Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2024
Exécuté par Didier (administrateur) sur CENTAURUS (Hewlett-Packard p6-2470efm) (03-11-2024 09:36:33)
Exécuté depuis C:\Users\Didier\Desktop\FRST64.exe
Profils chargés: Didier
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.2538 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ascensio System SIA -> Ascensio System SIA) C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Proton AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.3.2\ProtonVPNService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Stéphane Mitermite) [Fichier non signé] C:\Program Files\FreeMi UPnP Media Server\FreeMi.WindowsService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.1.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13993440 2023-10-25] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (Pas de fichier)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [17389368 2024-08-12] (Proton AG -> ProtonVPN)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [Proton Drive] => C:\Users\Didier\AppData\Local\Programs\Proton\Drive\ProtonDrive.exe [212861440 2024-07-12] (Proton AG -> Proton AG)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [MicrosoftEdgeAutoLaunch_9ED8E2A5A7760875507C687D0866253F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3856424 2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\130.0.6723.92\Installer\chrmstp.exe [2024-11-01] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {F4549621-B796-400E-80A2-75C1419A91FF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {118B0088-F513-4D91-BF0D-3015E7089C81} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {CB4072D4-F924-415F-91DD-CC6D912045EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {BECF44FB-4011-46F1-B529-D851475D5336} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "27e4bbb1-f24c-4f99-bea9-c52cf1641f13" --version "6.29.11342" --silent
Task: {20DF542E-DCF2-4CE8-A12C-AB74733CD14D} - System32\Tasks\CCleanerSkipUAC - Didier => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {42F38AC4-BED9-43E5-A36C-18714128272C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{71701F6B-A43C-48D5-B398-2F4E2790608B} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {BA878819-B827-4909-AA96-81E08C01ABD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [744976 2024-09-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {E693AEE7-1694-414B-996C-BF37E9F9C192} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-09-04] (HP Inc. -> HP Inc.)
Task: {9560E7D2-EFCE-4BB2-9AB6-E7B31D1AE53B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-09-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {6BD18570-C802-4267-BA35-93F97FDD462D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.)
Task: {C2F4963C-2019-424F-9618-266E2314D235} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.)
Task: {310CC599-6D18-48F7-A64C-3E37DB53E4D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH8AU6J011 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.)
Task: {E7E2A7CB-4A32-4CBB-AC4C-A648602FA959} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917808 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6DF98F3-EFE7-4EC5-A675-8E2322E41734} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917808 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {10D61E6C-E5C7-4E0E-AE53-9C89505E5D09} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E54C955-90A8-48D6-AF70-CC805DD08CF9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {559C86DE-BD53-4B78-AA23-36D6EC360122} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DFD1ADD-B135-427F-A325-0BDCDB43AC87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9867D76-1ACC-419A-9E46-F1A00BE1DDE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8238E89C-6321-48D0-9876-A9127506DED0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71A05EC2-17C1-4B55-8ED9-A3EF6114AEBE} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [140405056 2024-08-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\--disable-gpu-sandbox /AUTOHIDE
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3f5dd364-8acb-4923-8833-902bb51ed8f6}: [NameServer] 208.67.222.222,208.67.220.220,199.85.126.10,199.85.127.10
Tcpip\..\Interfaces\{3f5dd364-8acb-4923-8833-902bb51ed8f6}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f0af5e82-6a14-4395-a323-70a6537d5409}: [DhcpNameServer] 192.168.15.12
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-31]
Edge HomePage: Default -> hxxp://www.google.fr/
Edge StartupUrls: Default -> "hxxps://www.larep.fr/","hxxps://www.reseau-tao.fr/index.php?","hxxps://www.facebook.com/","hxxps://www.jeanmarcmorandini.com/","hxxps://www.credit-agricole.fr/ca-centreloire/particulier.html"
Edge Extension: (Adblocker for Chrome - NoAds) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2024-10-01]
Edge Extension: (Touch VPN - VPN et proxy gratuit) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2024-02-12]
Edge Extension: (Bloqueur de pop-up pour Chrome™ - Poper Blocker) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2024-10-02]
Edge Extension: (Google Docs hors connexion) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-22]
Edge Extension: (Bouton Enregistrer Pinterest) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggnegiphhh [2024-02-12]
Edge Extension: (Save to Facebook) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2024-02-12]
Edge Extension: (Edge relevant text changes) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-05]
Edge Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-10-25]
Edge Extension: (Vérificateur de messages Google) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-13]
Edge Extension: (Streak CRM pour Gmail) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2024-10-22]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default [2024-11-03]
CHR Notifications: Default -> hxxps://magazine.mercipourlinfo.fr
CHR HomePage: Default -> hxxp://www.google.fr/
CHR StartupUrls: Default -> "hxxps://www.larep.fr/#refresh","hxxps://www.reseau-tao.fr/index.php?","hxxps://www.facebook.com/","hxxps://www.jeanmarcmorandini.com/","hxxps://www.credit-agricole.fr/ca-centreloire/particulier.html"
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2024-08-15]
CHR Extension: (Shoptimate : automatic price comparison) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibdombdcdbbnfdjkaajfgnfhlapibde [2023-11-19]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-10-06]
CHR Extension: (Compose AI: AI-powered Writing Tool) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddlbpiadoechcolndfeaonajmngmhblj [2024-10-09]
CHR Extension: (Dark Reader) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-10-30]
CHR Extension: (wanteeed) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2024-10-30]
CHR Extension: (Scamdoc) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fojbeoliffkbkfgaehkoeeihphibcjdk [2023-11-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-01]
CHR Extension: (Enregistrer sur Pinterest) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-10-08]
CHR Extension: (HP Network Check Launcher) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2023-11-19]
CHR Extension: (Amplificateur de volume - augmente l'effet sonore) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\laldfbfjhaogodemgonegbingpmjldnh [2024-03-02]
CHR Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-11-03]
CHR Extension: (FranceVerif - Sécurité en ligne) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkejggchhilmabpicojddgaahkkgoln [2024-09-25]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-19]
CHR Extension: (AdBlocker Ultimate) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2024-10-30]
CHR HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [cchfigjcpjmclmmphipdkeocklpnjecm]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4578736 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203384 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [763200 2024-08-23] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2433528 2024-02-01] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 FreeMiWindowsService; C:\Program Files\FreeMi UPnP Media Server\FreeMi.WindowsService.exe [71168 2016-05-24] (Stéphane Mitermite) [Fichier non signé]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2350048 2023-10-25] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-10-25] (GOG sp. z o.o -> GOG.com)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [927848 2024-09-04] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [926304 2024-09-04] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [922208 2024-09-04] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-16] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [927336 2024-09-04] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258144 2024-10-26] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-09] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [639184 2024-07-11] (Ascensio System SIA -> Ascensio System SIA)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.3.2\ProtonVPNService.exe [474848 2024-08-12] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.3.2\ProtonVPN.WireGuardService.exe [474336 2024-08-12] (Proton AG -> ProtonVPN)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [460096 2024-08-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20992824 2023-10-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\Windows\system32\drivers\AmUStorU.sys [155744 2024-04-01] (Alcorlink Corp. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé]
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232000 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.3.2\Resources\ProtonVPN.CalloutDriver.sys [37768 2024-07-30] (Proton AG -> Proton Technologies AG)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [39032 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2024-09-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2024-09-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-11-03 09:36 - 2024-11-03 09:37 - 000030042 _____ C:\Users\Didier\Desktop\FRST.txt
2024-11-03 09:35 - 2024-11-03 09:36 - 000000000 ____D C:\FRST
2024-11-03 09:32 - 2024-11-03 09:32 - 002397696 _____ (Farbar) C:\Users\Didier\Desktop\FRST64.exe
2024-11-03 09:26 - 2024-11-03 09:26 - 000215216 _____ C:\Users\Didier\Desktop\ZHPDiag.txt
2024-11-03 09:20 - 2024-11-03 09:26 - 000000000 ____D C:\Users\Didier\AppData\Roaming\ZHP
2024-11-03 09:20 - 2024-11-03 09:20 - 000000866 _____ C:\Users\Didier\Desktop\ZHPSuite.lnk
2024-11-03 09:20 - 2024-11-03 09:20 - 000000000 ____D C:\Users\Didier\AppData\Local\ZHP
2024-11-03 09:18 - 2024-11-03 09:18 - 003536896 _____ (Nicolas Coolman) C:\Users\Didier\Desktop\ZHPSuite.exe
2024-11-02 12:10 - 2024-11-02 12:10 - 000624094 _____ C:\Users\Didier\Downloads\Attestation Cerfa Inscription Permis.pdf
2024-11-02 11:22 - 2024-11-02 11:22 - 000000000 ____D C:\Users\Didier\Downloads\Table
2024-11-02 11:01 - 2024-11-02 11:01 - 000802580 _____ C:\Users\Didier\Downloads\carte grise.pdf
2024-10-27 08:46 - 2024-10-27 08:46 - 082612403 _____ C:\Users\Didier\Downloads\01net N.1033 - 23 Octobre 2024[p]...wawacity.click.pdf
2024-10-27 08:45 - 2024-10-27 08:45 - 009936640 _____ C:\Users\Didier\Downloads\Que_Choisir_-_Novembre_2024.pdf
2024-10-27 08:43 - 2024-10-27 08:43 - 015768077 _____ C:\Users\Didier\Downloads\60_Millions_de_Consommateurs_-_Novembre_2024...wawacity.click.pdf
2024-10-25 11:39 - 2024-11-01 09:36 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-25 11:39 - 2024-11-01 09:36 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-25 11:39 - 2024-10-25 11:39 - 000000000 ____D C:\Program Files\Google
2024-10-21 19:13 - 2024-10-21 19:13 - 000000000 ____D C:\Users\Default\AppData\Local\Malwarebytes
2024-10-19 18:49 - 2024-10-19 18:50 - 000000000 ____D C:\AdwCleaner
2024-10-18 11:49 - 2024-10-18 11:49 - 000145587 _____ C:\Users\Didier\Downloads\SNE007120468000041.pdf
2024-10-18 11:42 - 2024-10-18 11:42 - 000046913 _____ C:\Users\Didier\Downloads\Loyer septembre2024.PDF
2024-10-18 11:24 - 2024-10-18 11:24 - 000557478 _____ C:\Users\Didier\Downloads\Attestation fiscale 2022 Carsat-Apicil.pdf
2024-10-18 11:23 - 2024-10-18 11:23 - 000579799 _____ C:\Users\Didier\Downloads\Attestation fiscale 2023 Carsat-Apicil.pdf
2024-10-17 10:35 - 2024-10-17 10:35 - 000163093 _____ C:\Users\Didier\Downloads\Impots sur les revenus de 2023.pdf
2024-10-15 10:38 - 2024-10-15 10:38 - 000000000 ____D C:\Users\Didier\Documents\notes du portable
2024-10-15 10:38 - 2023-12-08 22:01 - 000983624 _____ (GOG Sp. z o.o.) C:\Users\Didier\Documents\GOG_Galaxy_2.0.exe
2024-10-15 10:29 - 2024-10-14 09:06 - 000977893 _____ C:\Users\Didier\Documents\favoris_14_10_2024.html
2024-10-12 08:30 - 2024-10-12 08:30 - 000113667 _____ C:\Users\Didier\Downloads\SNE007120468000036.pdf
2024-10-12 08:29 - 2024-10-12 08:29 - 000114548 _____ C:\Users\Didier\Downloads\SNE007120468000035.pdf
2024-10-09 09:06 - 2024-11-03 09:37 - 000000000 ____D C:\Users\Didier\AppData\Local\Malwarebytes
2024-10-09 09:05 - 2024-10-09 09:05 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-10-09 09:05 - 2024-10-09 09:05 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-10-09 09:04 - 2024-10-09 09:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-10-09 09:04 - 2024-10-09 09:04 - 000000000 ____D C:\Program Files\Malwarebytes
2024-10-07 10:33 - 2024-10-04 17:34 - 000151307 _____ C:\Users\Didier\Downloads\Analyses.PDF
2024-10-06 11:09 - 2024-10-06 11:09 - 000001341 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2024-10-06 11:09 - 2024-10-06 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2024-10-02 07:28 - 2024-10-19 07:06 - 000001710 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2024-10-02 07:23 - 2024-10-02 07:23 - 011979112 _____ C:\Users\Didier\Downloads\HPPSdr.exe
2024-10-01 09:42 - 2019-03-15 00:27 - 005078984 _____ (HP Inc.) C:\Windows\system32\HPScanTEDrv_EN5000_x64.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 003446216 _____ (HP Inc.) C:\Windows\SysWOW64\HPScanTEDrv_EN5000.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 001354696 _____ (HP Inc.) C:\Windows\system32\HPScanTEDrv_EN5000_x64_DiscoveryLibDyn.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 000665544 _____ (HP Inc., LP) C:\Windows\system32\HPWia2_EN5000.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 000596936 _____ (HP Inc.) C:\Windows\SysWOW64\HPScanTEDrv_EN5000_DiscoveryLibDyn.dll
2024-10-01 09:32 - 2024-10-01 09:32 - 017281824 _____ C:\Users\Didier\Downloads\HPEasyStart_16_7_5.exe
2024-09-30 09:46 - 2024-09-30 09:46 - 000063250 _____ C:\Users\Didier\Downloads\Certificat de scolarité 2024-2025 Nicolas Naïm SUPPER.pdf
2024-09-28 14:46 - 2024-09-28 14:46 - 000001373 _____ C:\Users\Didier\Desktop\Proton Drive.lnk
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proton
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\ToastNotificationManagerCompat
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\Proton
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\Package Cache
2024-09-28 14:45 - 2024-09-29 09:18 - 000000000 ____D C:\Users\Didier\AppData\Local\ProtonVPN
2024-09-28 14:45 - 2024-09-28 14:45 - 000001050 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2024-09-28 14:45 - 2024-09-28 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2024-09-28 14:45 - 2024-09-28 14:45 - 000000000 ____D C:\Program Files\Proton
2024-09-27 14:57 - 2024-09-27 15:08 - 000201616 _____ C:\Users\Didier\Desktop\DEMANDE_CONTRAT_ABONNEMENT.pdf
2024-09-25 08:13 - 2024-09-26 10:46 - 001946861 _____ C:\Users\Didier\Downloads\passeport patient sans agenda.pdf
2024-09-25 08:13 - 2024-09-26 10:25 - 000542366 _____ C:\Users\Didier\Downloads\Nouvelle fiche personne à prévenir.pdf
2024-09-25 08:13 - 2024-09-25 08:37 - 000344783 _____ C:\Users\Didier\Downloads\EPWORTH.pdf
2024-09-22 09:15 - 2024-09-22 09:15 - 000000165 ____H C:\Users\Didier\Documents\~$Liste de courses.xlsx
2024-09-18 08:23 - 2024-09-18 08:23 - 001680248 _____ C:\Users\Didier\Downloads\Formulaire Déclaratio impots 2024 Naïm.pdf
2024-09-18 08:18 - 2024-09-18 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2024-09-12 09:16 - 2024-09-12 09:16 - 000000000 ____D C:\Users\Didier\AppData\Local\ONLYOFFICE
2024-09-12 09:15 - 2024-09-12 09:15 - 000002041 _____ C:\Users\Public\Desktop\ONLYOFFICE Editors.lnk
2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\ProgramData\ONLYOFFICE
2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONLYOFFICE
2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\Program Files\ONLYOFFICE
2024-08-29 13:25 - 2024-08-29 13:25 - 000835418 _____ C:\Users\Didier\Downloads\Preuve d'achat_FR240824-44915864.pdf
2024-08-28 09:11 - 2024-08-29 09:07 - 000013605 _____ C:\Users\Didier\Documents\Menu vacances 28-aout- 7sept.xlsx
2024-08-27 13:02 - 2024-08-27 13:02 - 000000290 __RSH C:\ProgramData\ntuser.pol
2024-08-27 13:00 - 2024-08-27 13:01 - 236153544 _____ (Adobe Systems Incorporated) C:\Users\Didier\Downloads\AcroRdrDC2200220191_fr_FR.exe
2024-08-27 12:10 - 2024-08-27 12:39 - 1861890048 _____ C:\Users\Didier\Downloads\Win10_22H2_French_x64v1.iso
2024-08-27 12:06 - 2024-08-27 12:06 - 000000000 ____D C:\Users\Didier\AppData\Local\Rufus
2024-08-27 10:06 - 2024-08-27 10:06 - 000000222 _____ C:\Users\Didier\Desktop\Wallpaper Engine.url
2024-08-27 08:05 - 2024-08-27 08:05 - 000224400 _____ C:\Users\Didier\Downloads\Carte étudiant Naïm.pdf
2024-08-27 08:05 - 2024-08-27 08:05 - 000224400 _____ C:\Users\Didier\Documents\Carte étudiant Naïm.pdf
2024-08-16 11:38 - 2024-08-16 11:51 - 000015935 _____ C:\Users\Didier\Documents\Menu vacances aout-sept.xlsx
2024-08-16 11:36 - 2024-08-29 19:45 - 000015935 _____ C:\Users\Didier\Documents\Menu vacances de base.xlsx
2024-08-09 18:35 - 2024-08-09 18:35 - 001080704 _____ C:\Users\Didier\Downloads\Réponse du Bailleur.pdf
2024-08-09 18:30 - 2024-08-09 18:30 - 000526497 _____ C:\Users\Didier\Downloads\Reprise de bail.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-11-03 09:31 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\SystemTemp
2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\AppReadiness
2024-11-03 08:23 - 2023-11-19 17:20 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Word
2024-11-03 08:13 - 2023-11-28 12:18 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Samsung Magician
2024-11-03 08:13 - 2023-11-19 10:48 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-02 11:32 - 2023-11-19 18:39 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Excel
2024-11-02 10:52 - 2024-04-03 10:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-11-01 10:58 - 2024-01-20 10:28 - 000018464 _____ C:\Users\Didier\Documents\budget prévisionnel .xlsx
2024-11-01 10:56 - 2024-01-30 11:40 - 000015509 _____ C:\Users\Didier\Documents\Total Cartes Oney.xlsx
2024-11-01 09:36 - 2023-11-19 10:48 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-01 09:36 - 2023-11-19 10:48 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-31 08:41 - 2023-11-19 11:06 - 000000000 ____D C:\Program Files\CCleaner
2024-10-31 08:29 - 2023-11-19 10:48 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-10-30 18:08 - 2023-11-19 10:58 - 000000000 ____D C:\Users\Didier\AppData\Local\D3DSCache
2024-10-30 17:46 - 2023-11-19 11:50 - 000000000 ____D C:\Users\Didier\AppData\Local\CrashDumps
2024-10-29 08:23 - 2023-11-19 10:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-27 09:02 - 2021-06-05 13:01 - 000000000 ____D C:\Windows\CbsTemp
2024-10-26 06:42 - 2023-11-19 10:59 - 001800200 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-26 06:42 - 2021-06-05 19:14 - 000806506 _____ C:\Windows\system32\perfh00C.dat
2024-10-26 06:42 - 2021-06-05 19:14 - 000156164 _____ C:\Windows\system32\perfc00C.dat
2024-10-26 06:42 - 2021-06-05 13:09 - 000000000 ____D C:\Windows\INF
2024-10-26 06:41 - 2023-12-13 12:51 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-10-26 06:41 - 2023-11-19 17:45 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-10-26 06:41 - 2023-11-19 17:45 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-10-25 13:51 - 2023-11-19 11:08 - 000000000 ____D C:\Program Files\TeamViewer
2024-10-25 13:51 - 2023-11-19 10:48 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-25 13:51 - 2023-11-19 10:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-25 13:51 - 2021-06-05 13:01 - 000524288 _____ C:\Windows\system32\config\BBI
2024-10-25 12:47 - 2023-11-19 12:28 - 000017838 _____ C:\Users\Didier\Documents\Films et séries vus ou à télécharger.xlsx
2024-10-25 11:29 - 2024-06-12 09:35 - 000000941 _____ C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk
2024-10-25 11:29 - 2024-06-12 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore
2024-10-25 11:29 - 2024-06-12 09:35 - 000000000 ____D C:\Program Files\Hekasoft Backup & Restore
2024-10-23 08:04 - 2023-11-19 10:58 - 000000000 ____D C:\Users\Didier\AppData\Local\Packages
2024-10-18 11:21 - 2023-12-02 11:24 - 000000000 ____D C:\Program Files\HP
2024-10-18 11:08 - 2023-11-19 10:59 - 000000000 ____D C:\Users\Didier\AppData\Local\PlaceholderTileLogoFolder
2024-10-18 11:08 - 2023-11-19 10:57 - 000000000 ____D C:\ProgramData\Packages
2024-10-18 10:46 - 2024-08-01 09:46 - 000000000 ____D C:\Program Files\RUXIM
2024-10-17 13:48 - 2023-11-19 12:27 - 000000000 ___RD C:\Users\Didier\Documents\Naim
2024-10-16 09:22 - 2023-11-25 10:31 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-10-16 09:22 - 2023-11-25 10:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-10-15 08:47 - 2023-11-19 12:28 - 000014742 _____ C:\Users\Didier\Documents\Remboursement médicaux.xlsx
2024-10-14 06:47 - 2023-11-19 19:04 - 000000000 ____D C:\Program Files\Microsoft Office
2024-10-11 11:26 - 2024-01-12 10:19 - 000017286 _____ C:\Users\Didier\Documents\Films à voir 2024-2025.xlsx
2024-10-10 10:06 - 2023-11-19 11:06 - 000000000 ____D C:\Windows\system32\MRT
2024-10-10 10:03 - 2023-11-19 11:05 - 201324920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-10-09 16:16 - 2023-11-19 12:22 - 000000000 ___RD C:\Users\Didier\Documents\Logiciels
2024-10-09 09:05 - 2021-06-05 13:10 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-10-08 11:12 - 2023-12-19 09:54 - 000000000 ____D C:\Windows\Minidump
2024-10-08 08:49 - 2023-11-19 12:28 - 000014692 _____ C:\Users\Didier\Documents\Echéances paiement en 4 fois.xlsx
2024-10-06 11:09 - 2023-11-28 12:16 - 000003386 _____ C:\Windows\system32\Tasks\SamsungMagician
2024-10-06 10:55 - 2023-11-19 11:13 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
==================== Fichiers à la racine de certains dossiers ========
2024-03-16 12:23 - 2024-03-16 12:23 - 000000027 _____ () C:\Users\Didier\AppData\Local\.sdpl-system-config4
2024-04-03 10:47 - 2024-04-03 10:47 - 000000000 _____ () C:\Users\Didier\AppData\Local\oobelibMkey.log
2024-07-15 18:11 - 2024-07-15 18:11 - 000000017 _____ () C:\Users\Didier\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2023-11-19 19:11 - 2023-11-19 19:11 - 000018432 _____ C:\Windows\system32\SppExtComObjHook.dll
2023-11-19 18:34 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2024-11-03 09:32 - 2024-11-03 09:32 - 002397696 _____ (Farbar) C:\Users\Didier\Desktop\FRST64.exe
2024-11-03 09:18 - 2024-11-03 09:18 - 003536896 _____ (Nicolas Coolman) C:\Users\Didier\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b5818e77-86c0-11ee-b56f-cc1e10160497}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b5818e79-86c0-11ee-b56f-cc1e10160497}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {b5818e77-86c0-11ee-b56f-cc1e10160497}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {b5818e79-86c0-11ee-b56f-cc1e10160497}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b5818e7a-86c0-11ee-b56f-cc1e10160497}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b5818e7a-86c0-11ee-b56f-cc1e10160497}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {b5818e77-86c0-11ee-b56f-cc1e10160497}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {b5818e79-86c0-11ee-b56f-cc1e10160497}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
badmemorylist 0x17be36
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {b5818e7a-86c0-11ee-b56f-cc1e10160497}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================
Exécuté par Didier (administrateur) sur CENTAURUS (Hewlett-Packard p6-2470efm) (03-11-2024 09:36:33)
Exécuté depuis C:\Users\Didier\Desktop\FRST64.exe
Profils chargés: Didier
Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.2538 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Ascensio System SIA -> Ascensio System SIA) C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe
(services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Proton AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.3.2\ProtonVPNService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe
(services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe
(services.exe ->) (Stéphane Mitermite) [Fichier non signé] C:\Program Files\FreeMi UPnP Media Server\FreeMi.WindowsService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.1.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM\Software\Policies\...\system: [EnableSmartScreen] 0
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-13] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [GalaxyClient] => [X]
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13993440 2023-10-25] (GOG sp. z o.o -> GOG.com)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (Pas de fichier)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [17389368 2024-08-12] (Proton AG -> ProtonVPN)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [Proton Drive] => C:\Users\Didier\AppData\Local\Programs\Proton\Drive\ProtonDrive.exe [212861440 2024-07-12] (Proton AG -> Proton AG)
HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [MicrosoftEdgeAutoLaunch_9ED8E2A5A7760875507C687D0866253F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3856424 2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\130.0.6723.92\Installer\chrmstp.exe [2024-11-01] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {F4549621-B796-400E-80A2-75C1419A91FF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {118B0088-F513-4D91-BF0D-3015E7089C81} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {CB4072D4-F924-415F-91DD-CC6D912045EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {BECF44FB-4011-46F1-B529-D851475D5336} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "27e4bbb1-f24c-4f99-bea9-c52cf1641f13" --version "6.29.11342" --silent
Task: {20DF542E-DCF2-4CE8-A12C-AB74733CD14D} - System32\Tasks\CCleanerSkipUAC - Didier => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {42F38AC4-BED9-43E5-A36C-18714128272C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{71701F6B-A43C-48D5-B398-2F4E2790608B} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC)
Task: {BA878819-B827-4909-AA96-81E08C01ABD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [744976 2024-09-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {E693AEE7-1694-414B-996C-BF37E9F9C192} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-09-04] (HP Inc. -> HP Inc.)
Task: {9560E7D2-EFCE-4BB2-9AB6-E7B31D1AE53B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-09-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {6BD18570-C802-4267-BA35-93F97FDD462D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.)
Task: {C2F4963C-2019-424F-9618-266E2314D235} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.)
Task: {310CC599-6D18-48F7-A64C-3E37DB53E4D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH8AU6J011 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.)
Task: {E7E2A7CB-4A32-4CBB-AC4C-A648602FA959} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917808 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C6DF98F3-EFE7-4EC5-A675-8E2322E41734} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917808 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {10D61E6C-E5C7-4E0E-AE53-9C89505E5D09} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E54C955-90A8-48D6-AF70-CC805DD08CF9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-10-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {559C86DE-BD53-4B78-AA23-36D6EC360122} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9DFD1ADD-B135-427F-A325-0BDCDB43AC87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E9867D76-1ACC-419A-9E46-F1A00BE1DDE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8238E89C-6321-48D0-9876-A9127506DED0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {71A05EC2-17C1-4B55-8ED9-A3EF6114AEBE} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [140405056 2024-08-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\--disable-gpu-sandbox /AUTOHIDE
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{3f5dd364-8acb-4923-8833-902bb51ed8f6}: [NameServer] 208.67.222.222,208.67.220.220,199.85.126.10,199.85.127.10
Tcpip\..\Interfaces\{3f5dd364-8acb-4923-8833-902bb51ed8f6}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{f0af5e82-6a14-4395-a323-70a6537d5409}: [DhcpNameServer] 192.168.15.12
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-31]
Edge HomePage: Default -> hxxp://www.google.fr/
Edge StartupUrls: Default -> "hxxps://www.larep.fr/","hxxps://www.reseau-tao.fr/index.php?","hxxps://www.facebook.com/","hxxps://www.jeanmarcmorandini.com/","hxxps://www.credit-agricole.fr/ca-centreloire/particulier.html"
Edge Extension: (Adblocker for Chrome - NoAds) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2024-10-01]
Edge Extension: (Touch VPN - VPN et proxy gratuit) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2024-02-12]
Edge Extension: (Bloqueur de pop-up pour Chrome™ - Poper Blocker) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2024-10-02]
Edge Extension: (Google Docs hors connexion) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-22]
Edge Extension: (Bouton Enregistrer Pinterest) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggnegiphhh [2024-02-12]
Edge Extension: (Save to Facebook) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2024-02-12]
Edge Extension: (Edge relevant text changes) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-05]
Edge Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-10-25]
Edge Extension: (Vérificateur de messages Google) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-13]
Edge Extension: (Streak CRM pour Gmail) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2024-10-22]
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default [2024-11-03]
CHR Notifications: Default -> hxxps://magazine.mercipourlinfo.fr
CHR HomePage: Default -> hxxp://www.google.fr/
CHR StartupUrls: Default -> "hxxps://www.larep.fr/#refresh","hxxps://www.reseau-tao.fr/index.php?","hxxps://www.facebook.com/","hxxps://www.jeanmarcmorandini.com/","hxxps://www.credit-agricole.fr/ca-centreloire/particulier.html"
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2024-08-15]
CHR Extension: (Shoptimate : automatic price comparison) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibdombdcdbbnfdjkaajfgnfhlapibde [2023-11-19]
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-10-06]
CHR Extension: (Compose AI: AI-powered Writing Tool) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddlbpiadoechcolndfeaonajmngmhblj [2024-10-09]
CHR Extension: (Dark Reader) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-10-30]
CHR Extension: (wanteeed) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2024-10-30]
CHR Extension: (Scamdoc) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fojbeoliffkbkfgaehkoeeihphibcjdk [2023-11-19]
CHR Extension: (Google Docs hors connexion) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-01]
CHR Extension: (Enregistrer sur Pinterest) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-10-08]
CHR Extension: (HP Network Check Launcher) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2023-11-19]
CHR Extension: (Amplificateur de volume - augmente l'effet sonore) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\laldfbfjhaogodemgonegbingpmjldnh [2024-03-02]
CHR Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-11-03]
CHR Extension: (FranceVerif - Sécurité en ligne) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkejggchhilmabpicojddgaahkkgoln [2024-09-25]
CHR Extension: (Vérificateur de messages Google) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-19]
CHR Extension: (AdBlocker Ultimate) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2024-10-30]
CHR HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [cchfigjcpjmclmmphipdkeocklpnjecm]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4578736 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203384 2024-09-19] (Microsoft Corporation -> Microsoft Corporation)
R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [763200 2024-08-23] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2433528 2024-02-01] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 FreeMiWindowsService; C:\Program Files\FreeMi UPnP Media Server\FreeMi.WindowsService.exe [71168 2016-05-24] (Stéphane Mitermite) [Fichier non signé]
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2350048 2023-10-25] (GOG sp. z o.o -> GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-10-25] (GOG sp. z o.o -> GOG.com)
R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [927848 2024-09-04] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [926304 2024-09-04] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [922208 2024-09-04] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-16] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [927336 2024-09-04] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258144 2024-10-26] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-09] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [639184 2024-07-11] (Ascensio System SIA -> Ascensio System SIA)
R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.3.2\ProtonVPNService.exe [474848 2024-08-12] (Proton AG -> ProtonVPN)
S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.3.2\ProtonVPN.WireGuardService.exe [474336 2024-08-12] (Proton AG -> ProtonVPN)
R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [460096 2024-08-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20992824 2023-10-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AmUStor; C:\Windows\system32\drivers\AmUStorU.sys [155744 2024-04-01] (Alcorlink Corp. -> )
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [Fichier non signé]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé]
R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232000 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.3.2\Resources\ProtonVPN.CalloutDriver.sys [37768 2024-07-30] (Proton AG -> Proton Technologies AG)
R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [39032 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2024-09-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2024-09-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Trois mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-11-03 09:36 - 2024-11-03 09:37 - 000030042 _____ C:\Users\Didier\Desktop\FRST.txt
2024-11-03 09:35 - 2024-11-03 09:36 - 000000000 ____D C:\FRST
2024-11-03 09:32 - 2024-11-03 09:32 - 002397696 _____ (Farbar) C:\Users\Didier\Desktop\FRST64.exe
2024-11-03 09:26 - 2024-11-03 09:26 - 000215216 _____ C:\Users\Didier\Desktop\ZHPDiag.txt
2024-11-03 09:20 - 2024-11-03 09:26 - 000000000 ____D C:\Users\Didier\AppData\Roaming\ZHP
2024-11-03 09:20 - 2024-11-03 09:20 - 000000866 _____ C:\Users\Didier\Desktop\ZHPSuite.lnk
2024-11-03 09:20 - 2024-11-03 09:20 - 000000000 ____D C:\Users\Didier\AppData\Local\ZHP
2024-11-03 09:18 - 2024-11-03 09:18 - 003536896 _____ (Nicolas Coolman) C:\Users\Didier\Desktop\ZHPSuite.exe
2024-11-02 12:10 - 2024-11-02 12:10 - 000624094 _____ C:\Users\Didier\Downloads\Attestation Cerfa Inscription Permis.pdf
2024-11-02 11:22 - 2024-11-02 11:22 - 000000000 ____D C:\Users\Didier\Downloads\Table
2024-11-02 11:01 - 2024-11-02 11:01 - 000802580 _____ C:\Users\Didier\Downloads\carte grise.pdf
2024-10-27 08:46 - 2024-10-27 08:46 - 082612403 _____ C:\Users\Didier\Downloads\01net N.1033 - 23 Octobre 2024[p]...wawacity.click.pdf
2024-10-27 08:45 - 2024-10-27 08:45 - 009936640 _____ C:\Users\Didier\Downloads\Que_Choisir_-_Novembre_2024.pdf
2024-10-27 08:43 - 2024-10-27 08:43 - 015768077 _____ C:\Users\Didier\Downloads\60_Millions_de_Consommateurs_-_Novembre_2024...wawacity.click.pdf
2024-10-25 11:39 - 2024-11-01 09:36 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-10-25 11:39 - 2024-11-01 09:36 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-10-25 11:39 - 2024-10-25 11:39 - 000000000 ____D C:\Program Files\Google
2024-10-21 19:13 - 2024-10-21 19:13 - 000000000 ____D C:\Users\Default\AppData\Local\Malwarebytes
2024-10-19 18:49 - 2024-10-19 18:50 - 000000000 ____D C:\AdwCleaner
2024-10-18 11:49 - 2024-10-18 11:49 - 000145587 _____ C:\Users\Didier\Downloads\SNE007120468000041.pdf
2024-10-18 11:42 - 2024-10-18 11:42 - 000046913 _____ C:\Users\Didier\Downloads\Loyer septembre2024.PDF
2024-10-18 11:24 - 2024-10-18 11:24 - 000557478 _____ C:\Users\Didier\Downloads\Attestation fiscale 2022 Carsat-Apicil.pdf
2024-10-18 11:23 - 2024-10-18 11:23 - 000579799 _____ C:\Users\Didier\Downloads\Attestation fiscale 2023 Carsat-Apicil.pdf
2024-10-17 10:35 - 2024-10-17 10:35 - 000163093 _____ C:\Users\Didier\Downloads\Impots sur les revenus de 2023.pdf
2024-10-15 10:38 - 2024-10-15 10:38 - 000000000 ____D C:\Users\Didier\Documents\notes du portable
2024-10-15 10:38 - 2023-12-08 22:01 - 000983624 _____ (GOG Sp. z o.o.) C:\Users\Didier\Documents\GOG_Galaxy_2.0.exe
2024-10-15 10:29 - 2024-10-14 09:06 - 000977893 _____ C:\Users\Didier\Documents\favoris_14_10_2024.html
2024-10-12 08:30 - 2024-10-12 08:30 - 000113667 _____ C:\Users\Didier\Downloads\SNE007120468000036.pdf
2024-10-12 08:29 - 2024-10-12 08:29 - 000114548 _____ C:\Users\Didier\Downloads\SNE007120468000035.pdf
2024-10-09 09:06 - 2024-11-03 09:37 - 000000000 ____D C:\Users\Didier\AppData\Local\Malwarebytes
2024-10-09 09:05 - 2024-10-09 09:05 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2024-10-09 09:05 - 2024-10-09 09:05 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2024-10-09 09:04 - 2024-10-09 09:04 - 000000000 ____D C:\ProgramData\Malwarebytes
2024-10-09 09:04 - 2024-10-09 09:04 - 000000000 ____D C:\Program Files\Malwarebytes
2024-10-07 10:33 - 2024-10-04 17:34 - 000151307 _____ C:\Users\Didier\Downloads\Analyses.PDF
2024-10-06 11:09 - 2024-10-06 11:09 - 000001341 _____ C:\Users\Public\Desktop\Samsung Magician.lnk
2024-10-06 11:09 - 2024-10-06 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2024-10-02 07:28 - 2024-10-19 07:06 - 000001710 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2024-10-02 07:23 - 2024-10-02 07:23 - 011979112 _____ C:\Users\Didier\Downloads\HPPSdr.exe
2024-10-01 09:42 - 2019-03-15 00:27 - 005078984 _____ (HP Inc.) C:\Windows\system32\HPScanTEDrv_EN5000_x64.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 003446216 _____ (HP Inc.) C:\Windows\SysWOW64\HPScanTEDrv_EN5000.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 001354696 _____ (HP Inc.) C:\Windows\system32\HPScanTEDrv_EN5000_x64_DiscoveryLibDyn.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 000665544 _____ (HP Inc., LP) C:\Windows\system32\HPWia2_EN5000.dll
2024-10-01 09:42 - 2019-03-15 00:27 - 000596936 _____ (HP Inc.) C:\Windows\SysWOW64\HPScanTEDrv_EN5000_DiscoveryLibDyn.dll
2024-10-01 09:32 - 2024-10-01 09:32 - 017281824 _____ C:\Users\Didier\Downloads\HPEasyStart_16_7_5.exe
2024-09-30 09:46 - 2024-09-30 09:46 - 000063250 _____ C:\Users\Didier\Downloads\Certificat de scolarité 2024-2025 Nicolas Naïm SUPPER.pdf
2024-09-28 14:46 - 2024-09-28 14:46 - 000001373 _____ C:\Users\Didier\Desktop\Proton Drive.lnk
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proton
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\ToastNotificationManagerCompat
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\Proton
2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\Package Cache
2024-09-28 14:45 - 2024-09-29 09:18 - 000000000 ____D C:\Users\Didier\AppData\Local\ProtonVPN
2024-09-28 14:45 - 2024-09-28 14:45 - 000001050 _____ C:\Users\Public\Desktop\Proton VPN.lnk
2024-09-28 14:45 - 2024-09-28 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton
2024-09-28 14:45 - 2024-09-28 14:45 - 000000000 ____D C:\Program Files\Proton
2024-09-27 14:57 - 2024-09-27 15:08 - 000201616 _____ C:\Users\Didier\Desktop\DEMANDE_CONTRAT_ABONNEMENT.pdf
2024-09-25 08:13 - 2024-09-26 10:46 - 001946861 _____ C:\Users\Didier\Downloads\passeport patient sans agenda.pdf
2024-09-25 08:13 - 2024-09-26 10:25 - 000542366 _____ C:\Users\Didier\Downloads\Nouvelle fiche personne à prévenir.pdf
2024-09-25 08:13 - 2024-09-25 08:37 - 000344783 _____ C:\Users\Didier\Downloads\EPWORTH.pdf
2024-09-22 09:15 - 2024-09-22 09:15 - 000000165 ____H C:\Users\Didier\Documents\~$Liste de courses.xlsx
2024-09-18 08:23 - 2024-09-18 08:23 - 001680248 _____ C:\Users\Didier\Downloads\Formulaire Déclaratio impots 2024 Naïm.pdf
2024-09-18 08:18 - 2024-09-18 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office
2024-09-12 09:16 - 2024-09-12 09:16 - 000000000 ____D C:\Users\Didier\AppData\Local\ONLYOFFICE
2024-09-12 09:15 - 2024-09-12 09:15 - 000002041 _____ C:\Users\Public\Desktop\ONLYOFFICE Editors.lnk
2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\ProgramData\ONLYOFFICE
2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONLYOFFICE
2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\Program Files\ONLYOFFICE
2024-08-29 13:25 - 2024-08-29 13:25 - 000835418 _____ C:\Users\Didier\Downloads\Preuve d'achat_FR240824-44915864.pdf
2024-08-28 09:11 - 2024-08-29 09:07 - 000013605 _____ C:\Users\Didier\Documents\Menu vacances 28-aout- 7sept.xlsx
2024-08-27 13:02 - 2024-08-27 13:02 - 000000290 __RSH C:\ProgramData\ntuser.pol
2024-08-27 13:00 - 2024-08-27 13:01 - 236153544 _____ (Adobe Systems Incorporated) C:\Users\Didier\Downloads\AcroRdrDC2200220191_fr_FR.exe
2024-08-27 12:10 - 2024-08-27 12:39 - 1861890048 _____ C:\Users\Didier\Downloads\Win10_22H2_French_x64v1.iso
2024-08-27 12:06 - 2024-08-27 12:06 - 000000000 ____D C:\Users\Didier\AppData\Local\Rufus
2024-08-27 10:06 - 2024-08-27 10:06 - 000000222 _____ C:\Users\Didier\Desktop\Wallpaper Engine.url
2024-08-27 08:05 - 2024-08-27 08:05 - 000224400 _____ C:\Users\Didier\Downloads\Carte étudiant Naïm.pdf
2024-08-27 08:05 - 2024-08-27 08:05 - 000224400 _____ C:\Users\Didier\Documents\Carte étudiant Naïm.pdf
2024-08-16 11:38 - 2024-08-16 11:51 - 000015935 _____ C:\Users\Didier\Documents\Menu vacances aout-sept.xlsx
2024-08-16 11:36 - 2024-08-29 19:45 - 000015935 _____ C:\Users\Didier\Documents\Menu vacances de base.xlsx
2024-08-09 18:35 - 2024-08-09 18:35 - 001080704 _____ C:\Users\Didier\Downloads\Réponse du Bailleur.pdf
2024-08-09 18:30 - 2024-08-09 18:30 - 000526497 _____ C:\Users\Didier\Downloads\Reprise de bail.pdf
==================== Trois mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-11-03 09:31 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\SystemTemp
2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\AppReadiness
2024-11-03 08:23 - 2023-11-19 17:20 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Word
2024-11-03 08:13 - 2023-11-28 12:18 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Samsung Magician
2024-11-03 08:13 - 2023-11-19 10:48 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-02 11:32 - 2023-11-19 18:39 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Excel
2024-11-02 10:52 - 2024-04-03 10:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2024-11-01 10:58 - 2024-01-20 10:28 - 000018464 _____ C:\Users\Didier\Documents\budget prévisionnel .xlsx
2024-11-01 10:56 - 2024-01-30 11:40 - 000015509 _____ C:\Users\Didier\Documents\Total Cartes Oney.xlsx
2024-11-01 09:36 - 2023-11-19 10:48 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-01 09:36 - 2023-11-19 10:48 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-10-31 08:41 - 2023-11-19 11:06 - 000000000 ____D C:\Program Files\CCleaner
2024-10-31 08:29 - 2023-11-19 10:48 - 000000000 ____D C:\Windows\system32\Drivers\wd
2024-10-30 18:08 - 2023-11-19 10:58 - 000000000 ____D C:\Users\Didier\AppData\Local\D3DSCache
2024-10-30 17:46 - 2023-11-19 11:50 - 000000000 ____D C:\Users\Didier\AppData\Local\CrashDumps
2024-10-29 08:23 - 2023-11-19 10:48 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-10-27 09:02 - 2021-06-05 13:01 - 000000000 ____D C:\Windows\CbsTemp
2024-10-26 06:42 - 2023-11-19 10:59 - 001800200 _____ C:\Windows\system32\PerfStringBackup.INI
2024-10-26 06:42 - 2021-06-05 19:14 - 000806506 _____ C:\Windows\system32\perfh00C.dat
2024-10-26 06:42 - 2021-06-05 19:14 - 000156164 _____ C:\Windows\system32\perfc00C.dat
2024-10-26 06:42 - 2021-06-05 13:09 - 000000000 ____D C:\Windows\INF
2024-10-26 06:41 - 2023-12-13 12:51 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-10-26 06:41 - 2023-11-19 17:45 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-10-26 06:41 - 2023-11-19 17:45 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-10-25 13:51 - 2023-11-19 11:08 - 000000000 ____D C:\Program Files\TeamViewer
2024-10-25 13:51 - 2023-11-19 10:48 - 000012288 ___SH C:\DumpStack.log.tmp
2024-10-25 13:51 - 2023-11-19 10:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-10-25 13:51 - 2021-06-05 13:01 - 000524288 _____ C:\Windows\system32\config\BBI
2024-10-25 12:47 - 2023-11-19 12:28 - 000017838 _____ C:\Users\Didier\Documents\Films et séries vus ou à télécharger.xlsx
2024-10-25 11:29 - 2024-06-12 09:35 - 000000941 _____ C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk
2024-10-25 11:29 - 2024-06-12 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore
2024-10-25 11:29 - 2024-06-12 09:35 - 000000000 ____D C:\Program Files\Hekasoft Backup & Restore
2024-10-23 08:04 - 2023-11-19 10:58 - 000000000 ____D C:\Users\Didier\AppData\Local\Packages
2024-10-18 11:21 - 2023-12-02 11:24 - 000000000 ____D C:\Program Files\HP
2024-10-18 11:08 - 2023-11-19 10:59 - 000000000 ____D C:\Users\Didier\AppData\Local\PlaceholderTileLogoFolder
2024-10-18 11:08 - 2023-11-19 10:57 - 000000000 ____D C:\ProgramData\Packages
2024-10-18 10:46 - 2024-08-01 09:46 - 000000000 ____D C:\Program Files\RUXIM
2024-10-17 13:48 - 2023-11-19 12:27 - 000000000 ___RD C:\Users\Didier\Documents\Naim
2024-10-16 09:22 - 2023-11-25 10:31 - 000000000 ____D C:\Windows\system32\Tasks\HP
2024-10-16 09:22 - 2023-11-25 10:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2024-10-15 08:47 - 2023-11-19 12:28 - 000014742 _____ C:\Users\Didier\Documents\Remboursement médicaux.xlsx
2024-10-14 06:47 - 2023-11-19 19:04 - 000000000 ____D C:\Program Files\Microsoft Office
2024-10-11 11:26 - 2024-01-12 10:19 - 000017286 _____ C:\Users\Didier\Documents\Films à voir 2024-2025.xlsx
2024-10-10 10:06 - 2023-11-19 11:06 - 000000000 ____D C:\Windows\system32\MRT
2024-10-10 10:03 - 2023-11-19 11:05 - 201324920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2024-10-09 16:16 - 2023-11-19 12:22 - 000000000 ___RD C:\Users\Didier\Documents\Logiciels
2024-10-09 09:05 - 2021-06-05 13:10 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-10-08 11:12 - 2023-12-19 09:54 - 000000000 ____D C:\Windows\Minidump
2024-10-08 08:49 - 2023-11-19 12:28 - 000014692 _____ C:\Users\Didier\Documents\Echéances paiement en 4 fois.xlsx
2024-10-06 11:09 - 2023-11-28 12:16 - 000003386 _____ C:\Windows\system32\Tasks\SamsungMagician
2024-10-06 10:55 - 2023-11-19 11:13 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
==================== Fichiers à la racine de certains dossiers ========
2024-03-16 12:23 - 2024-03-16 12:23 - 000000027 _____ () C:\Users\Didier\AppData\Local\.sdpl-system-config4
2024-04-03 10:47 - 2024-04-03 10:47 - 000000000 _____ () C:\Users\Didier\AppData\Local\oobelibMkey.log
2024-07-15 18:11 - 2024-07-15 18:11 - 000000017 _____ () C:\Users\Didier\AppData\Local\resmon.resmoncfg
==================== SigCheckExt =========================
2023-11-19 19:11 - 2023-11-19 19:11 - 000018432 _____ C:\Windows\system32\SppExtComObjHook.dll
2023-11-19 18:34 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2024-11-03 09:32 - 2024-11-03 09:32 - 002397696 _____ (Farbar) C:\Users\Didier\Desktop\FRST64.exe
2024-11-03 09:18 - 2024-11-03 09:18 - 003536896 _____ (Nicolas Coolman) C:\Users\Didier\Desktop\ZHPSuite.exe
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== BCD ================================
Gestionnaire de démarrage Windows
---------------------------------
identificateur {bootmgr}
device partition=\Device\HarddiskVolume1
description Windows Boot Manager
locale fr-FR
inherit {globalsettings}
default {current}
resumeobject {b5818e77-86c0-11ee-b56f-cc1e10160497}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Chargeur de démarrage Windows
-----------------------------
identificateur {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 11
locale fr-FR
inherit {bootloadersettings}
recoverysequence {b5818e79-86c0-11ee-b56f-cc1e10160497}
displaymessageoverride Recovery
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {b5818e77-86c0-11ee-b56f-cc1e10160497}
nx OptIn
bootmenupolicy Standard
Chargeur de démarrage Windows
-----------------------------
identificateur {b5818e79-86c0-11ee-b56f-cc1e10160497}
device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b5818e7a-86c0-11ee-b56f-cc1e10160497}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale fr-fr
inherit {bootloadersettings}
displaymessage Recovery
osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b5818e7a-86c0-11ee-b56f-cc1e10160497}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes
Reprendre à partir de la mise en veille prolongée
-------------------------------------------------
identificateur {b5818e77-86c0-11ee-b56f-cc1e10160497}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale fr-FR
inherit {resumeloadersettings}
recoverysequence {b5818e79-86c0-11ee-b56f-cc1e10160497}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
custom:21000026 partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No
Testeur de mémoire Windows
--------------------------
identificateur {memdiag}
device partition=\Device\HarddiskVolume1
path \boot\memtest.exe
description Diagnostics mémoire Windows
locale fr-FR
inherit {globalsettings}
badmemoryaccess Yes
Paramètres EMS
--------------
identificateur {emssettings}
bootems No
Paramètres du débogueur
-----------------------
identificateur {dbgsettings}
debugtype Local
Erreurs de mémoire RAM
----------------------
identificateur {badmemory}
badmemorylist 0x17be36
Paramètres globaux
------------------
identificateur {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Paramètres du chargeur de démarrage
-----------------------------------
identificateur {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Paramètres de l'hyperviseur
-------------------
identificateur {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Paramètres du chargeur de reprise
---------------------------------
identificateur {resumeloadersettings}
inherit {globalsettings}
Options de périphérique
-----------------------
identificateur {b5818e7a-86c0-11ee-b56f-cc1e10160497}
description Windows Recovery
ramdisksdidevice partition=\Device\HarddiskVolume3
ramdisksdipath \Recovery\WindowsRE\boot.sdi
==================== Fin de FRST.txt ========================