Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 24-03-2025
Exécuté par MCFIVE (ATTENTION: L'utilisateur n'est pas administrateur) sur PC_MATERIEL_NET (Gigabyte Technology Co., Ltd. B460 AORUS PRO AC) (28-03-2025 13:55:07)
Exécuté depuis C:\Users\MCFIVE\Downloads\FRST64.exe
Profils chargés: MCFIVE
Plate-forme: Windows 10 Version 22H2 19045.5679 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2512.1.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe
(C:\Program Files (x86)\oDownloader\oDownloader.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\MCFIVE\AppData\Local\Programs\Opera\117.0.5408.53\opera_crashreporter.exe
(cmd.exe ->) (Infatica pte ltd -> ) C:\Program Files (x86)\oDownloader\bin\infatica-service-app.exe
(Enghouse Interactive (UK) Limited -> ) C:\Users\MCFIVE\AppData\Local\lifesize_app\app-3.0.17\Lifesize App Service.exe
(Enghouse Interactive (UK) Limited -> Lifesize) C:\Users\MCFIVE\AppData\Local\lifesize_app\app-3.0.17\Lifesize.exe <6>
(explorer.exe ->) (Ariane Software -> Ariane Software) C:\Users\MCFIVE\AppData\Local\Fortuneo\Live Trader\livetrader64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (nordvpn s.a. -> NordVPN) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (oDownloader) [Fichier non signé] C:\Program Files (x86)\oDownloader\oDownloader.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe <23>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5>
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MCFIVE\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MCFIVE\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <37>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
Impossible d'accéder au processus -> armsvc.exe
Impossible d'accéder au processus -> conhost.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> dasHost.exe
Impossible d'accéder au processus -> dllhost.exe
Impossible d'accéder au processus -> dwm.exe
Impossible d'accéder au processus -> EvtEng.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> GigabyteUpdateService.exe
Impossible d'accéder au processus -> ibtsiva.exe
Impossible d'accéder au processus -> jhi_service.exe
Impossible d'accéder au processus -> LMS.exe
Impossible d'accéder au processus -> LogiFacecamService.exe
Impossible d'accéder au processus -> lsass.exe
Impossible d'accéder au processus -> MBAMService.exe
Impossible d'accéder au processus -> MoUsoCoreWorker.exe
Impossible d'accéder au processus -> msdtc.exe
Impossible d'accéder au processus -> nordsec-threatprotection-service.exe
Impossible d'accéder au processus -> NordUpdateService.exe
Impossible d'accéder au processus -> nordvpn-service.exe
Impossible d'accéder au processus -> NVDisplay.Container.exe
Impossible d'accéder au processus -> NVDisplay.Container.exe
Impossible d'accéder au processus -> nvWmi64.exe
Impossible d'accéder au processus -> nvWmi64.exe
Impossible d'accéder au processus -> RtkAudUService64.exe
Impossible d'accéder au processus -> SearchIndexer.exe
Impossible d'accéder au processus -> SecurityHealthService.exe
Impossible d'accéder au processus -> Service.exe
Impossible d'accéder au processus -> services.exe
Impossible d'accéder au processus -> smss.exe
Impossible d'accéder au processus -> spoolsv.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> unsecapp.exe
Impossible d'accéder au processus -> wininit.exe
Impossible d'accéder au processus -> winlogon.exe
Impossible d'accéder au processus -> wlanext.exe
Impossible d'accéder au processus -> WUDFHost.exe
Impossible d'accéder au processus -> WUDFHost.exe
Impossible d'accéder au processus -> WUDFHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [612304 2019-11-18] (NIKON CORPORATION -> Nikon Corporation)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.85\Installer\setup.exe [7548456 2025-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [NordLockerSysTray] => C:\Program Files\NordLocker\NordLocker.SysTray.exe (Pas de fichier)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\MCFIVE\AppData\Local\WhatsApp\Update.exe [1838264 2022-06-17] (WhatsApp, Inc -> GitHub)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [oDownloader] => C:\Program Files (x86)\oDownloader\oDownloader.exe [239104 2021-06-17] (oDownloader) [Fichier non signé]
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.Teams.Teams] => C:\Users\MCFIVE\AppData\Local\Microsoft\Teams\Update.exe [2603768 2025-03-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [559976 2025-01-20] (nordvpn s.a. -> NordVPN)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Google+ Auto Backup] => C:\Users\MCFIVE\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-07-31] (Google Inc -> Google Inc.)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [BraveSoftware Update] => C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\BraveUpdateCore.exe [199704 2024-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Lifesize App Service] => C:\Users\MCFIVE\AppData\Local\lifesize_app\Lifesize.exe [580632 2024-11-25] (Enghouse Interactive (UK) Limited -> Lifesize)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.lifesize_app.Lifesize] => C:\Users\MCFIVE\AppData\Local\lifesize_app\update.exe [1838616 2024-06-13] (Enghouse Interactive (UK) Limited -> GitHub)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Opera Stable] => C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe [1606552 2025-03-07] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [GoogleUpdaterTaskUser136.0.7079.0] => C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\136.0.7079.0\updater.exe [7017568 2025-03-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.167\Installer\chrmstp.exe [2025-03-25] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{02a7c8c2-9f8b-45a1-941d-d921b6c4ea86}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\255646D6960213030223032323: [DhcpNameServer] 192.168.140.140
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\E4544574541425F5548545: [DhcpNameServer] 192.168.1.250
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\F42716E676560214962726F687D273245364: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\F42716E676560214962726F687D273245364: [DhcpDomain] home
Tcpip\..\Interfaces\{ee0b3e05-79c8-4fd3-91a5-eafdbb475e44}: [DhcpNameServer] 103.86.96.100 103.86.99.100
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\MCFIVE\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-27]
Edge Notifications: Default -> hxxps://fr.ecoflow.com; hxxps://lecourrierdesstrateges.fr; hxxps://web.whatsapp.com; hxxps://www.comment-economiser.fr; hxxps://www.facebook.com; hxxps://www.zebulon.fr
Edge Extension: (Google Docs hors connexion) - C:\Users\MCFIVE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\MCFIVE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [fphgeikpdcdcheaochkhldmnfblfogla]
FireFox:
========
FF DefaultProfile: 3ixakq9q.default
FF ProfilePath: C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\3ixakq9q.default [2024-12-01]
FF ProfilePath: C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851 [2025-03-28]
FF Session Restore: Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851 -> hxxps://www.comment-economiser.fr; hxxps://www.huffingtonpost.fr; hxxps://invest.livaxxen.org; hxxps://atomix.chat; hxxps://fr.aliexpress.com; hxxps://www.zebulon.fr; hxxps://app.revolut.com; hxxps://fr.mail.yahoo.com; hxxps://cutm9g6071bc73dosu30.enhanceconnection.co.in; hxxps://h2qlvjpsb4umbx.enhanceconnection.co.in; hxxps://f2e8sid9qv67ie.enhanceconnection.co.in
FF Extension: (AdBlocker Ultimate) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\adblockultimate@adblockultimate.net.xpi [2025-02-15]
FF Extension: (Dark Reader) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\addon@darkreader.org.xpi [2025-03-01]
FF Extension: (Zamu - Coupons et remises automatiques) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\addon@zamu.com.xpi [2024-06-11]
FF Extension: (Expressionist – Balanced) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\expressionist-balanced-colorway@mozilla.org.xpi [2023-03-26]
FF Extension: (To Google Translate) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-01-30]
FF Extension: (AdBlocker for YouTube™) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2024-07-30]
FF Extension: (Correcteur d’orthographe et reformulateur — LanguageTool) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\languagetool-webextension@languagetool.org.xpi [2025-01-15]
FF Extension: (Video DownloadHelper) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-02-01]
FF Extension: (FranceVerif - Sécurité en ligne) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\{cac6293f-5570-4186-a217-c8985fd59228}.xpi [2024-10-13]
FF Extension: (Fix add-ons signed before 2018 (Bug 1954818)) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\features\{61224394-a08f-4990-bada-822b2f1ee2b1}\hotfix-intermediate-2018@mozilla.com.xpi [2025-03-24]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default [2025-03-28]
CHR DownloadDir: E:\
CHR Notifications: Default -> hxxps://fr.aliexpress.com; hxxps://fr.shopping.rakuten.com; hxxps://quixoticsands.com; hxxps://twitter.com; hxxps://www.alibaba.com; hxxps://www.francesoir.fr; hxxps://www.netflix.com
CHR Extension: (Google Traduction) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-11-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Duolingo sur le Web) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2022-12-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2025-03-26]hxxp://clients2.google.com/service/update2/crx
CHR Extension: (DuckDuckGo) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-02-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Block Sender) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklnjbfcmglhiaoppcckdodanccbelcg [2024-08-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2025-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-03-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock pour Youtube™) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2025-03-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Slate) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhmcmgkegfffbbfobhjpdbimgmoohap [2022-12-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dark Reader) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2025-03-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ChatGPT) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcfepkfckglbgocfkanmcdngdijcgld [2025-02-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Tab Suspender) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2025-02-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2024-12-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs hors connexion) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (AdBlock - bloquez les publicités sur le web) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (IE Tab) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2024-12-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Qwant) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2024-12-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Mate Translate - traducteur, dictionnaire) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2024-12-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Lilo, Moteur et solidaire) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcpleigehknabkajbcccdfgflpajfaog [2024-06-13]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2025-01-11]hxxp://clients2.google.com/service/update2/crx
CHR Extension: (Adblock for You) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcaehilgakehloljjmajoempaflmdci [2024-09-03]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-12-01]
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-03-25]
CHR Notifications: Profile 2 -> hxxps://atomix.chat; hxxps://crypto.com; hxxps://invest.livaxxen.org; hxxps://mail.yahoo.com; hxxps://www.boulanger.com; hxxps://www.greenweez.com; hxxps://www.tiktok.com
CHR Extension: (Authenticator) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-11-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Trust Wallet) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\egjidjbpglichdcondbcbdnbeeppgdph [2025-03-21]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs hors connexion) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-06]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\System Profile [2025-03-27]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-916869094-3403233507-1452638425-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR DefaultProfile: Default
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-03-22]
BRA Notifications: Default -> hxxps://invest.livaxxen.org
BRA NewTab: Default -> Not-active:"chrome-extension://kbbbldgkhcpkmmjbjelmkjkchibeklng/n.html"
BRA Extension: (Google Traduction) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-09]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-19]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Dark Reader) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2025-03-05]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-19]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Dark Reader Dark) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kbbbldgkhcpkmmjbjelmkjkchibeklng [2022-01-22]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-03-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-03-22]
BRA Extension: (Brave NTP background images) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-03-19]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-03-21]
BRA Extension: (Brave Ads Resources) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\bgifagoclclhhoflocdefiklgodpihog [2025-03-19]
BRA Extension: (Wallet Data Files Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-07]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-03-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-03]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2024-09-09]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-12-03]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2025-03-21]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-03-19]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-11-27]
BRA Extension: (Brave Ads Resources) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\ijgkfgmfiinppefbonemjidmkhgbonei [2024-02-25]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-03-21]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-11]
BRA Extension: (Brave NTP sponsored images) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2025-03-22]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-03-22]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-19]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-30]
Vivaldi:
=======
VIV DefaultProfile: Default
VIV Profile: C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default [2025-03-27]
VIV Notifications: Default -> hxxps://www.netflix.com
VIV Extension: (Google Traduction) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-06]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-21]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (EvAds - Enjoy Youtube without Ads) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\efogdjofkfbdigldgkepbbnhjegbhdfp [2024-01-24]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-27]hxxps://clients2.google.com/service/update2/crx
VIV Profile: C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Guest Profile [2024-12-01]
VIV Profile: C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\System Profile [2024-01-07]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [279040 2021-02-09] (CleverFiles) [Fichier non signé]
R2 Easy Connection to Screen; C:\Program Files\Samsung\Easy Connection to Screen\Service.exe [302352 2021-06-08] (Samsung Electronics CO., LTD. -> )
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.)
R3 lmhosts; C:\windows\System32\svchost.exe [57528 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 lmhosts; C:\windows\SysWOW64\svchost.exe [47040 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\tunnel\MBVpnTunnelService.exe [2788304 2025-03-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NlaSvc; C:\windows\System32\svchost.exe [57528 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NlaSvc; C:\windows\SysWOW64\svchost.exe [47040 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [2370016 2025-03-17] (nordvpn s.a. -> NordVPN)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [2509280 2025-01-20] (nordvpn s.a. -> NordVPN)
R2 nsi; C:\windows\system32\svchost.exe [57528 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 nsi; C:\windows\SysWOW64\svchost.exe [47040 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVWMI; C:\windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\NVWMI\nvWmi64.exe [4486648 2022-08-23] (Nvidia Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\windows\system32\GigabyteUpdateService.exe [536720 2025-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [158640 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 gdrv2; C:\windows\gdrv2.sys [32600 2021-02-26] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 KslD; C:\windows\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\windows\System32\Drivers\MbamChameleon.sys [234072 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [22120 2025-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\DRIVERS\farflt.sys [202856 2025-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\windows\System32\Drivers\mbam.sys [80448 2025-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239568 2025-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [189776 2025-03-27] (Malwarebytes Inc. -> Malwarebytes)
R3 mshield; C:\Program Files\NordVPN\NordSec ThreatProtection\1.5.37.2\mshield.sys [45384 2025-03-19] (nordvpn s.a. -> Nordvpn S.A.)
R2 NDivert; C:\Program Files\NordVPN\7.37.1.0\Drivers\NDivert.sys [196544 2025-03-17] (nordvpn s.a. -> NordVPN S.A.)
R4 NordDivert10; C:\Program Files\NordVPN\7.37.1.0\NordDivert1064.sys [101240 2025-03-13] (nordvpn s.a. -> NordVPN/Basil)
R3 ovpn-dco; C:\windows\System32\drivers\ovpn-dco.sys [91584 2024-06-05] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\windows\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\windows\System32\drivers\wintun.sys [29592 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\windows\System32\drivers\wireguard.sys [489368 2023-02-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-28 13:55 - 2025-03-28 13:55 - 000000000 ____D C:\FRST
2025-03-28 13:50 - 2025-03-28 13:50 - 000001520 _____ C:\Users\MCFIVE\Desktop\FRST64.exe - Raccourci.lnk
2025-03-28 13:48 - 2025-03-28 13:54 - 002404352 _____ (Farbar) C:\Users\MCFIVE\Downloads\FRST64.exe
2025-03-27 08:28 - 2025-03-27 08:28 - 000189776 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2025-03-26 15:20 - 2025-03-26 15:20 - 000000000 ___HD C:\$WinREAgent
2025-03-25 09:38 - 2025-03-25 09:38 - 000008763 _____ C:\Users\MCFIVE\Downloads\Transaction History.pdf
2025-03-24 14:18 - 2025-03-24 14:18 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire (2)-2.pdf
2025-03-24 14:08 - 2025-03-24 14:08 - 000034028 _____ C:\Users\MCFIVE\Downloads\CONFIRMATION OF FUNDS RECEIPT_.pdf
2025-03-24 11:12 - 2025-03-24 11:12 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire (2)-1.pdf
2025-03-24 10:31 - 2025-03-24 10:31 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire (2).pdf
2025-03-21 16:43 - 2025-03-21 16:43 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\WhatsApp
2025-03-21 12:22 - 2025-03-21 12:22 - 000092310 _____ C:\Users\MCFIVE\Downloads\Scan.pdf
2025-03-18 18:38 - 2025-03-28 13:51 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\Malwarebytes
2025-03-18 18:38 - 2025-03-18 18:38 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-03-18 18:38 - 2025-03-18 18:38 - 000002048 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-03-18 18:37 - 2025-03-18 18:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-03-18 18:36 - 2025-03-18 18:37 - 000000000 ____D C:\Program Files\Malwarebytes
2025-03-18 18:35 - 2025-03-18 18:35 - 002834160 _____ (Malwarebytes) C:\Users\MCFIVE\Downloads\MBSetup(1).exe
2025-03-18 18:16 - 2025-03-18 20:00 - 000044810 _____ C:\Users\MCFIVE\Downloads\Releve-compte-28-02-2025.pdf
2025-03-18 17:07 - 2025-03-18 20:00 - 002834160 _____ (Malwarebytes) C:\Users\MCFIVE\Downloads\MBSetup.exe
2025-03-17 15:34 - 2025-03-17 15:34 - 000005522 _____ C:\Users\MCFIVE\Downloads\BALANCE_TRANSACTIONAL_REPORT.csv
2025-03-17 15:25 - 2025-03-17 15:25 - 000044634 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-08-2024-2.pdf
2025-03-17 15:12 - 2025-03-17 15:12 - 000044795 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-09-2024-2.pdf
2025-03-17 15:06 - 2025-03-17 15:06 - 000044795 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-09-2024-1.pdf
2025-03-17 15:06 - 2025-03-17 15:06 - 000044636 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-04-2024.pdf
2025-03-17 15:06 - 2025-03-17 15:06 - 000044634 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-08-2024-1.pdf
2025-03-17 14:47 - 2025-03-17 14:47 - 000044795 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-09-2024.pdf
2025-03-17 14:45 - 2025-03-17 14:45 - 000083883 _____ C:\Users\MCFIVE\Downloads\Releve-compte-31-10-2023.pdf
2025-03-17 14:45 - 2025-03-17 14:45 - 000044634 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-08-2024.pdf
2025-03-17 14:44 - 2025-03-17 14:44 - 000190258 _____ C:\Users\MCFIVE\Downloads\Releve-compte-29-09-2023.pdf
2025-03-17 14:43 - 2025-03-17 14:43 - 000040421 _____ C:\Users\MCFIVE\Downloads\Releve-compte-31-08-2023.pdf
2025-03-16 23:08 - 2025-03-16 10:33 - 000016474 _____ C:\Users\MCFIVE\Documents\FLORENCE%20JUSTIFICATIF%20CHEQUE%20.odt_1.odt
2025-03-16 17:15 - 2025-03-16 17:15 - 000024860 _____ C:\Users\MCFIVE\Downloads\iban_M_OU_MME_MICHEL_CARMAGNAT_00020388601 (2).pdf
2025-03-16 16:48 - 2025-03-16 16:48 - 000101694 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-12.pdf
2025-03-16 16:47 - 2025-03-16 16:47 - 000101686 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-11.pdf
2025-03-16 16:47 - 2025-03-16 16:47 - 000099684 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-9.pdf
2025-03-16 16:47 - 2025-03-16 16:47 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-10.pdf
2025-03-16 16:46 - 2025-03-16 16:46 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-8.pdf
2025-03-12 12:45 - 2025-03-12 12:45 - 000000465 _____ C:\Users\MCFIVE\Downloads\HistoriqueOperations_013193528041.zip
2025-03-11 20:26 - 2025-03-28 08:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-11 09:16 - 2025-03-11 09:16 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-7.pdf
2025-03-10 18:42 - 2025-03-10 18:42 - 000268549 _____ C:\Users\MCFIVE\Downloads\DISCLAIMER FORM_.pdf
2025-03-10 10:28 - 2025-03-10 10:28 - 000001069 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor Browser.lnk
2025-03-10 10:28 - 2025-03-10 10:28 - 000000000 ____D C:\Users\MCFIVE\Tor Browser
2025-03-10 10:23 - 2025-03-10 10:24 - 110504976 _____ C:\Users\MCFIVE\Documents\tor-browser-windows-x86_64-portable-14.0.7.exe
2025-03-10 08:47 - 2025-03-13 15:52 - 000008919 _____ C:\Users\MCFIVE\Documents\CB REVOLUT 1.odt
2025-03-09 11:25 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudmdm.sys
2025-03-09 11:25 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudbus2.sys
2025-03-08 22:51 - 2025-03-08 22:51 - 000000083 _____ C:\Users\MCFIVE\Desktop\L'horreur du DarkWeb.url
2025-03-08 19:08 - 2025-03-08 19:08 - 000000000 ____D C:\Users\MCFIVE\AppData\LocalLow\NVIDIA
2025-03-08 13:28 - 2025-03-08 13:28 - 024477344 _____ C:\Users\MCFIVE\Downloads\fortuneo-livetrader-x64(31).exe
2025-03-08 12:57 - 2025-03-08 12:57 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\DBG
2025-03-08 12:04 - 2025-03-08 12:04 - 000000000 ____D C:\windows\system32\lxss
2025-03-08 12:04 - 2022-08-23 23:26 - 001905912 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001905912 _____ C:\windows\system32\vulkaninfo.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001478408 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001478408 _____ C:\windows\SysWOW64\vulkaninfo.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001145592 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-03-08 12:04 - 2022-08-23 23:26 - 001145592 _____ C:\windows\SysWOW64\vulkan-1.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001432312 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001432312 _____ C:\windows\system32\vulkan-1.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000865784 _____ C:\windows\system32\nvofapi64.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\windows\system32\nvml.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\windows\system32\nvidia-smi.exe
2025-03-08 12:04 - 2022-08-23 23:22 - 000687616 _____ C:\windows\SysWOW64\nvofapi.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhdap64.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\windows\system32\nvdebugdump.exe
2025-03-08 12:04 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2025-03-08 12:04 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\windows\system32\MCU.exe
2025-03-08 12:04 - 2022-08-23 23:19 - 006367424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2025-03-08 12:04 - 2022-08-23 22:57 - 000093241 _____ C:\windows\system32\nvinfo.pb
2025-03-07 19:31 - 2025-03-07 19:31 - 000056996 _____ C:\Users\MCFIVE\Desktop\FRST.txt
2025-03-07 18:56 - 2025-03-07 18:56 - 000000000 ____D C:\Users\MCFIVE\Downloads\FRST-OlderVersion
2025-03-05 23:10 - 2025-03-05 23:10 - 000238228 _____ C:\Users\MCFIVE\Downloads\Memo_piratage-de-compte.pdf
2025-03-05 22:46 - 2025-03-05 22:46 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-6.pdf
2025-03-05 20:38 - 2025-03-05 20:38 - 000239282 _____ C:\Users\MCFIVE\Downloads\LINKS.pdf
2025-03-05 14:11 - 2025-03-05 14:11 - 000106960 _____ C:\Users\MCFIVE\Downloads\MAIL.pdf
2025-03-01 17:00 - 2025-03-01 17:02 - 000000000 ____D C:\Users\MCFIVE\Documents\RIB LIVAXEN VICTORIA SUIESEBASE
2025-03-01 15:28 - 2025-03-01 15:28 - 016885213 _____ C:\Users\MCFIVE\Downloads\20250301_151135.mp4
2025-02-28 21:07 - 2025-03-26 13:23 - 000001743 _____ C:\Users\Public\Desktop\NordVPN.lnk
2025-02-28 10:24 - 2025-02-28 10:24 - 000000107 _____ C:\Users\MCFIVE\Downloads\ZIP 1.rar
2025-02-28 01:26 - 2025-02-28 21:09 - 000000008 _____ C:\Users\MCFIVE\Downloads\octobre novembre 2024.txt
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-28 13:55 - 2024-11-29 14:34 - 000041379 _____ C:\Users\MCFIVE\Downloads\FRST.txt
2025-03-28 13:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-28 13:21 - 2021-03-24 14:23 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\vlc
2025-03-28 13:11 - 2022-05-07 16:33 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Microsoft\Teams
2025-03-28 09:38 - 2020-11-18 23:28 - 000000000 ____D C:\windows\system32\SleepStudy
2025-03-28 09:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-28 09:04 - 2019-12-07 10:14 - 000000000 ____D C:\windows\AppReadiness
2025-03-28 08:13 - 2022-02-12 01:07 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-28 08:12 - 2023-01-21 10:24 - 000001036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-28 08:12 - 2023-01-21 10:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-28 08:11 - 2023-01-20 12:08 - 000000000 ____D C:\ProgramData\NordVPN
2025-03-28 08:10 - 2021-12-16 03:15 - 000000000 ____D C:\windows\SystemTemp
2025-03-28 08:09 - 2020-11-19 00:31 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-28 08:09 - 2020-11-19 00:31 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-28 08:08 - 2024-11-25 06:04 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Lifesize
2025-03-28 08:08 - 2021-05-17 08:21 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\WhatsApp
2025-03-28 08:07 - 2022-12-06 13:22 - 000000000 ___RD C:\Users\MCFIVE\OneDrive - etu.u-cergy.fr
2025-03-28 08:07 - 2021-06-24 07:04 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\CrashDumps
2025-03-28 00:06 - 2021-02-12 08:28 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-27 18:19 - 2021-03-20 17:19 - 000000528 _____ C:\Users\MCFIVE\.vivaldi_reporting_data
2025-03-27 12:03 - 2023-10-26 11:02 - 000002395 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2025-03-27 12:03 - 2023-10-26 11:02 - 000002358 _____ C:\Users\MCFIVE\Desktop\Vivaldi.lnk
2025-03-27 12:03 - 2021-03-20 17:19 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\Vivaldi
2025-03-27 10:03 - 2021-03-20 16:23 - 000002427 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-27 08:32 - 2021-01-14 15:17 - 001770910 _____ C:\windows\system32\PerfStringBackup.INI
2025-03-27 08:32 - 2019-12-07 15:49 - 000776836 _____ C:\windows\system32\perfh00C.dat
2025-03-27 08:32 - 2019-12-07 15:49 - 000145464 _____ C:\windows\system32\perfc00C.dat
2025-03-27 08:32 - 2019-12-07 10:13 - 000000000 ____D C:\windows\INF
2025-03-27 08:28 - 2021-03-15 00:15 - 000536720 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\windows\system32\GigabyteUpdateService.exe
2025-03-27 08:28 - 2021-03-15 00:15 - 000088720 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\windows\system32\GigabyteDownloadAssistant.exe
2025-03-27 08:28 - 2021-02-12 08:21 - 000550928 _____ C:\windows\system32\wpbbin.exe
2025-03-27 08:28 - 2021-01-14 15:06 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-27 08:28 - 2020-11-19 00:29 - 000000006 ____H C:\windows\Tasks\SA.DAT
2025-03-27 08:28 - 2020-11-18 23:28 - 000462976 _____ C:\windows\system32\FNTCACHE.DAT
2025-03-27 08:28 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ServiceState
2025-03-27 08:28 - 2019-12-07 10:14 - 000000000 ____D C:\windows\Registration
2025-03-27 08:27 - 2024-07-16 00:36 - 000000000 ____D C:\windows\system32\compatrel
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\PrintDialog
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\setup
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\Dism
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SystemResources
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\ShellExperiences
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\oobe
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\Dism
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ShellExperiences
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ShellComponents
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\bcastdvr
2025-03-26 18:56 - 2024-08-23 14:51 - 000002629 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-03-26 18:56 - 2024-08-23 14:51 - 000002592 _____ C:\Users\MCFIVE\Desktop\Brave.lnk
2025-03-26 15:26 - 2019-12-07 10:03 - 000000000 ____D C:\windows\CbsTemp
2025-03-26 15:24 - 2020-11-19 00:31 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2025-03-26 13:23 - 2023-01-20 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2025-03-26 13:23 - 2023-01-20 12:08 - 000000000 ____D C:\Program Files\NordVPN
2025-03-26 08:59 - 2022-09-20 13:14 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Ledger Live
2025-03-26 08:30 - 2021-03-23 09:06 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\D3DSCache
2025-03-24 15:38 - 2022-02-24 15:59 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Telegram Desktop
2025-03-24 14:46 - 2025-01-15 20:56 - 000000000 ____D C:\Users\MCFIVE\Desktop\C R Y P T O 2 0 2 4
2025-03-21 19:16 - 2022-10-24 17:03 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-21 19:16 - 2022-10-24 17:03 - 000002028 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-03-21 16:43 - 2022-08-29 18:45 - 000002211 _____ C:\Users\MCFIVE\Desktop\WhatsApp.lnk
2025-03-21 16:43 - 2021-05-17 08:21 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2025-03-21 16:43 - 2021-05-17 08:20 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\SquirrelTemp
2025-03-20 21:53 - 2020-11-19 00:32 - 000000000 ____D C:\ProgramData\Packages
2025-03-18 18:59 - 2024-11-08 09:15 - 000002844 _____ C:\Users\MCFIVE\Desktop\CrowdBunker.lnk
2025-03-18 18:59 - 2023-05-06 07:31 - 000002297 _____ C:\Users\MCFIVE\Desktop\Atlas - Chrome.lnk
2025-03-18 18:37 - 2019-12-07 10:14 - 000000000 ___HD C:\windows\ELAMBKUP
2025-03-18 15:25 - 2022-02-27 19:09 - 000000000 ____D C:\Users\MCFIVE\Downloads\Telegram Desktop
2025-03-14 20:07 - 2023-11-29 13:50 - 000002376 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2025-03-12 10:54 - 2023-01-20 12:08 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\NordVPN
2025-03-10 10:28 - 2024-06-06 09:53 - 000001039 _____ C:\Users\MCFIVE\Desktop\Tor Browser.lnk
2025-03-10 10:28 - 2021-03-20 16:23 - 000000000 ____D C:\Users\MCFIVE
2025-03-08 19:06 - 2022-03-07 23:57 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Signal
2025-03-08 13:11 - 2021-02-12 08:28 - 000000000 ____D C:\ProgramData\Package Cache
2025-03-08 12:56 - 2021-03-23 18:17 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\NVIDIA
2025-03-08 12:21 - 2021-03-19 00:28 - 000000000 ____D C:\KPRM
2025-03-08 12:05 - 2021-02-12 08:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-03-08 12:05 - 2021-02-12 08:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-03-08 12:04 - 2021-02-12 08:28 - 000000000 ____D C:\windows\system32\Drivers\NVIDIA Corporation
2025-03-08 11:45 - 2019-12-07 15:51 - 000000000 ____D C:\windows\system32\OpenSSH
2025-03-08 11:45 - 2019-12-07 10:03 - 000000000 ____D C:\windows\servicing
2025-03-07 22:00 - 2024-07-13 07:21 - 000000000 ____D C:\Users\MICHEL MVK
2025-03-07 21:51 - 2020-11-19 00:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-03-07 21:46 - 2021-03-20 16:23 - 000000000 ___SD C:\Users\MCFIVE\AppData\Roaming\Microsoft\Protect
2025-03-07 19:22 - 2024-11-29 14:36 - 000085308 _____ C:\Users\MCFIVE\Downloads\Addition.txt
2025-03-07 19:17 - 2024-11-29 16:41 - 000000000 ____D C:\Users\MCFIVE\Desktop\FRST-OlderVersion
2025-03-07 19:06 - 2023-01-21 10:46 - 000001396 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2025-03-06 07:42 - 2020-11-19 00:29 - 000000000 ____D C:\windows\system32\Drivers\wd
2025-03-05 23:18 - 2024-11-11 14:33 - 000000000 ____D C:\Users\MCFIVE\Desktop\Trading
2025-03-01 19:29 - 2023-03-26 08:46 - 000000000 ____D C:\Users\MCFIVE\Documents\F AC T U R E S P A Y E E S
2025-02-27 12:41 - 2024-09-28 13:24 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Exodus
==================== Fichiers à la racine de certains dossiers ========
2021-09-16 16:50 - 2021-09-16 16:50 - 034595824 _____ (Audacity Team ) C:\Users\MCFIVE\audacity-win-3.0.4-x64.exe
2021-12-14 12:16 - 2021-12-14 12:16 - 001243560 ____N (BraveSoftware Inc.) C:\Users\MCFIVE\BraveBrowserSetup.exe
2021-09-22 18:06 - 2021-09-22 18:06 - 030128864 _____ (CleverFiles) C:\Users\MCFIVE\disk-drill-win.exe
2021-12-07 08:32 - 2021-12-07 08:32 - 024477344 ____N () C:\Users\MCFIVE\fortuneo-livetrader-x64 (1).exe
2021-12-03 09:05 - 2021-12-03 09:05 - 024477344 ____N () C:\Users\MCFIVE\fortuneo-livetrader-x64.exe
2021-10-20 12:35 - 2021-10-20 12:35 - 136008120 _____ (Microsoft Corporation) C:\Users\MCFIVE\MSERT.exe
2021-09-16 17:04 - 2021-09-16 17:04 - 356282440 _____ () C:\Users\MCFIVE\NIKON D850 LOGICIEL FOTO S-NXD___-010605WF-ALLIN-ALL___.exe
2021-07-15 09:48 - 2021-07-15 09:48 - 056431504 _____ (TEFINCOM S.A. ) C:\Users\MCFIVE\NordLockerSetup.exe
2021-07-30 11:23 - 2021-07-30 11:23 - 056867264 _____ (TEFINCOM S.A. ) C:\Users\MCFIVE\NordVPNSetup.exe
2021-09-18 12:12 - 2021-09-18 12:12 - 017385800 ____N (Google Inc.) C:\Users\MCFIVE\picasa-3-9-138-150-multi-win.exe
2021-09-16 17:00 - 2021-09-16 17:00 - 001249032 _____ (Adobe Inc) C:\Users\MCFIVE\readerdc64_fr_ha_crd_install.exe
2022-03-18 20:16 - 2022-03-18 20:16 - 000000050 _____ () C:\Users\MCFIVE\AppData\Roaming\3300576UVDConfig.json
2023-01-21 12:18 - 2023-10-20 13:56 - 000004608 _____ () C:\Users\MCFIVE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== FLock ==============================
2025-03-27 08:33 C:\windows\system32\config
2019-12-07 10:31 C:\windows\system32\Configuration
2019-12-07 10:14 C:\windows\system32\DriverState
2021-01-14 15:11 C:\windows\system32\FxsTmp
2019-12-07 10:14 C:\windows\system32\ias
2019-12-07 10:14 C:\windows\system32\MsDtc
2019-12-07 10:14 C:\windows\system32\networklist
2025-03-28 09:38 C:\windows\system32\SleepStudy
2025-03-28 13:12 C:\windows\system32\sru
2025-03-27 10:03 C:\windows\system32\Tasks
2022-11-16 08:43 C:\windows\system32\WDI
2025-03-28 09:04 C:\Program Files\WindowsApps
2021-01-14 16:19 C:\windows\diagerr.xml
2021-01-14 16:19 C:\windows\diagwrn.xml
2024-06-19 11:19 C:\windows\LiveKernelReports
2019-12-07 10:14 C:\windows\ModemLogs
2025-03-28 13:55 C:\windows\Prefetch
2025-03-27 08:28 C:\windows\ServiceState
2025-03-28 08:10 C:\windows\SystemTemp
2025-03-28 13:55 C:\windows\Temp
2019-12-07 10:31 C:\windows\SysWOW64\config
2019-12-07 10:31 C:\windows\SysWOW64\Configuration
2019-12-07 15:51 C:\windows\SysWOW64\FxsTmp
2019-12-07 10:14 C:\windows\SysWOW64\Msdtc
2019-12-07 10:14 C:\windows\SysWOW64\networklist
2019-12-07 10:14 C:\windows\SysWOW64\sru
2019-12-07 10:31 C:\windows\SysWOW64\Tasks
2021-02-12 08:21 C:\windows\system32\Drivers\DriverData
2025-03-07 22:00 C:\Users\MICHEL MVK
2025-03-20 21:53 C:\ProgramData\Packages
2019-12-07 15:53 C:\ProgramData\WindowsHolographicDevices
2024-03-18 12:59 C:\Users\MCFIVE\AppData\Local\ElevatedDiagnostics
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
ATTENTION: ==> Impossible d'accéder au BCD. L'utilisateur n'est pas administrateur -> Impossible d'ouvrir le magasin des donn‚es de configuration de d‚marrage.
AccŠs refus‚.
==================== Fin de FRST.txt ========================
Exécuté par MCFIVE (ATTENTION: L'utilisateur n'est pas administrateur) sur PC_MATERIEL_NET (Gigabyte Technology Co., Ltd. B460 AORUS PRO AC) (28-03-2025 13:55:07)
Exécuté depuis C:\Users\MCFIVE\Downloads\FRST64.exe
Profils chargés: MCFIVE
Plate-forme: Windows 10 Version 22H2 19045.5679 (X64) Langue: Français (France)
Navigateur par défaut: "C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe" -noautoupdate -- "%1"
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2512.1.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\BraveCrashHandler.exe
(Brave Software, Inc. -> BraveSoftware Inc.) C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\BraveCrashHandler64.exe
(C:\Program Files (x86)\oDownloader\oDownloader.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\MCFIVE\AppData\Local\Programs\Opera\117.0.5408.53\opera_crashreporter.exe
(cmd.exe ->) (Infatica pte ltd -> ) C:\Program Files (x86)\oDownloader\bin\infatica-service-app.exe
(Enghouse Interactive (UK) Limited -> ) C:\Users\MCFIVE\AppData\Local\lifesize_app\app-3.0.17\Lifesize App Service.exe
(Enghouse Interactive (UK) Limited -> Lifesize) C:\Users\MCFIVE\AppData\Local\lifesize_app\app-3.0.17\Lifesize.exe <6>
(explorer.exe ->) (Ariane Software -> Ariane Software) C:\Users\MCFIVE\AppData\Local\Fortuneo\Live Trader\livetrader64.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <27>
(explorer.exe ->) (nordvpn s.a. -> NordVPN) C:\Program Files\NordVPN\NordVPN.exe
(explorer.exe ->) (oDownloader) [Fichier non signé] C:\Program Files (x86)\oDownloader\oDownloader.exe
(explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe <23>
(explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe
(explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.138.3211.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5>
(Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MCFIVE\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\MCFIVE\AppData\Local\Microsoft\OneDrive\25.041.0303.0002\Microsoft.SharePoint.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <37>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2502.2.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
Impossible d'accéder au processus -> armsvc.exe
Impossible d'accéder au processus -> conhost.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> csrss.exe
Impossible d'accéder au processus -> dasHost.exe
Impossible d'accéder au processus -> dllhost.exe
Impossible d'accéder au processus -> dwm.exe
Impossible d'accéder au processus -> EvtEng.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> fontdrvhost.exe
Impossible d'accéder au processus -> GigabyteUpdateService.exe
Impossible d'accéder au processus -> ibtsiva.exe
Impossible d'accéder au processus -> jhi_service.exe
Impossible d'accéder au processus -> LMS.exe
Impossible d'accéder au processus -> LogiFacecamService.exe
Impossible d'accéder au processus -> lsass.exe
Impossible d'accéder au processus -> MBAMService.exe
Impossible d'accéder au processus -> MoUsoCoreWorker.exe
Impossible d'accéder au processus -> msdtc.exe
Impossible d'accéder au processus -> nordsec-threatprotection-service.exe
Impossible d'accéder au processus -> NordUpdateService.exe
Impossible d'accéder au processus -> nordvpn-service.exe
Impossible d'accéder au processus -> NVDisplay.Container.exe
Impossible d'accéder au processus -> NVDisplay.Container.exe
Impossible d'accéder au processus -> nvWmi64.exe
Impossible d'accéder au processus -> nvWmi64.exe
Impossible d'accéder au processus -> RtkAudUService64.exe
Impossible d'accéder au processus -> SearchIndexer.exe
Impossible d'accéder au processus -> SecurityHealthService.exe
Impossible d'accéder au processus -> Service.exe
Impossible d'accéder au processus -> services.exe
Impossible d'accéder au processus -> smss.exe
Impossible d'accéder au processus -> spoolsv.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> svchost.exe
Impossible d'accéder au processus -> unsecapp.exe
Impossible d'accéder au processus -> wininit.exe
Impossible d'accéder au processus -> winlogon.exe
Impossible d'accéder au processus -> wlanext.exe
Impossible d'accéder au processus -> WUDFHost.exe
Impossible d'accéder au processus -> WUDFHost.exe
Impossible d'accéder au processus -> WUDFHost.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [612304 2019-11-18] (NIKON CORPORATION -> Nikon Corporation)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\134.0.3124.85\Installer\setup.exe [7548456 2025-03-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [NordLockerSysTray] => C:\Program Files\NordLocker\NordLocker.SysTray.exe (Pas de fichier)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\MCFIVE\AppData\Local\WhatsApp\Update.exe [1838264 2022-06-17] (WhatsApp, Inc -> GitHub)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [oDownloader] => C:\Program Files (x86)\oDownloader\oDownloader.exe [239104 2021-06-17] (oDownloader) [Fichier non signé]
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.Teams.Teams] => C:\Users\MCFIVE\AppData\Local\Microsoft\Teams\Update.exe [2603768 2025-03-14] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [559976 2025-01-20] (nordvpn s.a. -> NordVPN)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Google+ Auto Backup] => C:\Users\MCFIVE\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-07-31] (Google Inc -> Google Inc.)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [BraveSoftware Update] => C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\BraveUpdateCore.exe [199704 2024-08-23] (Brave Software, Inc. -> BraveSoftware Inc.)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Lifesize App Service] => C:\Users\MCFIVE\AppData\Local\lifesize_app\Lifesize.exe [580632 2024-11-25] (Enghouse Interactive (UK) Limited -> Lifesize)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.lifesize_app.Lifesize] => C:\Users\MCFIVE\AppData\Local\lifesize_app\update.exe [1838616 2024-06-13] (Enghouse Interactive (UK) Limited -> GitHub)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Opera Stable] => C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe [1606552 2025-03-07] (Opera Norway AS -> Opera Software)
HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [GoogleUpdaterTaskUser136.0.7079.0] => C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\136.0.7079.0\updater.exe [7017568 2025-03-20] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\134.0.6998.167\Installer\chrmstp.exe [2025-03-25] (Google LLC -> Google LLC)
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{02a7c8c2-9f8b-45a1-941d-d921b6c4ea86}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\255646D6960213030223032323: [DhcpNameServer] 192.168.140.140
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\E4544574541425F5548545: [DhcpNameServer] 192.168.1.250
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\F42716E676560214962726F687D273245364: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\F42716E676560214962726F687D273245364: [DhcpDomain] home
Tcpip\..\Interfaces\{ee0b3e05-79c8-4fd3-91a5-eafdbb475e44}: [DhcpNameServer] 103.86.96.100 103.86.99.100
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\MCFIVE\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-27]
Edge Notifications: Default -> hxxps://fr.ecoflow.com; hxxps://lecourrierdesstrateges.fr; hxxps://web.whatsapp.com; hxxps://www.comment-economiser.fr; hxxps://www.facebook.com; hxxps://www.zebulon.fr
Edge Extension: (Google Docs hors connexion) - C:\Users\MCFIVE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-27]hxxps://clients2.google.com/service/update2/crx
Edge Extension: (Edge relevant text changes) - C:\Users\MCFIVE\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [fphgeikpdcdcheaochkhldmnfblfogla]
FireFox:
========
FF DefaultProfile: 3ixakq9q.default
FF ProfilePath: C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\3ixakq9q.default [2024-12-01]
FF ProfilePath: C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851 [2025-03-28]
FF Session Restore: Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851 -> est activé.
FF Notifications: Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851 -> hxxps://www.comment-economiser.fr; hxxps://www.huffingtonpost.fr; hxxps://invest.livaxxen.org; hxxps://atomix.chat; hxxps://fr.aliexpress.com; hxxps://www.zebulon.fr; hxxps://app.revolut.com; hxxps://fr.mail.yahoo.com; hxxps://cutm9g6071bc73dosu30.enhanceconnection.co.in; hxxps://h2qlvjpsb4umbx.enhanceconnection.co.in; hxxps://f2e8sid9qv67ie.enhanceconnection.co.in
FF Extension: (AdBlocker Ultimate) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\adblockultimate@adblockultimate.net.xpi [2025-02-15]
FF Extension: (Dark Reader) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\addon@darkreader.org.xpi [2025-03-01]
FF Extension: (Zamu - Coupons et remises automatiques) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\addon@zamu.com.xpi [2024-06-11]
FF Extension: (Expressionist – Balanced) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\expressionist-balanced-colorway@mozilla.org.xpi [2023-03-26]
FF Extension: (To Google Translate) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2023-01-30]
FF Extension: (AdBlocker for YouTube™) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2024-07-30]
FF Extension: (Correcteur d’orthographe et reformulateur — LanguageTool) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\languagetool-webextension@languagetool.org.xpi [2025-01-15]
FF Extension: (Video DownloadHelper) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-02-01]
FF Extension: (FranceVerif - Sécurité en ligne) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\Extensions\{cac6293f-5570-4186-a217-c8985fd59228}.xpi [2024-10-13]
FF Extension: (Fix add-ons signed before 2018 (Bug 1954818)) - C:\Users\MCFIVE\AppData\Roaming\Mozilla\Firefox\Profiles\j1zj549x.default-release-1674293076851\features\{61224394-a08f-4990-bada-822b2f1ee2b1}\hotfix-intermediate-2018@mozilla.com.xpi [2025-03-24]
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default [2025-03-28]
CHR DownloadDir: E:\
CHR Notifications: Default -> hxxps://fr.aliexpress.com; hxxps://fr.shopping.rakuten.com; hxxps://quixoticsands.com; hxxps://twitter.com; hxxps://www.alibaba.com; hxxps://www.francesoir.fr; hxxps://www.netflix.com
CHR Extension: (Google Traduction) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-11-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Duolingo sur le Web) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2022-12-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2025-03-26]hxxp://clients2.google.com/service/update2/crx
CHR Extension: (DuckDuckGo) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2025-02-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Block Sender) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bklnjbfcmglhiaoppcckdodanccbelcg [2024-08-22]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2025-03-06]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2025-03-28]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adblock pour Youtube™) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2025-03-12]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Slate) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmhmcmgkegfffbbfobhjpdbimgmoohap [2022-12-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-18]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Dark Reader) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2025-03-01]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ChatGPT) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcfepkfckglbgocfkanmcdngdijcgld [2025-02-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Tab Suspender) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiabciakcmgepblmdkmemdbbkilneeeh [2025-02-23]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (NordVPN - VPN proxy for privacy and security) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoaledfpmneenckfbpdfhkmimnjocfa [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (IBA Opt-out (by Google)) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb [2024-12-29]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs hors connexion) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-26]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (AdBlock - bloquez les publicités sur le web) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (IE Tab) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hehijbfgiekmjfkfjpbkbammjbdenadd [2024-12-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Qwant) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnlkiofnhhoahaiimdicppgemmmomijo [2024-12-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Mate Translate - traducteur, dictionnaire) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2024-12-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Lilo, Moteur et solidaire) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcpleigehknabkajbcccdfgflpajfaog [2024-06-13]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Ghostery Bloqueur de Traqueurs et de Publicités - confidentialité) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2025-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-03-20]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2025-01-11]hxxp://clients2.google.com/service/update2/crx
CHR Extension: (Adblock for You) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogcaehilgakehloljjmajoempaflmdci [2024-09-03]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-12-01]
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2 [2025-03-25]
CHR Notifications: Profile 2 -> hxxps://atomix.chat; hxxps://crypto.com; hxxps://invest.livaxxen.org; hxxps://mail.yahoo.com; hxxps://www.boulanger.com; hxxps://www.greenweez.com; hxxps://www.tiktok.com
CHR Extension: (Authenticator) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bhghoamapcdpbohphigoooaddinpkbai [2024-11-14]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-19]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Trust Wallet) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\egjidjbpglichdcondbcbdnbeeppgdph [2025-03-21]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Google Docs hors connexion) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-25]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-24]hxxps://clients2.google.com/service/update2/crx
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-05-06]hxxps://clients2.google.com/service/update2/crx
CHR Profile: C:\Users\MCFIVE\AppData\Local\Google\Chrome\User Data\System Profile [2025-03-27]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKU\S-1-5-21-916869094-3403233507-1452638425-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR DefaultProfile: Default
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-03-22]
BRA Notifications: Default -> hxxps://invest.livaxxen.org
BRA NewTab: Default -> Not-active:"chrome-extension://kbbbldgkhcpkmmjbjelmkjkchibeklng/n.html"
BRA Extension: (Google Traduction) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-09]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-19]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Dark Reader) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2025-03-05]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-19]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Dark Reader Dark) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\kbbbldgkhcpkmmjbjelmkjkchibeklng [2022-01-22]hxxps://clients2.google.com/service/update2/crx
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-03-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-03-22]
BRA Extension: (Brave NTP background images) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-03-19]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-03-21]
BRA Extension: (Brave Ads Resources) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\bgifagoclclhhoflocdefiklgodpihog [2025-03-19]
BRA Extension: (Wallet Data Files Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\BraveWallet [2024-01-07]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-03-21]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2022-12-03]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2024-09-09]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2022-12-03]
BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2025-03-21]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-03-19]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2021-11-27]
BRA Extension: (Brave Ads Resources) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\ijgkfgmfiinppefbonemjidmkhgbonei [2024-02-25]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-03-21]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2022-03-11]
BRA Extension: (Brave NTP sponsored images) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2025-03-22]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-03-22]
BRA Extension: (Brave Ad Block Updater (Brave Twitch Adblock Rules (plaintext))) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\mhccgcegedfkhdbfbgllfkkcjhgkoinc [2024-09-19]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\MCFIVE\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2023-10-30]
Vivaldi:
=======
VIV DefaultProfile: Default
VIV Profile: C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default [2025-03-27]
VIV Notifications: Default -> hxxps://www.netflix.com
VIV Extension: (Google Traduction) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2024-09-06]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-03-21]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (EvAds - Enjoy Youtube without Ads) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\efogdjofkfbdigldgkepbbnhjegbhdfp [2024-01-24]hxxps://clients2.google.com/service/update2/crx
VIV Extension: (Malwarebytes Browser Guard) - C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2025-03-27]hxxps://clients2.google.com/service/update2/crx
VIV Profile: C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\Guest Profile [2024-12-01]
VIV Profile: C:\Users\MCFIVE\AppData\Local\Vivaldi\User Data\System Profile [2024-01-07]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.)
S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [279040 2021-02-09] (CleverFiles) [Fichier non signé]
R2 Easy Connection to Screen; C:\Program Files\Samsung\Easy Connection to Screen\Service.exe [302352 2021-06-08] (Samsung Electronics CO., LTD. -> )
S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.)
R3 lmhosts; C:\windows\System32\svchost.exe [57528 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 lmhosts; C:\windows\SysWOW64\svchost.exe [47040 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9484384 2025-03-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\tunnel\MBVpnTunnelService.exe [2788304 2025-03-18] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NlaSvc; C:\windows\System32\svchost.exe [57528 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NlaSvc; C:\windows\SysWOW64\svchost.exe [47040 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [2370016 2025-03-17] (nordvpn s.a. -> NordVPN)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [2509280 2025-01-20] (nordvpn s.a. -> NordVPN)
R2 nsi; C:\windows\system32\svchost.exe [57528 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 nsi; C:\windows\SysWOW64\svchost.exe [47040 2024-05-15] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVWMI; C:\windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\NVWMI\nvWmi64.exe [4486648 2022-08-23] (Nvidia Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 GigabyteUpdateService; C:\windows\system32\GigabyteUpdateService.exe [536720 2025-03-27] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 NVDisplay.ContainerLocalSystem; C:\windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\windows\System32\DriverStore\FileRepository\nv_dispig.inf_amd64_ee20464bb4ac57f4\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 EneTechIo; C:\windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [158640 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 gdrv2; C:\windows\gdrv2.sys [32600 2021-02-26] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.)
R3 KslD; C:\windows\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\windows\System32\Drivers\MbamChameleon.sys [234072 2025-03-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\windows\System32\DRIVERS\MbamElam.sys [22120 2025-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\DRIVERS\farflt.sys [202856 2025-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMProtection; C:\windows\System32\Drivers\mbam.sys [80448 2025-03-27] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [239568 2025-03-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [189776 2025-03-27] (Malwarebytes Inc. -> Malwarebytes)
R3 mshield; C:\Program Files\NordVPN\NordSec ThreatProtection\1.5.37.2\mshield.sys [45384 2025-03-19] (nordvpn s.a. -> Nordvpn S.A.)
R2 NDivert; C:\Program Files\NordVPN\7.37.1.0\Drivers\NDivert.sys [196544 2025-03-17] (nordvpn s.a. -> NordVPN S.A.)
R4 NordDivert10; C:\Program Files\NordVPN\7.37.1.0\NordDivert1064.sys [101240 2025-03-13] (nordvpn s.a. -> NordVPN/Basil)
R3 ovpn-dco; C:\windows\System32\drivers\ovpn-dco.sys [91584 2024-06-05] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\windows\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\windows\System32\drivers\wintun.sys [29592 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
R3 WireGuard; C:\windows\System32\drivers\wireguard.sys [489368 2023-02-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-28 13:55 - 2025-03-28 13:55 - 000000000 ____D C:\FRST
2025-03-28 13:50 - 2025-03-28 13:50 - 000001520 _____ C:\Users\MCFIVE\Desktop\FRST64.exe - Raccourci.lnk
2025-03-28 13:48 - 2025-03-28 13:54 - 002404352 _____ (Farbar) C:\Users\MCFIVE\Downloads\FRST64.exe
2025-03-27 08:28 - 2025-03-27 08:28 - 000189776 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2025-03-26 15:20 - 2025-03-26 15:20 - 000000000 ___HD C:\$WinREAgent
2025-03-25 09:38 - 2025-03-25 09:38 - 000008763 _____ C:\Users\MCFIVE\Downloads\Transaction History.pdf
2025-03-24 14:18 - 2025-03-24 14:18 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire (2)-2.pdf
2025-03-24 14:08 - 2025-03-24 14:08 - 000034028 _____ C:\Users\MCFIVE\Downloads\CONFIRMATION OF FUNDS RECEIPT_.pdf
2025-03-24 11:12 - 2025-03-24 11:12 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire (2)-1.pdf
2025-03-24 10:31 - 2025-03-24 10:31 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire (2).pdf
2025-03-21 16:43 - 2025-03-21 16:43 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\WhatsApp
2025-03-21 12:22 - 2025-03-21 12:22 - 000092310 _____ C:\Users\MCFIVE\Downloads\Scan.pdf
2025-03-18 18:38 - 2025-03-28 13:51 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\Malwarebytes
2025-03-18 18:38 - 2025-03-18 18:38 - 000002060 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-03-18 18:38 - 2025-03-18 18:38 - 000002048 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-03-18 18:37 - 2025-03-18 18:37 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-03-18 18:36 - 2025-03-18 18:37 - 000000000 ____D C:\Program Files\Malwarebytes
2025-03-18 18:35 - 2025-03-18 18:35 - 002834160 _____ (Malwarebytes) C:\Users\MCFIVE\Downloads\MBSetup(1).exe
2025-03-18 18:16 - 2025-03-18 20:00 - 000044810 _____ C:\Users\MCFIVE\Downloads\Releve-compte-28-02-2025.pdf
2025-03-18 17:07 - 2025-03-18 20:00 - 002834160 _____ (Malwarebytes) C:\Users\MCFIVE\Downloads\MBSetup.exe
2025-03-17 15:34 - 2025-03-17 15:34 - 000005522 _____ C:\Users\MCFIVE\Downloads\BALANCE_TRANSACTIONAL_REPORT.csv
2025-03-17 15:25 - 2025-03-17 15:25 - 000044634 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-08-2024-2.pdf
2025-03-17 15:12 - 2025-03-17 15:12 - 000044795 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-09-2024-2.pdf
2025-03-17 15:06 - 2025-03-17 15:06 - 000044795 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-09-2024-1.pdf
2025-03-17 15:06 - 2025-03-17 15:06 - 000044636 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-04-2024.pdf
2025-03-17 15:06 - 2025-03-17 15:06 - 000044634 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-08-2024-1.pdf
2025-03-17 14:47 - 2025-03-17 14:47 - 000044795 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-09-2024.pdf
2025-03-17 14:45 - 2025-03-17 14:45 - 000083883 _____ C:\Users\MCFIVE\Downloads\Releve-compte-31-10-2023.pdf
2025-03-17 14:45 - 2025-03-17 14:45 - 000044634 _____ C:\Users\MCFIVE\Downloads\Releve-compte-30-08-2024.pdf
2025-03-17 14:44 - 2025-03-17 14:44 - 000190258 _____ C:\Users\MCFIVE\Downloads\Releve-compte-29-09-2023.pdf
2025-03-17 14:43 - 2025-03-17 14:43 - 000040421 _____ C:\Users\MCFIVE\Downloads\Releve-compte-31-08-2023.pdf
2025-03-16 23:08 - 2025-03-16 10:33 - 000016474 _____ C:\Users\MCFIVE\Documents\FLORENCE%20JUSTIFICATIF%20CHEQUE%20.odt_1.odt
2025-03-16 17:15 - 2025-03-16 17:15 - 000024860 _____ C:\Users\MCFIVE\Downloads\iban_M_OU_MME_MICHEL_CARMAGNAT_00020388601 (2).pdf
2025-03-16 16:48 - 2025-03-16 16:48 - 000101694 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-12.pdf
2025-03-16 16:47 - 2025-03-16 16:47 - 000101686 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-11.pdf
2025-03-16 16:47 - 2025-03-16 16:47 - 000099684 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-9.pdf
2025-03-16 16:47 - 2025-03-16 16:47 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-10.pdf
2025-03-16 16:46 - 2025-03-16 16:46 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-8.pdf
2025-03-12 12:45 - 2025-03-12 12:45 - 000000465 _____ C:\Users\MCFIVE\Downloads\HistoriqueOperations_013193528041.zip
2025-03-11 20:26 - 2025-03-28 08:12 - 000000000 ____D C:\Program Files\Mozilla Firefox
2025-03-11 09:16 - 2025-03-11 09:16 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-7.pdf
2025-03-10 18:42 - 2025-03-10 18:42 - 000268549 _____ C:\Users\MCFIVE\Downloads\DISCLAIMER FORM_.pdf
2025-03-10 10:28 - 2025-03-10 10:28 - 000001069 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor Browser.lnk
2025-03-10 10:28 - 2025-03-10 10:28 - 000000000 ____D C:\Users\MCFIVE\Tor Browser
2025-03-10 10:23 - 2025-03-10 10:24 - 110504976 _____ C:\Users\MCFIVE\Documents\tor-browser-windows-x86_64-portable-14.0.7.exe
2025-03-10 08:47 - 2025-03-13 15:52 - 000008919 _____ C:\Users\MCFIVE\Documents\CB REVOLUT 1.odt
2025-03-09 11:25 - 2022-09-30 05:24 - 000174112 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudmdm.sys
2025-03-09 11:25 - 2022-09-30 05:23 - 000167440 _____ (Samsung Electronics Co., Ltd.) C:\windows\system32\Drivers\ssudbus2.sys
2025-03-08 22:51 - 2025-03-08 22:51 - 000000083 _____ C:\Users\MCFIVE\Desktop\L'horreur du DarkWeb.url
2025-03-08 19:08 - 2025-03-08 19:08 - 000000000 ____D C:\Users\MCFIVE\AppData\LocalLow\NVIDIA
2025-03-08 13:28 - 2025-03-08 13:28 - 024477344 _____ C:\Users\MCFIVE\Downloads\fortuneo-livetrader-x64(31).exe
2025-03-08 12:57 - 2025-03-08 12:57 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\DBG
2025-03-08 12:04 - 2025-03-08 12:04 - 000000000 ____D C:\windows\system32\lxss
2025-03-08 12:04 - 2022-08-23 23:26 - 001905912 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001905912 _____ C:\windows\system32\vulkaninfo.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001478408 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001478408 _____ C:\windows\SysWOW64\vulkaninfo.exe
2025-03-08 12:04 - 2022-08-23 23:26 - 001145592 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2025-03-08 12:04 - 2022-08-23 23:26 - 001145592 _____ C:\windows\SysWOW64\vulkan-1.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001471984 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001432312 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001432312 _____ C:\windows\system32\vulkan-1.dll
2025-03-08 12:04 - 2022-08-23 23:25 - 001213424 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 001536512 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 001182704 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000865784 _____ C:\windows\system32\nvofapi64.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000771584 _____ (NVIDIA Corporation) C:\windows\system32\nvml.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000714752 _____ (NVIDIA Corporation) C:\windows\system32\nvidia-smi.exe
2025-03-08 12:04 - 2022-08-23 23:22 - 000687616 _____ C:\windows\SysWOW64\nvofapi.dll
2025-03-08 12:04 - 2022-08-23 23:22 - 000052208 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvhdap64.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 010269696 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 008803840 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 005362688 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 003066864 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 002127856 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 001607664 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 001059320 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 000845312 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2025-03-08 12:04 - 2022-08-23 23:21 - 000456192 _____ (NVIDIA Corporation) C:\windows\system32\nvdebugdump.exe
2025-03-08 12:04 - 2022-08-23 23:20 - 005735936 _____ (NVIDIA Corporation) C:\windows\system32\nvcpl.dll
2025-03-08 12:04 - 2022-08-23 23:20 - 000852984 _____ (NVIDIA Corporation) C:\windows\system32\MCU.exe
2025-03-08 12:04 - 2022-08-23 23:19 - 006367424 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvapi.dll
2025-03-08 12:04 - 2022-08-23 22:57 - 000093241 _____ C:\windows\system32\nvinfo.pb
2025-03-07 19:31 - 2025-03-07 19:31 - 000056996 _____ C:\Users\MCFIVE\Desktop\FRST.txt
2025-03-07 18:56 - 2025-03-07 18:56 - 000000000 ____D C:\Users\MCFIVE\Downloads\FRST-OlderVersion
2025-03-05 23:10 - 2025-03-05 23:10 - 000238228 _____ C:\Users\MCFIVE\Downloads\Memo_piratage-de-compte.pdf
2025-03-05 22:46 - 2025-03-05 22:46 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-6.pdf
2025-03-05 20:38 - 2025-03-05 20:38 - 000239282 _____ C:\Users\MCFIVE\Downloads\LINKS.pdf
2025-03-05 14:11 - 2025-03-05 14:11 - 000106960 _____ C:\Users\MCFIVE\Downloads\MAIL.pdf
2025-03-01 17:00 - 2025-03-01 17:02 - 000000000 ____D C:\Users\MCFIVE\Documents\RIB LIVAXEN VICTORIA SUIESEBASE
2025-03-01 15:28 - 2025-03-01 15:28 - 016885213 _____ C:\Users\MCFIVE\Downloads\20250301_151135.mp4
2025-02-28 21:07 - 2025-03-26 13:23 - 000001743 _____ C:\Users\Public\Desktop\NordVPN.lnk
2025-02-28 10:24 - 2025-02-28 10:24 - 000000107 _____ C:\Users\MCFIVE\Downloads\ZIP 1.rar
2025-02-28 01:26 - 2025-02-28 21:09 - 000000008 _____ C:\Users\MCFIVE\Downloads\octobre novembre 2024.txt
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2025-03-28 13:55 - 2024-11-29 14:34 - 000041379 _____ C:\Users\MCFIVE\Downloads\FRST.txt
2025-03-28 13:49 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-03-28 13:21 - 2021-03-24 14:23 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\vlc
2025-03-28 13:11 - 2022-05-07 16:33 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Microsoft\Teams
2025-03-28 09:38 - 2020-11-18 23:28 - 000000000 ____D C:\windows\system32\SleepStudy
2025-03-28 09:04 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2025-03-28 09:04 - 2019-12-07 10:14 - 000000000 ____D C:\windows\AppReadiness
2025-03-28 08:13 - 2022-02-12 01:07 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2025-03-28 08:12 - 2023-01-21 10:24 - 000001036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2025-03-28 08:12 - 2023-01-21 10:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2025-03-28 08:11 - 2023-01-20 12:08 - 000000000 ____D C:\ProgramData\NordVPN
2025-03-28 08:10 - 2021-12-16 03:15 - 000000000 ____D C:\windows\SystemTemp
2025-03-28 08:09 - 2020-11-19 00:31 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-03-28 08:09 - 2020-11-19 00:31 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-03-28 08:08 - 2024-11-25 06:04 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Lifesize
2025-03-28 08:08 - 2021-05-17 08:21 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\WhatsApp
2025-03-28 08:07 - 2022-12-06 13:22 - 000000000 ___RD C:\Users\MCFIVE\OneDrive - etu.u-cergy.fr
2025-03-28 08:07 - 2021-06-24 07:04 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\CrashDumps
2025-03-28 00:06 - 2021-02-12 08:28 - 000000000 ____D C:\ProgramData\NVIDIA
2025-03-27 18:19 - 2021-03-20 17:19 - 000000528 _____ C:\Users\MCFIVE\.vivaldi_reporting_data
2025-03-27 12:03 - 2023-10-26 11:02 - 000002395 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2025-03-27 12:03 - 2023-10-26 11:02 - 000002358 _____ C:\Users\MCFIVE\Desktop\Vivaldi.lnk
2025-03-27 12:03 - 2021-03-20 17:19 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\Vivaldi
2025-03-27 10:03 - 2021-03-20 16:23 - 000002427 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-03-27 08:32 - 2021-01-14 15:17 - 001770910 _____ C:\windows\system32\PerfStringBackup.INI
2025-03-27 08:32 - 2019-12-07 15:49 - 000776836 _____ C:\windows\system32\perfh00C.dat
2025-03-27 08:32 - 2019-12-07 15:49 - 000145464 _____ C:\windows\system32\perfc00C.dat
2025-03-27 08:32 - 2019-12-07 10:13 - 000000000 ____D C:\windows\INF
2025-03-27 08:28 - 2021-03-15 00:15 - 000536720 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\windows\system32\GigabyteUpdateService.exe
2025-03-27 08:28 - 2021-03-15 00:15 - 000088720 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\windows\system32\GigabyteDownloadAssistant.exe
2025-03-27 08:28 - 2021-02-12 08:21 - 000550928 _____ C:\windows\system32\wpbbin.exe
2025-03-27 08:28 - 2021-01-14 15:06 - 000008192 ___SH C:\DumpStack.log.tmp
2025-03-27 08:28 - 2020-11-19 00:29 - 000000006 ____H C:\windows\Tasks\SA.DAT
2025-03-27 08:28 - 2020-11-18 23:28 - 000462976 _____ C:\windows\system32\FNTCACHE.DAT
2025-03-27 08:28 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ServiceState
2025-03-27 08:28 - 2019-12-07 10:14 - 000000000 ____D C:\windows\Registration
2025-03-27 08:27 - 2024-07-16 00:36 - 000000000 ____D C:\windows\system32\compatrel
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\PrintDialog
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\setup
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\Dism
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SystemResources
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\ShellExperiences
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\oobe
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\Dism
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ShellExperiences
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ShellComponents
2025-03-27 08:27 - 2019-12-07 10:14 - 000000000 ____D C:\windows\bcastdvr
2025-03-26 18:56 - 2024-08-23 14:51 - 000002629 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-03-26 18:56 - 2024-08-23 14:51 - 000002592 _____ C:\Users\MCFIVE\Desktop\Brave.lnk
2025-03-26 15:26 - 2019-12-07 10:03 - 000000000 ____D C:\windows\CbsTemp
2025-03-26 15:24 - 2020-11-19 00:31 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2025-03-26 13:23 - 2023-01-20 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2025-03-26 13:23 - 2023-01-20 12:08 - 000000000 ____D C:\Program Files\NordVPN
2025-03-26 08:59 - 2022-09-20 13:14 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Ledger Live
2025-03-26 08:30 - 2021-03-23 09:06 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\D3DSCache
2025-03-24 15:38 - 2022-02-24 15:59 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Telegram Desktop
2025-03-24 14:46 - 2025-01-15 20:56 - 000000000 ____D C:\Users\MCFIVE\Desktop\C R Y P T O 2 0 2 4
2025-03-21 19:16 - 2022-10-24 17:03 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2025-03-21 19:16 - 2022-10-24 17:03 - 000002028 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2025-03-21 16:43 - 2022-08-29 18:45 - 000002211 _____ C:\Users\MCFIVE\Desktop\WhatsApp.lnk
2025-03-21 16:43 - 2021-05-17 08:21 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2025-03-21 16:43 - 2021-05-17 08:20 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\SquirrelTemp
2025-03-20 21:53 - 2020-11-19 00:32 - 000000000 ____D C:\ProgramData\Packages
2025-03-18 18:59 - 2024-11-08 09:15 - 000002844 _____ C:\Users\MCFIVE\Desktop\CrowdBunker.lnk
2025-03-18 18:59 - 2023-05-06 07:31 - 000002297 _____ C:\Users\MCFIVE\Desktop\Atlas - Chrome.lnk
2025-03-18 18:37 - 2019-12-07 10:14 - 000000000 ___HD C:\windows\ELAMBKUP
2025-03-18 15:25 - 2022-02-27 19:09 - 000000000 ____D C:\Users\MCFIVE\Downloads\Telegram Desktop
2025-03-14 20:07 - 2023-11-29 13:50 - 000002376 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk
2025-03-12 10:54 - 2023-01-20 12:08 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\NordVPN
2025-03-10 10:28 - 2024-06-06 09:53 - 000001039 _____ C:\Users\MCFIVE\Desktop\Tor Browser.lnk
2025-03-10 10:28 - 2021-03-20 16:23 - 000000000 ____D C:\Users\MCFIVE
2025-03-08 19:06 - 2022-03-07 23:57 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Signal
2025-03-08 13:11 - 2021-02-12 08:28 - 000000000 ____D C:\ProgramData\Package Cache
2025-03-08 12:56 - 2021-03-23 18:17 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\NVIDIA
2025-03-08 12:21 - 2021-03-19 00:28 - 000000000 ____D C:\KPRM
2025-03-08 12:05 - 2021-02-12 08:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2025-03-08 12:05 - 2021-02-12 08:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2025-03-08 12:04 - 2021-02-12 08:28 - 000000000 ____D C:\windows\system32\Drivers\NVIDIA Corporation
2025-03-08 11:45 - 2019-12-07 15:51 - 000000000 ____D C:\windows\system32\OpenSSH
2025-03-08 11:45 - 2019-12-07 10:03 - 000000000 ____D C:\windows\servicing
2025-03-07 22:00 - 2024-07-13 07:21 - 000000000 ____D C:\Users\MICHEL MVK
2025-03-07 21:51 - 2020-11-19 00:32 - 000000000 __RHD C:\Users\Public\AccountPictures
2025-03-07 21:46 - 2021-03-20 16:23 - 000000000 ___SD C:\Users\MCFIVE\AppData\Roaming\Microsoft\Protect
2025-03-07 19:22 - 2024-11-29 14:36 - 000085308 _____ C:\Users\MCFIVE\Downloads\Addition.txt
2025-03-07 19:17 - 2024-11-29 16:41 - 000000000 ____D C:\Users\MCFIVE\Desktop\FRST-OlderVersion
2025-03-07 19:06 - 2023-01-21 10:46 - 000001396 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2025-03-06 07:42 - 2020-11-19 00:29 - 000000000 ____D C:\windows\system32\Drivers\wd
2025-03-05 23:18 - 2024-11-11 14:33 - 000000000 ____D C:\Users\MCFIVE\Desktop\Trading
2025-03-01 19:29 - 2023-03-26 08:46 - 000000000 ____D C:\Users\MCFIVE\Documents\F AC T U R E S P A Y E E S
2025-02-27 12:41 - 2024-09-28 13:24 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Exodus
==================== Fichiers à la racine de certains dossiers ========
2021-09-16 16:50 - 2021-09-16 16:50 - 034595824 _____ (Audacity Team ) C:\Users\MCFIVE\audacity-win-3.0.4-x64.exe
2021-12-14 12:16 - 2021-12-14 12:16 - 001243560 ____N (BraveSoftware Inc.) C:\Users\MCFIVE\BraveBrowserSetup.exe
2021-09-22 18:06 - 2021-09-22 18:06 - 030128864 _____ (CleverFiles) C:\Users\MCFIVE\disk-drill-win.exe
2021-12-07 08:32 - 2021-12-07 08:32 - 024477344 ____N () C:\Users\MCFIVE\fortuneo-livetrader-x64 (1).exe
2021-12-03 09:05 - 2021-12-03 09:05 - 024477344 ____N () C:\Users\MCFIVE\fortuneo-livetrader-x64.exe
2021-10-20 12:35 - 2021-10-20 12:35 - 136008120 _____ (Microsoft Corporation) C:\Users\MCFIVE\MSERT.exe
2021-09-16 17:04 - 2021-09-16 17:04 - 356282440 _____ () C:\Users\MCFIVE\NIKON D850 LOGICIEL FOTO S-NXD___-010605WF-ALLIN-ALL___.exe
2021-07-15 09:48 - 2021-07-15 09:48 - 056431504 _____ (TEFINCOM S.A. ) C:\Users\MCFIVE\NordLockerSetup.exe
2021-07-30 11:23 - 2021-07-30 11:23 - 056867264 _____ (TEFINCOM S.A. ) C:\Users\MCFIVE\NordVPNSetup.exe
2021-09-18 12:12 - 2021-09-18 12:12 - 017385800 ____N (Google Inc.) C:\Users\MCFIVE\picasa-3-9-138-150-multi-win.exe
2021-09-16 17:00 - 2021-09-16 17:00 - 001249032 _____ (Adobe Inc) C:\Users\MCFIVE\readerdc64_fr_ha_crd_install.exe
2022-03-18 20:16 - 2022-03-18 20:16 - 000000050 _____ () C:\Users\MCFIVE\AppData\Roaming\3300576UVDConfig.json
2023-01-21 12:18 - 2023-10-20 13:56 - 000004608 _____ () C:\Users\MCFIVE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== FLock ==============================
2025-03-27 08:33 C:\windows\system32\config
2019-12-07 10:31 C:\windows\system32\Configuration
2019-12-07 10:14 C:\windows\system32\DriverState
2021-01-14 15:11 C:\windows\system32\FxsTmp
2019-12-07 10:14 C:\windows\system32\ias
2019-12-07 10:14 C:\windows\system32\MsDtc
2019-12-07 10:14 C:\windows\system32\networklist
2025-03-28 09:38 C:\windows\system32\SleepStudy
2025-03-28 13:12 C:\windows\system32\sru
2025-03-27 10:03 C:\windows\system32\Tasks
2022-11-16 08:43 C:\windows\system32\WDI
2025-03-28 09:04 C:\Program Files\WindowsApps
2021-01-14 16:19 C:\windows\diagerr.xml
2021-01-14 16:19 C:\windows\diagwrn.xml
2024-06-19 11:19 C:\windows\LiveKernelReports
2019-12-07 10:14 C:\windows\ModemLogs
2025-03-28 13:55 C:\windows\Prefetch
2025-03-27 08:28 C:\windows\ServiceState
2025-03-28 08:10 C:\windows\SystemTemp
2025-03-28 13:55 C:\windows\Temp
2019-12-07 10:31 C:\windows\SysWOW64\config
2019-12-07 10:31 C:\windows\SysWOW64\Configuration
2019-12-07 15:51 C:\windows\SysWOW64\FxsTmp
2019-12-07 10:14 C:\windows\SysWOW64\Msdtc
2019-12-07 10:14 C:\windows\SysWOW64\networklist
2019-12-07 10:14 C:\windows\SysWOW64\sru
2019-12-07 10:31 C:\windows\SysWOW64\Tasks
2021-02-12 08:21 C:\windows\system32\Drivers\DriverData
2025-03-07 22:00 C:\Users\MICHEL MVK
2025-03-20 21:53 C:\ProgramData\Packages
2019-12-07 15:53 C:\ProgramData\WindowsHolographicDevices
2024-03-18 12:59 C:\Users\MCFIVE\AppData\Local\ElevatedDiagnostics
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
ATTENTION: ==> Impossible d'accéder au BCD. L'utilisateur n'est pas administrateur -> Impossible d'ouvrir le magasin des donn‚es de configuration de d‚marrage.
AccŠs refus‚.
==================== Fin de FRST.txt ========================