cjoint

Publicité

Cliquez pour partager vos propres fichiers

Publicité

Format du document : text/plain

Prévisualisation

Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28.03.2024
Exécuté par clem_ (administrateur) sur DESKTOP-MA8OL18 (Gigabyte Technology Co., Ltd. B250M-D2V) (30-03-2024 19:23:31)
Exécuté depuis C:\Users\clem_\Desktop\FRST64.exe
Profils chargés: clem_
Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.4170 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Users\clem_\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Mode d'amorçage: Normal

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneAgent.exe
(C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
(C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2>
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7>
(C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\88.0.0.0\crashpad_handler.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe
(C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe
(Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(explorer.exe ->) (FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe
(explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <44>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe
(explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe
(explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Logitech Inc -> Logitech) C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe <7>
(Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_653f80c82b05c61e\IntelCpHDCPSvc.exe
(services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
(services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(services.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
(svchost.exe ->) (FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\clem_\AppData\Local\Microsoft\OneDrive\24.050.0310.0001\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] (GoPro, Inc. -> )
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1962944 2016-11-22] (Shenzhen Yi Xing Investment Co., Ltd. -> )
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [138838416 2023-06-06] (Logitech Inc -> Logitech)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10203648 2019-01-30] (FreeDownloadManager.org) [Fichier non signé]
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [26130208 2024-02-13] (Plex, Inc. -> Plex, Inc.)
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-02-15] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech)
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [MicrosoftEdgeAutoLaunch_F5E9A892B27C1C4B1278CF2FC5ACE762] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\MountPoints2: {8074665a-48e2-11e7-b64b-1c1b0dac0f00} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL hxxp://www.ultimatebootcd.com/
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [26130208 2024-02-13] (Plex, Inc. -> Plex, Inc.)
HKLM\...\Print\Monitors\HP 8911 Status Monitor: C:\WINDOWS\system32\hpinksts8911LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\MONVNC: C:\WINDOWS\system32\VNCpm.dll [37704 2017-04-26] (RealVNC Ltd -> RealVNC Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-26] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {2D87C4E5-D45C-4B70-9140-BD2BBC6D2313} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs
Task: {1122B27B-CDDA-4D66-A703-8FE3CA86B531} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [Fichier non signé]
Task: {48DAB55D-9F29-4835-9F8C-90207BD127C8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-02-15] (Garmin International, Inc. -> )
Task: {1A846A2A-D7DC-41AE-9C94-0155CBA1DA0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-01] (Google Inc -> Google Inc.)
Task: {37F4DB6C-B33F-4D2F-8000-3932DC02BCBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-01] (Google Inc -> Google Inc.)
Task: {CA8021CE-E55F-4457-A982-85590028E21B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {A91C8CE0-69C5-4CA8-8990-4EF9D002CAA9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {4D10BE2C-14CB-4162-A090-FC07EFB1F808} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {FDC06749-156D-4E7E-8429-F47FBAEC0805} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {08C048B4-FA3C-47D5-881E-FC7A495B4395} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2D79E679-363E-430D-BC4B-0AAFA53E37AE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F7E42B41-6A73-46D6-8E72-A1E14CA0B71C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {F69A98DA-501F-4DF0-B119-FBEAE4315DDE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {2C711EA3-7A6C-412A-B762-CC0314415CBA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation)
Task: {7049E696-D8F8-4D9F-AC3D-372DA266A40B} - System32\Tasks\Opera scheduled Autoupdate 1660234465 => C:\Users\clem_\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5709728 2024-03-14] (Opera Norway AS -> Opera Software)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47beba5f-3585-4a98-b944-23c74589a609}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{47beba5f-3585-4a98-b944-23c74589a609}: [DhcpDomain] home
Tcpip\..\Interfaces\{47beba5f-3585-4a98-b944-23c74589a609}\8507562796160285A502052756D69657D6F566367303: [DhcpNameServer] 192.168.64.94
Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}: [DhcpDomain] home
Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}\356425F543738303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}\8507562796160285A502052756D69657D6F566367303: [DhcpNameServer] 192.168.43.125

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\clem_\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-30]
Edge Extension: (Google Docs hors connexion) - C:\Users\clem_\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25]
Edge Extension: (Edge relevant text changes) - C:\Users\clem_\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi
FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi [2017-06-03] []
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN)
FF Plugin HKU\S-1-5-21-362006066-3212578774-1346572183-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.)
FF Plugin HKU\S-1-5-21-362006066-3212578774-1346572183-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\clem_\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-362006066-3212578774-1346572183-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\clem_\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default [2024-03-30]
CHR Notifications: Default -> hxxps://messages.android.com; hxxps://messages.google.com; hxxps://my.netatmo.com; hxxps://www.sezane.com
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.myelectricnetwork.fr/"
CHR Extension: (Barre de Confiance CM-CIC) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjkhaeogkeelkioellpgcebmekedpag [2022-09-11]
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-03-30]
CHR Extension: (Bureau à distance Google Chrome) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-08-04]
CHR Extension: (PaintZ) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdjcnhanmagpjdpilaehedkchegnkdoj [2022-12-27]
CHR Extension: (Google Docs hors connexion) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-30]
CHR Extension: (Panda 5 - Your favorite websites in one place) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\haafibkemckmbknhfkiiniobjpgkebko [2024-02-29]
CHR Extension: (VNC® Viewer for Google Chrome™) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabmpiboiopbgfabjmgeedhcmjenhbla [2018-12-05]
CHR Extension: (Excel Online) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2020-02-23]
CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-26]
CHR Extension: (Shazam : le nom des chansons en un clic) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-03-09]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01]
CHR Extension: (WeVideo - Éditeur et créateur de vidéos) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2020-03-30]
CHR Extension: (History Trends Unlimited) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmchffiealhkdloeffcdnbgdnedheme [2024-02-19]
CHR Profile: C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-29]
CHR Extension: (Slides) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-08]
CHR Extension: (Docs) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-08]
CHR Extension: (Google Drive) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-08]
CHR Extension: (YouTube) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-08]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-06-08]
CHR Extension: (Sheets) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-08]
CHR Extension: (Avast Online Security) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-08]
CHR Extension: (Zoom) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2020-06-08]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-06-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-08]
CHR Extension: (Gmail) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-08]
CHR Extension: (Chrome Media Router) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-08]
CHR Profile: C:\Users\clem_\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-29]
CHR HKU\S-1-5-21-362006066-3212578774-1346572183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]

Opera:
=======
OPR DefaultProfile: Default

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] (GoPro, Inc. -> )
R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [5802384 2023-06-06] (Logitech Inc -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8882936 2024-03-30] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-30] (Malwarebytes Inc. -> Malwarebytes)
R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [828696 2024-02-13] (Plex, Inc. -> Plex, Inc.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5828688 2017-04-26] (RealVNC Ltd -> RealVNC Ltd)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 e2esoft_ivcamaudio_simple; C:\WINDOWS\system32\drivers\iVCamAud.sys [255464 2020-11-03] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1198664 2022-12-06] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78912 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-03-30] (Malwarebytes Inc. -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Trois mois (créés) (Avec liste blanche) =========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-03-30 19:21 - 2024-03-30 19:23 - 000064582 _____ C:\Users\clem_\Desktop\Addition.txt
2024-03-30 19:21 - 2024-03-30 19:21 - 000220192 _____ C:\Users\clem_\Desktop\ZHPDiag.txt
2024-03-30 19:20 - 2024-03-30 19:24 - 000030771 _____ C:\Users\clem_\Desktop\FRST.txt
2024-03-30 19:20 - 2024-03-30 19:23 - 000000000 ____D C:\FRST
2024-03-30 19:19 - 2024-03-30 19:20 - 002392064 _____ (Farbar) C:\Users\clem_\Desktop\FRST64.exe
2024-03-30 19:17 - 2024-03-30 19:21 - 000000000 ____D C:\Users\clem_\AppData\Roaming\ZHP
2024-03-30 19:17 - 2024-03-30 19:17 - 003538592 _____ (Nicolas Coolman) C:\Users\clem_\Downloads\ZHPSuite.exe
2024-03-30 19:17 - 2024-03-30 19:17 - 000000865 _____ C:\Users\clem_\Desktop\ZHPSuite.lnk
2024-03-30 19:17 - 2024-03-30 19:17 - 000000000 ____D C:\Users\clem_\AppData\Local\ZHP
2024-03-30 19:09 - 2024-03-30 19:17 - 000000000 ____D C:\Users\clem_\AppData\LocalLow\IGDump
2024-03-30 19:09 - 2024-03-30 19:09 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2024-03-30 19:09 - 2024-03-30 19:09 - 000000000 ___HD C:\OneDriveTemp
2024-03-30 19:04 - 2024-03-30 19:04 - 000173848 _____ C:\WINDOWS\ntbtlog.txt
2024-03-30 19:04 - 2024-03-30 19:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2024-03-30 18:47 - 2024-03-30 19:19 - 000000000 ____D C:\Users\clem_\AppData\Local\Malwarebytes
2024-03-30 18:47 - 2024-03-30 18:47 - 000002053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-03-30 18:47 - 2024-03-30 18:47 - 000002041 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-03-30 18:42 - 2024-03-30 18:42 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-03-30 18:42 - 2024-03-30 18:42 - 000000000 ____D C:\Program Files\Malwarebytes
2024-03-30 18:41 - 2024-03-30 18:41 - 002589624 _____ (Malwarebytes) C:\Users\clem_\Downloads\MBSetup.exe
2024-03-30 18:25 - 2024-03-30 18:25 - 000000000 ____D C:\Program Files (x86)\Cisco
2024-03-30 18:24 - 2024-03-30 18:24 - 000000000 ____D C:\Program Files (x86)\ASUS
2024-03-30 18:24 - 2015-01-06 05:41 - 003737304 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll
2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2024-03-30 18:24 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2024-03-30 18:19 - 2024-03-30 18:22 - 161879065 _____ C:\Users\clem_\Downloads\DR_PCE_N10_V1017.zip
2024-03-30 09:24 - 2024-03-30 09:24 - 000011377 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8959896357.pdf
2024-03-28 16:08 - 2024-03-28 16:08 - 000011328 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8943553325.pdf
2024-03-25 20:23 - 2024-03-25 20:23 - 000084794 _____ C:\Users\clem_\Downloads\leboncoin_bon-d-envoi_d988ce8e-47b5-4706-b3ed-1260e86abc47 (1).pdf
2024-03-24 18:16 - 2024-03-24 18:16 - 000084794 _____ C:\Users\clem_\Downloads\leboncoin_bon-d-envoi_d988ce8e-47b5-4706-b3ed-1260e86abc47.pdf
2024-03-24 17:02 - 2024-03-24 17:02 - 005911041 _____ C:\Users\clem_\Downloads\Photos-001 (2).zip
2024-03-18 17:50 - 2024-03-18 17:50 - 000011292 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8852686684.pdf
2024-03-17 13:52 - 2024-03-17 13:52 - 000427878 _____ C:\Users\clem_\Downloads\ed4306.pdf
2024-03-16 15:13 - 2024-03-16 15:13 - 000123060 _____ C:\Users\clem_\Downloads\amstrust_20230331021020900GNXXSDCFAEAU201203QV.pdf
2024-03-16 15:12 - 2024-03-16 15:12 - 000109085 _____ C:\Users\clem_\Downloads\amstrust_20231011021003074GNXXSDCFAEAU601603RQ.pdf
2024-03-13 14:56 - 2024-03-13 14:56 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-03-13 14:56 - 2024-03-13 14:56 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-03-13 14:49 - 2024-03-13 14:49 - 000000000 ___HD C:\$WinREAgent
2024-03-13 14:23 - 2024-03-13 14:23 - 000047053 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8793614740.pdf
2024-03-10 15:49 - 2024-03-10 15:49 - 000074958 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8752459232.pdf
2024-03-09 15:29 - 2024-03-09 15:31 - 043589336 _____ C:\Users\clem_\Downloads\Shooting Stars (1).wav
2024-03-09 15:27 - 2024-03-09 15:27 - 000009382 _____ C:\Users\clem_\Downloads\Shooting Stars.wav
2024-03-09 10:13 - 2024-03-09 10:13 - 000000000 ____D C:\Users\clem_\AppData\Local\apc.exe.WebView2
2024-03-09 10:05 - 2024-03-09 10:05 - 001722341 _____ C:\Users\clem_\Downloads\Photos-001 (1).zip
2024-03-09 09:59 - 2024-03-09 10:01 - 112089856 _____ C:\Users\clem_\Downloads\Photos-001.zip
2024-03-09 09:51 - 2024-03-09 09:51 - 000048081 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8697412107.pdf
2024-03-09 09:37 - 2024-03-09 09:42 - 338116837 _____ C:\Users\clem_\Downloads\Photos (3).zip
2024-03-03 17:36 - 2024-03-03 17:36 - 000011365 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8691913097.pdf
2024-03-03 11:21 - 2024-03-03 11:21 - 000076729 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8695103475.pdf
2024-03-02 10:24 - 2024-03-02 10:24 - 000011308 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8685404794.pdf
2024-03-01 17:32 - 2024-03-01 17:32 - 000059752 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8677787606.pdf
2024-02-29 16:37 - 2024-02-29 16:37 - 000011979 _____ C:\Users\clem_\Downloads\AttestationHonneur.pdf
2024-02-29 16:09 - 2024-02-29 16:09 - 000087820 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8669708329.pdf
2024-02-29 14:50 - 2024-02-29 14:50 - 000011298 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8655355926.pdf
2024-02-25 17:40 - 2024-02-25 17:40 - 000048107 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8616950040.pdf
2024-02-25 17:40 - 2024-02-25 17:40 - 000011340 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8618215470.pdf
2024-02-25 17:39 - 2024-02-25 17:39 - 000011283 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8609148148.pdf
2024-02-24 12:36 - 2024-02-24 14:35 - 000000000 ____D C:\Users\clem_\Downloads\Encanto 2021 MULTi TRUEFRENCH 1080p HDLight x264 AC3-Wawacity work
2024-02-22 15:29 - 2024-02-22 15:29 - 000047109 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8595383115.pdf
2024-02-22 15:28 - 2024-02-22 15:28 - 000048108 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8587992498.pdf
2024-02-17 02:04 - 2024-02-17 02:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server
2024-02-17 02:04 - 2024-02-17 02:04 - 000000000 ____D C:\Program Files (x86)\Plex
2024-02-14 15:05 - 2024-02-14 15:05 - 000048118 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8519026342.pdf
2024-02-13 08:59 - 2024-02-13 08:59 - 000011355 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8501772726.pdf
2024-02-13 08:59 - 2024-02-13 08:59 - 000011301 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8503793939.pdf
2024-02-11 19:50 - 2024-02-11 19:50 - 000046926 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8486992031.pdf
2024-02-11 11:53 - 2024-02-11 11:56 - 194450995 _____ C:\Users\clem_\Downloads\23-12 Noël 2023.zip
2024-02-10 15:43 - 2024-02-10 15:57 - 2174951610 _____ C:\Users\clem_\Downloads\22 Emma 2022.zip
2024-02-10 15:38 - 2024-02-10 15:42 - 630068585 _____ C:\Users\clem_\Downloads\23-04-30 WE Parenthèse.zip
2024-02-07 13:14 - 2024-02-07 13:14 - 000048067 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8445169257.pdf
2024-02-04 12:04 - 2024-02-04 12:04 - 000048091 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8420209728.pdf
2024-02-04 12:04 - 2024-02-04 12:04 - 000048091 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8420209728 (1).pdf
2024-02-04 08:57 - 2024-02-04 08:57 - 000000000 ____D C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2024-01-25 20:13 - 2024-01-25 20:54 - 000000000 ____D C:\Users\clem_\Downloads\Je verrai toujours vos visages 2023 FRENCH 1080p WEB H264-FW Wawacity homes
2024-01-25 13:51 - 2024-01-25 13:51 - 000051737 _____ C:\Users\clem_\Downloads\Lettre de recommandation.pdf
2024-01-02 14:54 - 2024-01-02 15:21 - 3373745120 _____ C:\Users\clem_\Downloads\Photos (2).zip
2024-01-02 14:48 - 2024-01-02 14:51 - 373413216 _____ C:\Users\clem_\Downloads\Photos (1).zip
2024-01-02 14:38 - 2024-01-02 14:39 - 028852242 _____ C:\Users\clem_\Downloads\Photos.zip
2024-01-02 14:31 - 2024-01-02 14:32 - 156982923 _____ C:\Users\clem_\Downloads\_32320205_.zip

==================== Trois mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2024-03-30 19:26 - 2017-05-01 14:19 - 000000000 ___SD C:\Users\clem_\AppData\Roaming\Microsoft\Credentials
2024-03-30 19:24 - 2019-12-11 23:32 - 000000000 ____D C:\Program Files (x86)\Steam
2024-03-30 19:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-03-30 19:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-03-30 19:13 - 2020-11-07 16:14 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-03-30 19:13 - 2019-12-07 15:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2024-03-30 19:13 - 2019-12-07 15:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2024-03-30 19:10 - 2023-07-02 15:48 - 000000000 ____D C:\Users\clem_\AppData\Roaming\logitune
2024-03-30 19:10 - 2021-12-15 23:37 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-03-30 19:10 - 2017-05-01 15:02 - 000000000 ____D C:\Program Files (x86)\Google
2024-03-30 19:09 - 2022-12-23 09:49 - 000000000 ____D C:\ProgramData\NVIDIA
2024-03-30 19:09 - 2022-09-30 11:47 - 000000000 ____D C:\Users\clem_\AppData\Local\LogiBolt
2024-03-30 19:09 - 2021-02-05 18:14 - 000000000 ____D C:\Users\clem_\AppData\Local\Plex Media Server
2024-03-30 19:09 - 2018-06-24 17:13 - 000000000 ____D C:\Users\clem_\AppData\Local\Free Download Manager
2024-03-30 19:09 - 2017-05-01 14:23 - 000000000 ___RD C:\Users\clem_\OneDrive
2024-03-30 19:08 - 2020-11-07 16:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-03-30 19:08 - 2020-11-07 16:05 - 000008192 ___SH C:\DumpStack.log.tmp
2024-03-30 19:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState
2024-03-30 19:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-03-30 19:08 - 2017-05-01 14:34 - 000000000 ____D C:\Intel
2024-03-30 18:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-03-30 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-03-30 18:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-03-30 18:26 - 2018-03-04 21:35 - 000000000 ____D C:\Users\clem_\AppData\Local\Packages
2024-03-30 18:24 - 2020-02-01 18:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2024-03-30 18:24 - 2017-03-18 22:03 - 000000179 _____ C:\WINDOWS\win.ini
2024-03-30 11:35 - 2020-11-07 16:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-03-29 05:59 - 2020-09-11 21:42 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-03-29 05:59 - 2020-09-11 21:42 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-03-26 19:48 - 2017-05-01 15:09 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-03-26 19:48 - 2017-05-01 15:09 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-03-26 17:52 - 2020-11-07 16:11 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-03-26 17:52 - 2020-11-07 16:11 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-03-23 21:05 - 2021-12-11 10:35 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-362006066-3212578774-1346572183-1001
2024-03-23 21:05 - 2020-11-07 16:11 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-362006066-3212578774-1346572183-1001
2024-03-23 21:05 - 2020-11-07 16:05 - 000002417 _____ C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-03-20 14:53 - 2022-08-11 17:14 - 000004292 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1660234465
2024-03-20 14:53 - 2022-08-11 17:14 - 000001386 _____ C:\Users\clem_\Desktop\Navigateur Opera.lnk
2024-03-20 14:53 - 2022-08-11 17:14 - 000001386 _____ C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2024-03-16 18:50 - 2018-12-05 07:24 - 000000000 ____D C:\Users\clem_\AppData\Local\D3DSCache
2024-03-16 14:11 - 2021-09-26 16:30 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-03-16 14:11 - 2021-09-26 16:30 - 000001968 _____ C:\Users\Default\Desktop\Google Slides.lnk
2024-03-16 14:11 - 2021-09-26 16:30 - 000001968 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2024-03-16 14:11 - 2021-09-26 16:30 - 000001956 _____ C:\Users\Default\Desktop\Google Docs.lnk
2024-03-16 14:11 - 2017-05-01 22:16 - 000001932 _____ C:\Users\clem_\Desktop\Google Drive.lnk
2024-03-15 07:39 - 2020-11-07 16:05 - 000000000 ____D C:\Users\clem_
2024-03-14 12:49 - 2020-11-07 16:04 - 000259584 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-03-14 12:48 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-03-14 12:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2024-03-14 12:48 - 2017-05-08 22:46 - 000000000 ____D C:\Users\clem_\AppData\Roaming\vlc
2024-03-13 20:37 - 2018-03-03 08:47 - 000000000 ____D C:\Users\clem_\AppData\Roaming\dvdcss
2024-03-13 14:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-03-13 14:56 - 2020-11-07 16:05 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-03-13 14:44 - 2017-05-23 20:16 - 000000000 ____D C:\Users\clem_\AppData\Local\CrashDumps
2024-03-13 14:29 - 2018-05-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-03-13 14:25 - 2022-02-15 22:37 - 000000000 ____D C:\Program Files\RUXIM
2024-03-13 14:24 - 2017-05-01 16:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-03-13 14:22 - 2017-05-01 16:42 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-03-11 21:27 - 2019-11-29 18:57 - 000000000 ____D C:\Users\clem_\AppData\Local\JDownloader 2.0
2024-03-09 15:53 - 2019-08-22 17:03 - 000000000 ____D C:\Users\clem_\AppData\Local\monalbumphoto
2024-03-09 15:53 - 2017-06-11 14:23 - 000000000 ____D C:\Users\clem_\AppData\Roaming\Audacity
2024-03-09 10:30 - 2018-01-19 11:16 - 000000000 ____D C:\Users\clem_\Documents\monAlbumPhoto
2024-03-09 10:13 - 2019-08-22 17:03 - 000002023 _____ C:\Users\clem_\Desktop\monalbumphoto.lnk
2024-03-09 10:13 - 2019-08-22 17:03 - 000000000 ____D C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\monalbumphoto

==================== Fichiers à la racine de certains dossiers ========

2019-08-22 17:03 - 2019-08-22 17:03 - 020775120 _____ (monalbumphoto ) C:\ProgramData\monalbumphoto_setup.exe
2018-11-26 21:33 - 2018-11-26 21:33 - 000000038 _____ () C:\Users\clem_\AppData\Local\cloudready_installer_uuid
2023-11-26 09:58 - 2023-11-26 09:58 - 000001597 _____ () C:\Users\clem_\AppData\Local\recently-used.xbel

==================== SigCheckExt =========================

2017-03-16 15:58 - 2017-03-16 15:58 - 001334784 _____ (CineForm Inc.) C:\WINDOWS\system32\CFHD.dll
2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll
2019-05-30 10:22 - 1998-01-23 11:20 - 000305664 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn040c.exe
2017-03-16 15:58 - 2017-03-16 15:58 - 001119744 _____ (CineForm Inc.) C:\WINDOWS\SysWOW64\CFHD.dll
2017-06-03 15:12 - 2015-02-27 13:38 - 000214528 _____ () C:\WINDOWS\SysWOW64\ISCM32.dll
2017-06-03 15:12 - 2015-02-27 13:38 - 000721263 _____ () C:\WINDOWS\SysWOW64\ISCM64.dll
2024-03-30 18:24 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe
2017-06-04 14:46 - 2012-03-23 17:59 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll
2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2003-04-18 16:29 - 2003-04-18 16:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll
2019-05-30 10:28 - 1998-06-10 12:07 - 001053184 _____ (Cendant Software) C:\WINDOWS\SysWOW64\SierraNW.dll
2019-05-30 10:28 - 1998-06-10 12:05 - 000231936 _____ (Cendant Software) C:\WINDOWS\SysWOW64\SNWValid.dll
2024-03-30 19:19 - 2024-03-30 19:20 - 002392064 _____ (Farbar) C:\Users\clem_\Desktop\FRST64.exe
2024-03-30 19:17 - 2024-03-30 19:17 - 003538592 _____ (Nicolas Coolman) C:\Users\clem_\Downloads\ZHPSuite.exe

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


==================== BCD ================================

Gestionnaire de démarrage du microprogramme
-------------------------------------------
identificateur {fwbootmgr}
displayorder {bootmgr}
{660259d7-2d2c-11e7-9bab-9abfacf508cc}
{660259d8-2d2c-11e7-9bab-9abfacf508cc}
timeout 1

Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume2
path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {88219a9a-210a-11eb-88db-e2348873326f}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Application logicielle (101fffff)
--------------------------------
identificateur {660259d7-2d2c-11e7-9bab-9abfacf508cc}
description CD/DVD Drive

Application logicielle (101fffff)
--------------------------------
identificateur {660259d8-2d2c-11e7-9bab-9abfacf508cc}
description Hard Drive

Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \WINDOWS\system32\winload.efi
description Windows 10
locale fr-FR
inherit {bootloadersettings}
recoverysequence {88219a9c-210a-11eb-88db-e2348873326f}
displaymessageoverride Recovery
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \WINDOWS
resumeobject {88219a9a-210a-11eb-88db-e2348873326f}
nx OptIn
bootmenupolicy Standard

Chargeur de démarrage Windows
-----------------------------
identificateur {88219a9c-210a-11eb-88db-e2348873326f}
device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{88219a9d-210a-11eb-88db-e2348873326f}
path \windows\system32\winload.efi
description Windows Recovery Environment
locale fr-FR
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{88219a9d-210a-11eb-88db-e2348873326f}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {88219a9a-210a-11eb-88db-e2348873326f}
device partition=C:
path \WINDOWS\system32\winresume.efi
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {88219a9c-210a-11eb-88db-e2348873326f}
recoveryenabled Yes
isolatedcontext Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume2
path \EFI\Microsoft\Boot\memtest.efi
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes

Paramètres EMS
--------------
identificateur {emssettings}
bootems No

Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local

Erreurs de mémoire RAM
----------------------
identificateur {badmemory}

Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}

Options de périphérique
-----------------------
identificateur {88219a9d-210a-11eb-88db-e2348873326f}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume5
ramdisksdipath \Recovery\WindowsRE\boot.sdi

==================== Fin de FRST.txt ========================

Publicité

Signaler le contenu de ce document

Publicité