Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 02-11-2024 Exécuté par Didier (administrateur) sur CENTAURUS (Hewlett-Packard p6-2470efm) (03-11-2024 09:36:33) Exécuté depuis C:\Users\Didier\Desktop\FRST64.exe Profils chargés: Didier Plate-forme: Microsoft Windows 11 Famille Version 21H2 22000.2538 (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe ->) (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (services.exe ->) (Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe (services.exe ->) (Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (Ascensio System SIA -> Ascensio System SIA) C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe (services.exe ->) (FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\DiagsCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\NetworkCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe (services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Proton AG -> ProtonVPN) C:\Program Files\Proton\VPN\v3.3.2\ProtonVPNService.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe (services.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe (services.exe ->) (Stéphane Mitermite) [Fichier non signé] C:\Program Files\FreeMi UPnP Media Server\FreeMi.WindowsService.exe (services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WidgetsPlatformRuntime_1.6.1.0_x64__8wekyb3d8bbwe\WidgetService\WidgetService.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe <4> ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated -> Adobe Systems Incorporated) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3500056 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [752208 2024-06-05] (Oracle America, Inc. -> Oracle Corporation) HKLM\Software\Policies\...\system: [EnableSmartScreen] 0 HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4406632 2024-09-13] (Valve Corp. -> Valve Corporation) HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45227312 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd) HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [GogGalaxy] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [13993440 2023-10-25] (GOG sp. z o.o -> GOG.com) HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [RiotClient] => C:\Riot Games\Riot Client\RiotClientServices.exe --launch-background-mode (Pas de fichier) HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [ProtonVPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [17389368 2024-08-12] (Proton AG -> ProtonVPN) HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [Proton Drive] => C:\Users\Didier\AppData\Local\Programs\Proton\Drive\ProtonDrive.exe [212861440 2024-07-12] (Proton AG -> Proton AG) HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\...\Run: [MicrosoftEdgeAutoLaunch_9ED8E2A5A7760875507C687D0866253F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3856424 2024-10-31] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\130.0.6723.92\Installer\chrmstp.exe [2024-11-01] (Google LLC -> Google LLC) GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {F4549621-B796-400E-80A2-75C1419A91FF} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [4116912 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {118B0088-F513-4D91-BF0D-3015E7089C81} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [4454832 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated) Task: {CB4072D4-F924-415F-91DD-CC6D912045EF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) Task: {BECF44FB-4011-46F1-B529-D851475D5336} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-10-15] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "27e4bbb1-f24c-4f99-bea9-c52cf1641f13" --version "6.29.11342" --silent Task: {20DF542E-DCF2-4CE8-A12C-AB74733CD14D} - System32\Tasks\CCleanerSkipUAC - Didier => C:\Program Files\CCleaner\CCleaner.exe [39090480 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd) Task: {42F38AC4-BED9-43E5-A36C-18714128272C} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem131.0.6776.0{71701F6B-A43C-48D5-B398-2F4E2790608B} => C:\Program Files (x86)\Google\GoogleUpdater\131.0.6776.0\updater.exe [5507168 2024-10-14] (Google LLC -> Google LLC) Task: {BA878819-B827-4909-AA96-81E08C01ABD3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [744976 2024-09-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show Task: {E693AEE7-1694-414B-996C-BF37E9F9C192} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-09-04] (HP Inc. -> HP Inc.) Task: {9560E7D2-EFCE-4BB2-9AB6-E7B31D1AE53B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPPrinterLowInk => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPPrinterLowInk\HPPrinterLowInk.exe [231472 2024-09-04] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show Task: {6BD18570-C802-4267-BA35-93F97FDD462D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.) Task: {C2F4963C-2019-424F-9618-266E2314D235} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.) Task: {310CC599-6D18-48F7-A64C-3E37DB53E4D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH8AU6J011 => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1160720 2024-09-04] (HP Inc. -> HP Inc.) Task: {E7E2A7CB-4A32-4CBB-AC4C-A648602FA959} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917808 2024-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {C6DF98F3-EFE7-4EC5-A675-8E2322E41734} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21917808 2024-09-19] (Microsoft Corporation -> Microsoft Corporation) Task: {10D61E6C-E5C7-4E0E-AE53-9C89505E5D09} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {4E54C955-90A8-48D6-AF70-CC805DD08CF9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [141384 2024-10-14] (Microsoft Corporation -> Microsoft Corporation) Task: {559C86DE-BD53-4B78-AA23-36D6EC360122} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {9DFD1ADD-B135-427F-A325-0BDCDB43AC87} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E9867D76-1ACC-419A-9E46-F1A00BE1DDE9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {8238E89C-6321-48D0-9876-A9127506DED0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {71A05EC2-17C1-4B55-8ED9-A3EF6114AEBE} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [140405056 2024-08-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) -> C:\Program Files (x86)\Samsung\Samsung Magician\\--disable-gpu-sandbox /AUTOHIDE (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{3f5dd364-8acb-4923-8833-902bb51ed8f6}: [NameServer] 208.67.222.222,208.67.220.220,199.85.126.10,199.85.127.10 Tcpip\..\Interfaces\{3f5dd364-8acb-4923-8833-902bb51ed8f6}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{f0af5e82-6a14-4395-a323-70a6537d5409}: [DhcpNameServer] 192.168.15.12 Edge: ======= Edge DefaultProfile: Default Edge Profile: C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default [2024-10-31] Edge HomePage: Default -> hxxp://www.google.fr/ Edge StartupUrls: Default -> "hxxps://www.larep.fr/","hxxps://www.reseau-tao.fr/index.php?","hxxps://www.facebook.com/","hxxps://www.jeanmarcmorandini.com/","hxxps://www.credit-agricole.fr/ca-centreloire/particulier.html" Edge Extension: (Adblocker for Chrome - NoAds) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2024-10-01] Edge Extension: (Touch VPN - VPN et proxy gratuit) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2024-02-12] Edge Extension: (Bloqueur de pop-up pour Chrome™ - Poper Blocker) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2024-10-02] Edge Extension: (Google Docs hors connexion) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-10-22] Edge Extension: (Bouton Enregistrer Pinterest) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jfcjijcigimhjjdimpghneggnegiphhh [2024-02-12] Edge Extension: (Save to Facebook) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2024-02-12] Edge Extension: (Edge relevant text changes) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-05] Edge Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-10-25] Edge Extension: (Vérificateur de messages Google) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-13] Edge Extension: (Streak CRM pour Gmail) - C:\Users\Didier\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2024-10-22] FireFox: ======== FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2017-11-01] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PDF Reader\plugins\npFoxitPDFReaderPlugin.dll [2024-02-04] (FOXIT SOFTWARE INC. -> Foxit Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\dtplugin\npDeployJava1.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.421.2 -> C:\Program Files (x86)\Java\jre1.8.0_421\bin\plugin2\npjp2.dll [2024-06-05] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2023-11-19] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-07-29] (Adobe Systems Incorporated -> Adobe Systems) Chrome: ======= CHR Profile: C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default [2024-11-03] CHR Notifications: Default -> hxxps://magazine.mercipourlinfo.fr CHR HomePage: Default -> hxxp://www.google.fr/ CHR StartupUrls: Default -> "hxxps://www.larep.fr/#refresh","hxxps://www.reseau-tao.fr/index.php?","hxxps://www.facebook.com/","hxxps://www.jeanmarcmorandini.com/","hxxps://www.credit-agricole.fr/ca-centreloire/particulier.html" CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2024-08-15] CHR Extension: (Shoptimate : automatic price comparison) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bibdombdcdbbnfdjkaajfgnfhlapibde [2023-11-19] CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2024-10-06] CHR Extension: (Compose AI: AI-powered Writing Tool) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddlbpiadoechcolndfeaonajmngmhblj [2024-10-09] CHR Extension: (Dark Reader) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\eimadpbcbfnmbkopoojfekhnkhdbieeh [2024-10-30] CHR Extension: (wanteeed) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\emnoomldgleagdjapdeckpmebokijail [2024-10-30] CHR Extension: (Scamdoc) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\fojbeoliffkbkfgaehkoeeihphibcjdk [2023-11-19] CHR Extension: (Google Docs hors connexion) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-01] CHR Extension: (Enregistrer sur Pinterest) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2024-10-08] CHR Extension: (HP Network Check Launcher) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2023-11-19] CHR Extension: (Amplificateur de volume - augmente l'effet sonore) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\laldfbfjhaogodemgonegbingpmjldnh [2024-03-02] CHR Extension: (Coupert - Codes Promo Automatiques & Cashback) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidniedemcgceagapgdekdbmanojomk [2024-11-03] CHR Extension: (FranceVerif - Sécurité en ligne) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkejggchhilmabpicojddgaahkkgoln [2024-09-25] CHR Extension: (Vérificateur de messages Google) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2024-08-03] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-11-19] CHR Extension: (AdBlocker Ultimate) - C:\Users\Didier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohahllgiabjaoigichmmfljhkcfikeof [2024-10-30] CHR HKU\S-1-5-21-3262927612-1677394149-2524797181-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [cchfigjcpjmclmmphipdkeocklpnjecm] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2017-11-01] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [82640 2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [4578736 2024-07-26] (Adobe Inc. -> Adobe Systems, Incorporated) S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-10-15] (Gen Digital Inc. -> Piriform Software Ltd) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9203384 2024-09-19] (Microsoft Corporation -> Microsoft Corporation) R2 CMigrationService; C:\Program Files (x86)\Samsung\Samsung Magician\MigrationService\MigrationService.exe [763200 2024-08-23] (Samsung Electronics Co., Ltd. -> Clonix & CottonCandy) R2 FoxitReaderUpdateService; C:\Program Files (x86)\Common Files\Foxit\Foxit PDF Reader\FoxitPDFReaderUpdateService.exe [2433528 2024-02-01] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) R2 FreeMiWindowsService; C:\Program Files\FreeMi UPnP Media Server\FreeMi.WindowsService.exe [71168 2016-05-24] (Stéphane Mitermite) [Fichier non signé] S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [2350048 2023-10-25] (GOG sp. z o.o -> GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [7173088 2023-10-25] (GOG sp. z o.o -> GOG.com) R2 HPAppHelperCap; C:\Program Files\HP\HP Enabling Services\AppHelperCap.exe [927848 2024-09-04] (HP Inc. -> HP Inc.) R2 HPDiagsCap; C:\Program Files\HP\HP Enabling Services\DiagsCap.exe [926304 2024-09-04] (HP Inc. -> HP Inc.) R2 HPNetworkCap; C:\Program Files\HP\HP Enabling Services\NetworkCap.exe [922208 2024-09-04] (HP Inc. -> HP Inc.) R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2024-10-16] (HP Inc. -> HP Inc.) R2 HPSysInfoCap; C:\Program Files\HP\HP Enabling Services\SysInfoCap.exe [927336 2024-09-04] (HP Inc. -> HP Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9258144 2024-10-26] (Malwarebytes Inc. -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [3073888 2024-10-09] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [639184 2024-07-11] (Ascensio System SIA -> Ascensio System SIA) R3 ProtonVPN Service; C:\Program Files\Proton\VPN\v3.3.2\ProtonVPNService.exe [474848 2024-08-12] (Proton AG -> ProtonVPN) S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v3.3.2\ProtonVPN.WireGuardService.exe [474336 2024-08-12] (Proton AG -> ProtonVPN) R2 SamsungMagicianSVC; C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagicianSVC.exe [460096 2024-08-23] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [20992824 2023-10-18] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_1c83a5d7cffd7bff\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AmUStor; C:\Windows\system32\drivers\AmUStorU.sys [155744 2024-04-01] (Alcorlink Corp. -> ) S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [507904 2021-11-04] (Microsoft Corporation) [Fichier non signé] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [180224 2021-11-04] (Microsoft Corporation) [Fichier non signé] S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [Fichier non signé] R2 mbamchameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [232000 2024-10-26] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [21480 2024-10-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [239568 2024-10-09] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v3.3.2\Resources\ProtonVPN.CalloutDriver.sys [37768 2024-07-30] (Proton AG -> Proton Technologies AG) R3 tilfilter; C:\Windows\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.) R3 tiufilter; C:\Windows\System32\drivers\TIxHCIufilter.sys [39032 2016-08-20] (Texas Instruments, Inc. -> Texas Instruments, Inc.) S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\Windows\System32\drivers\wintun.sys [29592 2024-09-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WireGuard; C:\Windows\System32\drivers\wireguard.sys [489368 2024-09-28] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Trois mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-11-03 09:36 - 2024-11-03 09:37 - 000030042 _____ C:\Users\Didier\Desktop\FRST.txt 2024-11-03 09:35 - 2024-11-03 09:36 - 000000000 ____D C:\FRST 2024-11-03 09:32 - 2024-11-03 09:32 - 002397696 _____ (Farbar) C:\Users\Didier\Desktop\FRST64.exe 2024-11-03 09:26 - 2024-11-03 09:26 - 000215216 _____ C:\Users\Didier\Desktop\ZHPDiag.txt 2024-11-03 09:20 - 2024-11-03 09:26 - 000000000 ____D C:\Users\Didier\AppData\Roaming\ZHP 2024-11-03 09:20 - 2024-11-03 09:20 - 000000866 _____ C:\Users\Didier\Desktop\ZHPSuite.lnk 2024-11-03 09:20 - 2024-11-03 09:20 - 000000000 ____D C:\Users\Didier\AppData\Local\ZHP 2024-11-03 09:18 - 2024-11-03 09:18 - 003536896 _____ (Nicolas Coolman) C:\Users\Didier\Desktop\ZHPSuite.exe 2024-11-02 12:10 - 2024-11-02 12:10 - 000624094 _____ C:\Users\Didier\Downloads\Attestation Cerfa Inscription Permis.pdf 2024-11-02 11:22 - 2024-11-02 11:22 - 000000000 ____D C:\Users\Didier\Downloads\Table 2024-11-02 11:01 - 2024-11-02 11:01 - 000802580 _____ C:\Users\Didier\Downloads\carte grise.pdf 2024-10-27 08:46 - 2024-10-27 08:46 - 082612403 _____ C:\Users\Didier\Downloads\01net N.1033 - 23 Octobre 2024[p]...wawacity.click.pdf 2024-10-27 08:45 - 2024-10-27 08:45 - 009936640 _____ C:\Users\Didier\Downloads\Que_Choisir_-_Novembre_2024.pdf 2024-10-27 08:43 - 2024-10-27 08:43 - 015768077 _____ C:\Users\Didier\Downloads\60_Millions_de_Consommateurs_-_Novembre_2024...wawacity.click.pdf 2024-10-25 11:39 - 2024-11-01 09:36 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2024-10-25 11:39 - 2024-11-01 09:36 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2024-10-25 11:39 - 2024-10-25 11:39 - 000000000 ____D C:\Program Files\Google 2024-10-21 19:13 - 2024-10-21 19:13 - 000000000 ____D C:\Users\Default\AppData\Local\Malwarebytes 2024-10-19 18:49 - 2024-10-19 18:50 - 000000000 ____D C:\AdwCleaner 2024-10-18 11:49 - 2024-10-18 11:49 - 000145587 _____ C:\Users\Didier\Downloads\SNE007120468000041.pdf 2024-10-18 11:42 - 2024-10-18 11:42 - 000046913 _____ C:\Users\Didier\Downloads\Loyer septembre2024.PDF 2024-10-18 11:24 - 2024-10-18 11:24 - 000557478 _____ C:\Users\Didier\Downloads\Attestation fiscale 2022 Carsat-Apicil.pdf 2024-10-18 11:23 - 2024-10-18 11:23 - 000579799 _____ C:\Users\Didier\Downloads\Attestation fiscale 2023 Carsat-Apicil.pdf 2024-10-17 10:35 - 2024-10-17 10:35 - 000163093 _____ C:\Users\Didier\Downloads\Impots sur les revenus de 2023.pdf 2024-10-15 10:38 - 2024-10-15 10:38 - 000000000 ____D C:\Users\Didier\Documents\notes du portable 2024-10-15 10:38 - 2023-12-08 22:01 - 000983624 _____ (GOG Sp. z o.o.) C:\Users\Didier\Documents\GOG_Galaxy_2.0.exe 2024-10-15 10:29 - 2024-10-14 09:06 - 000977893 _____ C:\Users\Didier\Documents\favoris_14_10_2024.html 2024-10-12 08:30 - 2024-10-12 08:30 - 000113667 _____ C:\Users\Didier\Downloads\SNE007120468000036.pdf 2024-10-12 08:29 - 2024-10-12 08:29 - 000114548 _____ C:\Users\Didier\Downloads\SNE007120468000035.pdf 2024-10-09 09:06 - 2024-11-03 09:37 - 000000000 ____D C:\Users\Didier\AppData\Local\Malwarebytes 2024-10-09 09:05 - 2024-10-09 09:05 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2024-10-09 09:05 - 2024-10-09 09:05 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2024-10-09 09:04 - 2024-10-09 09:04 - 000000000 ____D C:\ProgramData\Malwarebytes 2024-10-09 09:04 - 2024-10-09 09:04 - 000000000 ____D C:\Program Files\Malwarebytes 2024-10-07 10:33 - 2024-10-04 17:34 - 000151307 _____ C:\Users\Didier\Downloads\Analyses.PDF 2024-10-06 11:09 - 2024-10-06 11:09 - 000001341 _____ C:\Users\Public\Desktop\Samsung Magician.lnk 2024-10-06 11:09 - 2024-10-06 11:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2024-10-02 07:28 - 2024-10-19 07:06 - 000001710 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk 2024-10-02 07:23 - 2024-10-02 07:23 - 011979112 _____ C:\Users\Didier\Downloads\HPPSdr.exe 2024-10-01 09:42 - 2019-03-15 00:27 - 005078984 _____ (HP Inc.) C:\Windows\system32\HPScanTEDrv_EN5000_x64.dll 2024-10-01 09:42 - 2019-03-15 00:27 - 003446216 _____ (HP Inc.) C:\Windows\SysWOW64\HPScanTEDrv_EN5000.dll 2024-10-01 09:42 - 2019-03-15 00:27 - 001354696 _____ (HP Inc.) C:\Windows\system32\HPScanTEDrv_EN5000_x64_DiscoveryLibDyn.dll 2024-10-01 09:42 - 2019-03-15 00:27 - 000665544 _____ (HP Inc., LP) C:\Windows\system32\HPWia2_EN5000.dll 2024-10-01 09:42 - 2019-03-15 00:27 - 000596936 _____ (HP Inc.) C:\Windows\SysWOW64\HPScanTEDrv_EN5000_DiscoveryLibDyn.dll 2024-10-01 09:32 - 2024-10-01 09:32 - 017281824 _____ C:\Users\Didier\Downloads\HPEasyStart_16_7_5.exe 2024-09-30 09:46 - 2024-09-30 09:46 - 000063250 _____ C:\Users\Didier\Downloads\Certificat de scolarité 2024-2025 Nicolas Naïm SUPPER.pdf 2024-09-28 14:46 - 2024-09-28 14:46 - 000001373 _____ C:\Users\Didier\Desktop\Proton Drive.lnk 2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Proton 2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\ToastNotificationManagerCompat 2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\Proton 2024-09-28 14:46 - 2024-09-28 14:46 - 000000000 ____D C:\Users\Didier\AppData\Local\Package Cache 2024-09-28 14:45 - 2024-09-29 09:18 - 000000000 ____D C:\Users\Didier\AppData\Local\ProtonVPN 2024-09-28 14:45 - 2024-09-28 14:45 - 000001050 _____ C:\Users\Public\Desktop\Proton VPN.lnk 2024-09-28 14:45 - 2024-09-28 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton 2024-09-28 14:45 - 2024-09-28 14:45 - 000000000 ____D C:\Program Files\Proton 2024-09-27 14:57 - 2024-09-27 15:08 - 000201616 _____ C:\Users\Didier\Desktop\DEMANDE_CONTRAT_ABONNEMENT.pdf 2024-09-25 08:13 - 2024-09-26 10:46 - 001946861 _____ C:\Users\Didier\Downloads\passeport patient sans agenda.pdf 2024-09-25 08:13 - 2024-09-26 10:25 - 000542366 _____ C:\Users\Didier\Downloads\Nouvelle fiche personne à prévenir.pdf 2024-09-25 08:13 - 2024-09-25 08:37 - 000344783 _____ C:\Users\Didier\Downloads\EPWORTH.pdf 2024-09-22 09:15 - 2024-09-22 09:15 - 000000165 ____H C:\Users\Didier\Documents\~$Liste de courses.xlsx 2024-09-18 08:23 - 2024-09-18 08:23 - 001680248 _____ C:\Users\Didier\Downloads\Formulaire Déclaratio impots 2024 Naïm.pdf 2024-09-18 08:18 - 2024-09-18 08:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2024-09-12 09:16 - 2024-09-12 09:16 - 000000000 ____D C:\Users\Didier\AppData\Local\ONLYOFFICE 2024-09-12 09:15 - 2024-09-12 09:15 - 000002041 _____ C:\Users\Public\Desktop\ONLYOFFICE Editors.lnk 2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\ProgramData\ONLYOFFICE 2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONLYOFFICE 2024-09-12 09:15 - 2024-09-12 09:15 - 000000000 ____D C:\Program Files\ONLYOFFICE 2024-08-29 13:25 - 2024-08-29 13:25 - 000835418 _____ C:\Users\Didier\Downloads\Preuve d'achat_FR240824-44915864.pdf 2024-08-28 09:11 - 2024-08-29 09:07 - 000013605 _____ C:\Users\Didier\Documents\Menu vacances 28-aout- 7sept.xlsx 2024-08-27 13:02 - 2024-08-27 13:02 - 000000290 __RSH C:\ProgramData\ntuser.pol 2024-08-27 13:00 - 2024-08-27 13:01 - 236153544 _____ (Adobe Systems Incorporated) C:\Users\Didier\Downloads\AcroRdrDC2200220191_fr_FR.exe 2024-08-27 12:10 - 2024-08-27 12:39 - 1861890048 _____ C:\Users\Didier\Downloads\Win10_22H2_French_x64v1.iso 2024-08-27 12:06 - 2024-08-27 12:06 - 000000000 ____D C:\Users\Didier\AppData\Local\Rufus 2024-08-27 10:06 - 2024-08-27 10:06 - 000000222 _____ C:\Users\Didier\Desktop\Wallpaper Engine.url 2024-08-27 08:05 - 2024-08-27 08:05 - 000224400 _____ C:\Users\Didier\Downloads\Carte étudiant Naïm.pdf 2024-08-27 08:05 - 2024-08-27 08:05 - 000224400 _____ C:\Users\Didier\Documents\Carte étudiant Naïm.pdf 2024-08-16 11:38 - 2024-08-16 11:51 - 000015935 _____ C:\Users\Didier\Documents\Menu vacances aout-sept.xlsx 2024-08-16 11:36 - 2024-08-29 19:45 - 000015935 _____ C:\Users\Didier\Documents\Menu vacances de base.xlsx 2024-08-09 18:35 - 2024-08-09 18:35 - 001080704 _____ C:\Users\Didier\Downloads\Réponse du Bailleur.pdf 2024-08-09 18:30 - 2024-08-09 18:30 - 000526497 _____ C:\Users\Didier\Downloads\Reprise de bail.pdf ==================== Trois mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2024-11-03 09:31 - 2021-06-05 13:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ___HD C:\Program Files\WindowsApps 2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\SystemTemp 2024-11-03 08:59 - 2021-06-05 13:10 - 000000000 ____D C:\Windows\AppReadiness 2024-11-03 08:23 - 2023-11-19 17:20 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Word 2024-11-03 08:13 - 2023-11-28 12:18 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Samsung Magician 2024-11-03 08:13 - 2023-11-19 10:48 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2024-11-02 11:32 - 2023-11-19 18:39 - 000000000 ____D C:\Users\Didier\AppData\Roaming\Microsoft\Excel 2024-11-02 10:52 - 2024-04-03 10:36 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData 2024-11-01 10:58 - 2024-01-20 10:28 - 000018464 _____ C:\Users\Didier\Documents\budget prévisionnel .xlsx 2024-11-01 10:56 - 2024-01-30 11:40 - 000015509 _____ C:\Users\Didier\Documents\Total Cartes Oney.xlsx 2024-11-01 09:36 - 2023-11-19 10:48 - 000003690 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2024-11-01 09:36 - 2023-11-19 10:48 - 000003566 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2024-10-31 08:41 - 2023-11-19 11:06 - 000000000 ____D C:\Program Files\CCleaner 2024-10-31 08:29 - 2023-11-19 10:48 - 000000000 ____D C:\Windows\system32\Drivers\wd 2024-10-30 18:08 - 2023-11-19 10:58 - 000000000 ____D C:\Users\Didier\AppData\Local\D3DSCache 2024-10-30 17:46 - 2023-11-19 11:50 - 000000000 ____D C:\Users\Didier\AppData\Local\CrashDumps 2024-10-29 08:23 - 2023-11-19 10:48 - 000000000 ____D C:\Windows\system32\SleepStudy 2024-10-27 09:02 - 2021-06-05 13:01 - 000000000 ____D C:\Windows\CbsTemp 2024-10-26 06:42 - 2023-11-19 10:59 - 001800200 _____ C:\Windows\system32\PerfStringBackup.INI 2024-10-26 06:42 - 2021-06-05 19:14 - 000806506 _____ C:\Windows\system32\perfh00C.dat 2024-10-26 06:42 - 2021-06-05 19:14 - 000156164 _____ C:\Windows\system32\perfc00C.dat 2024-10-26 06:42 - 2021-06-05 13:09 - 000000000 ____D C:\Windows\INF 2024-10-26 06:41 - 2023-12-13 12:51 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update 2024-10-26 06:41 - 2023-11-19 17:45 - 000003382 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting 2024-10-26 06:41 - 2023-11-19 17:45 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job 2024-10-25 13:51 - 2023-11-19 11:08 - 000000000 ____D C:\Program Files\TeamViewer 2024-10-25 13:51 - 2023-11-19 10:48 - 000012288 ___SH C:\DumpStack.log.tmp 2024-10-25 13:51 - 2023-11-19 10:48 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2024-10-25 13:51 - 2021-06-05 13:01 - 000524288 _____ C:\Windows\system32\config\BBI 2024-10-25 12:47 - 2023-11-19 12:28 - 000017838 _____ C:\Users\Didier\Documents\Films et séries vus ou à télécharger.xlsx 2024-10-25 11:29 - 2024-06-12 09:35 - 000000941 _____ C:\Users\Public\Desktop\Hekasoft Backup & Restore.lnk 2024-10-25 11:29 - 2024-06-12 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hekasoft Backup & Restore 2024-10-25 11:29 - 2024-06-12 09:35 - 000000000 ____D C:\Program Files\Hekasoft Backup & Restore 2024-10-23 08:04 - 2023-11-19 10:58 - 000000000 ____D C:\Users\Didier\AppData\Local\Packages 2024-10-18 11:21 - 2023-12-02 11:24 - 000000000 ____D C:\Program Files\HP 2024-10-18 11:08 - 2023-11-19 10:59 - 000000000 ____D C:\Users\Didier\AppData\Local\PlaceholderTileLogoFolder 2024-10-18 11:08 - 2023-11-19 10:57 - 000000000 ____D C:\ProgramData\Packages 2024-10-18 10:46 - 2024-08-01 09:46 - 000000000 ____D C:\Program Files\RUXIM 2024-10-17 13:48 - 2023-11-19 12:27 - 000000000 ___RD C:\Users\Didier\Documents\Naim 2024-10-16 09:22 - 2023-11-25 10:31 - 000000000 ____D C:\Windows\system32\Tasks\HP 2024-10-16 09:22 - 2023-11-25 10:31 - 000000000 ____D C:\Program Files\HPPrintScanDoctor 2024-10-15 08:47 - 2023-11-19 12:28 - 000014742 _____ C:\Users\Didier\Documents\Remboursement médicaux.xlsx 2024-10-14 06:47 - 2023-11-19 19:04 - 000000000 ____D C:\Program Files\Microsoft Office 2024-10-11 11:26 - 2024-01-12 10:19 - 000017286 _____ C:\Users\Didier\Documents\Films à voir 2024-2025.xlsx 2024-10-10 10:06 - 2023-11-19 11:06 - 000000000 ____D C:\Windows\system32\MRT 2024-10-10 10:03 - 2023-11-19 11:05 - 201324920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2024-10-09 16:16 - 2023-11-19 12:22 - 000000000 ___RD C:\Users\Didier\Documents\Logiciels 2024-10-09 09:05 - 2021-06-05 13:10 - 000000000 ___HD C:\Windows\ELAMBKUP 2024-10-08 11:12 - 2023-12-19 09:54 - 000000000 ____D C:\Windows\Minidump 2024-10-08 08:49 - 2023-11-19 12:28 - 000014692 _____ C:\Users\Didier\Documents\Echéances paiement en 4 fois.xlsx 2024-10-06 11:09 - 2023-11-28 12:16 - 000003386 _____ C:\Windows\system32\Tasks\SamsungMagician 2024-10-06 10:55 - 2023-11-19 11:13 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard ==================== Fichiers à la racine de certains dossiers ======== 2024-03-16 12:23 - 2024-03-16 12:23 - 000000027 _____ () C:\Users\Didier\AppData\Local\.sdpl-system-config4 2024-04-03 10:47 - 2024-04-03 10:47 - 000000000 _____ () C:\Users\Didier\AppData\Local\oobelibMkey.log 2024-07-15 18:11 - 2024-07-15 18:11 - 000000017 _____ () C:\Users\Didier\AppData\Local\resmon.resmoncfg ==================== SigCheckExt ========================= 2023-11-19 19:11 - 2023-11-19 19:11 - 000018432 _____ C:\Windows\system32\SppExtComObjHook.dll 2023-11-19 18:34 - 2010-12-06 03:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll 2024-11-03 09:32 - 2024-11-03 09:32 - 002397696 _____ (Farbar) C:\Users\Didier\Desktop\FRST64.exe 2024-11-03 09:18 - 2024-11-03 09:18 - 003536896 _____ (Nicolas Coolman) C:\Users\Didier\Desktop\ZHPSuite.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume1 description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {b5818e77-86c0-11ee-b56f-cc1e10160497} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \Windows\system32\winload.exe description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {b5818e79-86c0-11ee-b56f-cc1e10160497} displaymessageoverride Recovery recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {b5818e77-86c0-11ee-b56f-cc1e10160497} nx OptIn bootmenupolicy Standard Chargeur de démarrage Windows ----------------------------- identificateur {b5818e79-86c0-11ee-b56f-cc1e10160497} device ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b5818e7a-86c0-11ee-b56f-cc1e10160497} path \windows\system32\winload.exe description Windows Recovery Environment locale fr-fr inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume3]\Recovery\WindowsRE\Winre.wim,{b5818e7a-86c0-11ee-b56f-cc1e10160497} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {b5818e77-86c0-11ee-b56f-cc1e10160497} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {b5818e79-86c0-11ee-b56f-cc1e10160497} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume1 path \boot\memtest.exe description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local Erreurs de mémoire RAM ---------------------- identificateur {badmemory} badmemorylist 0x17be36 Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {b5818e7a-86c0-11ee-b56f-cc1e10160497} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume3 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================