Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 26.02.2024 01 Exécuté par mbedain (administrateur) sur PC-MAISON (27-02-2024 19:28:54) Exécuté depuis C:\Users\mbeda\Desktop\FRST64.exe Profils chargés: mbedain Plate-forme: Microsoft Windows 11 Professionnel Version 23H2 22631.3155 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\1.3.865.1\DropboxCrashHandler.exe (C:\Program Files\Google\NearbyShare\nearby_share.exe ->) (Google LLC -> ) C:\Program Files\Google\NearbyShare\crashpad_handler.exe (explorer.exe ->) (CERTIF_NICOLAS_COOLMAN -> Nicolas Coolman) [Fichier non signé] C:\Users\mbeda\AppData\Roaming\ZHP\ZHPSuite.exe (explorer.exe ->) (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe <3> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <18> (services.exe ->) (AOMEI International Network Limited -> AOMEI International Network Limited) C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.7.0\ABService.exe (services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Utilitaires\Teamviewer\TeamViewer_Service.exe (sihost.exe ->) (Google LLC -> Google) C:\Program Files\Google\NearbyShare\nearby_share.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2403.10.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (svchost.exe ->) (Microsoft Windows -> ) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_424.1301.170.0_x64__cw5n1h2txyewy\Dashboard\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\prevhost.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8899592 2016-08-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [snpstd3] => C:\WINDOWS\vsnpstd3.exe [827392 2006-09-19] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\...\Run: [Nearby Share] => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [1410336 2024-01-18] (Google LLC -> Google) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Utilitaires\Nuance\PDF Professional 5\RegistryController.exe [58656 2008-02-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2007-03-26] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [Nuance PDF Professional 5-reminder] => C:\Utilitaires\Nuance\PDF Professional 5\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [SPUpDateServerrun] => C:\Program Files (x86)\hicloud\update_server\startUp.exe [14832 2015-09-10] (EZVIZ Inc. -> ) HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [670080 2021-06-30] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [895360 2021-06-30] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [11557768 2024-02-23] (Dropbox, Inc -> Dropbox, Inc.) HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [129288 2023-10-17] (Adobe Inc. -> ) HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.) HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-229840600-1787093532-1979939897-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2598328 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-229840600-1787093532-1979939897-1001\...\Run: [EPSDNMON] => C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) HKU\S-1-5-21-229840600-1787093532-1979939897-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.) HKU\S-1-5-21-229840600-1787093532-1979939897-1001\...\Run: [Screenpresso] => C:\Users\mbeda\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [12579424 2023-08-09] (Learnpulse -> Learnpulse) HKU\S-1-5-21-229840600-1787093532-1979939897-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-16] (InstallShield Software Corporation) [Fichier non signé] HKU\S-1-5-21-229840600-1787093532-1979939897-1001\...\Run: [MicrosoftEdgeAutoLaunch_B78FD0D006AD6E2C302B2C923D00B890] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4067896 2024-02-23] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-229840600-1787093532-1979939897-1001\...\MountPoints2: {a1bc1ba2-d3ab-11ed-b70c-4cedfb3a83a8} - "H:\setup.EXE" /AUTORUN HKU\S-1-5-21-229840600-1787093532-1979939897-1002\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\87.0.2.0\GoogleDriveFS.exe [59681568 2024-02-22] (Google LLC -> Google, Inc.) HKLM\...\Print\Monitors\EPSON PC-FAX Driver2 64Monitor: C:\WINDOWS\system32\EFXLM16A.DLL [182784 2020-02-03] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION) HKLM\...\Print\Monitors\EPSON WF-2860 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUAE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation) HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé] HKLM\...\Print\Monitors\HP A511 Status Monitor: C:\WINDOWS\system32\hpinkstsA511LM.dll [331664 2012-06-13] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\PDF-XChange Standard Port Monitor: C:\WINDOWS\system32\pxcpm.dll [953600 2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) HKLM\...\Print\Monitors\pdfcmon: C:\WINDOWS\system32\pdfcmon.dll [196096 2023-05-20] (pdfforge GmbH) [Fichier non signé] HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> BootExecute: autocheck autochk * GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKU\S-1-5-21-229840600-1787093532-1979939897-1001\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {B4DE2DA6-58F0-4233-9D65-619FAF696AF8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1547208 2024-01-31] (Adobe Inc. -> Adobe Inc.) Task: {757C1794-B9C7-4149-8506-4C34F28FFE86} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1790184 2021-04-30] (Avast Software s.r.o. -> Avast Software) Task: {619B8171-1138-4A53-B5A9-B6262657AF49} - System32\Tasks\CCleanerSkipUAC - mbedain => C:\Users\mbeda\Documents\UT Suite\Logiciels\CCleaner 6.03.10002 Technician Edition (x64)\Data\CCleaner64.exe [38274576 2023-06-17] (Piriform Software Ltd -> Piriform Software Ltd) [Fichier non signé] Task: {CB8C3273-CF6D-4F81-9568-FB5B6A91DD73} - System32\Tasks\CorelUpdateHelperTask-3E3F0A90120310922DEDE62CDAC9DBED => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3827728 2022-10-21] (Corel Corporation -> Corel Corporation) Task: {D188BF22-0DB7-431F-BFC3-0128DF406A26} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [3827728 2022-10-21] (Corel Corporation -> Corel Corporation) Task: {56A945A1-8271-4A32-BF68-FBEB8AFFBCFF} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe [5356504 2024-02-14] (Microsoft Windows -> Microsoft Corporation) Task: {B9F8BE07-2B74-4CE9-A9D5-E9F6C0BF3BB2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.) Task: {F775B62C-F189-4B40-8AE9-DE4DFD4ECB18} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.) Task: {7BC4092A-99C1-4D37-9B20-E811BD9078A8} - System32\Tasks\EPSON WF-2860 Series Update {52F7F6DF-629E-4A3E-B744-3604F69BB915} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUAE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {46B28993-B4C2-4E8B-9453-1DC90C55BF00} - System32\Tasks\Google\Quick Share Relaunch => C:\Program Files\Google\NearbyShare\nearby_share_launcher.exe [1410336 2024-01-18] (Google LLC -> Google) Task: {264B3CB9-440E-4CE6-BA91-9EE4AAFA6985} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem124.0.6315.0{6D09C45F-4A88-4741-A79F-9430FD1A10BD} => C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== ATTENTION Task: {AB22E209-1507-4D87-B4C7-38830BC0B4E8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {645A9416-5752-46DB-9506-DED3F92492A5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28372672 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) Task: {F0B1C402-1204-4359-B661-119A77B7EC37} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) Task: {E6FF8010-8C7A-4AAD-856A-D4A168AAEC07} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [218776 2024-02-18] (Microsoft Corporation -> Microsoft Corporation) Task: {F084011C-7027-4A31-B09D-83AC85144201} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier) Task: {6ECC17BA-2F21-4D1D-A937-AF5B7E29ED7A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => %systemroot%\system32\MusNotification.exe ReadyToReboot (Pas de fichier) Task: {01CF5586-7FE5-4C44-B88B-B6505B153C15} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (Pas de fichier) Task: {730AF685-B74D-4045-98D9-5FE220E1586F} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (Pas de fichier) Task: {CF669A30-7B28-4BEB-BDDA-7EAC867E0316} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_Broker_Display => %systemroot%\system32\MusNotification.exe Display (Pas de fichier) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {C60A25E0-0BD8-4E14-AA63-F3C31AE51873} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {3BDA626D-F9E4-4DF4-9FEB-7FC1FB8482ED} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {87A32112-F114-4C7A-853F-7EB0EDA46773} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {5EB379FA-9442-4CC9-B9C4-10AA3F224961} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {285B5D8E-0C33-49BA-B8A2-5420A73B16B8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-21] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {A4E41AB5-1C36-4B90-A7B8-93716F475FE0} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-229840600-1787093532-1979939897-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671136 2024-02-21] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {765E99B5-A9D8-4428-AE82-AE4577C8ED21} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-21] (Mozilla Corporation -> Mozilla Foundation) Task: {105C500F-4F78-4583-9BE1-134E983C7C45} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {6BB75E16-7079-4D53-9CD9-A3B26B0B64EF} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-229840600-1787093532-1979939897-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {7E00BD2D-43F5-4CE2-BC48-CEBF64A6FA71} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-229840600-1787093532-1979939897-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4130320 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) Task: {319E8691-CE97-4BFA-81F0-DB119906181B} - System32\Tasks\PowerToys\Autorun for mbedain => C:\Utilitaires\Powertoys\PowerToys.exe [1151008 2023-10-02] (Microsoft Corporation -> Microsoft Corporation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EPSON WF-2860 Series Update {52F7F6DF-629E-4A3E-B744-3604F69BB915}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUAE.EXE:/EXE:{52F7F6DF-629E-4A3E-B744-3604F69BB915} /F:UpdateMSHOME\PC-MAISON$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{222a8301-1bd1-4be9-bcee-4edcc43ed211}: [NameServer] 208.67.222.222,208.67.220.220,192.168.0.254 Tcpip\..\Interfaces\{222a8301-1bd1-4be9-bcee-4edcc43ed211}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{ad22bfa4-b2a3-4c66-94e7-2c78652c1fc8}: [NameServer] 208.67.222.222,208.67.220.220 Tcpip\..\Interfaces\{ad22bfa4-b2a3-4c66-94e7-2c78652c1fc8}: [DhcpNameServer] 192.168.0.254 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\mbeda\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-27] Edge DownloadDir: Default -> G:\Téléchargements Edge StartupUrls: Default -> "hxxp://google.fr/" Edge Extension: (PDF-XChange) - C:\Users\mbeda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\djmbpijobamaimdblhkpclfnpkiogeoo [2023-03-29] Edge Extension: (Google Docs hors connexion) - C:\Users\mbeda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-26] Edge Extension: (Edge relevant text changes) - C:\Users\mbeda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\mbeda\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-02-22] Edge HKLM\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo] Edge HKLM-x32\...\Edge\Extension: [djmbpijobamaimdblhkpclfnpkiogeoo] FireFox: ======== FF DefaultProfile: 64k07qgy.default-1649660130586 FF ProfilePath: C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586 [2024-02-27] FF Homepage: Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586 -> hxxps://news.google.com/topstories?hl=fr&gl=FR&ceid=FR:frgle.com/topstories?hl=fr&gl=FR&ceid=FR:fr FF Notifications: Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586 -> hxxps://www.peopleactmagazine.fr; hxxps://www.lanouvellerepublique.fr FF Extension: (Facebook Container) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\@contain-facebook.xpi [2023-07-21] FF Extension: (AdBlocker Ultimate) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\adblockultimate@adblockultimate.net.xpi [2024-02-20] FF Extension: (Zamu - Coupons et remises automatiques) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\addon@zamu.com.xpi [2024-02-10] FF Extension: (Keepa - Amazon Price Tracker) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\amptra@keepa.com.xpi [2023-12-06] FF Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\firefox@ghostery.com.xpi [2023-12-30] FF Extension: (Forecastfox (fix version)) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\forecastfox@s3_fix_version.xpi [2022-04-12] FF Extension: (To Google Translate) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2022-04-12] FF Extension: (Privacy Badger) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2024-02-09] FF Extension: (Material Freebox OS) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\material-freebox-os@s-quent.in.xpi [2022-04-12] FF Extension: (LastPass: Free Password Manager) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\support@lastpass.com.xpi [2024-02-16] FF Extension: (Bitwarden - Gestion des mots de passe) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2024-02-18] FF Extension: (City In The Sky) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{4b166b08-0705-4d78-bb66-70feffb09794}.xpi [2022-04-12] FF Extension: (EPUBReader) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}.xpi [2022-04-12] FF Extension: (The Christmas Look) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{7c9fedfe-b2ec-410a-a5b4-a3674f2b7d4b}.xpi [2022-04-12] FF Extension: (Video DownloadHelper) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-02-24] FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-01-27] FF Extension: (Vectorwall) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{d90f6a50-5be6-4bd7-86ad-556a45ed92fc}.xpi [2022-04-12] FF Extension: (Pas de nom) - C:\Users\mbeda\AppData\Roaming\Mozilla\Firefox\Profiles\64k07qgy.default-1649660130586\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800}.xpi [2023-12-07] FF HKLM\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi => non trouvé(e) FF HKLM\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2020-01-23] [] [non signé] FF HKLM-x32\...\Firefox\Extensions: [FFExtnHTML2PDF@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [FireFoxNew-WebExtensions@foxitsoftware.com] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\FirefoxAddin\FireFoxNew-WebExtensions@foxitsoftware.com.xpi => non trouvé(e) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-02-22] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Pas de fichier] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\npFoxitPDFEditorPlugin.dll [Pas de fichier] FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-02-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Utilitaires\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Utilitaires\VLC\npvlc.dll [Pas de fichier] FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll [2009-09-25] (Wacom, Inc.) [Fichier non signé] FF Plugin HKU\S-1-5-21-229840600-1787093532-1979939897-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-229840600-1787093532-1979939897-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) FF Plugin HKU\S-1-5-21-229840600-1787093532-1979939897-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2022-12-12] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR HKLM\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid] CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx CHR HKLM-x32\...\Chrome\Extension: [blgipgnbmnikbdecnjmgckmndlkebhid] CHR HKLM-x32\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files (x86)\Foxit Software\Foxit PDF Editor\plugins\Creator\ChromeAddin\ChromeAddin.crx Brave: ======= BRA Profile: C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2023-04-17] BRA DefaultSearchKeyword: Default -> :g BRA Extension: (PDF-XChange) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\blgipgnbmnikbdecnjmgckmndlkebhid [2023-04-17] BRA Extension: (Brave Local Data Files Updater) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2023-04-17] BRA Extension: (Brave NTP background images) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2023-04-17] BRA Extension: (Wallet Data Files Updater) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2023-04-17] BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-04-28] BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-04-28] BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2023-04-17] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2023-04-17] BRA Extension: (Brave Ad Block Updater (Default (plaintext))) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2023-04-17] BRA Extension: (Brave SpeedReader Updater) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-04-28] BRA Extension: (Brave NTP sponsored images) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2023-04-17] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2023-04-17] BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\mbeda\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-04-17] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-01-31] (Adobe Inc. -> Adobe Inc.) R2 Backupper Service; C:\Program Files (x86)\AOMEI\AOMEI Backupper\6.7.0\ABService.exe [1080368 2021-10-29] (AOMEI International Network Limited -> AOMEI International Network Limited) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14048768 2024-02-10] (Microsoft Corporation -> Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [130320 2021-11-03] (Dropbox, Inc -> Dropbox, Inc.) R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46824 2024-02-23] (Dropbox, Inc -> Dropbox, Inc.) S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [439616 2020-03-12] (Digital Wave Ltd -> Digital Wave Ltd) S2 EaseUS UPDATE SERVICE; C:\Program Files (x86)\EaseUS\ENS\ensserver.exe [26512 2023-11-06] (CHENGDU YIWO Tech Development Co., Ltd. -> ) S4 eBeam Stylus Driver; C:\Program Files (x86)\Luidia\eBeam Stylus Driver\eBeam_Stylus_Driver.exe [363008 2016-09-28] () [Fichier non signé] S2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-10-05] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152152 2020-03-25] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\FileSyncHelper.exe [3515936 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) S2 FoxitPhantomPDFUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Editor\FoxitPDFEditorUpdateService.exe [2437616 2023-11-11] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) S2 GoogleUpdaterInternalService124.0.6315.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== ATTENTION S2 GoogleUpdaterService124.0.6315.0; C:\Program Files (x86)\Google\GoogleUpdater\124.0.6315.0\updater.exe [4698400 2024-02-22] (Google LLC -> Google LLC) <==== ATTENTION S2 GUBootService; C:\Program Files (x86)\Common Files\Glarysoft\StartupManager\1.0\GUBootService.exe [889240 2023-03-27] (Glarysoft Ltd -> Glarysoft Ltd) S3 GUPMService; C:\Utilitaires\Glary Utilities 5\GUPMService.exe [76696 2023-03-27] (Glarysoft Ltd -> Glarysoft Ltd) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9410296 2024-02-27] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-02-27] (Malwarebytes Inc. -> Malwarebytes) S2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Fichier non signé] S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.020.0128.0003\OneDriveUpdaterService.exe [3853856 2024-02-15] (Microsoft Corporation -> Microsoft Corporation) S2 PDFProFiltSrv; C:\Utilitaires\Nuance\PDF Professional 5\PDFProFiltSrv.exe [144672 2008-02-02] (Nuance Communications, Inc. -> Nuance Communications, Inc.) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Fichier non signé] S2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [534592 2023-12-05] (Microsoft Windows Publisher -> Microsoft Corporation) R2 TeamViewer; C:\Utilitaires\Teamviewer\TeamViewer_Service.exe [18079544 2024-01-23] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 VBoxSDS; G:\Oracle\VirtualBox\VBoxSDS.exe [689912 2018-12-18] (Oracle Corporation -> Oracle Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-07] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmd.inf_amd64_1408eaf9a25ed64f\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2019-05-14] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> ) S3 ampa; C:\Windows\system32\ampa.sys [38320 2017-02-28] (CHENGDU AOMEI Tech Co., Ltd. -> ) R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [32176 2021-11-15] (AOMEI International Network Limited -> ) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2022-09-25] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2022-09-25] (Microsoft Corporation) [Fichier non signé] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-10-30] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [45056 2023-04-15] (Microsoft Windows Hardware Compatibility Publisher -> Glarysoft Ltd) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-02-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MpKsl2cf8a2f1; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84AF65D7-8DB7-4CEB-93BC-BC6FB99DE309}\MpKslDrv.sys [272664 2024-02-27] (Microsoft Windows -> Microsoft Corporation) S3 Revoflt; C:\WINDOWS\System32\DRIVERS\revoflt.sys [38400 2021-11-17] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) R3 rtcx21; C:\WINDOWS\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek) S3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2022-05-06] (Microsoft Windows -> Realtek Semiconductor Corporation) S3 SNPSTD3; C:\WINDOWS\system32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Sonix Co. Ltd.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 tapwindscribe0901; C:\WINDOWS\System32\drivers\tapwindscribe0901.sys [57768 2023-04-22] (Windscribe Limited -> The OpenVPN Project) R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [247432 2018-12-18] (Oracle Corporation -> Oracle Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-07] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-07] (Microsoft Windows -> Microsoft Corporation) S3 windtun420; C:\WINDOWS\System32\drivers\windtun420.sys [47544 2023-04-22] (Windscribe Limited -> WireGuard LLC) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-02-27 19:28 - 2024-02-27 19:32 - 000041839 _____ C:\Users\mbeda\Desktop\FRST.txt 2024-02-27 19:28 - 2024-02-27 19:28 - 000000000 ____D C:\Users\mbeda\Desktop\FRST-OlderVersion 2024-02-27 19:22 - 2024-02-27 19:22 - 000313528 _____ C:\Users\mbeda\Desktop\ZHPDiag.txt 2024-02-27 18:50 - 2024-02-27 18:50 - 000000908 _____ C:\Users\mbeda\Desktop\ZHPSuite.lnk 2024-02-27 18:48 - 2024-02-27 18:48 - 000000000 ____D C:\Users\mbeda\Desktop\Esai 2024-02-27 18:44 - 2024-02-27 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2024-02-27 18:38 - 2024-02-27 18:38 - 000083608 _____ C:\ProgramData\agent.uninstall.1709055519.bdinstall.v2.bin 2024-02-27 17:34 - 2024-02-27 18:35 - 000000000 ____D C:\Users\mbeda\AppData\Local\Malwarebytes 2024-02-27 17:34 - 2024-02-27 17:39 - 000002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-02-27 17:34 - 2024-02-27 17:39 - 000002129 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-02-27 17:33 - 2024-02-27 17:37 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-02-27 17:33 - 2024-02-27 17:37 - 000000000 ____D C:\Program Files\Malwarebytes 2024-02-27 16:47 - 2024-02-27 16:47 - 000000000 ____D C:\ProgramData\Foxit Software 2024-02-27 15:13 - 2024-02-27 16:57 - 000000918 _____ C:\Users\mbeda\Desktop\ZHPCleaner.lnk 2024-02-27 15:12 - 2024-02-27 15:12 - 003364000 _____ (Nicolas Coolman) C:\Users\mbeda\Desktop\ZHPCleaner.exe 2024-02-25 09:32 - 2024-02-27 19:31 - 000000000 ____D C:\FRST 2024-02-25 09:26 - 2024-02-27 19:22 - 000395832 _____ C:\Users\mbeda\Desktop\ZHPDiag.html 2024-02-25 09:12 - 2024-02-27 19:28 - 002386944 _____ (Farbar) C:\Users\mbeda\Desktop\FRST64.exe 2024-02-25 08:59 - 2024-02-25 09:03 - 003538592 _____ (Nicolas Coolman) C:\Users\mbeda\Desktop\ZHPSuite.exe 2024-02-25 08:44 - 2024-02-27 19:22 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\ZHP 2024-02-25 08:44 - 2024-02-27 15:13 - 000000000 ____D C:\Users\mbeda\AppData\Local\ZHP 2024-02-24 10:09 - 2024-02-24 10:09 - 000000000 ____D C:\Users\mbeda\AppData\Local\OO Software 2024-02-24 06:58 - 2024-02-24 06:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2024-02-23 15:16 - 2024-02-23 15:16 - 000046824 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe 2024-02-21 07:50 - 2024-02-27 16:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2024-02-18 15:14 - 2024-02-18 15:14 - 000000218 _____ C:\Users\mbeda\AppData\Local\recently-used.xbel 2024-02-15 06:33 - 2024-02-15 06:33 - 000808228 _____ C:\WINDOWS\system32\perfh00C.dat 2024-02-15 06:33 - 2024-02-15 06:33 - 000156716 _____ C:\WINDOWS\system32\perfc00C.dat 2024-02-14 08:56 - 2024-02-14 09:06 - 000000000 ___HD C:\$WinREAgent 2024-02-14 06:49 - 2024-02-14 06:49 - 000001391 _____ C:\Users\mbeda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Quick Share depuis Google.lnk 2024-02-13 08:26 - 2024-02-18 19:01 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\Bitwarden 2024-02-13 08:25 - 2024-02-13 08:25 - 000002004 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitwarden.lnk 2024-02-13 08:25 - 2024-02-13 08:25 - 000001992 _____ C:\Users\Public\Desktop\Bitwarden.lnk 2024-02-13 08:25 - 2024-02-13 08:25 - 000000000 ____D C:\Users\mbeda\AppData\Local\bitwarden-updater 2024-02-13 08:25 - 2024-02-13 08:25 - 000000000 ____D C:\Program Files\Bitwarden 2024-02-12 16:45 - 2024-02-12 16:45 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2024-02-12 16:13 - 2024-02-12 16:13 - 000000000 ____D C:\Users\mbeda\Documents\AlterPDF 2024-02-12 15:49 - 2024-02-12 15:49 - 000000000 ____D C:\Users\mbeda\AppData\Local\Foxit PhantomPDF 2024-02-12 15:38 - 2024-02-12 16:45 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\Foxit Software 2024-02-12 15:37 - 2024-02-12 15:37 - 000000000 ____D C:\Users\Public\Foxit Software 2024-02-07 06:50 - 2024-02-27 16:49 - 000000000 ____D C:\Program Files\Mozilla Firefox 2024-02-01 12:11 - 2024-02-01 12:11 - 000032256 _____ C:\Users\mbeda\Documents\Cartes de visite Moyen format 13 x 8.xls 2024-01-31 15:42 - 2024-01-31 15:42 - 000000759 _____ C:\Users\mbeda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Micro-Club.lnk 2024-01-27 18:40 - 2024-01-27 18:40 - 000000000 ____D C:\Users\mbeda\Documents\Sécurité 2024-01-24 07:53 - 2024-01-24 07:53 - 000019222 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-01-24 07:47 - 2024-01-24 07:47 - 000019222 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-01-23 07:44 - 2024-01-23 07:44 - 000000949 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk 2024-01-23 07:44 - 2024-01-23 07:44 - 000000000 ____D C:\Users\mbeda\AppData\Local\VS Revo Group 2024-01-23 07:44 - 2024-01-23 07:44 - 000000000 ____D C:\ProgramData\VS Revo Group 2024-01-23 07:44 - 2024-01-23 07:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2024-01-22 15:13 - 2024-01-22 15:13 - 000000000 ____D C:\Users\mbeda\Documents\Evernote 2024-01-21 13:58 - 2024-01-21 14:03 - 000000000 ____D C:\Users\mbeda\Documents\UIA 2024-01-19 06:29 - 2024-01-19 06:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2024-01-13 09:40 - 2024-01-13 09:40 - 000000000 ___HD C:\$Windows.~WS 2024-01-09 19:26 - 2024-01-09 19:26 - 000000000 ____D C:\WINDOWS\Microsoft Antimalware 2024-01-07 14:30 - 2024-01-07 14:30 - 002404621 _____ C:\Users\mbeda\Desktop\Report_Windows_11_Pro_Version_23H2_(22631)_PCMAISON.html 2024-01-07 14:26 - 2024-01-07 14:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Examiner 2023-12-30 15:02 - 2023-12-30 15:02 - 000000000 __SHD C:\ProgramData\pinterests 2023-12-30 15:01 - 2024-01-09 19:12 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\clbcatq 2023-12-30 15:00 - 2023-12-30 15:00 - 000000000 ____D C:\ProgramData\Canon_Inc_IC 2023-12-24 06:33 - 2023-12-24 06:33 - 000094128 _____ C:\ProgramData\agent.update.1703395980.bdinstall.v2.bin 2023-12-20 07:46 - 2024-01-13 18:11 - 000001781 _____ C:\Users\mbeda\Documents\Raccourci vers Documents (OneDrive - Personnel).lnk 2023-12-19 15:17 - 2023-12-19 15:17 - 000001122 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk 2023-12-19 15:17 - 2023-12-19 15:17 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\EaseUS 2023-12-19 15:17 - 2023-12-19 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard 2023-12-19 15:17 - 2023-12-19 15:17 - 000000000 ____D C:\Program Files\EaseUS 2023-12-12 14:49 - 2023-12-12 14:49 - 000122360 _____ C:\Users\mbeda\AppData\LocalLow\wbk4822.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000087919 _____ C:\Users\mbeda\AppData\LocalLow\wbk473B.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000087008 _____ C:\Users\mbeda\AppData\LocalLow\wbk47DE.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000035744 _____ C:\Users\mbeda\AppData\LocalLow\wbk48F9.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000029286 _____ C:\Users\mbeda\AppData\LocalLow\wbk47F0.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000017761 _____ C:\Users\mbeda\AppData\LocalLow\wbk4835.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000010664 _____ C:\Users\mbeda\AppData\LocalLow\wbk491B.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000003813 _____ C:\Users\mbeda\AppData\LocalLow\wbk48B8.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000002887 _____ C:\Users\mbeda\AppData\LocalLow\wbk48F6.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000002670 _____ C:\Users\mbeda\AppData\LocalLow\wbk48E3.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000002491 _____ C:\Users\mbeda\AppData\LocalLow\wbk48E0.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000002481 _____ C:\Users\mbeda\AppData\LocalLow\wbk48CD.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000002165 _____ C:\Users\mbeda\AppData\LocalLow\wbk491E.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000002009 _____ C:\Users\mbeda\AppData\LocalLow\wbk48CA.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000001622 _____ C:\Users\mbeda\AppData\LocalLow\wbk47BB.tmp 2023-12-12 14:49 - 2023-12-12 14:49 - 000001103 _____ C:\Users\mbeda\AppData\LocalLow\wbk48B5.tmp 2023-12-12 08:13 - 2023-12-12 08:13 - 000000532 __RSH C:\ProgramData\ntuser.pol 2023-12-10 10:36 - 2023-12-10 10:36 - 000001978 _____ C:\Users\mbeda\Desktop\PC Health Check.lnk ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-02-27 19:20 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-02-27 18:46 - 2018-09-08 16:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2024-02-27 18:45 - 2018-09-18 12:35 - 000000000 ____D C:\Utilitaires 2024-02-27 18:44 - 2018-09-29 08:43 - 000000000 ____D C:\Program Files\Java 2024-02-27 18:42 - 2019-02-26 16:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2024-02-27 18:42 - 2019-02-26 16:44 - 000000000 ____D C:\Program Files (x86)\epson 2024-02-27 18:39 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-02-27 18:39 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-02-27 18:39 - 2018-09-08 15:34 - 000000000 ____D C:\Users\mbeda\AppData\Local\Packages 2024-02-27 18:38 - 2019-02-24 18:33 - 000000000 ____D C:\Program Files\Bitdefender Agent 2024-02-27 17:38 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2024-02-27 17:34 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-02-27 17:27 - 2022-02-11 07:07 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2024-02-27 17:25 - 2021-07-09 07:54 - 000000432 _____ C:\WINDOWS\SysWOW64\winsevr.dat 2024-02-27 17:25 - 2021-07-09 07:54 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat 2024-02-27 17:25 - 2019-03-14 08:59 - 000000000 ____D C:\ProgramData\NVIDIA 2024-02-27 17:03 - 2018-09-09 10:22 - 000000000 ____D C:\Users\mbeda\AppData\Local\Dropbox 2024-02-27 17:02 - 2018-09-09 10:25 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\Dropbox 2024-02-27 16:56 - 2018-09-08 15:36 - 000000000 ___RD C:\Users\mbeda\OneDrive 2024-02-27 16:52 - 2023-10-21 13:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\PowerToys 2024-02-27 16:49 - 2022-11-13 22:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-02-27 16:49 - 2021-09-08 06:48 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2024-02-27 16:49 - 2020-06-14 13:27 - 000012288 ___SH C:\DumpStack.log.tmp 2024-02-27 16:48 - 2022-11-13 21:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-02-27 16:48 - 2022-11-13 21:21 - 000000000 ____D C:\Users\mbeda 2024-02-27 16:48 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-02-27 14:16 - 2018-09-10 07:57 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\Microsoft\Word 2024-02-27 14:12 - 2021-08-06 08:10 - 000000000 ____D C:\Users\mbeda\Documents\UT 2024-02-27 12:38 - 2023-02-10 10:53 - 000003450 _____ C:\WINDOWS\system32\Tasks\CorelUpdateHelperTask-3E3F0A90120310922DEDE62CDAC9DBED 2024-02-27 09:49 - 2018-09-09 07:36 - 000000000 ____D C:\Users\mbeda\AppData\Local\D3DSCache 2024-02-27 09:11 - 2022-02-19 08:08 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\GlarySoft 2024-02-27 07:48 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-02-26 08:58 - 2021-02-21 09:13 - 000000000 ____D C:\Excel 2024-02-26 08:53 - 2019-01-06 08:59 - 000000000 ____D C:\Temp 2024-02-25 16:02 - 2023-01-17 17:29 - 000002328 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-02-25 16:02 - 2020-03-20 08:03 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-02-25 10:32 - 2018-09-10 07:57 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\Microsoft\Office 2024-02-25 10:31 - 2018-09-09 10:29 - 000000000 ___RD C:\Users\mbeda\Dropbox 2024-02-24 13:44 - 2018-09-10 14:26 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\Microsoft\Excel 2024-02-24 10:40 - 2022-11-13 22:15 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2024-02-24 10:39 - 2023-01-11 10:15 - 000002109 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2024-02-24 10:39 - 2022-10-17 06:24 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2024-02-24 10:20 - 2021-01-25 08:12 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\NCH Software 2024-02-24 10:20 - 2021-01-25 08:12 - 000000000 ____D C:\ProgramData\NCH Software 2024-02-24 10:15 - 2018-09-13 15:04 - 000000000 ____D C:\ProgramData\Packages 2024-02-24 09:53 - 2021-07-26 13:03 - 000725329 _____ C:\WINDOWS\gethelp_audiotroubleshooter_latestpackage.zip 2024-02-24 07:06 - 2018-09-19 07:03 - 000000000 ____D C:\Users\mbeda\AppData\Local\ElevatedDiagnostics 2024-02-24 07:02 - 2018-09-09 10:22 - 000000000 ____D C:\Program Files (x86)\Dropbox 2024-02-24 06:55 - 2022-11-13 22:15 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-02-24 06:55 - 2022-11-13 22:15 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-02-22 16:35 - 2021-09-02 11:10 - 000002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-02-22 16:35 - 2021-09-02 11:10 - 000002056 _____ C:\Users\Default\Desktop\Google Slides.lnk 2024-02-22 16:35 - 2021-09-02 11:10 - 000002056 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2024-02-22 16:35 - 2021-09-02 11:10 - 000002044 _____ C:\Users\Default\Desktop\Google Docs.lnk 2024-02-22 06:50 - 2018-09-08 16:26 - 000001283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2024-02-21 07:09 - 2022-11-13 22:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2024-02-21 07:09 - 2018-09-08 17:56 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2024-02-20 07:12 - 2018-09-13 20:06 - 000000000 ____D C:\Users\mbeda\Documents\Commandes 2024-02-18 16:04 - 2021-07-23 06:39 - 000000000 ____D C:\Program Files (x86)\Microsoft Office 2024-02-18 15:34 - 2019-02-23 08:04 - 000000000 ____D C:\ProgramData\Package Cache 2024-02-18 15:29 - 2019-02-27 08:03 - 000000000 ____D C:\Users\mbeda\AppData\Local\CrashDumps 2024-02-18 15:20 - 2020-11-17 07:15 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\vlc 2024-02-18 15:05 - 2021-10-10 15:33 - 000000000 ____D C:\Users\mbeda\Documents\UT Suite 2024-02-17 07:30 - 2018-09-13 20:07 - 000000000 ____D C:\Users\mbeda\Documents\Factures Total et Octopus 2024-02-16 06:17 - 2022-05-07 06:17 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2024-02-15 06:44 - 2022-11-13 22:15 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2024-02-15 06:43 - 2022-11-13 22:15 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-229840600-1787093532-1979939897-1002 2024-02-15 06:43 - 2022-11-13 22:15 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-229840600-1787093532-1979939897-1001 2024-02-15 06:43 - 2019-09-14 06:11 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-02-15 06:33 - 2022-11-13 22:02 - 001803986 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-02-14 18:29 - 2023-10-11 17:57 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-02-14 18:29 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-02-14 18:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-02-14 18:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-02-14 18:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-02-14 09:51 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-02-14 09:32 - 2022-11-13 21:59 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-02-14 07:46 - 2018-09-09 10:39 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-02-14 07:18 - 2018-09-09 10:39 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-02-14 07:16 - 2021-07-19 06:20 - 000000000 ____D C:\Program Files\dotnet 2024-02-14 06:34 - 2023-05-10 17:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\Google 2024-02-14 06:33 - 2019-02-02 19:00 - 000000000 ____D C:\Program Files\Google 2024-02-13 08:50 - 2018-09-13 20:05 - 000000000 ____D C:\Users\mbeda\Documents\Banques 2024-02-09 10:26 - 2018-10-13 15:34 - 000000000 ____D C:\Users\mbeda\AppData\Roaming\calibre 2024-02-05 15:34 - 2018-09-21 13:26 - 000000000 ____D C:\Users\mbeda\Documents\Documents numérisés 2024-02-02 14:13 - 2018-09-13 20:08 - 000000000 ____D C:\Users\mbeda\Documents\MACIF 2024-02-01 11:36 - 2018-09-13 20:15 - 000030720 _____ C:\Users\mbeda\Documents\Cartes de visite 13 x 8.xls 2024-01-31 16:31 - 2018-09-13 20:10 - 000000000 ___RD C:\Users\mbeda\Documents\Micro-Club 2024-01-31 15:00 - 2018-09-13 20:07 - 000000000 ____D C:\Users\mbeda\Documents\Factures 2024-01-29 11:09 - 2018-09-13 20:14 - 000000000 ____D C:\Users\mbeda\Documents\Notices ==================== Fichiers à la racine de certains dossiers ======== 2022-04-02 06:59 - 2022-04-02 06:59 - 000008337 _____ () C:\Users\mbeda\AppData\Local\kdenlive-layoutsrc 2022-04-02 06:59 - 2023-06-21 09:52 - 000004307 _____ () C:\Users\mbeda\AppData\Local\kdenliverc 2024-02-18 15:14 - 2024-02-18 15:14 - 000000218 _____ () C:\Users\mbeda\AppData\Local\recently-used.xbel 2023-03-13 17:36 - 2023-03-13 17:36 - 000000017 _____ () C:\Users\mbeda\AppData\Local\resmon.resmoncfg 2022-04-02 06:59 - 2022-04-02 06:59 - 000006616 _____ () C:\Users\mbeda\AppData\Local\user-places.xbel 2022-04-02 06:59 - 2022-04-02 06:59 - 000005735 _____ () C:\Users\mbeda\AppData\Local\user-places.xbel.bak 2022-04-02 06:59 - 2022-04-02 06:59 - 000000000 _____ () C:\Users\mbeda\AppData\Local\user-places.xbel.tbcache ==================== SigCheckExt ========================= 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppmon.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\enppui.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppmon.dll 2016-09-14 14:31 - 2016-09-14 14:31 - 002642944 ____S (SEIKO EPSON CORPORATION) C:\WINDOWS\system32\ensppui.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000032768 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbmiapi.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000033280 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboid.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000009216 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpboidps.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000057344 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbpro.dll 2010-07-23 08:55 - 2010-07-23 08:55 - 000009728 _____ (Hewlett-Packard Company) C:\WINDOWS\system32\hpbprops.dll 2010-01-19 14:12 - 2010-01-19 14:12 - 000070144 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPBWSDR.DLL 2009-11-27 11:15 - 2009-11-27 11:15 - 000228864 _____ (hp) C:\WINDOWS\system32\hplbddrv.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000079872 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZidr12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZinw12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipm12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000054784 _____ (Hewlett-Packard) C:\WINDOWS\system32\HPZipr12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000045056 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzipt12.dll 2010-08-06 10:15 - 2010-08-06 10:15 - 000030208 _____ (Hewlett-Packard) C:\WINDOWS\system32\hpzisn12.dll 2019-03-07 08:33 - 2023-05-20 13:41 - 000196096 _____ (pdfforge GmbH) C:\WINDOWS\system32\pdfcmon.dll 2007-11-21 09:10 - 2007-11-21 09:10 - 001586176 _____ (Zeon International Investment Corp. ) C:\WINDOWS\system32\ZDImage2pdf7.dll 2019-12-25 18:30 - 2015-08-29 13:25 - 000130048 _____ C:\WINDOWS\SendToClip.exe 2020-04-07 15:06 - 2003-03-19 02:05 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl71.dll 2020-04-07 15:06 - 1996-12-02 16:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dao350.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000050688 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZidr12.dll 2010-08-06 10:13 - 2010-08-06 10:13 - 000034816 _____ (Hewlett-Packard) C:\WINDOWS\SysWOW64\HPZipr12.dll 2020-04-07 15:06 - 2005-07-20 13:35 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42loc.dll 2020-04-07 15:06 - 2003-03-19 04:20 - 001060864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71.dll 2020-04-07 15:06 - 2003-03-19 03:44 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71DEU.DLL 2020-04-07 15:06 - 2003-11-21 16:48 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFC71FRA.DLL 2020-04-07 15:06 - 1999-05-05 21:22 - 001056768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet35.dll 2020-04-07 15:06 - 1995-09-20 15:16 - 000035088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint32.dll 2020-04-07 15:06 - 2005-07-20 13:35 - 000149776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint35.dll 2020-04-07 15:06 - 1995-09-20 15:13 - 000977680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjt3032.dll 2020-04-07 15:06 - 1995-09-20 15:16 - 000023824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter32.dll 2020-04-07 15:06 - 1999-12-12 19:20 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjter35.dll 2020-04-07 15:06 - 1997-07-19 15:55 - 001347344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVBVM50.DLL 2020-04-07 15:06 - 1997-01-22 19:26 - 000565760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVCP50.DLL 2011-04-29 11:27 - 2011-04-29 11:27 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2011-04-29 16:01 - 2011-04-29 16:01 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2001-05-22 00:00 - 2001-05-22 00:00 - 000527360 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\stdvcl40.dll 2020-04-07 15:06 - 1996-01-11 22:00 - 000722192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB40032.DLL 2020-04-07 15:06 - 1998-06-17 23:00 - 000089360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DB.DLL 2020-04-07 15:06 - 1997-02-25 22:00 - 000099134 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5DE.DLL 2020-04-07 15:06 - 1997-07-28 13:50 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB5FR.DLL 2020-04-07 15:06 - 1998-07-05 23:00 - 000125712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6DE.DLL 2018-09-19 17:04 - 2000-10-02 00:00 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6FR.DLL 2020-04-07 15:06 - 1995-09-24 10:02 - 000243472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbar2232.dll 2020-04-07 15:06 - 1998-05-18 02:06 - 000368912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbar332.dll 2020-04-07 15:06 - 2003-06-17 11:15 - 000110592 _____ (FlexCell Studio) C:\WINDOWS\SysWOW64\xls.dll 2007-11-21 09:09 - 2007-11-21 09:09 - 001142784 _____ (Zeon International Investment Corp. ) C:\WINDOWS\SysWOW64\ZDImage2pdf7.dll 2007-11-30 13:23 - 2007-11-30 13:23 - 000303104 _____ (Zeon Corporation) C:\WINDOWS\SysWOW64\ZnMacroUI.dll 2024-02-25 09:12 - 2024-02-27 19:28 - 002386944 _____ (Farbar) C:\Users\mbeda\Desktop\FRST64.exe 2024-02-27 15:12 - 2024-02-27 15:12 - 003364000 _____ (Nicolas Coolman) C:\Users\mbeda\Desktop\ZHPCleaner.exe 2024-02-25 08:59 - 2024-02-25 09:03 - 003538592 _____ (Nicolas Coolman) C:\Users\mbeda\Desktop\ZHPSuite.exe 2018-09-13 20:15 - 2008-05-13 22:17 - 032514215 _____ (SoftChris (Christian Martinez)) C:\Users\mbeda\Documents\Soiree.exe 2018-09-13 20:15 - 2016-11-11 08:42 - 030749696 _____ (Telepad) C:\Users\mbeda\Documents\Telepad_windows_1_0_6.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {3f1b87b0-a2e4-11ee-b73c-8ed14775b65e} {3f1b87b1-a2e4-11ee-b73c-8ed14775b65e} {3f1b87b2-a2e4-11ee-b73c-8ed14775b65e} timeout 1 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {67117510-1db7-11ea-a71f-df8caa2fb483} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {3f1b87b0-a2e4-11ee-b73c-8ed14775b65e} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {3f1b87b1-a2e4-11ee-b73c-8ed14775b65e} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {3f1b87b2-a2e4-11ee-b73c-8ed14775b65e} description UEFI:Network Device Chargeur de démarrage Windows ----------------------------- identificateur {67117509-1db7-11ea-a71f-df8caa2fb483} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6711750a-1db7-11ea-a71f-df8caa2fb483} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{6711750a-1db7-11ea-a71f-df8caa2fb483} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {67117513-1db7-11ea-a71f-df8caa2fb483} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {67117510-1db7-11ea-a71f-df8caa2fb483} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {67117513-1db7-11ea-a71f-df8caa2fb483} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{67117514-1db7-11ea-a71f-df8caa2fb483} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{67117514-1db7-11ea-a71f-df8caa2fb483} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {67117510-1db7-11ea-a71f-df8caa2fb483} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {67117513-1db7-11ea-a71f-df8caa2fb483} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {67117514-1db7-11ea-a71f-df8caa2fb483} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================