Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 08-11-2024 01 Exécuté par Admin (administrateur) sur DESKTOP-C6E8I41 (Dell Inc. Vostro 3400) (08-11-2024 17:50:30) Exécuté depuis C:\Users\Admin\Downloads\FRST-OlderVersion\FRST64.exe Profils chargés: Admin Plate-forme: Microsoft Windows 11 Professionnel Version 23H2 22631.4391 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.28801.70.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\130.0.2849.56\msedgewebview2.exe <7> (DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxCUIServiceN.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxEMN.exe (explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_b2ae1335863dd30f\WavesSvc64.exe (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe (services.exe ->) (Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Intel Corporation -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_564a6f565b40bd5f\OneApp.IGCC.WinService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_b20183c0e1a9d643\igfxCUIServiceN.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a66e3c7509fdda6f\IntelCpHDCPSvc.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_ab7d4ea1d12c01d4\WMIRegistrationService.exe (services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\AS\IAS\IntelAudioService.exe (services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_dd349ca1e8d98184\LMS.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe <3> (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_b2ae1335863dd30f\WavesSysSvc64.exe (sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24101.35.0_x64__cw5n1h2txyewy\CrossDeviceService.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2444.5.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\24.206.1013.0004\FileCoAuth.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo9de.inf_amd64_b2ae1335863dd30f\WavesSvc64.exe [1776736 2020-10-14] (Waves Inc -> Waves Audio Ltd.) HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c60facea9c32a6cb\RtkAudUService64.exe [3380320 2021-11-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe" [82654736 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier) HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4920376 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4920376 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1284724097-1127082949-2965750383-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [4920376 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1284724097-1127082949-2965750383-1002\...\Run: [MicrosoftEdgeAutoLaunch_5EFC0ECB77A7585FE9DCDD0B2E946A2B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3856424 2024-10-31] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1284724097-1127082949-2965750383-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd) HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2010-03-31] (Microsoft Windows Hardware Compatibility Publisher -> ) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\130.0.6723.117\Installer\chrmstp.exe [2024-11-08] (Google LLC -> Google LLC) HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] -> ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {7C48C40A-1B64-4915-9B77-0DA9E4405530} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) Task: {B8297A77-F88A-4B29-A8AD-9461C04E413D} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "b8ced753-4cd3-4705-9917-4379729b719d" --version "6.29.11342" --silent Task: {E43B06B6-6113-458C-9D53-781C4B1B6C6F} - System32\Tasks\CCleanerSkipUAC - Admin => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd) Task: {980C5CC4-509A-47E4-8A50-51F607CDF6FC} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{ECDE0352-E64B-4C10-9EA3-4A75376E36B5} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC) Task: {23D742C3-E5EB-4FD7-A64F-D7E51E0B6838} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28643008 2024-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {77C18062-D2A3-450B-86E5-DC82FC7FCCB6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28643008 2024-10-27] (Microsoft Corporation -> Microsoft Corporation) Task: {BDF5E2B4-F629-493A-AFC3-AF60EDB3D7C8} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312464 2024-11-02] (Microsoft Corporation -> Microsoft Corporation) Task: {24650488-6743-41DD-BFA9-0399336DF8D9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312464 2024-11-02] (Microsoft Corporation -> Microsoft Corporation) Task: {D7DE5D60-9F20-4304-AF70-67ACC022A41F} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187600 2024-11-02] (Microsoft Corporation -> Microsoft Corporation) Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (Pas de fichier) Task: {2CEBCD92-3C1C-4C31-9E87-1CC3C1A31E89} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (Pas de fichier) Task: {AB104306-B963-4AAE-8461-5D12B7BDEE36} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_UpdateInterval => %systemroot%\system32\MusNotification.exe Display (Pas de fichier) Task: {7A2179EA-9423-42F6-9B60-21C038004DA8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC Reboot (Pas de fichier) Task: {602D8440-53DF-42CC-BFED-66A1DE836963} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery Reboot (Pas de fichier) Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {675C961E-073A-4894-9C0A-5A90CC0514C4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {25A19A0F-498B-4E75-8CC5-F9FDA97AAB80} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B4EBAB6F-60AD-48BA-BE1E-8585712A9FFF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {AFEE117B-C2F1-4CF6-95F6-786C778D5F5E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F95DD8F9-EED3-400F-8F3A-C5E409A0D697} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) Task: {92A6689C-E5E8-4BF1-ADB2-1A9CE98FF2D3} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1284724097-1127082949-2965750383-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) Task: {1BF4864D-4028-41BF-8520-8B0237390351} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1284724097-1127082949-2965750383-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4209192 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) Task: {57B7BED0-0BDF-432C-8B42-87DBEDDA99C6} - System32\Tasks\Online_KMS_Activation_Script-Renewal => C:\ProgramData\Online_KMS_Activation\Activate.cmd [90851 2022-05-23] () [Fichier non signé] -> Task <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{00784e5b-0bbd-4461-8ac6-cb8462a3015b}: [DhcpNameServer] 192.168.74.1 Tcpip\..\Interfaces\{9564b18d-4a88-471d-8254-d459857f1e29}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{9564b18d-4a88-471d-8254-d459857f1e29}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{9564b18d-4a88-471d-8254-d459857f1e29}\449474940514950202B494E43584143514023545: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{9564b18d-4a88-471d-8254-d459857f1e29}\449474940514950202B494E43584143514023545: [DhcpNameServer] 169.239.74.2 8.8.8.8 Tcpip\..\Interfaces\{9564b18d-4a88-471d-8254-d459857f1e29}\849E2796479656270215: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{9564b18d-4a88-471d-8254-d459857f1e29}\849E2796479656270215: [DhcpNameServer] 192.168.97.163 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-08] Edge Notifications: Default -> hxxps://a-dot-steadycaptcha.ew.r.appspot.com; hxxps://b-dot-steadycaptcha.ew.r.appspot.com; hxxps://c-dot-steadycaptcha.ew.r.appspot.com; hxxps://calendar.google.com; hxxps://drive.google.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://steadycaptcha.ew.r.appspot.com; hxxps://web.whatsapp.com Edge Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-13] Edge Extension: (Edge relevant text changes) - C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-26] FireFox: ======== FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-29] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-04] (Microsoft Corporation -> Microsoft Corporation) Chrome: ======= CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default [2024-10-25] CHR Notifications: Default -> hxxps://fr.bestresultsfast.com CHR Extension: (Google Docs hors connexion) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-09-26] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-05-23] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13650648 2024-10-27] (Microsoft Corporation -> Microsoft Corporation) S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\24.206.1013.0004\FileSyncHelper.exe [3526712 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-12] (HP Inc. -> HP Inc.) R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [127800 2010-04-29] (Hewlett-Packard Company -> HP) R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_e5855ce1805681c2\AS\IAS\IntelAudioService.exe [548432 2021-05-19] (Intel Corporation -> Intel) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\24.206.1013.0004\OneDriveUpdaterService.exe [3871288 2024-11-08] (Microsoft Corporation -> Microsoft Corporation) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559368 2024-10-23] (Microsoft Windows Publisher -> Microsoft Corporation) S3 ss_conn_launcher_service; C:\WINDOWS\System32\Samsung\EasySetup\ss_conn_launcher.exe [182392 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [19433784 2024-10-02] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-02-08] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-02-08] (Microsoft Corporation) [Fichier non signé] S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [Fichier non signé] S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_2546dafe2183e972\iaLPSS2_GPIO2_TGL.sys [131224 2021-07-22] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_1308f85f1b0adf27\iaLPSS2_I2C_TGL.sys [204440 2021-07-22] (Intel Corporation -> Intel Corporation) R3 IntcUSB; C:\WINDOWS\System32\DriverStore\FileRepository\intcusb.inf_amd64_1f81192e4fdd3684\IntcUSB.sys [1677280 2021-05-19] (Intel Corporation -> Intel(R) Corporation) R3 MpKsld0ece58e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ECBE5C25-F03C-48E8-8BE3-5D7B62BA27D0}\MpKslDrv.sys [267552 2024-11-08] (Microsoft Windows -> Microsoft Corporation) S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Microsoft Windows Hardware Compatibility Publisher -> Marvell Semiconductor, Inc.) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [43640 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [57344 2022-05-07] (Microsoft Corporation) [Fichier non signé] S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation) S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-11-08 17:32 - 2024-11-08 17:32 - 000019299 _____ C:\Users\Admin\Downloads\[03-Oct-2024] Daily Transaction Report for Airtel CD.eml 2024-11-08 17:31 - 2024-11-08 17:32 - 000020238 _____ C:\Users\Admin\Downloads\[02-Oct-2024] Daily Transaction Report for Airtel CD (1).eml 2024-11-08 13:22 - 2024-11-08 14:41 - 000037105 _____ C:\Users\Admin\Downloads\Addition.txt 2024-11-08 13:14 - 2024-11-08 14:41 - 000041706 _____ C:\Users\Admin\Downloads\FRST.txt 2024-11-08 13:07 - 2024-11-08 17:50 - 000000000 ____D C:\Users\Admin\Downloads\FRST-OlderVersion 2024-11-08 13:06 - 2024-11-08 17:52 - 000000000 ____D C:\FRST 2024-11-08 13:05 - 2024-11-08 13:36 - 002399744 _____ (Farbar) C:\Users\Admin\Downloads\FRST64 (1).exe 2024-11-07 17:04 - 2024-11-07 17:05 - 208695376 _____ C:\Users\Admin\Downloads\Full_Webpack-44.11.2784-LJM182-M185_UWWL_4_1_Full_Webpack (1).exe 2024-11-07 16:50 - 2024-11-07 16:57 - 000000000 ____D C:\WINDOWS\SysWOW64\directx 2024-11-07 16:50 - 2024-11-07 16:53 - 000000000 ___HD C:\WINDOWS\msdownld.tmp 2024-11-07 16:49 - 2024-11-07 16:50 - 100653580 _____ C:\Users\Admin\Downloads\directx_Jun2010_redist (1).zip 2024-11-07 16:49 - 2024-11-07 16:49 - 100653580 _____ C:\Users\Admin\Downloads\directx_Jun2010_redist.zip 2024-11-07 15:12 - 2024-11-07 15:13 - 000477173 _____ C:\Users\Admin\Downloads\image3 (7).jpeg 2024-11-07 15:12 - 2024-11-07 15:12 - 000477173 _____ C:\Users\Admin\Downloads\image3 (6).jpeg 2024-11-07 15:12 - 2024-11-07 15:12 - 000477173 _____ C:\Users\Admin\Downloads\image3 (5).jpeg 2024-11-07 15:11 - 2024-11-07 15:11 - 000178931 _____ C:\Users\Admin\Downloads\RDC - Suivi Revenus 2022 MD 28 09 2022 (3).xlsx 2024-11-07 15:11 - 2024-11-07 15:11 - 000178931 _____ C:\Users\Admin\Downloads\RDC - Suivi Revenus 2022 MD 28 09 2022 (2).xlsx 2024-11-07 15:11 - 2024-11-07 15:11 - 000178931 _____ C:\Users\Admin\Downloads\RDC - Suivi Revenus 2022 MD 28 09 2022 (1).xlsx 2024-11-07 13:16 - 2024-11-07 14:23 - 008783745 _____ C:\Users\Admin\Downloads\20241101M19_TR_airtelDRC.xlsx 2024-11-07 09:34 - 2024-11-07 09:34 - 000810954 _____ C:\WINDOWS\system32\perfh00C.dat 2024-11-07 09:34 - 2024-11-07 09:34 - 000157390 _____ C:\WINDOWS\system32\perfc00C.dat 2024-11-02 15:58 - 2024-11-02 15:59 - 000502428 _____ C:\Users\Admin\Downloads\Mise en demeure.pdf 2024-11-02 13:31 - 2024-11-02 13:31 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2024-10-29 15:22 - 2024-10-29 15:22 - 000000328 _____ C:\Users\Admin\Downloads\AF_DIGIPAY RDC SARL CAC-20241029T142210Z-001.zip 2024-10-29 15:07 - 2024-10-29 15:08 - 001174720 _____ C:\Users\Admin\Downloads\MPESA AFRICA - DigiPay RDC - GFA - IMT - 2024 v2.pdf 2024-10-28 17:17 - 2024-10-28 17:17 - 000258995 _____ C:\Users\Admin\Downloads\NOMINATION PAPIN MUTUAYA _DIGIPAY RDC SARL.2024 (3).pdf 2024-10-28 17:17 - 2024-10-28 17:17 - 000258995 _____ C:\Users\Admin\Downloads\NOMINATION PAPIN MUTUAYA _DIGIPAY RDC SARL.2024 (2).pdf 2024-10-28 17:16 - 2024-10-28 17:17 - 000258995 _____ C:\Users\Admin\Downloads\NOMINATION PAPIN MUTUAYA _DIGIPAY RDC SARL.2024.pdf 2024-10-28 17:16 - 2024-10-28 17:17 - 000258995 _____ C:\Users\Admin\Downloads\NOMINATION PAPIN MUTUAYA _DIGIPAY RDC SARL.2024 (1).pdf 2024-10-25 18:31 - 2024-10-25 18:31 - 000000000 ____D C:\Users\Admin\Documents\VODACOM RDC 2024-10-25 18:29 - 2024-10-25 18:30 - 000307228 _____ C:\Users\Admin\Downloads\Formulaire de diligence pour partenaire commerciaux- March 24.pdf 2024-10-23 19:48 - 2024-10-23 19:49 - 007737950 _____ C:\Users\Admin\Downloads\DigiPay 4 Présence Globale Animatik (2).pdf 2024-10-23 12:49 - 2024-10-23 12:49 - 000026650 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2024-10-23 12:45 - 2024-10-23 12:45 - 000026650 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2024-10-21 17:01 - 2024-10-21 17:01 - 000099037 _____ C:\Users\Admin\Downloads\FACTURE INBUND OCT TERRAPAY MINIMUM (2).pdf 2024-10-21 16:59 - 2024-10-21 16:59 - 000147907 _____ C:\Users\Admin\Downloads\FACTURE TERRAPAY AOUT -DEC 2022.pdf 2024-10-21 16:59 - 2024-10-21 16:59 - 000145457 _____ C:\Users\Admin\Downloads\FACTURE TERRAPAY SEPTEMBRE 2023.pdf 2024-10-21 16:57 - 2024-10-21 16:57 - 000146189 _____ C:\Users\Admin\Downloads\FACTURE TERRAPAY INBUND OCTOBRE 2023.pdf 2024-10-21 16:57 - 2024-10-21 16:57 - 000146189 _____ C:\Users\Admin\Downloads\FACTURE TERRAPAY INBUND OCTOBRE 2023 (2).pdf 2024-10-21 16:57 - 2024-10-21 16:57 - 000146189 _____ C:\Users\Admin\Downloads\FACTURE TERRAPAY INBUND OCTOBRE 2023 (1).pdf 2024-10-21 16:53 - 2024-10-21 16:54 - 000146077 _____ C:\Users\Admin\Downloads\FACTURE INBOUND AIRTEL JANV 2024 (3).pdf 2024-10-21 16:52 - 2024-10-21 16:52 - 000146369 _____ C:\Users\Admin\Downloads\FACTURE INBOUND DECEMBRE 2023 AIRTEL-TERRAPAY (1).pdf 2024-10-21 16:51 - 2024-10-21 16:51 - 000105355 _____ C:\Users\Admin\Downloads\FACTURE INBOUND DEC 23 VODACASH (1).pdf 2024-10-19 14:48 - 2024-10-19 14:48 - 000167256 _____ C:\Users\Admin\Documents\Grand livre de Tiers 2023.xlsx 2024-10-19 14:45 - 2024-10-19 14:45 - 000015086 _____ C:\Users\Admin\Documents\Balance de Tiers 2023.xlsx 2024-10-19 14:41 - 2024-10-19 14:41 - 000315667 _____ C:\Users\Admin\Documents\Grand livre pour l'exercice 2023.xlsx 2024-10-19 14:36 - 2024-10-19 14:36 - 000022121 _____ C:\Users\Admin\Documents\Balance générale 2023.xlsx 2024-10-19 14:10 - 2024-10-19 14:10 - 000013039 _____ C:\Users\Admin\Documents\Code Journaux 2022.xlsx 2024-10-19 14:05 - 2024-10-19 14:05 - 000148543 _____ C:\Users\Admin\Documents\Grand livre de Tiers 2022.xlsx 2024-10-19 14:02 - 2024-10-19 14:02 - 000741350 _____ C:\Users\Admin\Documents\Balance de Tiers 2022.xlsx 2024-10-19 13:59 - 2024-10-19 13:59 - 000741749 _____ C:\Users\Admin\Documents\Grand Livre pour l'exercice 2022.xlsx 2024-10-19 13:35 - 2024-10-19 13:35 - 000018653 _____ C:\Users\Admin\Documents\Balance générale exercice 2022.xlsx 2024-10-16 17:55 - 2024-10-16 17:55 - 007737950 _____ C:\Users\Admin\Downloads\DigiPay 4 Présence Globale Animatik (1).pdf 2024-10-16 17:54 - 2024-10-16 17:55 - 007737950 _____ C:\Users\Admin\Downloads\DigiPay 4 Présence Globale Animatik.pdf 2024-10-14 09:36 - 2024-10-14 09:36 - 000096198 _____ C:\Users\Admin\Downloads\RM DigiPay Partner Revealer.pdf 2024-10-14 09:33 - 2024-10-14 09:34 - 000147425 _____ C:\Users\Admin\Downloads\DigiPay 4 Fantastik Poster.pdf 2024-10-10 18:16 - 2024-10-10 18:02 - 000000000 ____D C:\Users\Admin\Documents\DigiPay 2024 Rdc Projet de Budget - Copie 2024-10-10 18:03 - 2024-10-10 18:03 - 000000931 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Digipay RDC Suivi des Frais Généraux 2024.lnk 2024-10-10 18:02 - 2024-10-14 17:57 - 000000000 ____D C:\Users\Admin\Documents\Digipay RDC Suivi des Frais Généraux 2024 2024-10-10 18:02 - 2024-10-10 18:17 - 000000000 ____D C:\Users\Admin\Documents\DigiPay 2024 Rdc Projet de Budget 2024-10-10 17:55 - 2024-10-10 17:55 - 001853380 _____ C:\Users\Admin\Downloads\DigiPay RDC - Suivi des Frais généraux 30 11 22 MD ok.xlsx 2024-10-10 17:53 - 2024-10-10 17:53 - 000000852 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Suivi Previsionnel de depenses.lnk 2024-10-10 17:52 - 2024-10-10 17:52 - 000000000 ____D C:\Users\Admin\Documents\Suivi de depenses Prévisionnelles 2024-10-10 16:36 - 2024-10-10 16:36 - 000206967 _____ C:\Users\Admin\Downloads\JOB DESCRIPTION GERANT.pdf 2024-10-10 16:36 - 2024-10-10 16:36 - 000206967 _____ C:\Users\Admin\Downloads\JOB DESCRIPTION GERANT (2).pdf 2024-10-10 16:36 - 2024-10-10 16:36 - 000206967 _____ C:\Users\Admin\Downloads\JOB DESCRIPTION GERANT (1).pdf 2024-10-09 17:09 - 2024-10-09 17:09 - 000000000 ____D C:\WINDOWS\Panther 2024-10-09 16:20 - 2024-10-09 16:20 - 000943001 _____ C:\Users\Admin\Documents\SOMMATION DE JUDICIAIRE DE PAYER.pdf 2024-10-09 12:16 - 2024-11-01 16:40 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2024-10-09 12:16 - 2024-10-30 19:02 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2024-10-09 12:16 - 2024-10-17 10:16 - 000003382 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2024-10-09 12:16 - 2024-10-09 12:16 - 000002904 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - Admin 2024-10-09 12:16 - 2024-10-09 12:16 - 000000000 ____D C:\ProgramData\Piriform 2024-10-09 12:15 - 2024-11-08 12:50 - 000000000 ____D C:\Program Files\CCleaner 2024-10-09 12:15 - 2024-10-09 12:15 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2024-10-09 12:15 - 2024-10-09 12:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2024-10-09 12:06 - 2024-10-09 12:09 - 075981320 _____ (Piriform Software Ltd) C:\Users\Admin\Downloads\ccsetup628.exe 2024-10-09 11:55 - 2024-11-08 17:49 - 000031263 _____ C:\Users\Admin\AppData\LocalLow\a6854f1fe51efe3ba81976ebfb4fad233a73d79e5a802f7e3f1408cf13f2c387 2024-10-09 11:55 - 2024-11-08 17:49 - 000000130 _____ C:\Users\Admin\AppData\LocalLow\b1e4146669058f9e8f258fc1df98ab6b4bb268b3b342fea69124af950e032194 2024-10-09 11:51 - 2024-10-09 11:53 - 000000000 ____D C:\Program Files\WinRAR 2024-10-09 11:51 - 2024-10-09 11:51 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-10-09 11:51 - 2024-10-09 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2024-10-09 11:49 - 2024-10-09 11:49 - 004075136 _____ (Alexander Roshal) C:\Users\Admin\Downloads\winrar-x64-701fr.exe ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-11-08 18:02 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-11-08 17:13 - 2023-02-09 22:40 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2024-11-08 15:36 - 2024-08-22 08:57 - 000016811 _____ C:\Users\Admin\AppData\LocalLow\86cda845fb34fc8d76e06b3c2457ab8b8652e36ebdfd4e83d1179764c3415a32 2024-11-08 14:52 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps 2024-11-08 14:52 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness 2024-11-08 14:40 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp 2024-11-08 13:11 - 2024-06-27 10:09 - 000000130 _____ C:\Users\Admin\AppData\LocalLow\46fc982a3fc746c21684f8a82fac28362f17e278971a077b5645b9210ef4adb7 2024-11-08 13:06 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF 2024-11-08 12:57 - 2023-02-09 22:52 - 000004178 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8B6AD047-4F1D-45C8-86D2-2E16533831D3} 2024-11-08 12:52 - 2024-06-27 10:09 - 000524786 _____ C:\Users\Admin\AppData\LocalLow\a3a555296d48ace65d74fd798cea2d23f658cce24c04ef0d483bd5838eb0b770 2024-11-08 12:51 - 2024-06-27 09:45 - 000011216 _____ C:\Users\Admin\AppData\LocalLow\17f26781d3865979729898f91f5422fd2204e2c1761f44a4ab3052059f80ed91 2024-11-08 12:51 - 2023-02-09 22:52 - 000003596 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-1284724097-1127082949-2965750383-1002 2024-11-08 12:51 - 2023-02-09 22:52 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task 2024-11-08 12:51 - 2022-05-23 16:28 - 000000000 ____D C:\Program Files\Microsoft OneDrive 2024-11-08 12:51 - 2021-09-26 15:14 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2024-11-08 12:49 - 2023-12-15 16:09 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-11-08 12:49 - 2023-12-15 16:09 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-11-08 12:46 - 2022-05-23 16:51 - 000000000 __SHD C:\Users\Admin\IntelGraphicsProfiles 2024-11-07 17:14 - 2024-09-23 11:28 - 000000130 _____ C:\Users\Admin\AppData\LocalLow\961ce5940f7ff5cc20946de4682bd79147106e78535a1eb40496d2e1923d1bd2 2024-11-07 17:12 - 2024-09-23 11:28 - 000013454 _____ C:\Users\Admin\AppData\LocalLow\3fdc81bff049ce314ef4a326839490e4706450ab223ba53db0e33de2a7eadd83 2024-11-07 17:12 - 2024-09-23 11:27 - 000101264 _____ C:\Users\Admin\AppData\LocalLow\8e3fb6686160c7e37b8db21d9f09938c0982f3d618c323a2545563c15075546d 2024-11-07 17:00 - 2022-09-25 10:49 - 000000000 ____D C:\Program Files\HP 2024-11-07 16:36 - 2024-05-20 15:44 - 000030219 _____ C:\Users\Admin\Documents\SUIVI PREFUNDING PAYOUT PARTENERS.xlsx 2024-11-07 15:58 - 2022-09-08 16:24 - 000000000 ____D C:\Users\Admin\Documents\Nouveau dossier 2024-11-07 15:30 - 2024-08-26 11:28 - 000000130 _____ C:\Users\Admin\AppData\LocalLow\f690b76eda7ff27fa825c662fbe7bbb6ec55d82d07d93023eb3c28244b178403 2024-11-07 15:20 - 2024-08-26 11:28 - 000233011 _____ C:\Users\Admin\AppData\LocalLow\7b656f1f03b09b7ff5c7fce3e355262b38761d7c34c046bcb6f6632aa6d10581 2024-11-07 14:58 - 2023-01-06 12:36 - 000000000 ___RD C:\Users\Admin\Documents\SUIVI DES DEPENSES PREVISIONNELES 2023 2024-11-07 14:41 - 2022-09-24 13:04 - 000000000 ____D C:\Users\Admin\Documents\FACTURES DIVERS 2024-11-07 14:36 - 2022-05-23 16:48 - 000000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics 2024-11-07 14:25 - 2022-05-27 13:53 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Word 2024-11-07 14:14 - 2022-05-23 16:21 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Excel 2024-11-07 14:05 - 2022-05-23 08:14 - 000000000 ____D C:\Users\Admin\AppData\Local\Packages 2024-11-07 09:34 - 2023-02-09 22:47 - 001803986 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2024-11-07 09:30 - 2024-10-08 14:18 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2024-11-07 09:29 - 2023-02-09 22:52 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2024-11-07 09:29 - 2022-05-23 16:36 - 000000000 ____D C:\Intel 2024-11-07 09:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState 2024-11-07 09:29 - 2021-09-26 15:08 - 000012288 ___SH C:\DumpStack.log.tmp 2024-11-04 17:28 - 2022-05-07 06:17 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2024-11-04 09:31 - 2023-01-17 10:58 - 000002280 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2024-11-04 09:31 - 2021-09-26 15:08 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-11-04 09:04 - 2024-06-28 08:24 - 000000130 _____ C:\Users\Admin\AppData\LocalLow\4844a7f98cb66099c05c3690bf4a7d958cf5342c98027ac96958436f67e87dde 2024-11-04 08:59 - 2023-02-09 22:52 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-11-04 08:59 - 2023-02-09 22:52 - 000003412 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-11-02 13:31 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2024-11-02 13:31 - 2021-09-26 15:13 - 000000000 ____D C:\Program Files\Microsoft Office 2024-11-01 09:26 - 2023-04-28 16:52 - 000000000 ____D C:\Users\Admin\Documents\Etats de Paie 2024-10-31 15:09 - 2024-08-25 08:28 - 000269199 _____ C:\Users\Admin\AppData\LocalLow\5daea30ebdfce44e34b0b45a5b2046f84b589cf4a4ff29a2577fdc0c4bc21082 2024-10-31 15:07 - 2024-08-25 08:28 - 000000130 _____ C:\Users\Admin\AppData\LocalLow\33766c3d6666ed16a193cd95ebefa634a239d384f58cc012ba39ab049bbda309 2024-10-31 14:38 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2024-10-31 12:41 - 2022-05-23 08:14 - 000000000 ____D C:\Users\Admin\AppData\Local\D3DSCache 2024-10-30 20:51 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate 2024-10-30 20:34 - 2023-02-09 22:40 - 000473256 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2024-10-30 20:30 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ___SD C:\WINDOWS\system32\UNP 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\setup 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\oobe 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Dism 2024-10-30 20:29 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser 2024-10-30 20:28 - 2022-05-07 11:35 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2024-10-30 20:28 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\PrintDialog 2024-10-30 20:28 - 2022-05-07 06:24 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2024-10-30 20:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellExperiences 2024-10-30 20:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ShellComponents 2024-10-30 20:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack 2024-10-30 20:28 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr 2024-10-30 20:28 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\servicing 2024-10-30 20:26 - 2023-02-08 12:29 - 000000000 ____D C:\Users\Admin 2024-10-30 19:16 - 2021-09-26 15:08 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2024-10-25 18:55 - 2022-05-27 13:53 - 000000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Office 2024-10-23 13:09 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp 2024-10-23 13:07 - 2022-05-07 06:25 - 000077312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2024-10-23 13:07 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\WINDOWS\system32\opencl.dll 2024-10-21 17:55 - 2022-10-04 21:10 - 024788992 _____ C:\Users\Admin\Downloads\DIGIPAY RDC_Updated_20220512 (5).mae 2024-10-18 16:13 - 2022-09-07 16:33 - 000000000 ____D C:\Users\Admin\Desktop\SAGE DIGIPAY 2024-10-12 11:29 - 2024-05-15 10:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\HP 2024-10-12 11:29 - 2024-03-12 11:18 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-10-11 02:16 - 2023-10-12 02:18 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2024-10-11 02:16 - 2022-05-07 11:34 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2024-10-10 14:54 - 2022-05-25 08:43 - 000000000 ____D C:\WINDOWS\system32\MRT 2024-10-10 14:48 - 2022-05-25 08:43 - 201324920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2024-10-09 17:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemApps 2024-10-09 17:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\Provisioning 2024-10-09 17:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2024-10-09 17:11 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\IME 2024-10-09 14:37 - 2023-05-14 19:02 - 000000000 ____D C:\WINDOWS\Minidump 2024-10-09 11:53 - 2021-09-26 15:10 - 000000000 ____D C:\ProgramData\Packages ==================== SigCheckExt ========================= 2010-01-28 16:10 - 2010-01-28 16:10 - 000541184 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\mvtcpmon.dll 2010-01-28 16:10 - 2010-01-28 16:10 - 000868864 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\mvtcpui.dll 2022-09-07 17:17 - 2015-04-17 16:51 - 001131008 _____ C:\WINDOWS\system32\sage.common.dll 2010-01-28 16:08 - 2010-01-28 16:08 - 000144896 _____ (OpenSLP) C:\WINDOWS\system32\slp64.dll 2015-04-17 16:51 - 2015-04-17 16:51 - 001050112 _____ C:\WINDOWS\SysWOW64\sage.common.dll 2022-10-27 16:40 - 2013-10-25 14:05 - 000119568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vb6fr.dll 2022-10-27 16:40 - 2013-10-25 14:05 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VB6STKIT.DLL 2024-11-08 13:05 - 2024-11-08 13:36 - 002399744 _____ (Farbar) C:\Users\Admin\Downloads\FRST64 (1).exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {018e39df-da6e-11ec-9363-91adc017234f} {018e39e0-da6e-11ec-9363-91adc017234f} timeout 0 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\bootmgfw.efi description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {b64abbcc-5676-11ed-9d55-d389f85fe587} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Application logicielle (101fffff) -------------------------------- identificateur {018e39df-da6e-11ec-9363-91adc017234f} path \EFI\Microsoft\Boot\bootmgfw.efi description UEFI TOSHIBA MQ04ABF100 11MST522T PciRoot(0x0)/Pci(0x17,0x0)/Sata(0,65535,0)/HD(1,GPT,2b820b5b-e9ce-4d1c-b41d-0b0b08f1e73a,0x800,0x32000)/File(\EFI\Boot\BootX64.efi)N.....YM....R,Y. Application logicielle (101fffff) -------------------------------- identificateur {018e39e0-da6e-11ec-9363-91adc017234f} device partition=\Device\HarddiskVolume1 path \EFI\Boot\BootX64.efi description UEFI ST1000LM035-1RK172 WKPJW0AK Chargeur de démarrage Windows ----------------------------- identificateur {018e39e5-da6e-11ec-9363-91adc017234f} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{018e39e6-da6e-11ec-9363-91adc017234f} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{018e39e6-da6e-11ec-9363-91adc017234f} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {b64abbcf-5676-11ed-9d55-d389f85fe587} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {b64abbcc-5676-11ed-9d55-d389f85fe587} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {b64abbcf-5676-11ed-9d55-d389f85fe587} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b64abbd1-5676-11ed-9d55-d389f85fe587} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{b64abbd1-5676-11ed-9d55-d389f85fe587} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {b64abbcc-5676-11ed-9d55-d389f85fe587} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {b64abbcf-5676-11ed-9d55-d389f85fe587} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {b64abbd1-5676-11ed-9d55-d389f85fe587} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================