Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 29-11-2024
Exécuté par Belette (administrateur) sur JP (Packard Bell Easynote LE69KB) (02-12-2024 01:15:06)
Exécuté depuis C:\Users\Belette\OneDrive\Bureau\FRST64.exe
Profils chargés: Belette
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5131 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\LibreOffice\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Microsoft Corporation) [Fichier non signé] C:\Comptes 25-10-2024\MSMONEY.EXE
(explorer.exe ->) (PhotoFiltre) [Fichier non signé] C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIWFE.EXE
(explorer.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2409.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Belette\AppData\Local\Microsoft\OneDrive\24.216.1027.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2753808 2024-03-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [Web Companion] => C:\Users\Belette\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe [3427032 2024-02-29] (Lavasoft Software Canada Inc. -> Lavasoft) <==== ATTENTION
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [EPSDNMON] => "" (Pas de fichier)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWFE.EXE [421736 2021-11-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12292504 2024-11-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [MicrosoftEdgeAutoLaunch_5A59922AC05980AA9BA6F38E6C97CDC0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWFE.EXE [421736 2021-11-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON XP-2100 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBWFE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {F20F4669-A52D-4A0D-9852-B9D5686425EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {19C8C297-3E6B-41C0-B3BF-15072A585B60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0796D271-E280-49D7-9F1C-D9BC2774BFA7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "eb4c5553-02b3-4a79-a747-ffe3310bd4d6" --version "6.29.11342" --silent
Task: {C7503ABD-8ABA-4A19-9C5B-41095540797B} - System32\Tasks\CCleanerSkipUAC - Belette => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {26DF8445-6B84-44D5-8015-D2BE10DD531A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5925392 2024-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {2DB3E144-6824-4CA4-929A-0C5660B7C053} - System32\Tasks\EPSON XP-2100 Series Update {B21C74D9-04AB-409D-98D6-B8228EAC29D2} => C:\Windows\System32\spool\drivers\x64\3\E_YTSWFE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {2EB390CB-20A5-45C4-91C6-769CB0219A1B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{7267FF28-3AE5-49B0-BA07-67093DA8F0A0} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {919020F4-C765-4802-874E-8FB83BFEBAEA} - System32\Tasks\Microsoft\microsoft-windows-apin => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\ProgramData\AuthenticMessaging\PinbDisc\C:\ProgramData\AuthenticMessaging\PinbDisc\MickVWzbjRb284.dll /U <==== ATTENTION
Task: {2D24575F-53C8-4084-A7CD-BCE9380DB8E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7099A23-6F2B-4E6C-A362-4169DA26BF9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B349BD48-35E8-42FF-A88C-B1ADA7A07331} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48D79420-5CF2-4F84-974C-23A371C0C1CC} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2051906324-2869483229-801820330-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {183ECA2A-92E2-4612-8B02-FB8043C53795} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CF52B6FD-5719-4EC2-9912-54083393CC69} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\EPSON XP-2100 Series Update {B21C74D9-04AB-409D-98D6-B8228EAC29D2}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWFE.EXE:/EXE:{B21C74D9-04AB-409D-98D6-B8228EAC29D2} /F:UpdateWORKGROUP\JP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [S-1-5-21-2051906324-2869483229-801820330-1001] => Proxy est activé.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\356425F593634303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\7596669602C456022414252756A79656E6F52374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\7596669602C456022414252756A79656E6F52374: [DhcpDomain] home
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\7596669602C456022414252756A79656E6F52374F5548545: [DhcpNameServer] 192.168.1.14
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\C496675626F687D253839303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\C496675626F687D253839303: [DhcpDomain] home
Tcpip\..\Interfaces\{9d48850e-8f6a-4bc0-a096-0da3436f69df}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{bc302e7b-89eb-4257-9733-6449ef39bb3b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc302e7b-89eb-4257-9733-6449ef39bb3b}\255646D696029314: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{bc302e7b-89eb-4257-9733-6449ef39bb3b}\356425F593030383: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Belette\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-02]
Edge Notifications: Default -> hxxps://twitter.com
Edge HomePage: Default -> hxxps://
Edge DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=070823&n=0670&q={searchTerms}&gd=RD1002836&searchsource=69
Edge DefaultSearchKeyword: Default -> yahoosearch
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
Edge Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-06]
Edge Extension: (Edge relevant text changes) - C:\Users\Belette\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-16]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-11-13] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default [2024-12-02]
CHR Notifications: Default -> hxxps://www.commentcamarche.net; hxxps://www.fram.fr; hxxps://www.macifavantages.fr; hxxps://www.promovacances.com
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-26]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2024-11-23]
CHR Extension: (YouGov Safe) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbenbpjiigbogcmofbmoojbkojdmojfl [2024-11-22]
CHR Extension: (Save Image As PNG) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2024-06-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-02]
CHR Extension: (Macif Avantages) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipjcohppciapfdojclipkpddkncidjo [2024-11-12]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-14]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-11-25]
CHR HomePage: Profile 1 -> hxxps://
CHR StartupUrls: Profile 1 -> "hxxps://"
CHR DefaultSearchURL: Profile 1 -> hxxps://websearcher-red.com/search?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> websearcher-red.com
CHR DefaultNewTabURL: Profile 1 -> hxxps://websearcher-red.com/nt?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D
CHR Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-19]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-03-14]
CHR HomePage: Profile 3 -> hxxps://
CHR StartupUrls: Profile 3 -> "hxxps://"
CHR DefaultSearchURL: Profile 3 -> hxxps://websearcher-red.com/search?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> websearcher-red.com
CHR DefaultNewTabURL: Profile 3 -> hxxps://websearcher-red.com/nt?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D
CHR Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-19]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable [2024-05-03]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-15]
OPR Extension: (Opera Wallet) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-02]
OPR Extension: (Aria) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-08-02]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-04-14]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2018-12-05] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9424792 2024-11-16] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-14] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftEdgeElevationService1d94449aa64fde4; C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.70\elevation_service.exe [1819192 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-02 01:15 - 2024-12-02 01:19 - 000024338 _____ C:\Users\Belette\OneDrive\Bureau\FRST.txt
2024-12-02 01:13 - 2024-12-02 01:17 - 000000000 ____D C:\FRST
2024-12-02 00:06 - 2024-12-02 00:06 - 002402816 _____ (Farbar) C:\Users\Belette\OneDrive\Bureau\FRST64.exe
2024-12-01 17:00 - 2024-12-01 17:00 - 001613137 _____ C:\Users\Belette\Downloads\Realisme.mp4
2024-12-01 16:55 - 2024-12-01 16:55 - 007614840 _____ C:\Users\Belette\Downloads\grammaire.mp4
2024-12-01 16:54 - 2024-12-01 16:54 - 004249969 _____ C:\Users\Belette\Downloads\EDF en Afrique.JPP.mp4
2024-12-01 16:39 - 2024-12-01 16:39 - 004059299 _____ C:\Users\Belette\Downloads\ASPA pour les feignants.mp4
2024-12-01 16:19 - 2024-12-01 16:20 - 001440192 _____ C:\Users\Belette\OneDrive\Bureau\justpourire vrac.pdf
2024-12-01 16:17 - 2024-12-01 16:17 - 001440192 _____ C:\Users\Belette\Downloads\justpourire vrac.pdf
2024-12-01 11:20 - 2024-12-01 11:25 - 000000087 ____H C:\Users\Belette\OneDrive\Bureau\.~lock.Coord.odt#
2024-12-01 11:19 - 2024-12-01 11:19 - 000157204 _____ C:\Users\Belette\OneDrive\Bureau\Livres — Juan Branco.html
2024-12-01 11:19 - 2024-12-01 11:19 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Livres — Juan Branco_files
2024-11-30 16:54 - 2024-11-30 16:54 - 000147233 _____ C:\Users\Belette\Downloads\Gamiani_ou_Deux_nuits_d’excès_(1912).epub
2024-11-30 00:17 - 2024-11-30 00:17 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (10).pdf
2024-11-29 14:18 - 2024-11-29 14:18 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (9).pdf
2024-11-29 14:14 - 2024-11-29 14:14 - 000263754 _____ C:\Users\Belette\Downloads\Visa de tourisme électronique .pdf
2024-11-27 18:20 - 2024-11-27 18:20 - 000110126 _____ C:\Users\Belette\Downloads\GdVCycfXoAAplyC.jfif
2024-11-27 18:04 - 2024-11-27 18:04 - 000110126 _____ C:\Users\Belette\OneDrive\Bureau\GdVCycfXoAAplyC.jfif
2024-11-27 14:27 - 2024-11-27 14:27 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (8).pdf
2024-11-27 09:38 - 2024-11-27 09:38 - 003717061 _____ C:\Users\Belette\Downloads\GAZ-11.mp4
2024-11-27 09:31 - 2024-11-27 09:31 - 010148701 _____ C:\Users\Belette\Downloads\Gustave Eiffel !.mp4
2024-11-26 18:13 - 2024-11-26 18:13 - 000001225 _____ C:\Users\Belette\Downloads\pdfList (7).pdf
2024-11-26 17:32 - 2024-11-26 17:32 - 004246487 _____ C:\Users\Belette\Downloads\Les marchands de haine.mp4
2024-11-25 11:12 - 2024-11-25 11:12 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (6).pdf
2024-11-25 09:33 - 2024-11-25 09:33 - 000692736 _____ C:\ProgramData\chrome.dll
2024-11-25 09:28 - 2024-11-25 09:46 - 000000000 ___HD C:\ProgramData\Ssd
2024-11-25 09:27 - 2024-11-25 09:27 - 000000000 ____D C:\Users\Belette\Downloads\worker
2024-11-25 09:25 - 2024-11-25 09:25 - 000000207 _____ C:\Users\Belette\Downloads\worker.zip
2024-11-25 09:24 - 2024-11-25 09:24 - 000000201 _____ C:\Users\Belette\Downloads\key.zip
2024-11-25 08:32 - 2024-11-25 08:32 - 006900711 _____ C:\Users\Belette\Downloads\Pub a lancienne pour le slipfrancais11.mp4
2024-11-24 11:24 - 2024-11-24 11:24 - 000364774 _____ C:\Users\Belette\Downloads\Sagesse africaine..pdf
2024-11-24 11:23 - 2024-11-24 11:23 - 003004549 _____ C:\Users\Belette\Downloads\WhatsApp VidA-o 2024-10-03 A- 15.13.29 43124fd6.mp4
2024-11-24 09:29 - 2024-11-24 09:29 - 002146816 _____ C:\Users\Belette\Downloads\Humour_2017.pps
2024-11-24 09:29 - 2024-11-24 09:29 - 002146816 _____ C:\Users\Belette\Downloads\Humour_2017 (1).pps
2024-11-22 18:29 - 2024-11-22 18:30 - 000001225 _____ C:\Users\Belette\Downloads\pdfList (5).pdf
2024-11-22 12:05 - 2024-11-22 12:05 - 000106347 _____ C:\Users\Belette\Downloads\Factures JP Belette - Septembre 2024.pdf
2024-11-22 12:03 - 2024-11-22 12:03 - 000106201 _____ C:\Users\Belette\Downloads\Factures JP Belette - Octobre 2024.pdf
2024-11-22 11:38 - 2024-11-22 11:38 - 001164872 _____ C:\Users\Belette\Downloads\GS6402FR-Configurer.odt
2024-11-21 18:27 - 2024-11-21 18:27 - 000000334 _____ C:\Users\Belette\Downloads\video.htm
2024-11-21 10:07 - 2024-11-21 10:07 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (4).pdf
2024-11-21 09:39 - 2024-11-21 09:40 - 000018986 _____ C:\Users\Belette\Downloads\20241121-2501041649.pdf
2024-11-19 11:20 - 2024-11-19 11:20 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (3).pdf
2024-11-19 10:17 - 2024-11-19 10:17 - 015098496 _____ C:\Users\Belette\Downloads\VIDEO-2024-10-20-09-11-02.mp4
2024-11-18 17:40 - 2024-11-18 17:40 - 000001223 _____ C:\Users\Belette\Downloads\pdfList (2).pdf
2024-11-18 15:14 - 2024-11-18 15:14 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (1).pdf
2024-11-17 11:08 - 2024-11-17 11:08 - 000356858 _____ C:\Users\Belette\Downloads\Places.pdf
2024-11-17 11:00 - 2024-11-17 11:00 - 000120713 _____ C:\Users\Belette\Downloads\votre-cinecheque-imprime-le-17-11-2024_11h00m00.pdf
2024-11-17 10:30 - 2024-11-17 10:30 - 000120821 _____ C:\Users\Belette\Downloads\votre-cinecheque-imprime-le-17-11-2024_10h30m30.pdf
2024-11-17 10:29 - 2024-11-17 10:29 - 000120811 _____ C:\Users\Belette\Downloads\votre-cinecheque-imprime-le-17-11-2024_10h29m29.pdf
2024-11-17 10:28 - 2024-11-17 10:28 - 000077796 _____ C:\Users\Belette\OneDrive\Bureau\Systempay.html
2024-11-17 10:28 - 2024-11-17 10:28 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Systempay_files
2024-11-17 10:27 - 2024-11-17 10:27 - 000156485 _____ C:\Users\Belette\Downloads\ticket (1).pdf
2024-11-17 10:26 - 2024-11-17 10:27 - 000156485 _____ C:\Users\Belette\Downloads\ticket.pdf
2024-11-16 19:22 - 2024-11-16 19:22 - 000001236 _____ C:\Users\Belette\Downloads\pdfList.pdf
2024-11-16 11:34 - 2024-11-16 11:34 - 000080534 _____ C:\Users\Belette\Downloads\ReleveDocument_14.11.2024.19.43.04.244 (1).pdf
2024-11-16 11:27 - 2024-11-16 11:27 - 000283351 _____ C:\Users\Belette\Downloads\FORMULAIRE_D_INFORMATION_STANDARD.pdf
2024-11-16 10:32 - 2024-11-16 10:32 - 000120686 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822998.pdf
2024-11-16 10:26 - 2024-11-16 10:26 - 000247889 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822994.pdf
2024-11-16 10:13 - 2024-11-16 10:13 - 000120931 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822984 (1).pdf
2024-11-16 10:04 - 2024-11-16 10:04 - 000120931 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822984.pdf
2024-11-14 19:48 - 2024-11-14 19:48 - 000080534 _____ C:\Users\Belette\Downloads\ReleveDocument_14.11.2024.19.43.04.244.pdf
2024-11-14 14:40 - 2024-11-14 14:42 - 000053640 _____ C:\Users\Belette\OneDrive\Bureau\GcVm_qfXkAAf7YP.jfif
2024-11-13 12:24 - 2024-11-13 12:24 - 000000000 ___HD C:\$WinREAgent
2024-11-12 09:34 - 2024-11-12 09:34 - 003088379 _____ C:\Users\Belette\Downloads\Des mots qui en disent long.pdf
2024-11-08 17:27 - 2024-11-08 17:27 - 005318432 _____ C:\Users\Belette\Downloads\un petit coin .....mp4
2024-11-06 17:45 - 2024-11-06 17:45 - 000096626 _____ C:\Users\Belette\Downloads\Facture_Free_202407_29860715_1297547387.pdf
2024-11-05 10:19 - 2024-11-05 10:19 - 003355497 _____ C:\Users\Belette\Downloads\991d72e8-f7b7-4005-9785-7f40f3850379 (1).MP4
2024-11-02 00:04 - 2024-11-16 10:53 - 000000000 ____D C:\Users\Belette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-02 01:17 - 2023-04-28 23:11 - 000000000 ____D C:\Users\Belette\AppData\Local\Malwarebytes
2024-12-01 23:24 - 2023-08-28 13:23 - 000000000 ___RD C:\Users\Belette\OneDrive\Bureau\PPS2
2024-12-01 23:24 - 2022-02-01 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-01 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-01 17:14 - 2022-11-22 01:42 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Macron
2024-12-01 17:03 - 2023-11-30 10:54 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Icones
2024-12-01 11:25 - 2022-02-03 21:06 - 000187685 _____ C:\Users\Belette\OneDrive\Bureau\Coord.odt
2024-12-01 09:37 - 2022-02-01 17:43 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-01 09:37 - 2019-12-07 15:49 - 000809580 _____ C:\WINDOWS\system32\perfh00C.dat
2024-12-01 09:37 - 2019-12-07 15:49 - 000154982 _____ C:\WINDOWS\system32\perfc00C.dat
2024-12-01 09:29 - 2022-02-01 17:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-01 09:29 - 2022-02-01 16:37 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-01 09:29 - 2022-01-28 18:53 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-01 09:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-11-30 18:46 - 2022-01-29 15:03 - 000000000 ___RD C:\Users\Belette\OneDrive
2024-11-30 17:09 - 2024-10-25 17:42 - 000383593 _____ C:\Users\Belette\OneDrive\Bureau\Manuel_de_civilité_pour_les_petites_filles_à_l’usage_des_maisons_d’éducation.pdf
2024-11-29 10:35 - 2022-12-16 19:37 - 000000000 ____D C:\Users\Belette\AppData\Local\CrashDumps
2024-11-28 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-28 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-28 08:51 - 2022-01-28 18:56 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-26 17:30 - 2023-08-15 15:09 - 000002467 _____ C:\Users\Belette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-26 17:30 - 2022-02-01 17:57 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2051906324-2869483229-801820330-1001
2024-11-26 17:30 - 2022-02-01 17:57 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2051906324-2869483229-801820330-1001
2024-11-25 18:12 - 2023-08-24 16:47 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Hollande
2024-11-25 09:29 - 2022-01-29 14:57 - 000000000 ___SD C:\Users\Belette\AppData\Roaming\Microsoft\Protect
2024-11-25 08:26 - 2022-02-01 17:57 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-25 08:26 - 2022-02-01 17:57 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-24 16:18 - 2023-12-08 12:27 - 000000000 ___RD C:\Users\Belette\OneDrive\Bureau\Humour Les Conneries et Cie de Marco - (page 100) - Vongotha63_files
2024-11-22 18:17 - 2022-01-29 14:57 - 000000000 ___SD C:\Users\Belette\AppData\Roaming\Microsoft\Credentials
2024-11-22 16:31 - 2022-02-03 19:07 - 000000000 ____D C:\Courrier
2024-11-21 09:25 - 2022-12-14 23:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-18 17:22 - 2024-08-12 18:32 - 000000000 ____D C:\Users\Belette\AppData\Roaming\Telegram Desktop
2024-11-18 17:20 - 2022-02-03 19:07 - 000000000 ____D C:\Comptes 25-10-2024
2024-11-17 12:22 - 2022-02-02 15:52 - 000000000 ____D C:\Users\Belette\AppData\Local\D3DSCache
2024-11-16 11:26 - 2024-09-12 14:23 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Vacances
2024-11-16 09:36 - 2022-02-03 11:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-11-16 09:34 - 2022-10-12 23:32 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-11-13 18:02 - 2022-02-01 17:25 - 000425832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-13 18:01 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-11-13 18:00 - 2022-01-28 18:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-13 13:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-13 13:34 - 2022-02-01 17:29 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-13 09:58 - 2022-01-29 16:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 09:44 - 2022-01-29 16:05 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-06 14:08 - 2023-08-24 16:47 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Hotel de ville
2024-11-05 10:46 - 2022-02-03 19:10 - 000000000 ____D C:\Aude 2023
==================== Fichiers à la racine de certains dossiers ========
2024-11-25 09:33 - 2024-11-25 09:33 - 000692736 _____ () C:\ProgramData\chrome.dll
2022-05-06 18:37 - 2024-10-04 09:30 - 000009728 _____ () C:\Users\Belette\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-10-15 17:00 - 2023-10-15 17:00 - 000003483 _____ () C:\Users\Belette\AppData\Local\recently-used.xbel
2023-01-29 23:31 - 2023-01-29 23:31 - 000000000 _____ () C:\Users\Belette\AppData\Local\{2C1E822D-CB15-4A08-A40A-CAFC49D3DFE4}
2023-01-29 23:31 - 2023-01-29 23:31 - 000000000 _____ () C:\Users\Belette\AppData\Local\{450B730D-BA6A-4595-BCE8-85EEB47EE0C0}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Belette (administrateur) sur JP (Packard Bell Easynote LE69KB) (02-12-2024 01:15:06)
Exécuté depuis C:\Users\Belette\OneDrive\Bureau\FRST64.exe
Profils chargés: Belette
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5131 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(C:\Program Files\Elantech\ETDCtrl.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(C:\Program Files\Elantech\ETDService.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(C:\Program Files\LibreOffice\program\soffice.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.bin
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(ctfmon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atieclxx.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <14>
(explorer.exe ->) (Microsoft Corporation) [Fichier non signé] C:\Comptes 25-10-2024\MSMONEY.EXE
(explorer.exe ->) (PhotoFiltre) [Fichier non signé] C:\Program Files (x86)\PhotoFiltre 7\PhotoFiltre7.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(explorer.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIWFE.EXE
(explorer.exe ->) (The Document Foundation -> The Document Foundation) C:\Program Files\LibreOffice\program\soffice.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0360470.inf_amd64_b06c374aee20d185\B360357\atiesrxx.exe
(services.exe ->) (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2409.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\ReaderNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\Belette\AppData\Local\Microsoft\OneDrive\24.216.1027.0003\FileCoAuth.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <3>
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [455968 2023-05-26] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2753808 2024-03-06] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\MRT: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender Security Center: Restriction <==== ATTENTION
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [Web Companion] => C:\Users\Belette\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe [3427032 2024-02-29] (Lavasoft Software Canada Inc. -> Lavasoft) <==== ATTENTION
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [EPSDNMON] => "" (Pas de fichier)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWFE.EXE [421736 2021-11-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [12292504 2024-11-13] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2051906324-2869483229-801820330-1001\...\Run: [MicrosoftEdgeAutoLaunch_5A59922AC05980AA9BA6F38E6C97CDC0] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-18\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIWFE.EXE [421736 2021-11-11] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EPSON XP-2100 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBWFE.DLL [187392 2018-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-22] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {F20F4669-A52D-4A0D-9852-B9D5686425EC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {19C8C297-3E6B-41C0-B3BF-15072A585B60} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {0796D271-E280-49D7-9F1C-D9BC2774BFA7} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "eb4c5553-02b3-4a79-a747-ffe3310bd4d6" --version "6.29.11342" --silent
Task: {C7503ABD-8ABA-4A19-9C5B-41095540797B} - System32\Tasks\CCleanerSkipUAC - Belette => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {26DF8445-6B84-44D5-8015-D2BE10DD531A} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe [5925392 2024-11-13] (Microsoft Windows -> Microsoft Corporation)
Task: {2DB3E144-6824-4CA4-929A-0C5660B7C053} - System32\Tasks\EPSON XP-2100 Series Update {B21C74D9-04AB-409D-98D6-B8228EAC29D2} => C:\Windows\System32\spool\drivers\x64\3\E_YTSWFE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {2EB390CB-20A5-45C4-91C6-769CB0219A1B} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{7267FF28-3AE5-49B0-BA07-67093DA8F0A0} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {919020F4-C765-4802-874E-8FB83BFEBAEA} - System32\Tasks\Microsoft\microsoft-windows-apin => C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe [58864 2022-06-25] (Microsoft Corporation -> Microsoft Corporation) -> C:\ProgramData\AuthenticMessaging\PinbDisc\C:\ProgramData\AuthenticMessaging\PinbDisc\MickVWzbjRb284.dll /U <==== ATTENTION
Task: {2D24575F-53C8-4084-A7CD-BCE9380DB8E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A7099A23-6F2B-4E6C-A362-4169DA26BF9C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B349BD48-35E8-42FF-A88C-B1ADA7A07331} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {48D79420-5CF2-4F84-974C-23A371C0C1CC} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-2051906324-2869483229-801820330-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\WINDOWS\System32\wpninprc.dll [24064 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {183ECA2A-92E2-4612-8B02-FB8043C53795} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [61624 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {CF52B6FD-5719-4EC2-9912-54083393CC69} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [69304 2020-08-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe
Task: C:\WINDOWS\Tasks\EPSON XP-2100 Series Update {B21C74D9-04AB-409D-98D6-B8228EAC29D2}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSWFE.EXE:/EXE:{B21C74D9-04AB-409D-98D6-B8228EAC29D2} /F:UpdateWORKGROUP\JP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyEnable: [S-1-5-21-2051906324-2869483229-801820330-1001] => Proxy est activé.
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\356425F593634303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\7596669602C456022414252756A79656E6F52374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\7596669602C456022414252756A79656E6F52374: [DhcpDomain] home
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\7596669602C456022414252756A79656E6F52374F5548545: [DhcpNameServer] 192.168.1.14
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\C496675626F687D253839303: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{9bd9fca3-0365-4e9e-b4ed-50c4fe46ad2f}\C496675626F687D253839303: [DhcpDomain] home
Tcpip\..\Interfaces\{9d48850e-8f6a-4bc0-a096-0da3436f69df}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{bc302e7b-89eb-4257-9733-6449ef39bb3b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bc302e7b-89eb-4257-9733-6449ef39bb3b}\255646D696029314: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{bc302e7b-89eb-4257-9733-6449ef39bb3b}\356425F593030383: [DhcpNameServer] 192.168.1.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Belette\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-02]
Edge Notifications: Default -> hxxps://twitter.com
Edge HomePage: Default -> hxxps://
Edge DefaultSearchURL: Default -> hxxps://find.fnavigate-now.com/results.aspx?d=070823&n=0670&q={searchTerms}&gd=RD1002836&searchsource=69
Edge DefaultSearchKeyword: Default -> yahoosearch
Edge DefaultSuggestURL: Default -> hxxp://api.bing.com/osjson.aspx?query={searchTerms}
Edge Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-06]
Edge Extension: (Edge relevant text changes) - C:\Users\Belette\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-16]
FireFox:
========
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-11-13] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default [2024-12-02]
CHR Notifications: Default -> hxxps://www.commentcamarche.net; hxxps://www.fram.fr; hxxps://www.macifavantages.fr; hxxps://www.promovacances.com
CHR HomePage: Default -> hxxps://
CHR StartupUrls: Default -> "hxxps://"
CHR Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-26]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2024-11-23]
CHR Extension: (YouGov Safe) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbenbpjiigbogcmofbmoojbkojdmojfl [2024-11-22]
CHR Extension: (Save Image As PNG) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkokmeaibnajheohncaamjggkanfbphi [2024-06-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-02]
CHR Extension: (Macif Avantages) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipjcohppciapfdojclipkpddkncidjo [2024-11-12]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-03-14]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-11-25]
CHR HomePage: Profile 1 -> hxxps://
CHR StartupUrls: Profile 1 -> "hxxps://"
CHR DefaultSearchURL: Profile 1 -> hxxps://websearcher-red.com/search?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D&q={searchTerms}
CHR DefaultSearchKeyword: Profile 1 -> websearcher-red.com
CHR DefaultNewTabURL: Profile 1 -> hxxps://websearcher-red.com/nt?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D
CHR Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-07-20]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-19]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 3 [2024-03-14]
CHR HomePage: Profile 3 -> hxxps://
CHR StartupUrls: Profile 3 -> "hxxps://"
CHR DefaultSearchURL: Profile 3 -> hxxps://websearcher-red.com/search?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D&q={searchTerms}
CHR DefaultSearchKeyword: Profile 3 -> websearcher-red.com
CHR DefaultNewTabURL: Profile 3 -> hxxps://websearcher-red.com/nt?dd=a3h3a2FaSUNZUltNRVpQF0FOXVNfQAtaVltBR15UXUFEFyQqMRYiMAQaNAMsIgsnHScZTB0mCSo1IT0QXDQ2OVEZThAqPi45MjIgODk2LgYiPEc7JTQ6AC4%3D
CHR Extension: (Google Docs hors connexion) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-07-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Belette\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-07-19]
CHR Profile: C:\Users\Belette\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-30]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
Opera:
=======
OPR Profile: C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable [2024-05-03]
OPR DefaultSearchURL: Opera Stable -> hxxps://www.google.com/search?client=opera&q={searchTerms}&sourceid=opera&ie={inputEncoding}&oe={outputEncoding}
OPR DefaultSearchKeyword: Opera Stable -> g
OPR Extension: (Rich Hints Agent) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2023-07-15]
OPR Extension: (Opera Wallet) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\gojhcdgcpbpfigcaejpfhfegekdgiblk [2023-08-02]
OPR Extension: (Aria) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\igpdmclhhlcpoindmhkhillbfhdgoegm [2023-08-02]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Belette\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2023-04-14]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2018-12-05] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9424792 2024-11-16] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-03-14] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 MicrosoftEdgeElevationService1d94449aa64fde4; C:\Program Files (x86)\Microsoft\Edge\Application\131.0.2903.70\elevation_service.exe [1819192 2024-11-25] (Microsoft Corporation -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-04-18] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [Fichier non signé]
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [231504 2024-10-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2022-12-14] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-02 01:15 - 2024-12-02 01:19 - 000024338 _____ C:\Users\Belette\OneDrive\Bureau\FRST.txt
2024-12-02 01:13 - 2024-12-02 01:17 - 000000000 ____D C:\FRST
2024-12-02 00:06 - 2024-12-02 00:06 - 002402816 _____ (Farbar) C:\Users\Belette\OneDrive\Bureau\FRST64.exe
2024-12-01 17:00 - 2024-12-01 17:00 - 001613137 _____ C:\Users\Belette\Downloads\Realisme.mp4
2024-12-01 16:55 - 2024-12-01 16:55 - 007614840 _____ C:\Users\Belette\Downloads\grammaire.mp4
2024-12-01 16:54 - 2024-12-01 16:54 - 004249969 _____ C:\Users\Belette\Downloads\EDF en Afrique.JPP.mp4
2024-12-01 16:39 - 2024-12-01 16:39 - 004059299 _____ C:\Users\Belette\Downloads\ASPA pour les feignants.mp4
2024-12-01 16:19 - 2024-12-01 16:20 - 001440192 _____ C:\Users\Belette\OneDrive\Bureau\justpourire vrac.pdf
2024-12-01 16:17 - 2024-12-01 16:17 - 001440192 _____ C:\Users\Belette\Downloads\justpourire vrac.pdf
2024-12-01 11:20 - 2024-12-01 11:25 - 000000087 ____H C:\Users\Belette\OneDrive\Bureau\.~lock.Coord.odt#
2024-12-01 11:19 - 2024-12-01 11:19 - 000157204 _____ C:\Users\Belette\OneDrive\Bureau\Livres — Juan Branco.html
2024-12-01 11:19 - 2024-12-01 11:19 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Livres — Juan Branco_files
2024-11-30 16:54 - 2024-11-30 16:54 - 000147233 _____ C:\Users\Belette\Downloads\Gamiani_ou_Deux_nuits_d’excès_(1912).epub
2024-11-30 00:17 - 2024-11-30 00:17 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (10).pdf
2024-11-29 14:18 - 2024-11-29 14:18 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (9).pdf
2024-11-29 14:14 - 2024-11-29 14:14 - 000263754 _____ C:\Users\Belette\Downloads\Visa de tourisme électronique .pdf
2024-11-27 18:20 - 2024-11-27 18:20 - 000110126 _____ C:\Users\Belette\Downloads\GdVCycfXoAAplyC.jfif
2024-11-27 18:04 - 2024-11-27 18:04 - 000110126 _____ C:\Users\Belette\OneDrive\Bureau\GdVCycfXoAAplyC.jfif
2024-11-27 14:27 - 2024-11-27 14:27 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (8).pdf
2024-11-27 09:38 - 2024-11-27 09:38 - 003717061 _____ C:\Users\Belette\Downloads\GAZ-11.mp4
2024-11-27 09:31 - 2024-11-27 09:31 - 010148701 _____ C:\Users\Belette\Downloads\Gustave Eiffel !.mp4
2024-11-26 18:13 - 2024-11-26 18:13 - 000001225 _____ C:\Users\Belette\Downloads\pdfList (7).pdf
2024-11-26 17:32 - 2024-11-26 17:32 - 004246487 _____ C:\Users\Belette\Downloads\Les marchands de haine.mp4
2024-11-25 11:12 - 2024-11-25 11:12 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (6).pdf
2024-11-25 09:33 - 2024-11-25 09:33 - 000692736 _____ C:\ProgramData\chrome.dll
2024-11-25 09:28 - 2024-11-25 09:46 - 000000000 ___HD C:\ProgramData\Ssd
2024-11-25 09:27 - 2024-11-25 09:27 - 000000000 ____D C:\Users\Belette\Downloads\worker
2024-11-25 09:25 - 2024-11-25 09:25 - 000000207 _____ C:\Users\Belette\Downloads\worker.zip
2024-11-25 09:24 - 2024-11-25 09:24 - 000000201 _____ C:\Users\Belette\Downloads\key.zip
2024-11-25 08:32 - 2024-11-25 08:32 - 006900711 _____ C:\Users\Belette\Downloads\Pub a lancienne pour le slipfrancais11.mp4
2024-11-24 11:24 - 2024-11-24 11:24 - 000364774 _____ C:\Users\Belette\Downloads\Sagesse africaine..pdf
2024-11-24 11:23 - 2024-11-24 11:23 - 003004549 _____ C:\Users\Belette\Downloads\WhatsApp VidA-o 2024-10-03 A- 15.13.29 43124fd6.mp4
2024-11-24 09:29 - 2024-11-24 09:29 - 002146816 _____ C:\Users\Belette\Downloads\Humour_2017.pps
2024-11-24 09:29 - 2024-11-24 09:29 - 002146816 _____ C:\Users\Belette\Downloads\Humour_2017 (1).pps
2024-11-22 18:29 - 2024-11-22 18:30 - 000001225 _____ C:\Users\Belette\Downloads\pdfList (5).pdf
2024-11-22 12:05 - 2024-11-22 12:05 - 000106347 _____ C:\Users\Belette\Downloads\Factures JP Belette - Septembre 2024.pdf
2024-11-22 12:03 - 2024-11-22 12:03 - 000106201 _____ C:\Users\Belette\Downloads\Factures JP Belette - Octobre 2024.pdf
2024-11-22 11:38 - 2024-11-22 11:38 - 001164872 _____ C:\Users\Belette\Downloads\GS6402FR-Configurer.odt
2024-11-21 18:27 - 2024-11-21 18:27 - 000000334 _____ C:\Users\Belette\Downloads\video.htm
2024-11-21 10:07 - 2024-11-21 10:07 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (4).pdf
2024-11-21 09:39 - 2024-11-21 09:40 - 000018986 _____ C:\Users\Belette\Downloads\20241121-2501041649.pdf
2024-11-19 11:20 - 2024-11-19 11:20 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (3).pdf
2024-11-19 10:17 - 2024-11-19 10:17 - 015098496 _____ C:\Users\Belette\Downloads\VIDEO-2024-10-20-09-11-02.mp4
2024-11-18 17:40 - 2024-11-18 17:40 - 000001223 _____ C:\Users\Belette\Downloads\pdfList (2).pdf
2024-11-18 15:14 - 2024-11-18 15:14 - 000001236 _____ C:\Users\Belette\Downloads\pdfList (1).pdf
2024-11-17 11:08 - 2024-11-17 11:08 - 000356858 _____ C:\Users\Belette\Downloads\Places.pdf
2024-11-17 11:00 - 2024-11-17 11:00 - 000120713 _____ C:\Users\Belette\Downloads\votre-cinecheque-imprime-le-17-11-2024_11h00m00.pdf
2024-11-17 10:30 - 2024-11-17 10:30 - 000120821 _____ C:\Users\Belette\Downloads\votre-cinecheque-imprime-le-17-11-2024_10h30m30.pdf
2024-11-17 10:29 - 2024-11-17 10:29 - 000120811 _____ C:\Users\Belette\Downloads\votre-cinecheque-imprime-le-17-11-2024_10h29m29.pdf
2024-11-17 10:28 - 2024-11-17 10:28 - 000077796 _____ C:\Users\Belette\OneDrive\Bureau\Systempay.html
2024-11-17 10:28 - 2024-11-17 10:28 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Systempay_files
2024-11-17 10:27 - 2024-11-17 10:27 - 000156485 _____ C:\Users\Belette\Downloads\ticket (1).pdf
2024-11-17 10:26 - 2024-11-17 10:27 - 000156485 _____ C:\Users\Belette\Downloads\ticket.pdf
2024-11-16 19:22 - 2024-11-16 19:22 - 000001236 _____ C:\Users\Belette\Downloads\pdfList.pdf
2024-11-16 11:34 - 2024-11-16 11:34 - 000080534 _____ C:\Users\Belette\Downloads\ReleveDocument_14.11.2024.19.43.04.244 (1).pdf
2024-11-16 11:27 - 2024-11-16 11:27 - 000283351 _____ C:\Users\Belette\Downloads\FORMULAIRE_D_INFORMATION_STANDARD.pdf
2024-11-16 10:32 - 2024-11-16 10:32 - 000120686 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822998.pdf
2024-11-16 10:26 - 2024-11-16 10:26 - 000247889 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822994.pdf
2024-11-16 10:13 - 2024-11-16 10:13 - 000120931 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822984 (1).pdf
2024-11-16 10:04 - 2024-11-16 10:04 - 000120931 _____ C:\Users\Belette\Downloads\Certificat d'Assurance 1822984.pdf
2024-11-14 19:48 - 2024-11-14 19:48 - 000080534 _____ C:\Users\Belette\Downloads\ReleveDocument_14.11.2024.19.43.04.244.pdf
2024-11-14 14:40 - 2024-11-14 14:42 - 000053640 _____ C:\Users\Belette\OneDrive\Bureau\GcVm_qfXkAAf7YP.jfif
2024-11-13 12:24 - 2024-11-13 12:24 - 000000000 ___HD C:\$WinREAgent
2024-11-12 09:34 - 2024-11-12 09:34 - 003088379 _____ C:\Users\Belette\Downloads\Des mots qui en disent long.pdf
2024-11-08 17:27 - 2024-11-08 17:27 - 005318432 _____ C:\Users\Belette\Downloads\un petit coin .....mp4
2024-11-06 17:45 - 2024-11-06 17:45 - 000096626 _____ C:\Users\Belette\Downloads\Facture_Free_202407_29860715_1297547387.pdf
2024-11-05 10:19 - 2024-11-05 10:19 - 003355497 _____ C:\Users\Belette\Downloads\991d72e8-f7b7-4005-9785-7f40f3850379 (1).MP4
2024-11-02 00:04 - 2024-11-16 10:53 - 000000000 ____D C:\Users\Belette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-12-02 01:17 - 2023-04-28 23:11 - 000000000 ____D C:\Users\Belette\AppData\Local\Malwarebytes
2024-12-01 23:24 - 2023-08-28 13:23 - 000000000 ___RD C:\Users\Belette\OneDrive\Bureau\PPS2
2024-12-01 23:24 - 2022-02-01 17:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-12-01 18:19 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-01 17:14 - 2022-11-22 01:42 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Macron
2024-12-01 17:03 - 2023-11-30 10:54 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Icones
2024-12-01 11:25 - 2022-02-03 21:06 - 000187685 _____ C:\Users\Belette\OneDrive\Bureau\Coord.odt
2024-12-01 09:37 - 2022-02-01 17:43 - 000005810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-12-01 09:37 - 2019-12-07 15:49 - 000809580 _____ C:\WINDOWS\system32\perfh00C.dat
2024-12-01 09:37 - 2019-12-07 15:49 - 000154982 _____ C:\WINDOWS\system32\perfc00C.dat
2024-12-01 09:29 - 2022-02-01 17:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-12-01 09:29 - 2022-02-01 16:37 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-12-01 09:29 - 2022-01-28 18:53 - 000008192 ___SH C:\DumpStack.log.tmp
2024-12-01 09:27 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-11-30 18:46 - 2022-01-29 15:03 - 000000000 ___RD C:\Users\Belette\OneDrive
2024-11-30 17:09 - 2024-10-25 17:42 - 000383593 _____ C:\Users\Belette\OneDrive\Bureau\Manuel_de_civilité_pour_les_petites_filles_à_l’usage_des_maisons_d’éducation.pdf
2024-11-29 10:35 - 2022-12-16 19:37 - 000000000 ____D C:\Users\Belette\AppData\Local\CrashDumps
2024-11-28 08:59 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-28 08:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-28 08:51 - 2022-01-28 18:56 - 000002454 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-26 17:30 - 2023-08-15 15:09 - 000002467 _____ C:\Users\Belette\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-11-26 17:30 - 2022-02-01 17:57 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2051906324-2869483229-801820330-1001
2024-11-26 17:30 - 2022-02-01 17:57 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2051906324-2869483229-801820330-1001
2024-11-25 18:12 - 2023-08-24 16:47 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Hollande
2024-11-25 09:29 - 2022-01-29 14:57 - 000000000 ___SD C:\Users\Belette\AppData\Roaming\Microsoft\Protect
2024-11-25 08:26 - 2022-02-01 17:57 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-25 08:26 - 2022-02-01 17:57 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-24 16:18 - 2023-12-08 12:27 - 000000000 ___RD C:\Users\Belette\OneDrive\Bureau\Humour Les Conneries et Cie de Marco - (page 100) - Vongotha63_files
2024-11-22 18:17 - 2022-01-29 14:57 - 000000000 ___SD C:\Users\Belette\AppData\Roaming\Microsoft\Credentials
2024-11-22 16:31 - 2022-02-03 19:07 - 000000000 ____D C:\Courrier
2024-11-21 09:25 - 2022-12-14 23:55 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-18 17:22 - 2024-08-12 18:32 - 000000000 ____D C:\Users\Belette\AppData\Roaming\Telegram Desktop
2024-11-18 17:20 - 2022-02-03 19:07 - 000000000 ____D C:\Comptes 25-10-2024
2024-11-17 12:22 - 2022-02-02 15:52 - 000000000 ____D C:\Users\Belette\AppData\Local\D3DSCache
2024-11-16 11:26 - 2024-09-12 14:23 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Vacances
2024-11-16 09:36 - 2022-02-03 11:04 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2024-11-16 09:34 - 2022-10-12 23:32 - 000002085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-11-13 18:02 - 2022-02-01 17:25 - 000425832 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-13 18:01 - 2019-12-07 10:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2024-11-13 18:00 - 2022-01-28 18:57 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-13 17:59 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2024-11-13 17:58 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-13 13:58 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-13 13:34 - 2022-02-01 17:29 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-13 09:58 - 2022-01-29 16:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 09:44 - 2022-01-29 16:05 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-06 14:08 - 2023-08-24 16:47 - 000000000 ____D C:\Users\Belette\OneDrive\Bureau\Hotel de ville
2024-11-05 10:46 - 2022-02-03 19:10 - 000000000 ____D C:\Aude 2023
==================== Fichiers à la racine de certains dossiers ========
2024-11-25 09:33 - 2024-11-25 09:33 - 000692736 _____ () C:\ProgramData\chrome.dll
2022-05-06 18:37 - 2024-10-04 09:30 - 000009728 _____ () C:\Users\Belette\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2023-10-15 17:00 - 2023-10-15 17:00 - 000003483 _____ () C:\Users\Belette\AppData\Local\recently-used.xbel
2023-01-29 23:31 - 2023-01-29 23:31 - 000000000 _____ () C:\Users\Belette\AppData\Local\{2C1E822D-CB15-4A08-A40A-CAFC49D3DFE4}
2023-01-29 23:31 - 2023-01-29 23:31 - 000000000 _____ () C:\Users\Belette\AppData\Local\{450B730D-BA6A-4595-BCE8-85EEB47EE0C0}
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================