:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-13 20:25 - 2023-12-13 22:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-13 20:24 - 2023-12-22 10:05 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-13 20:21 - 2023-12-13 20:21 - 000011144 _____ C:\Users\DRUGEON\OneDrive\Bureau\Applications supprimées.html
2023-12-13 20:21 - 2023-12-13 20:21 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\IME
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\SystemCertificates
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Crypto
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\SystemCertificates
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Crypto
2023-12-13 20:06 - 2023-12-22 04:46 - 000000000 ____D C:\Users\DRUGEON
2023-12-13 20:06 - 2023-12-14 22:48 - 000000000 ____D C:\Users\Vsiteur.Win
2023-12-13 20:06 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows
2023-12-13 20:06 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Windows
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Voisinage réseau
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Voisinage d'impression
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Modèles
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Mes documents
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Menu Démarrer
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\AppData\Local\Historique
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Voisinage réseau
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Voisinage d'impression
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Modèles
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Mes documents
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Menu Démarrer
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\AppData\Local\Historique
2023-12-13 19:50 - 2023-12-13 19:50 - 000000000 ___HD C:\ProgramData\CanonBJ
2023-12-13 19:50 - 2023-12-13 19:50 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-12-13 19:49 - 2023-12-13 19:49 - 000000000 ____D C:\Program Files\Intel
2023-12-13 19:38 - 2024-01-03 22:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-13 19:37 - 2023-12-21 21:18 - 000297424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-13 19:35 - 2023-12-31 19:37 - 000000000 ____D C:\WINDOWS\Panther
2023-12-13 19:21 - 2023-12-13 19:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-12-13 19:19 - 2023-12-13 19:19 - 000000000 ____D C:\Program Files\Lenovo
2023-12-13 19:17 - 2023-12-13 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2023-12-13 19:11 - 2023-12-13 19:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-12-13 19:09 - 2023-12-13 19:09 - 000000000 ____D C:\WINDOWS\Setup
2023-12-13 19:06 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-12-13 19:06 - 2023-12-13 20:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\OCR
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\addins
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\ProgramData\ssh
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files\MSBuild
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-12-13 19:05 - 2023-12-22 10:05 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2023-12-13 19:05 - 2023-12-22 10:05 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2023-12-13 19:05 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-12-13 19:05 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\fr
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\0409
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-12-13 18:58 - 2023-12-13 19:30 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-12-13 18:58 - 2023-12-13 18:53 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2023-12-13 18:58 - 2023-12-13 18:53 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-12-13 18:58 - 2023-12-13 18:53 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-12-13 18:58 - 2023-12-13 18:53 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2023-12-13 18:58 - 2023-12-13 18:53 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-12-13 18:58 - 2023-12-13 18:53 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2023-12-13 18:57 - 2024-01-04 04:59 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-13 18:57 - 2024-01-03 12:29 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-13 18:57 - 2023-12-30 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-13 18:57 - 2023-12-30 13:02 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-13 18:57 - 2023-12-27 17:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-13 18:57 - 2023-12-20 18:30 - 000000000 ___RD C:\Program Files (x86)
2023-12-13 18:57 - 2023-12-20 18:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-13 18:57 - 2023-12-20 12:21 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-13 18:57 - 2023-12-14 22:54 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 __RSD C:\WINDOWS\Media
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\setup
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\Com
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\IME
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Portable Devices
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Common Files\System
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2023-12-13 18:57 - 2023-12-14 22:46 - 000000000 ____D C:\WINDOWS\SystemApps
2023-12-13 18:57 - 2023-12-14 22:45 - 000000000 ____D C:\WINDOWS\Help
2023-12-13 18:57 - 2023-12-14 22:45 - 000000000 ____D C:\WINDOWS\Containers
2023-12-13 18:57 - 2023-12-14 22:15 - 000000000 ____D C:\WINDOWS\registration
2023-12-13 18:57 - 2023-12-14 06:46 - 000000000 ____D C:\WINDOWS\appcompat
2023-12-13 18:57 - 2023-12-13 22:57 - 000000000 ____D C:\Program Files\Windows Defender
2023-12-13 18:57 - 2023-12-13 20:52 - 000000000 ____D C:\WINDOWS\system32\spool
2023-12-13 18:57 - 2023-12-13 20:52 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-13 18:57 - 2023-12-13 20:26 - 000000000 ____D C:\Program Files\Windows NT
2023-12-13 18:57 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-12-13 18:57 - 2023-12-13 19:48 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-13 18:57 - 2023-12-13 19:29 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-12-13 18:57 - 2023-12-13 19:22 - 000000000 __RHD C:\Users\Public\Libraries
2023-12-13 18:57 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-12-13 18:57 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-12-13 18:57 - 2023-12-13 19:05 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-12-13 18:57 - 2023-12-13 19:05 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ti-et
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ta-in
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\si-lk
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\my-mm
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ias
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\am-et
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Web
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\WaaS
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Vss
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\tracing
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\TAPI
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\ras
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Macromed
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\IME
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\System
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SKB
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\security
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\schemas
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SchCache
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Resources
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\rescache
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\PLA
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Performance
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\InputMethod
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Globalization
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Cursors
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Branding
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\ProgramData\USOShared
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\Windows Security
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\Common Files\Services
2023-12-13 18:54 - 2023-12-28 10:44 - 000000000 ____D C:\WINDOWS\INF
2023-12-13 18:45 - 2023-12-15 14:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-13 18:35 - 2023-12-28 11:14 - 074973184 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-12-13 18:35 - 2023-12-28 11:14 - 013893632 _____ C:\WINDOWS\system32\config\SYSTEM
2023-12-13 18:35 - 2023-12-28 11:14 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT
2023-12-13 18:35 - 2023-12-28 11:14 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2023-12-13 18:35 - 2023-12-28 11:14 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2023-12-13 18:35 - 2023-12-28 11:14 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2023-12-13 18:35 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\servicing
2023-12-13 18:35 - 2023-12-13 20:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-13 18:35 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\SMI
2023-12-13 15:42 - 2023-12-13 15:42 - 000057506 _____ C:\Users\DRUGEON\Downloads\-laposte.net -Message Recu pour votre paiement a nordsec b.v.-.htm
2023-12-13 15:22 - 2023-12-13 15:22 - 000057506 _____ C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.].htm
2023-12-13 15:22 - 2023-12-13 15:22 - 000000000 ____D C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.]_fichiers
2023-12-12 04:06 - 2023-12-12 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2023-12-10 20:24 - 2023-12-10 20:25 - 113594368 _____ C:\Users\DRUGEON\Downloads\Cloudflare_WARP_Release-x64(1).msi
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-03 12:10 - 2015-09-04 18:11 - 000000000 __SHD C:\Users\DRUGEON\IntelGraphicsProfiles
2023-12-31 19:42 - 2023-03-01 11:39 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14
2023-12-28 11:15 - 2020-09-06 15:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-27 17:06 - 2023-03-25 00:30 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-19 09:47 - 2022-06-25 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSD Concept
2023-12-19 06:01 - 2015-09-04 14:36 - 000000000 ___RD C:\Users\DRUGEON\OneDrive
2023-12-19 02:36 - 2015-09-16 16:31 - 000000179 _____ C:\Users\DRUGEON\OneDrive\Bureau\Messagerie Orange.url
2023-12-15 01:17 - 2015-09-04 02:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-12-14 19:04 - 2015-09-16 16:34 - 000000185 _____ C:\Users\DRUGEON\OneDrive\Bureau\Messagerie La Poste.url
2023-12-14 00:39 - 2018-06-03 01:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2023-12-13 20:56 - 2015-09-15 19:31 - 000000000 ___RD C:\Users\DRUGEON\3D Objects
2023-12-13 19:29 - 2021-01-19 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon PhotoRecord
2023-12-13 19:29 - 2018-08-24 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2023-12-13 19:22 - 2022-07-14 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2023-12-13 19:22 - 2017-03-18 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2023-12-12 04:10 - 2015-09-04 02:09 - 000000000 ___SD C:\Users\DRUGEON\AppData\Roaming\Microsoft\Credentials
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par DRUGEON (administrateur) sur WIN (Acer Aspire XC-703) (04-01-2024 05:03:14)
Exécuté depuis C:\Users\DRUGEON\Downloads\FRST64.exe
Profils chargés: DRUGEON
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3803 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files (x86)\BSD Concept\Heredis 2022\Heredis22.exe ->) (HEREDIS S.C.O.P -> Heredis) C:\Program Files (x86)\BSD Concept\Heredis 2022\CefSubProcess.exe <11>
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Program Files\CyberGhost 8\Dashboard.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files\CyberGhost 8\Data\Cef\116.0.23\x64\CefSharp.BrowserSubprocess.exe <4>
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe <2>
(cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe
(CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe
(explorer.exe ->) (HEREDIS S.C.O.P -> Heredis) C:\Program Files (x86)\BSD Concept\Heredis 2022\Heredis22.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13>
(services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [MicrosoftEdgeAutoLaunch_ECD50FDAB034E6D8681A75DE84938709] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371080 2023-12-30] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
HKU\S-1-5-21-1257625825-3375989472-137694397-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\Canon MG6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCR.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6800 series: C:\WINDOWS\system32\CNMLMCR.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2023-12-27] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {7C3A52B5-F1ED-4F1D-99ED-62AF0571FBE6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {AD17BC0B-C2F3-42AF-9698-636076890649} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {C0D19D91-CECB-4752-AD24-A62B2836E33C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "fe8afac5-6e9f-49da-893c-0881566671ef" --version "6.19.10858" --silent
Task: {E20CB980-96BC-4C54-A315-23360657C627} - System32\Tasks\CCleanerSkipUAC - DRUGEON => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
Task: {72733B59-0854-45C2-9A0B-A5E0815E75D1} - System32\Tasks\GoogleUpdateTaskMachineCore{91902BEB-6609-45B3-A04B-533190F3C6B9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-19] (Google LLC -> Google LLC)
Task: {B84E3A6D-CBDD-4ADB-8362-CFDAD8ECB5C9} - System32\Tasks\GoogleUpdateTaskMachineUA{20C16E85-AB0E-427D-AD7E-36D91883ECBB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-19] (Google LLC -> Google LLC)
Task: {7498E87F-0E08-4B5E-AF64-6E0EE0703F36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6E2D0F8A-F37D-43EE-A3C4-29CBFB507247} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {140275EB-DAD8-4B19-8B5C-74BB2188EA29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9060C20D-E291-41DE-9A60-276693B07970} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {33C22C0D-7AEA-4B49-B394-FFC25BE957E0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-12-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {419EE7BF-95A9-42B1-8D59-60605EAB2E1E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-19] (Mozilla Corporation -> Mozilla Foundation)
Task: {9FED1626-0A30-49CA-88B2-131BAF102666} - System32\Tasks\Mozilla\Firefox Default Browser Agent 6E51FBD3059A1CB3 => C:\Users\DRUGEON\AppData\Local\Mozilla Firefox\default-browser-agent.exe [35232 2023-11-29] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0327f8cc-3b24-475c-90ba-ea05d79c7efb}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0327f8cc-3b24-475c-90ba-ea05d79c7efb}: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-04]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-20]
Edge Extension: (Google Docs hors connexion) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-13]
Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-13]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF DefaultProfile: liyqn5w6.default
FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743 [2024-01-02]
FF Homepage: Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743 -> hxxps://actu.orange.fr/
FF Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743\Extensions\uBlock0@raymondhill.net.xpi [2023-12-19]
FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\liyqn5w6.default [2023-12-13]
FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704 [2024-01-04]
FF Homepage: Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704 -> hxxps://actu.orange.fr/
FF Extension: (Privacy Badger) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-12-31]
FF Extension: (Correcteur d’orthographe et de grammaire — LanguageTool) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\languagetool-webextension@languagetool.org.xpi [2023-12-19]
FF Extension: (Simple Translate) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\simple-translate@sienori.xpi [2023-12-31]
FF Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\uBlock0@raymondhill.net.xpi [2023-12-22]
Chrome:
=======
CHR Profile: C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default [2024-01-03]
CHR Extension: (Google Traduction) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-12-19]
CHR Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-12-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-19]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-19]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR DefaultProfile: Default
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd)
R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [73160 2023-12-30] (CyberGhost S.R.L. -> CyberGhost S.R.L.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-20] (Malwarebytes Inc. -> Malwarebytes)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2023-12-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 pelmouse; C:\WINDOWS\System32\drivers\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pelusblf; C:\WINDOWS\System32\drivers\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 pelvendr; C:\WINDOWS\System32\drivers\pelvendr.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 phidmice; C:\WINDOWS\System32\drivers\phidmice.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> )
S3 pmouself; C:\WINDOWS\System32\drivers\pmouself.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
S3 pvendrlf; C:\WINDOWS\System32\drivers\pvendrlf.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-13] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-03 16:37 - 2024-01-03 16:37 - 008791352 _____ (Malwarebytes) C:\Users\DRUGEON\Downloads\adwcleaner_8.4.0.exe
2024-01-03 04:18 - 2024-01-03 04:18 - 000001066 _____ C:\Users\DRUGEON\Downloads\NAdc2adY5tD_Addition.txt---Raccourci.lnk.download
2024-01-03 04:18 - 2024-01-03 04:18 - 000001026 _____ C:\Users\DRUGEON\Downloads\NAdc1c8UQhD_FRST.txt---Raccourci.lnk.download
2024-01-03 04:18 - 2024-01-03 04:18 - 000001026 _____ C:\Users\DRUGEON\Downloads\NAdc1c8UQhD_FRST.txt---Raccourci.lnk(1).download
2024-01-02 17:21 - 2024-01-02 17:21 - 000001066 _____ C:\Users\DRUGEON\OneDrive\Bureau\Addition.txt - Raccourci.lnk
2024-01-02 17:21 - 2024-01-02 17:21 - 000001026 _____ C:\Users\DRUGEON\OneDrive\Bureau\FRST.txt - Raccourci.lnk
2024-01-02 17:15 - 2024-01-02 17:18 - 000039498 _____ C:\Users\DRUGEON\Downloads\Addition.txt
2024-01-02 17:11 - 2024-01-04 05:05 - 000017559 _____ C:\Users\DRUGEON\Downloads\FRST.txt
2024-01-02 17:10 - 2024-01-04 05:04 - 000000000 ____D C:\FRST
2024-01-02 17:10 - 2024-01-02 17:10 - 002387456 _____ (Farbar) C:\Users\DRUGEON\Downloads\FRST64.exe
2024-01-02 16:52 - 2024-01-02 16:52 - 003369120 _____ (Nicolas Coolman) C:\Users\DRUGEON\Downloads\ZHPDiag3.exe
2024-01-02 16:52 - 2024-01-02 16:52 - 000000877 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPDiag.lnk
2024-01-02 12:42 - 2024-01-02 12:42 - 000011042 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPCleaner (S).html
2024-01-02 12:26 - 2024-01-02 12:26 - 000000887 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPCleaner.lnk
2024-01-02 12:25 - 2024-01-02 12:25 - 003363488 _____ (Nicolas Coolman) C:\Users\DRUGEON\Downloads\ZHPCleaner.exe
2024-01-01 16:59 - 2024-01-01 16:59 - 000000000 ____D C:\ProgramData\CyberGhost
2023-12-30 20:05 - 2023-12-30 20:05 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(3).exe
2023-12-30 20:04 - 2023-12-30 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8
2023-12-30 20:03 - 2023-12-30 20:03 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(2).exe
2023-12-30 17:41 - 2023-12-30 17:41 - 000190356 _____ C:\Users\DRUGEON\Downloads\CR_202311070952_7541_B8011206979-1.pdf
2023-12-30 17:40 - 2023-12-30 17:40 - 000190356 _____ C:\Users\DRUGEON\Downloads\CR_202311070952_7541_B8011206979.pdf
2023-12-30 17:38 - 2023-12-30 17:38 - 000122662 _____ C:\Users\DRUGEON\Downloads\CR_202312261545_7541_B8011206979.pdf
2023-12-28 10:48 - 2024-01-02 15:00 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\CrashDumps
2023-12-28 10:45 - 2023-12-28 10:47 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\AVG
2023-12-28 10:45 - 2023-12-28 10:45 - 000000000 ____D C:\ProgramData\TEMP
2023-12-27 16:46 - 2023-12-27 16:47 - 000000000 ____D C:\AdwCleaner
2023-12-21 15:02 - 2023-12-21 15:02 - 000003537 _____ C:\Users\DRUGEON\Downloads\LOGO-LBP-digital-fd-glass-RVB.svg
2023-12-20 18:37 - 2023-12-20 18:37 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\OpenOffice
2023-12-20 18:30 - 2023-12-31 19:42 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2023-12-20 18:21 - 2023-12-20 18:22 - 133763120 _____ C:\Users\DRUGEON\Downloads\Apache_OpenOffice_4.1.8_Win_x86_install_fr(1).exe
2023-12-20 12:22 - 2024-01-04 04:55 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Malwarebytes
2023-12-20 12:22 - 2023-12-20 12:22 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2023-12-20 12:22 - 2023-12-20 12:22 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\mbam
2023-12-20 12:21 - 2023-12-20 12:21 - 000000000 ____D C:\ProgramData\Malwarebytes
2023-12-20 12:21 - 2023-12-20 12:21 - 000000000 ____D C:\Program Files\Malwarebytes
2023-12-20 12:18 - 2023-12-20 12:18 - 002094168 _____ (Malwarebytes) C:\Users\DRUGEON\Downloads\MBSetup-4.4.0.222.exe
2023-12-19 16:11 - 2023-12-19 16:11 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\InputMethod
2023-12-19 15:21 - 2023-12-21 21:17 - 000000000 ____D C:\Program Files\Mozilla Firefox
2023-12-19 14:49 - 2023-12-27 17:00 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-12-19 14:49 - 2023-12-19 14:49 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Google
2023-12-19 14:48 - 2024-01-04 04:59 - 000000000 ____D C:\Program Files (x86)\Google
2023-12-19 14:48 - 2023-12-19 14:54 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{20C16E85-AB0E-427D-AD7E-36D91883ECBB}
2023-12-19 14:48 - 2023-12-19 14:54 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{91902BEB-6609-45B3-A04B-533190F3C6B9}
2023-12-19 14:48 - 2023-12-19 14:48 - 001376304 _____ (Google LLC) C:\Users\DRUGEON\Downloads\ChromeSetup.exe
2023-12-19 14:48 - 2023-12-19 14:48 - 000000000 ____D C:\Program Files\Google
2023-12-19 14:39 - 2023-12-19 14:39 - 002590568 _____ (LogMeIn, Inc.) C:\Users\DRUGEON\Downloads\Support-LogMeInRescue(1).exe
2023-12-19 08:04 - 2023-12-21 21:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2023-12-19 08:04 - 2023-12-19 16:43 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-19 08:04 - 2023-12-19 08:04 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2023-12-19 07:56 - 2023-12-19 07:56 - 000350136 _____ (Mozilla) C:\Users\DRUGEON\Downloads\Firefox Installer (1).exe
2023-12-19 06:59 - 2023-12-19 07:00 - 133763120 _____ C:\Users\DRUGEON\Downloads\Apache_OpenOffice_4.1.8_Win_x86_install_fr.exe
2023-12-19 06:49 - 2023-12-19 06:49 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Opera Software
2023-12-19 06:47 - 2023-12-19 06:47 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Opera Software
2023-12-17 14:20 - 2023-12-17 14:20 - 000000000 ___HD C:\$SysReset
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ___RD C:\Users\DRUGEON\OneDrive\Documents\Notes
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\WindowsFacile-JeuxXP_W10
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Telechargement à consever
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\sports
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Scanned Documents
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\PHOTOS
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\PERSO
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\ORDINATEUR
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Nouveau dossier
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\My Digital Editions
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Mots de passe
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe!App
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\mes favoris
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Maison St HO
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Justificatif du règlement de l'amende_fichiers
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Genealogie
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\FreshStart
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\FeedbackHub
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Fax
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Favoris
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Enregistrements audio
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\E-cigarette
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\CyberLink
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\COURRIER
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Compte ameli
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\BSD Concept
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\auto
2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\arnaque
2023-12-15 19:27 - 2023-12-15 19:27 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(1).exe
2023-12-15 19:11 - 2023-12-30 20:04 - 000001077 _____ C:\Users\DRUGEON\OneDrive\Bureau\CyberGhost 8.lnk
2023-12-15 19:09 - 2023-12-15 19:09 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup.exe
2023-12-15 17:56 - 2023-12-15 17:56 - 000820069 _____ C:\Users\DRUGEON\Downloads\DEFAUT HEREDIS FEUILLE CENTRALE BLOQUEE.htm
2023-12-15 17:56 - 2023-12-15 17:56 - 000000000 ____D C:\Users\DRUGEON\Downloads\DEFAUT HEREDIS FEUILLE CENTRALE BLOQUEE_fichiers
2023-12-15 17:40 - 2023-12-20 10:33 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet
2023-12-15 17:40 - 2023-12-19 15:18 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\LogMeIn Rescue Applet
2023-12-15 17:39 - 2023-12-15 17:39 - 002590568 _____ (LogMeIn, Inc.) C:\Users\DRUGEON\Downloads\Support-LogMeInRescue.exe
2023-12-15 17:16 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\InboxApps
2023-12-15 16:56 - 2023-12-15 16:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2023-12-15 15:13 - 2023-12-15 15:13 - 000001369 _____ C:\Users\DRUGEON\OneDrive\Bureau\licence CCleaner - Raccourci.lnk
2023-12-15 14:44 - 2023-12-15 17:18 - 000000280 _____ C:\WINDOWS\Tasks\CCleanerClean.job
2023-12-15 14:44 - 2023-12-15 14:44 - 000003164 _____ C:\WINDOWS\system32\Tasks\CCleanerClean
2023-12-15 14:36 - 2023-12-15 14:36 - 000000000 ____D C:\ProgramData\Piriform
2023-12-15 14:27 - 2024-01-03 03:58 - 000000000 ____D C:\Program Files\CCleaner
2023-12-15 14:27 - 2023-12-27 16:25 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2023-12-15 14:27 - 2023-12-15 17:18 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job
2023-12-15 14:27 - 2023-12-15 14:27 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting
2023-12-15 14:27 - 2023-12-15 14:27 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - DRUGEON
2023-12-15 14:27 - 2023-12-15 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2023-12-15 14:07 - 2023-12-15 14:07 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2023-12-15 13:41 - 2023-12-15 13:41 - 000000000 ___HD C:\$WinREAgent
2023-12-15 01:57 - 2023-12-19 21:33 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\D3DSCache
2023-12-15 00:55 - 2023-12-15 00:55 - 077809272 _____ (Piriform Software Ltd) C:\Users\DRUGEON\Downloads\ccsetup619_pro_trial.exe
2023-12-14 22:56 - 2023-12-14 22:56 - 000003764 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{BDC5706F-D5C5-4513-A46D-2226DF56CC84}
2023-12-14 22:56 - 2023-12-14 22:56 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{C008BE34-0E97-49A8-89CA-C7698C44053D}
2023-12-14 22:55 - 2023-12-14 22:55 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2023-12-14 18:28 - 2024-01-02 17:00 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\ZHP
2023-12-14 18:28 - 2024-01-02 16:52 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\ZHP
2023-12-14 17:00 - 2023-12-14 17:01 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\MMC
2023-12-14 16:54 - 2023-12-14 16:54 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\PlaceholderTileLogoFolder
2023-12-14 16:25 - 2023-12-27 17:47 - 000000000 ____D C:\ProgramData\Package Cache
2023-12-14 16:25 - 2023-12-15 19:12 - 000000000 ____D C:\Program Files\TAP-Windows
2023-12-14 16:25 - 2023-12-14 16:25 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\IsolatedStorage
2023-12-14 16:24 - 2024-01-04 05:02 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\CyberGhost
2023-12-14 16:24 - 2023-12-30 20:07 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\CyberGhost
2023-12-14 16:24 - 2023-12-30 20:04 - 000000000 ____D C:\Program Files\CyberGhost 8
2023-12-14 15:43 - 2023-12-14 15:43 - 000056689 _____ C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.](1).htm
2023-12-14 07:03 - 2023-12-14 07:03 - 000000000 ____D C:\ProgramData\PLUG
2023-12-14 06:54 - 2023-12-14 06:54 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Backup
2023-12-14 06:49 - 2023-12-28 10:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-12-14 03:29 - 2023-12-14 03:29 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\OneDrive
2023-12-14 03:15 - 2023-12-14 03:15 - 000001371 _____ C:\Users\DRUGEON\OneDrive\Bureau\carte d'identite - Raccourci.lnk
2023-12-14 03:12 - 2023-12-14 03:12 - 000949779 _____ C:\Users\DRUGEON\Downloads\covid.pdf
2023-12-14 03:08 - 2023-12-14 03:08 - 000600758 _____ C:\Users\DRUGEON\Downloads\PIECE D'IDENTITE personnelle.pdf
2023-12-14 03:04 - 2023-12-14 03:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2023-12-14 03:03 - 2023-12-14 03:03 - 000000000 ____D C:\Program Files\RUXIM
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc.htm
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (3).htm
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (2).htm
2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (1).htm
2023-12-14 00:54 - 2023-12-19 09:09 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\BSD Concept
2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\ProgramData\Apple
2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\Program Files\Bonjour
2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\Program Files (x86)\Bonjour
2023-12-14 00:52 - 2023-12-19 09:48 - 000000000 ____D C:\Program Files (x86)\BSD Concept
2023-12-14 00:39 - 2023-12-14 00:41 - 000000000 ____D C:\Program Files\Defraggler
2023-12-13 22:37 - 2023-12-21 17:32 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Spelling
2023-12-13 21:45 - 2023-12-19 16:43 - 000001283 _____ C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2023-12-13 21:45 - 2023-12-19 15:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Mozilla Firefox
2023-12-13 21:45 - 2023-12-13 21:45 - 000002352 _____ C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk
2023-12-13 21:19 - 2024-01-04 05:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2023-12-13 21:19 - 2023-12-19 08:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2023-12-13 21:19 - 2023-12-13 21:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Mozilla
2023-12-13 21:19 - 2023-12-13 21:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Mozilla
2023-12-13 21:18 - 2023-12-13 21:18 - 000350136 _____ (Mozilla) C:\Users\DRUGEON\Downloads\Firefox Installer.exe
2023-12-13 21:02 - 2023-12-13 21:02 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Comms
2023-12-13 21:00 - 2023-12-13 21:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2023-12-13 20:57 - 2023-12-13 20:57 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Publishers
2023-12-13 20:56 - 2023-12-19 12:01 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Packages
2023-12-13 20:56 - 2023-12-14 16:54 - 000000000 ____D C:\ProgramData\Packages
2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Network
2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Adobe
2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\VirtualStore
2023-12-13 20:55 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\ConnectedDevicesPlatform
2023-12-13 20:55 - 2023-12-13 20:55 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2023-12-13 20:55 - 2023-12-13 20:55 - 000000020 ___SH C:\Users\DRUGEON\ntuser.ini
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\Default User
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\All Users
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Modèles
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Menu Démarrer
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Bureau
2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Program Files\Fichiers communs
2023-12-13 20:25 - 2023-12-28 11:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2023-12-13 20:25 - 2023-12-13 22:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2023-12-13 20:24 - 2023-12-22 10:05 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2023-12-13 20:21 - 2023-12-13 20:21 - 000011144 _____ C:\Users\DRUGEON\OneDrive\Bureau\Applications supprimées.html
2023-12-13 20:21 - 2023-12-13 20:21 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\IME
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\SystemCertificates
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Crypto
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\SystemCertificates
2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Crypto
2023-12-13 20:06 - 2023-12-22 04:46 - 000000000 ____D C:\Users\DRUGEON
2023-12-13 20:06 - 2023-12-14 22:48 - 000000000 ____D C:\Users\Vsiteur.Win
2023-12-13 20:06 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows
2023-12-13 20:06 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Windows
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Voisinage réseau
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Voisinage d'impression
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Modèles
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Mes documents
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Menu Démarrer
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\AppData\Local\Historique
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Voisinage réseau
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Voisinage d'impression
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Modèles
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Mes documents
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Menu Démarrer
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes
2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\AppData\Local\Historique
2023-12-13 19:50 - 2023-12-13 19:50 - 000000000 ___HD C:\ProgramData\CanonBJ
2023-12-13 19:50 - 2023-12-13 19:50 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2023-12-13 19:49 - 2023-12-13 19:49 - 000000000 ____D C:\Program Files\Intel
2023-12-13 19:38 - 2024-01-03 22:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2023-12-13 19:37 - 2023-12-21 21:18 - 000297424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2023-12-13 19:35 - 2023-12-31 19:37 - 000000000 ____D C:\WINDOWS\Panther
2023-12-13 19:21 - 2023-12-13 19:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2023-12-13 19:19 - 2023-12-13 19:19 - 000000000 ____D C:\Program Files\Lenovo
2023-12-13 19:17 - 2023-12-13 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2023-12-13 19:11 - 2023-12-13 19:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2023-12-13 19:09 - 2023-12-13 19:09 - 000000000 ____D C:\WINDOWS\Setup
2023-12-13 19:06 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2023-12-13 19:06 - 2023-12-13 20:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\OCR
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\addins
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\ProgramData\ssh
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files\Reference Assemblies
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files\MSBuild
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files (x86)\MSBuild
2023-12-13 19:05 - 2023-12-22 10:05 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat
2023-12-13 19:05 - 2023-12-22 10:05 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat
2023-12-13 19:05 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\fr
2023-12-13 19:05 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\fr
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\winrm
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\WCN
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\slmgr
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\0409
2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\DigitalLocker
2023-12-13 18:58 - 2023-12-13 19:30 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2023-12-13 18:58 - 2023-12-13 18:53 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services
2023-12-13 18:58 - 2023-12-13 18:53 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config
2023-12-13 18:58 - 2023-12-13 18:53 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config
2023-12-13 18:58 - 2023-12-13 18:53 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2023-12-13 18:58 - 2023-12-13 18:53 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2023-12-13 18:58 - 2023-12-13 18:53 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2023-12-13 18:57 - 2024-01-04 04:59 - 000000000 ____D C:\WINDOWS\SystemTemp
2023-12-13 18:57 - 2024-01-03 12:29 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-12-13 18:57 - 2023-12-30 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2023-12-13 18:57 - 2023-12-30 13:02 - 000000000 ___HD C:\Program Files\WindowsApps
2023-12-13 18:57 - 2023-12-27 17:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2023-12-13 18:57 - 2023-12-20 18:30 - 000000000 ___RD C:\Program Files (x86)
2023-12-13 18:57 - 2023-12-20 18:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2023-12-13 18:57 - 2023-12-20 12:21 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SystemResources
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\oobe
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\Dism
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\ShellExperiences
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\Provisioning
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\bcastdvr
2023-12-13 18:57 - 2023-12-14 22:54 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 __RSD C:\WINDOWS\Media
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\UNP
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\F12
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\dsc
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___RD C:\WINDOWS\PrintDialog
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\setup
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\migwiz
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\icsxml
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\downlevel
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\Com
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\ShellComponents
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\IME
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\IdentityCRL
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\DiagTrack
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Portable Devices
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Common Files\System
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2023-12-13 18:57 - 2023-12-14 22:46 - 000000000 ____D C:\WINDOWS\SystemApps
2023-12-13 18:57 - 2023-12-14 22:45 - 000000000 ____D C:\WINDOWS\Help
2023-12-13 18:57 - 2023-12-14 22:45 - 000000000 ____D C:\WINDOWS\Containers
2023-12-13 18:57 - 2023-12-14 22:15 - 000000000 ____D C:\WINDOWS\registration
2023-12-13 18:57 - 2023-12-14 06:46 - 000000000 ____D C:\WINDOWS\appcompat
2023-12-13 18:57 - 2023-12-13 22:57 - 000000000 ____D C:\Program Files\Windows Defender
2023-12-13 18:57 - 2023-12-13 20:52 - 000000000 ____D C:\WINDOWS\system32\spool
2023-12-13 18:57 - 2023-12-13 20:52 - 000000000 ____D C:\ProgramData\USOPrivate
2023-12-13 18:57 - 2023-12-13 20:26 - 000000000 ____D C:\Program Files\Windows NT
2023-12-13 18:57 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows
2023-12-13 18:57 - 2023-12-13 19:48 - 000000000 ____D C:\WINDOWS\ServiceState
2023-12-13 18:57 - 2023-12-13 19:29 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2023-12-13 18:57 - 2023-12-13 19:22 - 000000000 __RHD C:\Users\Public\Libraries
2023-12-13 18:57 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2023-12-13 18:57 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\system32\MUI
2023-12-13 18:57 - 2023-12-13 19:05 - 000000000 ____D C:\Program Files (x86)\Windows NT
2023-12-13 18:57 - 2023-12-13 19:05 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___SD C:\WINDOWS\system32\Nui
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ti-et
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ta-lk
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ta-in
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\si-lk
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\my-mm
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Keywords
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ias
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\DDFs
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\appraiser
2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\am-et
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 __SHD C:\Program Files\Windows Sidebar
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Web
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\WaaS
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Vss
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\tracing
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\TAPI
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\winevt
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\ras
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\NDF
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Macromed
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\IME
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\DriverState
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\System
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SKB
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\security
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\schemas
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SchCache
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Resources
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\rescache
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\PLA
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Performance
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\ModemLogs
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\L2Schemas
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\InputMethod
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Globalization
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Cursors
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Branding
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\ProgramData\USOShared
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\Windows Security
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\ModifiableWindowsApps
2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\Common Files\Services
2023-12-13 18:54 - 2023-12-28 10:44 - 000000000 ____D C:\WINDOWS\INF
2023-12-13 18:45 - 2023-12-15 14:16 - 000000000 ____D C:\WINDOWS\CbsTemp
2023-12-13 18:35 - 2023-12-28 11:14 - 074973184 _____ C:\WINDOWS\system32\config\SOFTWARE
2023-12-13 18:35 - 2023-12-28 11:14 - 013893632 _____ C:\WINDOWS\system32\config\SYSTEM
2023-12-13 18:35 - 2023-12-28 11:14 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT
2023-12-13 18:35 - 2023-12-28 11:14 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2023-12-13 18:35 - 2023-12-28 11:14 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY
2023-12-13 18:35 - 2023-12-28 11:14 - 000065536 _____ C:\WINDOWS\system32\config\SAM
2023-12-13 18:35 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\servicing
2023-12-13 18:35 - 2023-12-13 20:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2023-12-13 18:35 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\SMI
2023-12-13 15:42 - 2023-12-13 15:42 - 000057506 _____ C:\Users\DRUGEON\Downloads\-laposte.net -Message Recu pour votre paiement a nordsec b.v.-.htm
2023-12-13 15:22 - 2023-12-13 15:22 - 000057506 _____ C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.].htm
2023-12-13 15:22 - 2023-12-13 15:22 - 000000000 ____D C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.]_fichiers
2023-12-12 04:06 - 2023-12-12 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2023-12-10 20:24 - 2023-12-10 20:25 - 113594368 _____ C:\Users\DRUGEON\Downloads\Cloudflare_WARP_Release-x64(1).msi
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-01-03 12:10 - 2015-09-04 18:11 - 000000000 __SHD C:\Users\DRUGEON\IntelGraphicsProfiles
2023-12-31 19:42 - 2023-03-01 11:39 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14
2023-12-28 11:15 - 2020-09-06 15:39 - 000008192 ___SH C:\DumpStack.log.tmp
2023-12-27 17:06 - 2023-03-25 00:30 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-12-19 09:47 - 2022-06-25 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSD Concept
2023-12-19 06:01 - 2015-09-04 14:36 - 000000000 ___RD C:\Users\DRUGEON\OneDrive
2023-12-19 02:36 - 2015-09-16 16:31 - 000000179 _____ C:\Users\DRUGEON\OneDrive\Bureau\Messagerie Orange.url
2023-12-15 01:17 - 2015-09-04 02:08 - 000000000 __RHD C:\Users\Public\AccountPictures
2023-12-14 19:04 - 2015-09-16 16:34 - 000000185 _____ C:\Users\DRUGEON\OneDrive\Bureau\Messagerie La Poste.url
2023-12-14 00:39 - 2018-06-03 01:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2023-12-13 20:56 - 2015-09-15 19:31 - 000000000 ___RD C:\Users\DRUGEON\3D Objects
2023-12-13 19:29 - 2021-01-19 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon PhotoRecord
2023-12-13 19:29 - 2018-08-24 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2023-12-13 19:22 - 2022-07-14 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2023-12-13 19:22 - 2017-03-18 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2023-12-12 04:10 - 2015-09-04 02:09 - 000000000 ___SD C:\Users\DRUGEON\AppData\Roaming\Microsoft\Credentials
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================