Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2024 Exécuté par DRUGEON (administrateur) sur WIN (Acer Aspire XC-703) (04-01-2024 05:03:14) Exécuté depuis C:\Users\DRUGEON\Downloads\FRST64.exe Profils chargés: DRUGEON Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.3803 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\BSD Concept\Heredis 2022\Heredis22.exe ->) (HEREDIS S.C.O.P -> Heredis) C:\Program Files (x86)\BSD Concept\Heredis 2022\CefSubProcess.exe <11> (C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Program Files\CyberGhost 8\Dashboard.exe ->) (The CefSharp Authors) [Fichier non signé] C:\Program Files\CyberGhost 8\Data\Cef\116.0.23\x64\CefSharp.BrowserSubprocess.exe <4> (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe <2> (cmd.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MbamBgNativeMsg.exe (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.exe (explorer.exe ->) (HEREDIS S.C.O.P -> Heredis) C:\Program Files (x86)\BSD Concept\Heredis 2022\Heredis22.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.363\GoogleCrashHandler64.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8> (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <13> (services.exe ->) (CyberGhost S.R.L. -> CyberGhost S.R.L.) C:\Program Files\CyberGhost 8\Dashboard.Service.exe (services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe (services.exe ->) (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [MicrosoftEdgeAutoLaunch_ECD50FDAB034E6D8681A75DE84938709] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3854280 2023-12-21] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [44486048 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) HKU\S-1-5-21-1257625825-3375989472-137694397-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 8\Dashboard.exe [1371080 2023-12-30] (CyberGhost S.R.L. -> CyberGhost S.R.L.) HKU\S-1-5-21-1257625825-3375989472-137694397-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [154624 2019-12-07] (Microsoft Windows -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon MG6800 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCR.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor MG6800 series: C:\WINDOWS\system32\CNMLMCR.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\120.0.6099.130\Installer\chrmstp.exe [2023-12-27] (Google LLC -> Google LLC) ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {7C3A52B5-F1ED-4F1D-99ED-62AF0571FBE6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [714256 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {AD17BC0B-C2F3-42AF-9698-636076890649} - System32\Tasks\CCleanerClean => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {C0D19D91-CECB-4752-AD24-A62B2836E33C} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [4703648 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "fe8afac5-6e9f-49da-893c-0881566671ef" --version "6.19.10858" --silent Task: {E20CB980-96BC-4C54-A315-23360657C627} - System32\Tasks\CCleanerSkipUAC - DRUGEON => C:\Program Files\CCleaner\CCleaner.exe [37458848 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) Task: {72733B59-0854-45C2-9A0B-A5E0815E75D1} - System32\Tasks\GoogleUpdateTaskMachineCore{91902BEB-6609-45B3-A04B-533190F3C6B9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-19] (Google LLC -> Google LLC) Task: {B84E3A6D-CBDD-4ADB-8362-CFDAD8ECB5C9} - System32\Tasks\GoogleUpdateTaskMachineUA{20C16E85-AB0E-427D-AD7E-36D91883ECBB} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [162080 2023-12-19] (Google LLC -> Google LLC) Task: {7498E87F-0E08-4B5E-AF64-6E0EE0703F36} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {6E2D0F8A-F37D-43EE-A3C4-29CBFB507247} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {140275EB-DAD8-4B19-8B5C-74BB2188EA29} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9060C20D-E291-41DE-9A60-276693B07970} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {33C22C0D-7AEA-4B49-B394-FFC25BE957E0} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [674720 2023-12-19] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {419EE7BF-95A9-42B1-8D59-60605EAB2E1E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [35232 2023-12-19] (Mozilla Corporation -> Mozilla Foundation) Task: {9FED1626-0A30-49CA-88B2-131BAF102666} - System32\Tasks\Mozilla\Firefox Default Browser Agent 6E51FBD3059A1CB3 => C:\Users\DRUGEON\AppData\Local\Mozilla Firefox\default-browser-agent.exe [35232 2023-11-29] (Mozilla Corporation -> Mozilla Foundation) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CCleanerClean.job => C:\Program Files\CCleaner\CCleaner.exe Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.) Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0327f8cc-3b24-475c-90ba-ea05d79c7efb}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{0327f8cc-3b24-475c-90ba-ea05d79c7efb}: [DhcpDomain] home Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default [2024-01-04] Edge Extension: (Malwarebytes Browser Guard) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2023-12-20] Edge Extension: (Google Docs hors connexion) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-13] Edge Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2023-12-21] Edge Extension: (Edge relevant text changes) - C:\Users\DRUGEON\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2023-12-13] Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn] FireFox: ======== FF DefaultProfile: liyqn5w6.default FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743 [2024-01-02] FF Homepage: Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743 -> hxxps://actu.orange.fr/ FF Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\1bks10td.default-release-1-1702969565743\Extensions\uBlock0@raymondhill.net.xpi [2023-12-19] FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\liyqn5w6.default [2023-12-13] FF ProfilePath: C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704 [2024-01-04] FF Homepage: Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704 -> hxxps://actu.orange.fr/ FF Extension: (Privacy Badger) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2023-12-31] FF Extension: (Correcteur d’orthographe et de grammaire — LanguageTool) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\languagetool-webextension@languagetool.org.xpi [2023-12-19] FF Extension: (Simple Translate) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\simple-translate@sienori.xpi [2023-12-31] FF Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Roaming\Mozilla\Firefox\Profiles\za1dbh5h.default-release-1702969476704\Extensions\uBlock0@raymondhill.net.xpi [2023-12-22] Chrome: ======= CHR Profile: C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default [2024-01-03] CHR Extension: (Google Traduction) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2023-12-19] CHR Extension: (uBlock Origin) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-12-19] CHR Extension: (Google Docs hors connexion) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-12-19] CHR Extension: (Malwarebytes Browser Guard) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2023-12-20] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\DRUGEON\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-19] CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee] Opera: ======= OPR DefaultProfile: Default ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1082784 2023-12-05] (PIRIFORM SOFTWARE LIMITED -> Piriform Software Ltd) R2 CyberGhost8Service; C:\Program Files\CyberGhost 8\Dashboard.Service.exe [73160 2023-12-30] (CyberGhost S.R.L. -> CyberGhost S.R.L.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9405400 2023-12-20] (Malwarebytes Inc. -> Malwarebytes) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-13] (Microsoft Windows Publisher -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories) R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222784 2023-12-28] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2023-12-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239576 2023-12-20] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 pelmouse; C:\WINDOWS\System32\drivers\pelmouse.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) S3 pelusblf; C:\WINDOWS\System32\drivers\pelusblf.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> ) S3 pelvendr; C:\WINDOWS\System32\drivers\pelvendr.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) S3 phidmice; C:\WINDOWS\System32\drivers\phidmice.sys [33048 2016-07-11] (WDKTestCert idd,131110062695071623 -> ) S3 pmouself; C:\WINDOWS\System32\drivers\pmouself.sys [26880 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) S3 pvendrlf; C:\WINDOWS\System32\drivers\pvendrlf.sys [15032 2016-07-11] (WDKTestCert idd,131110062695071623 -> TPMX Electronics Ltd.) R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-13] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-03 16:37 - 2024-01-03 16:37 - 008791352 _____ (Malwarebytes) C:\Users\DRUGEON\Downloads\adwcleaner_8.4.0.exe 2024-01-03 04:18 - 2024-01-03 04:18 - 000001066 _____ C:\Users\DRUGEON\Downloads\NAdc2adY5tD_Addition.txt---Raccourci.lnk.download 2024-01-03 04:18 - 2024-01-03 04:18 - 000001026 _____ C:\Users\DRUGEON\Downloads\NAdc1c8UQhD_FRST.txt---Raccourci.lnk.download 2024-01-03 04:18 - 2024-01-03 04:18 - 000001026 _____ C:\Users\DRUGEON\Downloads\NAdc1c8UQhD_FRST.txt---Raccourci.lnk(1).download 2024-01-02 17:21 - 2024-01-02 17:21 - 000001066 _____ C:\Users\DRUGEON\OneDrive\Bureau\Addition.txt - Raccourci.lnk 2024-01-02 17:21 - 2024-01-02 17:21 - 000001026 _____ C:\Users\DRUGEON\OneDrive\Bureau\FRST.txt - Raccourci.lnk 2024-01-02 17:15 - 2024-01-02 17:18 - 000039498 _____ C:\Users\DRUGEON\Downloads\Addition.txt 2024-01-02 17:11 - 2024-01-04 05:05 - 000017559 _____ C:\Users\DRUGEON\Downloads\FRST.txt 2024-01-02 17:10 - 2024-01-04 05:04 - 000000000 ____D C:\FRST 2024-01-02 17:10 - 2024-01-02 17:10 - 002387456 _____ (Farbar) C:\Users\DRUGEON\Downloads\FRST64.exe 2024-01-02 16:52 - 2024-01-02 16:52 - 003369120 _____ (Nicolas Coolman) C:\Users\DRUGEON\Downloads\ZHPDiag3.exe 2024-01-02 16:52 - 2024-01-02 16:52 - 000000877 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPDiag.lnk 2024-01-02 12:42 - 2024-01-02 12:42 - 000011042 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPCleaner (S).html 2024-01-02 12:26 - 2024-01-02 12:26 - 000000887 _____ C:\Users\DRUGEON\OneDrive\Bureau\ZHPCleaner.lnk 2024-01-02 12:25 - 2024-01-02 12:25 - 003363488 _____ (Nicolas Coolman) C:\Users\DRUGEON\Downloads\ZHPCleaner.exe 2024-01-01 16:59 - 2024-01-01 16:59 - 000000000 ____D C:\ProgramData\CyberGhost 2023-12-30 20:05 - 2023-12-30 20:05 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(3).exe 2023-12-30 20:04 - 2023-12-30 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 8 2023-12-30 20:03 - 2023-12-30 20:03 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(2).exe 2023-12-30 17:41 - 2023-12-30 17:41 - 000190356 _____ C:\Users\DRUGEON\Downloads\CR_202311070952_7541_B8011206979-1.pdf 2023-12-30 17:40 - 2023-12-30 17:40 - 000190356 _____ C:\Users\DRUGEON\Downloads\CR_202311070952_7541_B8011206979.pdf 2023-12-30 17:38 - 2023-12-30 17:38 - 000122662 _____ C:\Users\DRUGEON\Downloads\CR_202312261545_7541_B8011206979.pdf 2023-12-28 10:48 - 2024-01-02 15:00 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\CrashDumps 2023-12-28 10:45 - 2023-12-28 10:47 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\AVG 2023-12-28 10:45 - 2023-12-28 10:45 - 000000000 ____D C:\ProgramData\TEMP 2023-12-27 16:46 - 2023-12-27 16:47 - 000000000 ____D C:\AdwCleaner 2023-12-21 15:02 - 2023-12-21 15:02 - 000003537 _____ C:\Users\DRUGEON\Downloads\LOGO-LBP-digital-fd-glass-RVB.svg 2023-12-20 18:37 - 2023-12-20 18:37 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\OpenOffice 2023-12-20 18:30 - 2023-12-31 19:42 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2023-12-20 18:21 - 2023-12-20 18:22 - 133763120 _____ C:\Users\DRUGEON\Downloads\Apache_OpenOffice_4.1.8_Win_x86_install_fr(1).exe 2023-12-20 12:22 - 2024-01-04 04:55 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Malwarebytes 2023-12-20 12:22 - 2023-12-20 12:22 - 000002037 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-12-20 12:22 - 2023-12-20 12:22 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\mbam 2023-12-20 12:21 - 2023-12-20 12:21 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-12-20 12:21 - 2023-12-20 12:21 - 000000000 ____D C:\Program Files\Malwarebytes 2023-12-20 12:18 - 2023-12-20 12:18 - 002094168 _____ (Malwarebytes) C:\Users\DRUGEON\Downloads\MBSetup-4.4.0.222.exe 2023-12-19 16:11 - 2023-12-19 16:11 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\InputMethod 2023-12-19 15:21 - 2023-12-21 21:17 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-12-19 14:49 - 2023-12-27 17:00 - 000002249 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2023-12-19 14:49 - 2023-12-19 14:49 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Google 2023-12-19 14:48 - 2024-01-04 04:59 - 000000000 ____D C:\Program Files (x86)\Google 2023-12-19 14:48 - 2023-12-19 14:54 - 000003960 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA{20C16E85-AB0E-427D-AD7E-36D91883ECBB} 2023-12-19 14:48 - 2023-12-19 14:54 - 000003836 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore{91902BEB-6609-45B3-A04B-533190F3C6B9} 2023-12-19 14:48 - 2023-12-19 14:48 - 001376304 _____ (Google LLC) C:\Users\DRUGEON\Downloads\ChromeSetup.exe 2023-12-19 14:48 - 2023-12-19 14:48 - 000000000 ____D C:\Program Files\Google 2023-12-19 14:39 - 2023-12-19 14:39 - 002590568 _____ (LogMeIn, Inc.) C:\Users\DRUGEON\Downloads\Support-LogMeInRescue(1).exe 2023-12-19 08:04 - 2023-12-21 21:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2023-12-19 08:04 - 2023-12-19 16:43 - 000001009 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-12-19 08:04 - 2023-12-19 08:04 - 000002050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2023-12-19 07:56 - 2023-12-19 07:56 - 000350136 _____ (Mozilla) C:\Users\DRUGEON\Downloads\Firefox Installer (1).exe 2023-12-19 06:59 - 2023-12-19 07:00 - 133763120 _____ C:\Users\DRUGEON\Downloads\Apache_OpenOffice_4.1.8_Win_x86_install_fr.exe 2023-12-19 06:49 - 2023-12-19 06:49 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Opera Software 2023-12-19 06:47 - 2023-12-19 06:47 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Opera Software 2023-12-17 14:20 - 2023-12-17 14:20 - 000000000 ___HD C:\$SysReset 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ___RD C:\Users\DRUGEON\OneDrive\Documents\Notes 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\WindowsFacile-JeuxXP_W10 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Telechargement à consever 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\sports 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Scanned Documents 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\PHOTOS 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\PERSO 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\ORDINATEUR 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Nouveau dossier 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\My Digital Editions 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Mots de passe 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe!App 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\mes favoris 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Maison St HO 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Justificatif du règlement de l'amende_fichiers 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Genealogie 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\FreshStart 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\FeedbackHub 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Fax 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Favoris 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Enregistrements audio 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\E-cigarette 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\CyberLink 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\COURRIER 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\Compte ameli 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\BSD Concept 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\auto 2023-12-17 13:54 - 2023-12-17 13:54 - 000000000 ____D C:\Users\DRUGEON\OneDrive\Documents\arnaque 2023-12-15 19:27 - 2023-12-15 19:27 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup(1).exe 2023-12-15 19:11 - 2023-12-30 20:04 - 000001077 _____ C:\Users\DRUGEON\OneDrive\Bureau\CyberGhost 8.lnk 2023-12-15 19:09 - 2023-12-15 19:09 - 000130264 _____ (CyberGhost S.R.L.) C:\Users\DRUGEON\Downloads\CyberGhostVPNSetup.exe 2023-12-15 17:56 - 2023-12-15 17:56 - 000820069 _____ C:\Users\DRUGEON\Downloads\DEFAUT HEREDIS FEUILLE CENTRALE BLOQUEE.htm 2023-12-15 17:56 - 2023-12-15 17:56 - 000000000 ____D C:\Users\DRUGEON\Downloads\DEFAUT HEREDIS FEUILLE CENTRALE BLOQUEE_fichiers 2023-12-15 17:40 - 2023-12-20 10:33 - 000000000 ____D C:\Program Files (x86)\LogMeIn Rescue Applet 2023-12-15 17:40 - 2023-12-19 15:18 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\LogMeIn Rescue Applet 2023-12-15 17:39 - 2023-12-15 17:39 - 002590568 _____ (LogMeIn, Inc.) C:\Users\DRUGEON\Downloads\Support-LogMeInRescue.exe 2023-12-15 17:16 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\InboxApps 2023-12-15 16:56 - 2023-12-15 16:56 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2023-12-15 15:13 - 2023-12-15 15:13 - 000001369 _____ C:\Users\DRUGEON\OneDrive\Bureau\licence CCleaner - Raccourci.lnk 2023-12-15 14:44 - 2023-12-15 17:18 - 000000280 _____ C:\WINDOWS\Tasks\CCleanerClean.job 2023-12-15 14:44 - 2023-12-15 14:44 - 000003164 _____ C:\WINDOWS\system32\Tasks\CCleanerClean 2023-12-15 14:36 - 2023-12-15 14:36 - 000000000 ____D C:\ProgramData\Piriform 2023-12-15 14:27 - 2024-01-03 03:58 - 000000000 ____D C:\Program Files\CCleaner 2023-12-15 14:27 - 2023-12-27 16:25 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update 2023-12-15 14:27 - 2023-12-15 17:18 - 000000666 _____ C:\WINDOWS\Tasks\CCleanerCrashReporting.job 2023-12-15 14:27 - 2023-12-15 14:27 - 000003380 _____ C:\WINDOWS\system32\Tasks\CCleanerCrashReporting 2023-12-15 14:27 - 2023-12-15 14:27 - 000002888 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - DRUGEON 2023-12-15 14:27 - 2023-12-15 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2023-12-15 14:07 - 2023-12-15 14:07 - 000016707 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2023-12-15 13:41 - 2023-12-15 13:41 - 000000000 ___HD C:\$WinREAgent 2023-12-15 01:57 - 2023-12-19 21:33 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\D3DSCache 2023-12-15 00:55 - 2023-12-15 00:55 - 077809272 _____ (Piriform Software Ltd) C:\Users\DRUGEON\Downloads\ccsetup619_pro_trial.exe 2023-12-14 22:56 - 2023-12-14 22:56 - 000003764 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA{BDC5706F-D5C5-4513-A46D-2226DF56CC84} 2023-12-14 22:56 - 2023-12-14 22:56 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore{C008BE34-0E97-49A8-89CA-C7698C44053D} 2023-12-14 22:55 - 2023-12-14 22:55 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2023-12-14 18:28 - 2024-01-02 17:00 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\ZHP 2023-12-14 18:28 - 2024-01-02 16:52 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\ZHP 2023-12-14 17:00 - 2023-12-14 17:01 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\MMC 2023-12-14 16:54 - 2023-12-14 16:54 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\PlaceholderTileLogoFolder 2023-12-14 16:25 - 2023-12-27 17:47 - 000000000 ____D C:\ProgramData\Package Cache 2023-12-14 16:25 - 2023-12-15 19:12 - 000000000 ____D C:\Program Files\TAP-Windows 2023-12-14 16:25 - 2023-12-14 16:25 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\IsolatedStorage 2023-12-14 16:24 - 2024-01-04 05:02 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\CyberGhost 2023-12-14 16:24 - 2023-12-30 20:07 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\CyberGhost 2023-12-14 16:24 - 2023-12-30 20:04 - 000000000 ____D C:\Program Files\CyberGhost 8 2023-12-14 15:43 - 2023-12-14 15:43 - 000056689 _____ C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.](1).htm 2023-12-14 07:03 - 2023-12-14 07:03 - 000000000 ____D C:\ProgramData\PLUG 2023-12-14 06:54 - 2023-12-14 06:54 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Backup 2023-12-14 06:49 - 2023-12-28 10:38 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools 2023-12-14 03:29 - 2023-12-14 03:29 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\OneDrive 2023-12-14 03:15 - 2023-12-14 03:15 - 000001371 _____ C:\Users\DRUGEON\OneDrive\Bureau\carte d'identite - Raccourci.lnk 2023-12-14 03:12 - 2023-12-14 03:12 - 000949779 _____ C:\Users\DRUGEON\Downloads\covid.pdf 2023-12-14 03:08 - 2023-12-14 03:08 - 000600758 _____ C:\Users\DRUGEON\Downloads\PIECE D'IDENTITE personnelle.pdf 2023-12-14 03:04 - 2023-12-14 03:07 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-12-14 03:03 - 2023-12-14 03:03 - 000000000 ____D C:\Program Files\RUXIM 2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc.htm 2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (3).htm 2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (2).htm 2023-12-14 01:31 - 2023-12-14 01:31 - 000039483 _____ C:\Users\DRUGEON\Downloads\ar-AA1lqdJc (1).htm 2023-12-14 00:54 - 2023-12-19 09:09 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\BSD Concept 2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\ProgramData\Apple 2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\Program Files\Bonjour 2023-12-14 00:53 - 2023-12-14 00:53 - 000000000 ____D C:\Program Files (x86)\Bonjour 2023-12-14 00:52 - 2023-12-19 09:48 - 000000000 ____D C:\Program Files (x86)\BSD Concept 2023-12-14 00:39 - 2023-12-14 00:41 - 000000000 ____D C:\Program Files\Defraggler 2023-12-13 22:37 - 2023-12-21 17:32 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Spelling 2023-12-13 21:45 - 2023-12-19 16:43 - 000001283 _____ C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-12-13 21:45 - 2023-12-19 15:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Mozilla Firefox 2023-12-13 21:45 - 2023-12-13 21:45 - 000002352 _____ C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2023-12-13 21:19 - 2024-01-04 05:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-12-13 21:19 - 2023-12-19 08:05 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2023-12-13 21:19 - 2023-12-13 21:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Mozilla 2023-12-13 21:19 - 2023-12-13 21:19 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Mozilla 2023-12-13 21:18 - 2023-12-13 21:18 - 000350136 _____ (Mozilla) C:\Users\DRUGEON\Downloads\Firefox Installer.exe 2023-12-13 21:02 - 2023-12-13 21:02 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Comms 2023-12-13 21:00 - 2023-12-13 21:00 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2023-12-13 20:57 - 2023-12-13 20:57 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Publishers 2023-12-13 20:56 - 2023-12-19 12:01 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\Packages 2023-12-13 20:56 - 2023-12-14 16:54 - 000000000 ____D C:\ProgramData\Packages 2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Network 2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Adobe 2023-12-13 20:56 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\VirtualStore 2023-12-13 20:55 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Local\ConnectedDevicesPlatform 2023-12-13 20:55 - 2023-12-13 20:55 - 000000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2023-12-13 20:55 - 2023-12-13 20:55 - 000000020 ___SH C:\Users\DRUGEON\ntuser.ini 2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\Default User 2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Users\All Users 2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Modèles 2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Menu Démarrer 2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\ProgramData\Bureau 2023-12-13 20:26 - 2023-12-13 20:26 - 000000000 _SHDL C:\Program Files\Fichiers communs 2023-12-13 20:25 - 2023-12-28 11:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-12-13 20:25 - 2023-12-13 22:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2023-12-13 20:24 - 2023-12-22 10:05 - 001770906 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-12-13 20:21 - 2023-12-13 20:21 - 000011144 _____ C:\Users\DRUGEON\OneDrive\Bureau\Applications supprimées.html 2023-12-13 20:21 - 2023-12-13 20:21 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\IME 2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\SystemCertificates 2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Crypto 2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\SystemCertificates 2023-12-13 20:20 - 2023-12-13 20:20 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Crypto 2023-12-13 20:06 - 2023-12-22 04:46 - 000000000 ____D C:\Users\DRUGEON 2023-12-13 20:06 - 2023-12-14 22:48 - 000000000 ____D C:\Users\Vsiteur.Win 2023-12-13 20:06 - 2023-12-13 20:56 - 000000000 ____D C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows 2023-12-13 20:06 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Windows 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Voisinage réseau 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Voisinage d'impression 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Modèles 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Mes documents 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\Menu Démarrer 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\Vsiteur.Win\AppData\Local\Historique 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Voisinage réseau 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Voisinage d'impression 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Modèles 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Mes documents 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\Menu Démarrer 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2023-12-13 20:06 - 2023-12-13 20:06 - 000000000 _SHDL C:\Users\DRUGEON\AppData\Local\Historique 2023-12-13 19:50 - 2023-12-13 19:50 - 000000000 ___HD C:\ProgramData\CanonBJ 2023-12-13 19:50 - 2023-12-13 19:50 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2023-12-13 19:49 - 2023-12-13 19:49 - 000000000 ____D C:\Program Files\Intel 2023-12-13 19:38 - 2024-01-03 22:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2023-12-13 19:37 - 2023-12-21 21:18 - 000297424 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-12-13 19:35 - 2023-12-31 19:37 - 000000000 ____D C:\WINDOWS\Panther 2023-12-13 19:21 - 2023-12-13 19:22 - 000000000 ____D C:\WINDOWS\ServiceProfiles 2023-12-13 19:19 - 2023-12-13 19:19 - 000000000 ____D C:\Program Files\Lenovo 2023-12-13 19:17 - 2023-12-13 19:17 - 000000000 ____D C:\WINDOWS\SysWOW64\sda 2023-12-13 19:11 - 2023-12-13 19:11 - 000008192 _____ C:\WINDOWS\system32\config\userdiff 2023-12-13 19:09 - 2023-12-13 19:09 - 000000000 ____D C:\WINDOWS\Setup 2023-12-13 19:06 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2023-12-13 19:06 - 2023-12-13 20:52 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\OCR 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\addins 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\ProgramData\ssh 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files\Reference Assemblies 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files\MSBuild 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2023-12-13 19:06 - 2023-12-13 19:06 - 000000000 ____D C:\Program Files (x86)\MSBuild 2023-12-13 19:05 - 2023-12-22 10:05 - 000791594 _____ C:\WINDOWS\system32\perfh00C.dat 2023-12-13 19:05 - 2023-12-22 10:05 - 000149760 _____ C:\WINDOWS\system32\perfc00C.dat 2023-12-13 19:05 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2023-12-13 19:05 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\fr 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\SysWOW64\0409 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\winrm 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\WCN 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\slmgr 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\system32\0409 2023-12-13 19:05 - 2023-12-13 19:05 - 000000000 ____D C:\WINDOWS\DigitalLocker 2023-12-13 18:58 - 2023-12-13 19:30 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template 2023-12-13 18:58 - 2023-12-13 18:53 - 000017635 _____ C:\WINDOWS\system32\Drivers\etc\services 2023-12-13 18:58 - 2023-12-13 18:53 - 000003103 _____ C:\WINDOWS\SysWOW64\mmc.exe.config 2023-12-13 18:58 - 2023-12-13 18:53 - 000003103 _____ C:\WINDOWS\system32\mmc.exe.config 2023-12-13 18:58 - 2023-12-13 18:53 - 000001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2023-12-13 18:58 - 2023-12-13 18:53 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2023-12-13 18:58 - 2023-12-13 18:53 - 000000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2023-12-13 18:57 - 2024-01-04 04:59 - 000000000 ____D C:\WINDOWS\SystemTemp 2023-12-13 18:57 - 2024-01-03 12:29 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2023-12-13 18:57 - 2023-12-30 13:10 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-12-13 18:57 - 2023-12-30 13:02 - 000000000 ___HD C:\Program Files\WindowsApps 2023-12-13 18:57 - 2023-12-27 17:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2023-12-13 18:57 - 2023-12-20 18:30 - 000000000 ___RD C:\Program Files (x86) 2023-12-13 18:57 - 2023-12-20 18:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-12-13 18:57 - 2023-12-20 12:21 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\SystemResources 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\ShellExperiences 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\Provisioning 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-12-13 18:57 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\bcastdvr 2023-12-13 18:57 - 2023-12-14 22:54 - 000000000 ____D C:\WINDOWS\system32\config\TxR 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 __RSD C:\WINDOWS\Media 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\UNP 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\F12 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\dsc 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ___RD C:\WINDOWS\PrintDialog 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\setup 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\migwiz 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\icsxml 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\downlevel 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\Com 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\ShellComponents 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\IME 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\IdentityCRL 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\WINDOWS\DiagTrack 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Portable Devices 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Windows Multimedia Platform 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files\Common Files\System 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2023-12-13 18:57 - 2023-12-14 22:48 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2023-12-13 18:57 - 2023-12-14 22:46 - 000000000 ____D C:\WINDOWS\SystemApps 2023-12-13 18:57 - 2023-12-14 22:45 - 000000000 ____D C:\WINDOWS\Help 2023-12-13 18:57 - 2023-12-14 22:45 - 000000000 ____D C:\WINDOWS\Containers 2023-12-13 18:57 - 2023-12-14 22:15 - 000000000 ____D C:\WINDOWS\registration 2023-12-13 18:57 - 2023-12-14 06:46 - 000000000 ____D C:\WINDOWS\appcompat 2023-12-13 18:57 - 2023-12-13 22:57 - 000000000 ____D C:\Program Files\Windows Defender 2023-12-13 18:57 - 2023-12-13 20:52 - 000000000 ____D C:\WINDOWS\system32\spool 2023-12-13 18:57 - 2023-12-13 20:52 - 000000000 ____D C:\ProgramData\USOPrivate 2023-12-13 18:57 - 2023-12-13 20:26 - 000000000 ____D C:\Program Files\Windows NT 2023-12-13 18:57 - 2023-12-13 20:20 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows 2023-12-13 18:57 - 2023-12-13 19:48 - 000000000 ____D C:\WINDOWS\ServiceState 2023-12-13 18:57 - 2023-12-13 19:29 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase 2023-12-13 18:57 - 2023-12-13 19:22 - 000000000 __RHD C:\Users\Public\Libraries 2023-12-13 18:57 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2023-12-13 18:57 - 2023-12-13 19:06 - 000000000 ____D C:\WINDOWS\system32\MUI 2023-12-13 18:57 - 2023-12-13 19:05 - 000000000 ____D C:\Program Files (x86)\Windows NT 2023-12-13 18:57 - 2023-12-13 19:05 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___SD C:\WINDOWS\system32\Nui 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ___RD C:\WINDOWS\Offline Web Pages 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ti-et 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ta-lk 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ta-in 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\si-lk 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Sgrm 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\osa-Osge-001 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\my-mm 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\MsDtc 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Keywords 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ias 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ff-Adlm-SN 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\DDFs 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\ContainerSettingsProviders 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\Bthprops 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\appraiser 2023-12-13 18:57 - 2023-12-13 18:58 - 000000000 ____D C:\WINDOWS\system32\am-et 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 __SHD C:\Program Files\Windows Sidebar 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\system32\Configuration 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ___HD C:\WINDOWS\LanguageOverlayCache 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Web 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\WaaS 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Vss 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\tracing 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\TAPI 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\ras 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Msdtc 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\IME 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\winevt 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\ras 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\ProximityToast 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\PointOfService 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\NDF 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Macromed 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Ipmi 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\inetsrv 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\IME 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Hydrogen 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\GroupPolicy 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\DriverState 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\DriverData 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\RegBack 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\config\Journal 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\AppLocker 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\System 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SKB 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\security 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\schemas 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\SchCache 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Resources 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\rescache 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\PLA 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Performance 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\ModemLogs 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\L2Schemas 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\InputMethod 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Globalization 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Cursors 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\Branding 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\ProgramData\WindowsHolographicDevices 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\ProgramData\USOShared 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\Windows Security 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\ModifiableWindowsApps 2023-12-13 18:57 - 2023-12-13 18:57 - 000000000 ____D C:\Program Files\Common Files\Services 2023-12-13 18:54 - 2023-12-28 10:44 - 000000000 ____D C:\WINDOWS\INF 2023-12-13 18:45 - 2023-12-15 14:16 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-12-13 18:35 - 2023-12-28 11:14 - 074973184 _____ C:\WINDOWS\system32\config\SOFTWARE 2023-12-13 18:35 - 2023-12-28 11:14 - 013893632 _____ C:\WINDOWS\system32\config\SYSTEM 2023-12-13 18:35 - 2023-12-28 11:14 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT 2023-12-13 18:35 - 2023-12-28 11:14 - 000262144 _____ C:\WINDOWS\system32\config\BBI 2023-12-13 18:35 - 2023-12-28 11:14 - 000065536 _____ C:\WINDOWS\system32\config\SECURITY 2023-12-13 18:35 - 2023-12-28 11:14 - 000065536 _____ C:\WINDOWS\system32\config\SAM 2023-12-13 18:35 - 2023-12-15 17:16 - 000000000 ____D C:\WINDOWS\servicing 2023-12-13 18:35 - 2023-12-13 20:26 - 000032768 _____ C:\WINDOWS\system32\config\ELAM 2023-12-13 18:35 - 2023-12-13 18:57 - 000000000 ____D C:\WINDOWS\system32\SMI 2023-12-13 15:42 - 2023-12-13 15:42 - 000057506 _____ C:\Users\DRUGEON\Downloads\-laposte.net -Message Recu pour votre paiement a nordsec b.v.-.htm 2023-12-13 15:22 - 2023-12-13 15:22 - 000057506 _____ C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.].htm 2023-12-13 15:22 - 2023-12-13 15:22 - 000000000 ____D C:\Users\DRUGEON\Downloads\[laposte.net »Message Reçu pour votre paiement à nordsec b.v.]_fichiers 2023-12-12 04:06 - 2023-12-12 12:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec 2023-12-10 20:24 - 2023-12-10 20:25 - 113594368 _____ C:\Users\DRUGEON\Downloads\Cloudflare_WARP_Release-x64(1).msi ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-01-03 12:10 - 2015-09-04 18:11 - 000000000 __SHD C:\Users\DRUGEON\IntelGraphicsProfiles 2023-12-31 19:42 - 2023-03-01 11:39 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.14 2023-12-28 11:15 - 2020-09-06 15:39 - 000008192 ___SH C:\DumpStack.log.tmp 2023-12-27 17:06 - 2023-03-25 00:30 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2023-12-19 09:47 - 2022-06-25 12:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BSD Concept 2023-12-19 06:01 - 2015-09-04 14:36 - 000000000 ___RD C:\Users\DRUGEON\OneDrive 2023-12-19 02:36 - 2015-09-16 16:31 - 000000179 _____ C:\Users\DRUGEON\OneDrive\Bureau\Messagerie Orange.url 2023-12-15 01:17 - 2015-09-04 02:08 - 000000000 __RHD C:\Users\Public\AccountPictures 2023-12-14 19:04 - 2015-09-16 16:34 - 000000185 _____ C:\Users\DRUGEON\OneDrive\Bureau\Messagerie La Poste.url 2023-12-14 00:39 - 2018-06-03 01:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler 2023-12-13 20:56 - 2015-09-15 19:31 - 000000000 ___RD C:\Users\DRUGEON\3D Objects 2023-12-13 19:29 - 2021-01-19 22:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon PhotoRecord 2023-12-13 19:29 - 2018-08-24 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2023-12-13 19:22 - 2022-07-14 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2023-12-13 19:22 - 2017-03-18 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2023-12-12 04:10 - 2015-09-04 02:09 - 000000000 ___SD C:\Users\DRUGEON\AppData\Roaming\Microsoft\Credentials ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================