Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28.03.2024 Exécuté par clem_ (administrateur) sur DESKTOP-MA8OL18 (Gigabyte Technology Co., Ltd. B250M-D2V) (30-03-2024 19:23:31) Exécuté depuis C:\Users\clem_\Desktop\FRST64.exe Profils chargés: clem_ Plate-forme: Microsoft Windows 10 Professionnel Version 22H2 19045.4170 (X64) Langue: Français (France) Navigateur par défaut: "C:\Users\clem_\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1" Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\Garmin\Express\express.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2> (C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneAgent.exe (C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe (C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe ->) (Plex, Inc. -> ) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe <2> (C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <7> (C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\88.0.0.0\crashpad_handler.exe (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe (C:\Program Files\Logitech\LogiOptions\LogiOptions.exe ->) (Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe (C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncagent.exe (C:\Program Files\RealVNC\VNC Server\vncserver.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe (Elaborate Bytes AG -> Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (explorer.exe ->) (FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe (explorer.exe ->) (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <44> (explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe <7> (explorer.exe ->) (GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe (explorer.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logi\LogiBolt\LogiBolt.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe (explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe (Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Logitech Inc -> Logitech) C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe <7> (Nvidia Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe (services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (services.exe ->) (GoPro, Inc. -> ) C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f9f92cc42e038a12\igfxCUIService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_553b9a82ff9cf770\OneApp.IGCC.WinService.exe (services.exe ->) (Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_653f80c82b05c61e\IntelCpHDCPSvc.exe (services.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2> (services.exe ->) (Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Plex, Inc. -> Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2> (services.exe ->) (RealVNC Ltd -> RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe (services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe (svchost.exe ->) (FreeDownloadManager.org) [Fichier non signé] C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2401.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\clem_\AppData\Local\Microsoft\OneDrive\24.050.0310.0001\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] (GoPro, Inc. -> ) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [856288 2019-10-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1690368 2022-07-22] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech) HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2138272 2016-10-08] (Shenzhen Yi Xing Investment Co., Ltd. -> iSkySoft) HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe [1962944 2016-11-22] (Shenzhen Yi Xing Investment Co., Ltd. -> ) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard) HKLM-x32\...\Run: [Logi Tune] => C:\Program Files (x86)\Logitech\LogiTune\LogiTune.exe [138838416 2023-06-06] (Logitech Inc -> Logitech) HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <==== ATTENTION HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.) HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.) HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [10203648 2019-01-30] (FreeDownloadManager.org) [Fichier non signé] HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4384104 2024-03-06] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.) HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [26130208 2024-02-13] (Plex, Inc. -> Plex, Inc.) HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31193432 2022-02-15] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [LogiBolt] => C:\Program Files\Logi\LogiBolt\LogiBolt.exe [22423104 2021-12-14] (Logitech Inc -> Logitech) HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\Run: [MicrosoftEdgeAutoLaunch_F5E9A892B27C1C4B1278CF2FC5ACE762] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4063800 2024-03-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-362006066-3212578774-1346572183-1001\...\MountPoints2: {8074665a-48e2-11e7-b64b-1c1b0dac0f00} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL hxxp://www.ultimatebootcd.com/ HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\88.0.0.0\GoogleDriveFS.exe [59673376 2024-03-16] (Google LLC -> Google, Inc.) HKU\S-1-5-18\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [26130208 2024-02-13] (Plex, Inc. -> Plex, Inc.) HKLM\...\Print\Monitors\HP 8911 Status Monitor: C:\WINDOWS\system32\hpinksts8911LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.) HKLM\...\Print\Monitors\MONVNC: C:\WINDOWS\system32\VNCpm.dll [37704 2017-04-26] (RealVNC Ltd -> RealVNC Ltd) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\123.0.6312.86\Installer\chrmstp.exe [2024-03-26] (Google LLC -> Google LLC) HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {2D87C4E5-D45C-4B70-9140-BD2BBC6D2313} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe -> C:\Program Files\Common Files\AV\avast! Antivirus\/backup /iavs Task: {1122B27B-CDDA-4D66-A703-8FE3CA86B531} - System32\Tasks\FreeDownloadManagerNetworkMonitor => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\winwfpmonitor.exe [688128 2019-01-30] (FreeDownloadManager.org) [Fichier non signé] Task: {48DAB55D-9F29-4835-9F8C-90207BD127C8} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2022-02-15] (Garmin International, Inc. -> ) Task: {1A846A2A-D7DC-41AE-9C94-0155CBA1DA0E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-01] (Google Inc -> Google Inc.) Task: {37F4DB6C-B33F-4D2F-8000-3932DC02BCBC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2017-05-01] (Google Inc -> Google Inc.) Task: {CA8021CE-E55F-4457-A982-85590028E21B} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1003128 2022-03-17] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log Task: {A91C8CE0-69C5-4CA8-8990-4EF9D002CAA9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3342376 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {4D10BE2C-14CB-4162-A090-FC07EFB1F808} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler Task: {FDC06749-156D-4E7E-8429-F47FBAEC0805} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {08C048B4-FA3C-47D5-881E-FC7A495B4395} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [908328 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {2D79E679-363E-430D-BC4B-0AAFA53E37AE} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {F7E42B41-6A73-46D6-8E72-A1E14CA0B71C} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {F69A98DA-501F-4DF0-B119-FBEAE4315DDE} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {2C711EA3-7A6C-412A-B762-CC0314415CBA} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1655336 2022-12-07] (Nvidia Corporation -> NVIDIA Corporation) Task: {7049E696-D8F8-4D9F-AC3D-372DA266A40B} - System32\Tasks\Opera scheduled Autoupdate 1660234465 => C:\Users\clem_\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5709728 2024-03-14] (Opera Norway AS -> Opera Software) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{47beba5f-3585-4a98-b944-23c74589a609}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{47beba5f-3585-4a98-b944-23c74589a609}: [DhcpDomain] home Tcpip\..\Interfaces\{47beba5f-3585-4a98-b944-23c74589a609}\8507562796160285A502052756D69657D6F566367303: [DhcpNameServer] 192.168.64.94 Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}: [DhcpDomain] home Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}\356425F543738303: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{ebc0ed21-39d8-48c3-a960-e9a6a7d346c8}\8507562796160285A502052756D69657D6F566367303: [DhcpNameServer] 192.168.43.125 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\clem_\AppData\Local\Microsoft\Edge\User Data\Default [2024-03-30] Edge Extension: (Google Docs hors connexion) - C:\Users\clem_\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-25] Edge Extension: (Edge relevant text changes) - C:\Users\clem_\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24] FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi FF Extension: (iSkysoft iMedia Converter Deluxe) - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi [2017-06-03] [] FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-05-29] (VideoLAN -> VideoLAN) FF Plugin HKU\S-1-5-21-362006066-3212578774-1346572183-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd -> Tracker Software Products Ltd.) FF Plugin HKU\S-1-5-21-362006066-3212578774-1346572183-1001: SkypeForBusinessPlugin-16.2 -> C:\Users\clem_\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) FF Plugin HKU\S-1-5-21-362006066-3212578774-1346572183-1001: SkypeForBusinessPlugin64-16.2 -> C:\Users\clem_\AppData\Local\Microsoft\SkypeForBusinessPlugin\16.2.0.511\npGatewayNpapi-x64.dll [2019-08-03] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default [2024-03-30] CHR Notifications: Default -> hxxps://messages.android.com; hxxps://messages.google.com; hxxps://my.netatmo.com; hxxps://www.sezane.com CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxps://www.myelectricnetwork.fr/" CHR Extension: (Barre de Confiance CM-CIC) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjkhaeogkeelkioellpgcebmekedpag [2022-09-11] CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2024-03-30] CHR Extension: (Bureau à distance Google Chrome) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-08-04] CHR Extension: (PaintZ) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdjcnhanmagpjdpilaehedkchegnkdoj [2022-12-27] CHR Extension: (Google Docs hors connexion) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-03-30] CHR Extension: (Panda 5 - Your favorite websites in one place) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\haafibkemckmbknhfkiiniobjpgkebko [2024-02-29] CHR Extension: (VNC® Viewer for Google Chrome™) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabmpiboiopbgfabjmgeedhcmjenhbla [2018-12-05] CHR Extension: (Excel Online) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\iljnkagajgfdmfnnidjijobijlfjfgnb [2020-02-23] CHR Extension: (Lanceur d'applications pour Drive (par Google)) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-08-26] CHR Extension: (Shazam : le nom des chansons en un clic) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmioliijnhnoblpgimnlajmefafdfilb [2024-03-09] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-01] CHR Extension: (WeVideo - Éditeur et créateur de vidéos) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2020-03-30] CHR Extension: (History Trends Unlimited) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnmchffiealhkdloeffcdnbgdnedheme [2024-02-19] CHR Profile: C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-09-29] CHR Extension: (Slides) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-06-08] CHR Extension: (Docs) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-06-08] CHR Extension: (Google Drive) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-06-08] CHR Extension: (YouTube) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-06-08] CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2020-06-08] CHR Extension: (Sheets) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-06-08] CHR Extension: (Google Docs hors connexion) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-08] CHR Extension: (Avast Online Security) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2020-06-08] CHR Extension: (Zoom) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmbjbjdpkobdjplfobhljndfdfdipjhg [2020-06-08] CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2020-06-08] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-06-08] CHR Extension: (Gmail) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-06-08] CHR Extension: (Chrome Media Router) - C:\Users\clem_\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-08] CHR Profile: C:\Users\clem_\AppData\Local\Google\Chrome\User Data\System Profile [2020-09-29] CHR HKU\S-1-5-21-362006066-3212578774-1346572183-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] Opera: ======= OPR DefaultProfile: Default ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] (GoPro, Inc. -> ) R2 LogiTuneUpdaterService; C:\Program Files (x86)\Logitech\LogiTune\LogiTuneUpdater.exe [5802384 2023-06-06] (Logitech Inc -> Logitech, Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8882936 2024-03-30] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-30] (Malwarebytes Inc. -> Malwarebytes) R2 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [828696 2024-02-13] (Plex, Inc. -> Plex, Inc.) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [522184 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncserver.exe [5828688 2017-04-26] (RealVNC Ltd -> RealVNC Ltd) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\NisSrv.exe [3191272 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24020.7-0\MsMpEng.exe [133688 2024-03-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nvmdi.inf_amd64_d3941bdb145580aa\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 e2esoft_ivcamaudio_simple; C:\WINDOWS\system32\drivers\iVCamAud.sys [255464 2020-11-03] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R1 googledrivefs31357; C:\WINDOWS\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2023-11-01] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.) R3 iVCam; C:\WINDOWS\system32\DRIVERS\iVCam.sys [1198664 2022-12-06] (Shanghai Yitu Information Technology Co., Ltd. -> e2eSoft) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223296 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2024-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [200104 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78912 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2024-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [188784 2024-03-30] (Malwarebytes Inc. -> Malwarebytes) R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation) R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2019-12-07] (Microsoft Windows -> Realtek Semiconductor Corporation) R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Bruce James -> Scarlet.Crush Productions) S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project) R3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [20928 2024-03-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [603416 2024-03-13] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105752 2024-03-13] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-03-30 19:21 - 2024-03-30 19:23 - 000064582 _____ C:\Users\clem_\Desktop\Addition.txt 2024-03-30 19:21 - 2024-03-30 19:21 - 000220192 _____ C:\Users\clem_\Desktop\ZHPDiag.txt 2024-03-30 19:20 - 2024-03-30 19:24 - 000030771 _____ C:\Users\clem_\Desktop\FRST.txt 2024-03-30 19:20 - 2024-03-30 19:23 - 000000000 ____D C:\FRST 2024-03-30 19:19 - 2024-03-30 19:20 - 002392064 _____ (Farbar) C:\Users\clem_\Desktop\FRST64.exe 2024-03-30 19:17 - 2024-03-30 19:21 - 000000000 ____D C:\Users\clem_\AppData\Roaming\ZHP 2024-03-30 19:17 - 2024-03-30 19:17 - 003538592 _____ (Nicolas Coolman) C:\Users\clem_\Downloads\ZHPSuite.exe 2024-03-30 19:17 - 2024-03-30 19:17 - 000000865 _____ C:\Users\clem_\Desktop\ZHPSuite.lnk 2024-03-30 19:17 - 2024-03-30 19:17 - 000000000 ____D C:\Users\clem_\AppData\Local\ZHP 2024-03-30 19:09 - 2024-03-30 19:17 - 000000000 ____D C:\Users\clem_\AppData\LocalLow\IGDump 2024-03-30 19:09 - 2024-03-30 19:09 - 000188784 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2024-03-30 19:09 - 2024-03-30 19:09 - 000000000 ___HD C:\OneDriveTemp 2024-03-30 19:04 - 2024-03-30 19:04 - 000173848 _____ C:\WINDOWS\ntbtlog.txt 2024-03-30 19:04 - 2024-03-30 19:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2024-03-30 18:47 - 2024-03-30 19:19 - 000000000 ____D C:\Users\clem_\AppData\Local\Malwarebytes 2024-03-30 18:47 - 2024-03-30 18:47 - 000002053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-03-30 18:47 - 2024-03-30 18:47 - 000002041 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-03-30 18:42 - 2024-03-30 18:42 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-03-30 18:42 - 2024-03-30 18:42 - 000000000 ____D C:\Program Files\Malwarebytes 2024-03-30 18:41 - 2024-03-30 18:41 - 002589624 _____ (Malwarebytes) C:\Users\clem_\Downloads\MBSetup.exe 2024-03-30 18:25 - 2024-03-30 18:25 - 000000000 ____D C:\Program Files (x86)\Cisco 2024-03-30 18:24 - 2024-03-30 18:24 - 000000000 ____D C:\Program Files (x86)\ASUS 2024-03-30 18:24 - 2015-01-06 05:41 - 003737304 _____ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys 2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll 2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll 2024-03-30 18:24 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2024-03-30 18:19 - 2024-03-30 18:22 - 161879065 _____ C:\Users\clem_\Downloads\DR_PCE_N10_V1017.zip 2024-03-30 09:24 - 2024-03-30 09:24 - 000011377 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8959896357.pdf 2024-03-28 16:08 - 2024-03-28 16:08 - 000011328 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8943553325.pdf 2024-03-25 20:23 - 2024-03-25 20:23 - 000084794 _____ C:\Users\clem_\Downloads\leboncoin_bon-d-envoi_d988ce8e-47b5-4706-b3ed-1260e86abc47 (1).pdf 2024-03-24 18:16 - 2024-03-24 18:16 - 000084794 _____ C:\Users\clem_\Downloads\leboncoin_bon-d-envoi_d988ce8e-47b5-4706-b3ed-1260e86abc47.pdf 2024-03-24 17:02 - 2024-03-24 17:02 - 005911041 _____ C:\Users\clem_\Downloads\Photos-001 (2).zip 2024-03-18 17:50 - 2024-03-18 17:50 - 000011292 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8852686684.pdf 2024-03-17 13:52 - 2024-03-17 13:52 - 000427878 _____ C:\Users\clem_\Downloads\ed4306.pdf 2024-03-16 15:13 - 2024-03-16 15:13 - 000123060 _____ C:\Users\clem_\Downloads\amstrust_20230331021020900GNXXSDCFAEAU201203QV.pdf 2024-03-16 15:12 - 2024-03-16 15:12 - 000109085 _____ C:\Users\clem_\Downloads\amstrust_20231011021003074GNXXSDCFAEAU601603RQ.pdf 2024-03-13 14:56 - 2024-03-13 14:56 - 000019530 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-03-13 14:56 - 2024-03-13 14:56 - 000019530 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-03-13 14:49 - 2024-03-13 14:49 - 000000000 ___HD C:\$WinREAgent 2024-03-13 14:23 - 2024-03-13 14:23 - 000047053 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8793614740.pdf 2024-03-10 15:49 - 2024-03-10 15:49 - 000074958 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8752459232.pdf 2024-03-09 15:29 - 2024-03-09 15:31 - 043589336 _____ C:\Users\clem_\Downloads\Shooting Stars (1).wav 2024-03-09 15:27 - 2024-03-09 15:27 - 000009382 _____ C:\Users\clem_\Downloads\Shooting Stars.wav 2024-03-09 10:13 - 2024-03-09 10:13 - 000000000 ____D C:\Users\clem_\AppData\Local\apc.exe.WebView2 2024-03-09 10:05 - 2024-03-09 10:05 - 001722341 _____ C:\Users\clem_\Downloads\Photos-001 (1).zip 2024-03-09 09:59 - 2024-03-09 10:01 - 112089856 _____ C:\Users\clem_\Downloads\Photos-001.zip 2024-03-09 09:51 - 2024-03-09 09:51 - 000048081 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8697412107.pdf 2024-03-09 09:37 - 2024-03-09 09:42 - 338116837 _____ C:\Users\clem_\Downloads\Photos (3).zip 2024-03-03 17:36 - 2024-03-03 17:36 - 000011365 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8691913097.pdf 2024-03-03 11:21 - 2024-03-03 11:21 - 000076729 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8695103475.pdf 2024-03-02 10:24 - 2024-03-02 10:24 - 000011308 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8685404794.pdf 2024-03-01 17:32 - 2024-03-01 17:32 - 000059752 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8677787606.pdf 2024-02-29 16:37 - 2024-02-29 16:37 - 000011979 _____ C:\Users\clem_\Downloads\AttestationHonneur.pdf 2024-02-29 16:09 - 2024-02-29 16:09 - 000087820 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8669708329.pdf 2024-02-29 14:50 - 2024-02-29 14:50 - 000011298 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8655355926.pdf 2024-02-25 17:40 - 2024-02-25 17:40 - 000048107 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8616950040.pdf 2024-02-25 17:40 - 2024-02-25 17:40 - 000011340 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8618215470.pdf 2024-02-25 17:39 - 2024-02-25 17:39 - 000011283 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8609148148.pdf 2024-02-24 12:36 - 2024-02-24 14:35 - 000000000 ____D C:\Users\clem_\Downloads\Encanto 2021 MULTi TRUEFRENCH 1080p HDLight x264 AC3-Wawacity work 2024-02-22 15:29 - 2024-02-22 15:29 - 000047109 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8595383115.pdf 2024-02-22 15:28 - 2024-02-22 15:28 - 000048108 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8587992498.pdf 2024-02-17 02:04 - 2024-02-17 02:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plex Media Server 2024-02-17 02:04 - 2024-02-17 02:04 - 000000000 ____D C:\Program Files (x86)\Plex 2024-02-14 15:05 - 2024-02-14 15:05 - 000048118 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8519026342.pdf 2024-02-13 08:59 - 2024-02-13 08:59 - 000011355 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8501772726.pdf 2024-02-13 08:59 - 2024-02-13 08:59 - 000011301 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8503793939.pdf 2024-02-11 19:50 - 2024-02-11 19:50 - 000046926 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8486992031.pdf 2024-02-11 11:53 - 2024-02-11 11:56 - 194450995 _____ C:\Users\clem_\Downloads\23-12 Noël 2023.zip 2024-02-10 15:43 - 2024-02-10 15:57 - 2174951610 _____ C:\Users\clem_\Downloads\22 Emma 2022.zip 2024-02-10 15:38 - 2024-02-10 15:42 - 630068585 _____ C:\Users\clem_\Downloads\23-04-30 WE Parenthèse.zip 2024-02-07 13:14 - 2024-02-07 13:14 - 000048067 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8445169257.pdf 2024-02-04 12:04 - 2024-02-04 12:04 - 000048091 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8420209728.pdf 2024-02-04 12:04 - 2024-02-04 12:04 - 000048091 _____ C:\Users\clem_\Downloads\Bordereau-Vinted-8420209728 (1).pdf 2024-02-04 08:57 - 2024-02-04 08:57 - 000000000 ____D C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom 2024-01-25 20:13 - 2024-01-25 20:54 - 000000000 ____D C:\Users\clem_\Downloads\Je verrai toujours vos visages 2023 FRENCH 1080p WEB H264-FW Wawacity homes 2024-01-25 13:51 - 2024-01-25 13:51 - 000051737 _____ C:\Users\clem_\Downloads\Lettre de recommandation.pdf 2024-01-02 14:54 - 2024-01-02 15:21 - 3373745120 _____ C:\Users\clem_\Downloads\Photos (2).zip 2024-01-02 14:48 - 2024-01-02 14:51 - 373413216 _____ C:\Users\clem_\Downloads\Photos (1).zip 2024-01-02 14:38 - 2024-01-02 14:39 - 028852242 _____ C:\Users\clem_\Downloads\Photos.zip 2024-01-02 14:31 - 2024-01-02 14:32 - 156982923 _____ C:\Users\clem_\Downloads\_32320205_.zip ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-03-30 19:26 - 2017-05-01 14:19 - 000000000 ___SD C:\Users\clem_\AppData\Roaming\Microsoft\Credentials 2024-03-30 19:24 - 2019-12-11 23:32 - 000000000 ____D C:\Program Files (x86)\Steam 2024-03-30 19:20 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF 2024-03-30 19:18 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-03-30 19:13 - 2020-11-07 16:14 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-03-30 19:13 - 2019-12-07 15:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat 2024-03-30 19:13 - 2019-12-07 15:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat 2024-03-30 19:10 - 2023-07-02 15:48 - 000000000 ____D C:\Users\clem_\AppData\Roaming\logitune 2024-03-30 19:10 - 2021-12-15 23:37 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-03-30 19:10 - 2017-05-01 15:02 - 000000000 ____D C:\Program Files (x86)\Google 2024-03-30 19:09 - 2022-12-23 09:49 - 000000000 ____D C:\ProgramData\NVIDIA 2024-03-30 19:09 - 2022-09-30 11:47 - 000000000 ____D C:\Users\clem_\AppData\Local\LogiBolt 2024-03-30 19:09 - 2021-02-05 18:14 - 000000000 ____D C:\Users\clem_\AppData\Local\Plex Media Server 2024-03-30 19:09 - 2018-06-24 17:13 - 000000000 ____D C:\Users\clem_\AppData\Local\Free Download Manager 2024-03-30 19:09 - 2017-05-01 14:23 - 000000000 ___RD C:\Users\clem_\OneDrive 2024-03-30 19:08 - 2020-11-07 16:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-03-30 19:08 - 2020-11-07 16:05 - 000008192 ___SH C:\DumpStack.log.tmp 2024-03-30 19:08 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ServiceState 2024-03-30 19:08 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-03-30 19:08 - 2017-05-01 14:34 - 000000000 ____D C:\Intel 2024-03-30 18:47 - 2019-12-07 10:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2024-03-30 18:40 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-03-30 18:26 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2024-03-30 18:26 - 2018-03-04 21:35 - 000000000 ____D C:\Users\clem_\AppData\Local\Packages 2024-03-30 18:24 - 2020-02-01 18:01 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2024-03-30 18:24 - 2017-03-18 22:03 - 000000179 _____ C:\WINDOWS\win.ini 2024-03-30 11:35 - 2020-11-07 16:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-03-29 05:59 - 2020-09-11 21:42 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-03-29 05:59 - 2020-09-11 21:42 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-03-26 19:48 - 2017-05-01 15:09 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-03-26 19:48 - 2017-05-01 15:09 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-03-26 17:52 - 2020-11-07 16:11 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-03-26 17:52 - 2020-11-07 16:11 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-03-23 21:05 - 2021-12-11 10:35 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-362006066-3212578774-1346572183-1001 2024-03-23 21:05 - 2020-11-07 16:11 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-362006066-3212578774-1346572183-1001 2024-03-23 21:05 - 2020-11-07 16:05 - 000002417 _____ C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-03-20 14:53 - 2022-08-11 17:14 - 000004292 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1660234465 2024-03-20 14:53 - 2022-08-11 17:14 - 000001386 _____ C:\Users\clem_\Desktop\Navigateur Opera.lnk 2024-03-20 14:53 - 2022-08-11 17:14 - 000001386 _____ C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2024-03-16 18:50 - 2018-12-05 07:24 - 000000000 ____D C:\Users\clem_\AppData\Local\D3DSCache 2024-03-16 14:11 - 2021-09-26 16:30 - 000002126 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk 2024-03-16 14:11 - 2021-09-26 16:30 - 000001968 _____ C:\Users\Default\Desktop\Google Slides.lnk 2024-03-16 14:11 - 2021-09-26 16:30 - 000001968 _____ C:\Users\Default\Desktop\Google Sheets.lnk 2024-03-16 14:11 - 2021-09-26 16:30 - 000001956 _____ C:\Users\Default\Desktop\Google Docs.lnk 2024-03-16 14:11 - 2017-05-01 22:16 - 000001932 _____ C:\Users\clem_\Desktop\Google Drive.lnk 2024-03-15 07:39 - 2020-11-07 16:05 - 000000000 ____D C:\Users\clem_ 2024-03-14 12:49 - 2020-11-07 16:04 - 000259584 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-03-14 12:48 - 2019-12-07 15:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-03-14 12:48 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-03-14 12:48 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing 2024-03-14 12:48 - 2017-05-08 22:46 - 000000000 ____D C:\Users\clem_\AppData\Roaming\vlc 2024-03-13 20:37 - 2018-03-03 08:47 - 000000000 ____D C:\Users\clem_\AppData\Roaming\dvdcss 2024-03-13 14:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-03-13 14:56 - 2020-11-07 16:05 - 003017216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2024-03-13 14:44 - 2017-05-23 20:16 - 000000000 ____D C:\Users\clem_\AppData\Local\CrashDumps 2024-03-13 14:29 - 2018-05-28 18:34 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-03-13 14:25 - 2022-02-15 22:37 - 000000000 ____D C:\Program Files\RUXIM 2024-03-13 14:24 - 2017-05-01 16:42 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-03-13 14:22 - 2017-05-01 16:42 - 190470136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-03-11 21:27 - 2019-11-29 18:57 - 000000000 ____D C:\Users\clem_\AppData\Local\JDownloader 2.0 2024-03-09 15:53 - 2019-08-22 17:03 - 000000000 ____D C:\Users\clem_\AppData\Local\monalbumphoto 2024-03-09 15:53 - 2017-06-11 14:23 - 000000000 ____D C:\Users\clem_\AppData\Roaming\Audacity 2024-03-09 10:30 - 2018-01-19 11:16 - 000000000 ____D C:\Users\clem_\Documents\monAlbumPhoto 2024-03-09 10:13 - 2019-08-22 17:03 - 000002023 _____ C:\Users\clem_\Desktop\monalbumphoto.lnk 2024-03-09 10:13 - 2019-08-22 17:03 - 000000000 ____D C:\Users\clem_\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\monalbumphoto ==================== Fichiers à la racine de certains dossiers ======== 2019-08-22 17:03 - 2019-08-22 17:03 - 020775120 _____ (monalbumphoto ) C:\ProgramData\monalbumphoto_setup.exe 2018-11-26 21:33 - 2018-11-26 21:33 - 000000038 _____ () C:\Users\clem_\AppData\Local\cloudready_installer_uuid 2023-11-26 09:58 - 2023-11-26 09:58 - 000001597 _____ () C:\Users\clem_\AppData\Local\recently-used.xbel ==================== SigCheckExt ========================= 2017-03-16 15:58 - 2017-03-16 15:58 - 001334784 _____ (CineForm Inc.) C:\WINDOWS\system32\CFHD.dll 2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\system32\Rtlihvs.dll 2019-05-30 10:22 - 1998-01-23 11:20 - 000305664 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUn040c.exe 2017-03-16 15:58 - 2017-03-16 15:58 - 001119744 _____ (CineForm Inc.) C:\WINDOWS\SysWOW64\CFHD.dll 2017-06-03 15:12 - 2015-02-27 13:38 - 000214528 _____ () C:\WINDOWS\SysWOW64\ISCM32.dll 2017-06-03 15:12 - 2015-02-27 13:38 - 000721263 _____ () C:\WINDOWS\SysWOW64\ISCM64.dll 2024-03-30 18:24 - 2010-12-01 09:31 - 000451072 _____ C:\WINDOWS\SysWOW64\ISSRemoveSP.exe 2017-06-04 14:46 - 2012-03-23 17:59 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll 2003-04-18 16:46 - 2003-04-18 16:46 - 001233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll 2003-04-18 16:29 - 2003-04-18 16:29 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll 2024-03-30 18:24 - 2012-02-14 19:37 - 000594432 _____ (Realtek Semiconductor Corp. ) C:\WINDOWS\SysWOW64\Rtlihvs.dll 2019-05-30 10:28 - 1998-06-10 12:07 - 001053184 _____ (Cendant Software) C:\WINDOWS\SysWOW64\SierraNW.dll 2019-05-30 10:28 - 1998-06-10 12:05 - 000231936 _____ (Cendant Software) C:\WINDOWS\SysWOW64\SNWValid.dll 2024-03-30 19:19 - 2024-03-30 19:20 - 002392064 _____ (Farbar) C:\Users\clem_\Desktop\FRST64.exe 2024-03-30 19:17 - 2024-03-30 19:17 - 003538592 _____ (Nicolas Coolman) C:\Users\clem_\Downloads\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {660259d7-2d2c-11e7-9bab-9abfacf508cc} {660259d8-2d2c-11e7-9bab-9abfacf508cc} timeout 1 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {88219a9a-210a-11eb-88db-e2348873326f} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {660259d7-2d2c-11e7-9bab-9abfacf508cc} description CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {660259d8-2d2c-11e7-9bab-9abfacf508cc} description Hard Drive Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 10 locale fr-FR inherit {bootloadersettings} recoverysequence {88219a9c-210a-11eb-88db-e2348873326f} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {88219a9a-210a-11eb-88db-e2348873326f} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {88219a9c-210a-11eb-88db-e2348873326f} device ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{88219a9d-210a-11eb-88db-e2348873326f} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume5]\Recovery\WindowsRE\Winre.wim,{88219a9d-210a-11eb-88db-e2348873326f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {88219a9a-210a-11eb-88db-e2348873326f} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {88219a9c-210a-11eb-88db-e2348873326f} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {88219a9d-210a-11eb-88db-e2348873326f} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume5 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================