Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06-03-2025 Exécuté par MICHEL MVK (administrateur) sur PC_MATERIEL_NET (Gigabyte Technology Co., Ltd. B460 AORUS PRO AC) (07-03-2025 22:00:46) Exécuté depuis C:\Users\MICHEL MVK\Desktop\FRST64.exe Profils chargés: MCFIVE & MICHEL MVK Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.5487 (X64) Langue: Français (France) Navigateur par défaut: Edge Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files (x86)\oDownloader\oDownloader.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe (C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe ->) (Opera Norway AS -> Opera Software) C:\Users\MCFIVE\AppData\Local\Programs\Opera\117.0.5408.53\opera_crashreporter.exe (cmd.exe ->) (Infatica pte ltd -> ) C:\Program Files (x86)\oDownloader\bin\infatica-service-app.exe (Enghouse Interactive (UK) Limited -> ) C:\Users\MCFIVE\AppData\Local\lifesize_app\app-3.0.17\Lifesize App Service.exe (Enghouse Interactive (UK) Limited -> Lifesize) C:\Users\MCFIVE\AppData\Local\lifesize_app\app-3.0.17\Lifesize.exe <6> (explorer.exe ->) (Google Inc -> Google Inc.) C:\Users\MCFIVE\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5> (explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_18.2502.1262.0_x64__8wekyb3d8bbwe\WebViewHost.exe (explorer.exe ->) (nordvpn s.a. -> NordVPN) C:\Program Files\NordVPN\NordVPN.exe (explorer.exe ->) (oDownloader) [Fichier non signé] C:\Program Files (x86)\oDownloader\oDownloader.exe (explorer.exe ->) (Opera Norway AS -> Opera Software) C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe <22> (explorer.exe ->) (Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.137.3425.0_x64__kzf8qxf38zg5c\Skype\Skype.exe <5> (Microsoft Corporation -> Microsoft Corporation) C:\Users\MCFIVE\AppData\Local\Microsoft\Teams\current\Teams.exe <6> (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Temp\MUBSTemp\BingChatInstaller.EXE (NIKON CORPORATION -> Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (services.exe ->) (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Windows\System32\GigabyteUpdateService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_a55aa2cd52a3429d\LMS.exe (services.exe ->) (Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (services.exe ->) (Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe (services.exe ->) (Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe (services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe (services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe (services.exe ->) (nordvpn s.a. -> NordVPN) C:\Program Files\NordVPN\nordvpn-service.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <3> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvwmi64.exe <2> (services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe <3> (services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Program Files\Samsung\Easy Connection to Screen\Service.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.51895FA4EA97F_2.2510.0.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2509.4.0_x64__cv1g1gvanyjgm\WhatsApp.exe (svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.ScreenSketch_10.2008.3001.0_x64__8wekyb3d8bbwe\ScreenSketch.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WWAHost.exe (WhatsApp, Inc -> WhatsApp) C:\Users\MCFIVE\AppData\Local\WhatsApp\app-2.2222.12\WhatsApp.exe <6> (winlogon.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LogonUI.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_7b66b6662cf6d72b\RtkAudUService64.exe [1220312 2021-02-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch [3831808 2021-08-30] (Microsoft Windows Hardware Compatibility Publisher -> Logitech) HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [612304 2019-11-18] (NIKON CORPORATION -> Nikon Corporation) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [NordLockerSysTray] => C:\Program Files\NordLocker\NordLocker.SysTray.exe (Pas de fichier) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Norton Download Manager{NS-22211151-SHPD-FSD5250006}] => C:\Users\Public\Downloads\Norton\{NS-22211151-SHPD-FSD5250006}\FSDUI_Custom.exe /m /SHOWONECLICK /WIN10_UPGRADE "C:\Users\MCFIVE\AppData\Local\Temp\{87F22D41-5F5A-4759-890D-CAE29E124FAA}\Upgrade.exe" (Pas de fichier) <==== ATTENTION HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.WhatsApp.WhatsApp] => C:\Users\MCFIVE\AppData\Local\WhatsApp\Update.exe [1838264 2022-06-17] (WhatsApp, Inc -> GitHub) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [oDownloader] => C:\Program Files (x86)\oDownloader\oDownloader.exe [239104 2021-06-17] (oDownloader) [Fichier non signé] HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.Teams.Teams] => C:\Users\MCFIVE\AppData\Local\Microsoft\Teams\Update.exe [2594000 2025-02-08] (Microsoft 3rd Party Application Component -> Microsoft Corporation) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [NordVPN] => C:\Program Files\NordVPN\NordVPN.exe [559976 2025-01-20] (nordvpn s.a. -> NordVPN) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Opera Stable] => C:\Users\MCFIVE\AppData\Local\Programs\Opera\opera.exe [1606552 2025-03-07] (Opera Norway AS -> Opera Software) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Google+ Auto Backup] => C:\Users\MCFIVE\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-07-31] (Google Inc -> Google Inc.) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [BraveSoftware Update] => C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\1.3.361.151\BraveUpdateCore.exe [199704 2024-08-23] (Brave Software, Inc. -> BraveSoftware Inc.) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [Lifesize App Service] => C:\Users\MCFIVE\AppData\Local\lifesize_app\Lifesize.exe [580632 2024-11-25] (Enghouse Interactive (UK) Limited -> Lifesize) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [com.squirrel.lifesize_app.Lifesize] => C:\Users\MCFIVE\AppData\Local\lifesize_app\update.exe [1838616 2024-06-13] (Enghouse Interactive (UK) Limited -> GitHub) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [MicrosoftEdgeAutoLaunch_FDC8678D302CD4E106CFF7153C47EA41] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4088392 2025-02-27] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-916869094-3403233507-1452638425-1010\...\Run: [GoogleUpdaterTaskUser135.0.7023.0] => C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC) HKU\S-1-5-21-916869094-3403233507-1452638425-1011\...\RunOnce: [Delete Cached Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\MICHEL MVK\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe" [42164600 2025-03-07] (Microsoft Corporation -> Microsoft Corporation) HKU\S-1-5-21-916869094-3403233507-1452638425-1011\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\windows\system32\cmd.exe /q /c del /q "C:\Users\MICHEL MVK\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe" (Pas de fichier) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\133.0.6943.142\Installer\chrmstp.exe [2025-02-27] (Google LLC -> Google LLC) GroupPolicy-Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {543A13EC-A65E-42E7-BFEB-2F04A51D26B7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2024-12-18] (Adobe Inc. -> Adobe Inc.) Task: {4AB8317D-F5A9-4755-931B-EDD1EE8C41DF} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-916869094-3403233507-1452638425-1010Core{E243B411-CAB5-44E7-973D-2A772601BA2D} => C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [167448 2024-08-23] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {BC5F5671-3500-489B-B00B-F637682A4ECB} - System32\Tasks\BraveSoftwareUpdateTaskUserS-1-5-21-916869094-3403233507-1452638425-1010UA{B14ECFEA-E8F7-4976-9CE9-2C376822C80A} => C:\Users\MCFIVE\AppData\Local\BraveSoftware\Update\BraveUpdate.exe [167448 2024-08-23] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {F906B263-7D59-4A95-B3DA-808C23A1BABE} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem135.0.7023.0{F2EE508F-550F-417F-BED1-2498CB50A50B} => C:\Program Files (x86)\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC) Task: {432DE9AD-2534-41F1-9A1D-10F239CB3862} - System32\Tasks\GoogleUser\GoogleUpdater\GoogleUpdaterTaskUser135.0.7023.0{4AF1B1EC-233C-437C-8B94-14E3DAE8E003} => C:\Users\MCFIVE\AppData\Local\Google\GoogleUpdater\135.0.7023.0\updater.exe [5745760 2025-02-19] (Google LLC -> Google LLC) Task: {374F6070-C6CE-4C89-8742-CE3EBF0635B2} - System32\Tasks\Intel PTT EK Recertification => C:\windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\IntelPTTEKRecertification.exe [855664 2023-12-14] (Intel Corporation -> Intel(R) Corporation) Task: {70FB580F-5C70-4BF8-B81B-3F07281A6224} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E59AFDBB-F31C-4316-B03D-98A9C40BED46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {EAFEA546-49EA-4B89-B568-54A770FBE8E9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {838484CD-C017-44A7-A9B9-7ACC914CAC9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpCmdRun.exe [1732816 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {FD2D4821-D63E-4C12-A95A-6F2B8B5B44D8} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus). Task: {F46FB028-2DE3-4BF9-B85E-5D250C72CB07} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-916869094-3403233507-1452638425-1010 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus). Task: {5D97B044-BF90-4847-B721-CFC030A0F694} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-916869094-3403233507-1452638425-1011 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [682560 2025-03-06] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (l'élément de données a 6 caractères en plus). Task: {31F6E854-0D51-4C50-B50C-43556E4F460D} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-03-06] (Mozilla Corporation -> Mozilla Foundation) Task: {58F8DD68-8490-4D1D-9626-2824D95A7AF4} - System32\Tasks\nWizard_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [1549568 2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\nview\/installquiet Task: {BE66C8FA-4FEF-48F4-B1E6-AF0E4A56B077} - System32\Tasks\OneDrive Startup Task-S-1-5-21-916869094-3403233507-1452638425-1010 => C:\Users\MCFIVE\AppData\Local\Microsoft\OneDrive\25.025.0209.0001\OneDriveLauncher.exe [669224 2025-03-07] (Microsoft Corporation -> Microsoft Corporation) Task: {C3784F14-EB53-42E4-B7F1-22A2C1165401} - System32\Tasks\Opera scheduled assistant Autoupdate 1613508462 => C:\Users\MCFIV\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\MCFIV\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {2762E089-DE2B-4401-A8DD-26E9BDBA4A15} - System32\Tasks\Opera scheduled assistant Autoupdate 1616252096 => C:\Users\MVK\AppData\Local\Programs\Opera\launcher.exe -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\MVK\AppData\Local\Programs\Opera\assistant" $(Arg0) Task: {D04382EB-0B58-4C9A-A789-297EA6F77953} - System32\Tasks\Opera scheduled Autoupdate 1613508460 => C:\Users\MCFIV\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {D193EF39-D2D7-47E3-9203-1C9BE6930223} - System32\Tasks\Opera scheduled Autoupdate 1616252094 => C:\Users\MVK\AppData\Local\Programs\Opera\launcher.exe --scheduledautoupdate $(Arg0) (Pas de fichier) Task: {02EB2654-069C-42E0-89E0-9EED2D4EFD73} - System32\Tasks\Opera scheduled Autoupdate 1674294370 => C:\Users\MCFIVE\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [5645720 2025-02-28] (Opera Norway AS -> Opera Software) Task: {8473092A-3212-49A9-9BB6-BF0936AF0E80} - System32\Tasks\VivaldiUpdateCheck-4a9feccacd86e897 => C:\Users\MCFIVE\AppData\Local\Vivaldi\Application\update_notifier.exe [3814024 2025-02-26] (Vivaldi Technologies AS -> Vivaldi Technologies AS) -> C:\Users\MCFIVE\AppData\Local\Vivaldi\Application\--from-scheduler (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: 100.103.1.237 mcarmagnat-everest.nord Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{02a7c8c2-9f8b-45a1-941d-d921b6c4ea86}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\255646D6960213030223032323: [DhcpNameServer] 192.168.140.140 Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\E4544574541425F5548545: [DhcpNameServer] 192.168.1.250 Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\F42716E676560214962726F687D273245364: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{e6633a34-b95e-4cc6-8954-ed78fbf1c357}\F42716E676560214962726F687D273245364: [DhcpDomain] home Edge: ======= Edge Profile: C:\Users\MICHEL MVK\AppData\Local\Microsoft\Edge\User Data\Default [2025-03-07] Edge Extension: (NordVPN - the Fastest VPN proxy for privacy) - C:\Users\MICHEL MVK\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fphgeikpdcdcheaochkhldmnfblfogla [2025-03-07]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge Extension: (Google Docs hors connexion) - C:\Users\MICHEL MVK\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-07]hxxps://clients2.google.com/service/update2/crx Edge Extension: (Edge relevant text changes) - C:\Users\MICHEL MVK\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-03-07]hxxps://edge.microsoft.com/extensionwebstorebase/v1/crx Edge HKLM-x32\...\Edge\Extension: [fphgeikpdcdcheaochkhldmnfblfogla] FireFox: ======== FF DefaultProfile: l57o83vd.default FF ProfilePath: C:\Users\MICHEL MVK\AppData\Roaming\Mozilla\Firefox\Profiles\l57o83vd.default [2025-03-07] FF ProfilePath: C:\Users\MICHEL MVK\AppData\Roaming\Mozilla\Firefox\Profiles\qjfrjh3a.default-release [2025-03-07] FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.17.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.18 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.19 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-03-01] (Adobe Inc. -> Adobe Systems Inc.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-07-31] (Google Inc -> Google, Inc.) Chrome: ======= CHR HKU\S-1-5-21-916869094-3403233507-1452638425-1010\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2024-12-18] (Adobe Inc. -> Adobe Inc.) S3 cfbackd; C:\Program Files\CleverFiles\Disk Drill\cfbackd.w32.exe [279040 2021-02-09] (CleverFiles) [Fichier non signé] R2 Easy Connection to Screen; C:\Program Files\Samsung\Easy Connection to Screen\Service.exe [302352 2021-06-08] (Samsung Electronics CO., LTD. -> ) S2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [234968 2024-03-11] (HP Inc. -> HP Inc.) R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [497568 2021-04-08] (Logitech Inc -> Logitech) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MpDefenderCoreService.exe [1926976 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R3 nordsec-threatprotection-service; C:\Program Files\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.) R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.) R2 nordvpn-service; C:\Program Files\NordVPN\nordvpn-service.exe [2509280 2025-01-20] (nordvpn s.a. -> NordVPN) R2 NVWMI; C:\Windows\System32\nvwmi64.exe [4440880 2021-02-24] (NVIDIA Corporation -> NVIDIA Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\NisSrv.exe [4352456 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25010.11-0\MsMpEng.exe [270056 2025-03-06] (Microsoft Windows Publisher -> Microsoft Corporation) R2 GigabyteUpdateService; C:\windows\system32\GigabyteUpdateService.exe [536720 2025-03-07] (GIGA-BYTE TECHNOLOGY CO., LTD. -> GIGA-BYTE TECHNOLOGY CO., LTD.) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus2.sys [160376 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 dokan1; C:\windows\System32\DRIVERS\dokan1.sys [138760 2021-01-14] (ADAPP SASU -> Dokan Project) R1 EneTechIo; C:\windows\system32\drivers\ene.sys [20992 2020-05-12] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 gdrv2; C:\windows\gdrv2.sys [32600 2021-02-26] (GIGA-BYTE Technology Co., Ltd. -> GIGA-BYTE TECHNOLOGY CO., LTD.) R3 KslD; C:\windows\System32\drivers\wd\KslD.sys [278944 2025-03-06] (Microsoft Windows -> Microsoft Corporation) R3 mshield; C:\Program Files\NordVPN\NordSec ThreatProtection\1.4.35.5\mshield.sys [45384 2025-02-18] (nordvpn s.a. -> Nordvpn S.A.) R2 NDivert; C:\Program Files\NordVPN\7.35.1.0\Drivers\NDivert.sys [188752 2025-02-24] (Microsoft Windows Hardware Compatibility Publisher -> Nordvpn S.A.) R4 NordDivert10; C:\Program Files\NordVPN\7.35.1.0\NordDivert1064.sys [101240 2024-12-02] (nordvpn s.a. -> NordVPN/Basil) R3 ovpn-dco; C:\windows\System32\drivers\ovpn-dco.sys [91584 2024-06-05] (WDKTestCert lev,133391533294737317 -> OpenVPN, Inc) S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [167544 2021-10-08] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R3 tapnordvpn; C:\windows\System32\drivers\tapnordvpn.sys [41120 2024-08-29] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project) S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [20016 2025-03-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [601520 2025-03-06] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [100768 2025-03-06] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\windows\System32\drivers\wintun.sys [29592 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) R3 WireGuard; C:\windows\System32\drivers\wireguard.sys [489368 2023-02-20] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X] S3 nsvst_NGC; \SystemRoot\System32\drivers\NGCx64\1615050.02C\nsvst.sys [X] S3 SymEvnt; \??\C:\Program Files\Norton Security\NortonData\22.20.5.40\SymPlatform\SymEvnt.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-03-07 22:00 - 2025-03-07 22:01 - 000026089 _____ C:\Users\MICHEL MVK\Desktop\FRST.txt 2025-03-07 22:00 - 2025-03-07 22:00 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Roaming\com.adobe.dunamis 2025-03-07 22:00 - 2025-03-07 22:00 - 000000000 ____D C:\Users\MICHEL MVK\AppData\LocalLow\Adobe 2025-03-07 22:00 - 2025-03-07 22:00 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\SolidDocuments 2025-03-07 22:00 - 2025-03-07 22:00 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\Adobe 2025-03-07 22:00 - 2025-03-07 22:00 - 000000000 ____D C:\Users\MICHEL MVK\.ms-ad 2025-03-07 21:56 - 2025-03-07 21:56 - 002404352 _____ (Farbar) C:\Users\MICHEL MVK\Desktop\FRST64.exe 2025-03-07 21:54 - 2025-03-07 21:54 - 000003588 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-916869094-3403233507-1452638425-1011 2025-03-07 21:54 - 2025-03-07 21:54 - 000003388 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-916869094-3403233507-1452638425-1011 2025-03-07 21:54 - 2025-03-07 21:54 - 000000000 ___RD C:\Users\MICHEL MVK\OneDrive 2025-03-07 21:54 - 2025-03-07 21:54 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Roaming\Mozilla 2025-03-07 21:54 - 2025-03-07 21:54 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\Mozilla 2025-03-07 21:53 - 2025-03-07 21:53 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\PlaceholderTileLogoFolder 2025-03-07 21:53 - 2025-03-07 21:53 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\D3DSCache 2025-03-07 21:51 - 2025-03-07 22:00 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\Packages 2025-03-07 21:51 - 2025-03-07 21:54 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\Publishers 2025-03-07 21:51 - 2025-03-07 21:51 - 000002302 _____ C:\Users\MICHEL MVK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-03-07 21:51 - 2025-03-07 21:51 - 000002243 _____ C:\Users\MICHEL MVK\Desktop\Google Chrome.lnk 2025-03-07 21:51 - 2025-03-07 21:51 - 000000000 ___SD C:\Users\MICHEL MVK\AppData\Roaming\Microsoft\Crypto 2025-03-07 21:51 - 2025-03-07 21:51 - 000000000 ___RD C:\Users\MICHEL MVK\3D Objects 2025-03-07 21:51 - 2025-03-07 21:51 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Roaming\Microsoft\Vault 2025-03-07 21:51 - 2025-03-07 21:51 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Roaming\Intel 2025-03-07 21:51 - 2025-03-07 21:51 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\VirtualStore 2025-03-07 21:51 - 2025-03-07 21:51 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\Google 2025-03-07 21:51 - 2025-03-07 21:51 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Local\ConnectedDevicesPlatform 2025-03-07 19:31 - 2025-03-07 19:31 - 000056996 _____ C:\Users\MCFIVE\Desktop\FRST.txt 2025-03-07 19:30 - 2025-03-07 19:30 - 000085308 _____ C:\Users\MCFIVE\Desktop\Addition.txt 2025-03-07 19:14 - 2025-03-07 19:14 - 002404352 _____ (Farbar) C:\Users\MCFIVE\Desktop\FRST64(1).exe 2025-03-07 18:56 - 2025-03-07 18:56 - 000000000 ____D C:\Users\MCFIVE\Downloads\FRST-OlderVersion 2025-03-07 16:46 - 2025-03-07 16:46 - 000218464 _____ C:\Users\MCFIVE\Downloads\TotalAV.exe 2025-03-07 15:38 - 2025-03-07 15:38 - 000249072 _____ (Gen Digital Inc.) C:\Users\MCFIVE\Downloads\avast_antivirus_gratuit_installateur_en-ligne(2).exe 2025-03-06 19:41 - 2025-03-07 20:53 - 000000000 ____D C:\Program Files\Mozilla Firefox 2025-03-06 17:11 - 2025-03-06 17:11 - 000249072 _____ (Gen Digital Inc.) C:\Users\MCFIVE\Downloads\avast_antivirus_gratuit_installateur_en-ligne.exe 2025-03-06 17:11 - 2025-03-06 17:11 - 000249072 _____ (Gen Digital Inc.) C:\Users\MCFIVE\Downloads\avast_antivirus_gratuit_installateur_en-ligne(1).exe 2025-03-05 23:10 - 2025-03-05 23:10 - 000238228 _____ C:\Users\MCFIVE\Downloads\Memo_piratage-de-compte.pdf 2025-03-05 22:46 - 2025-03-05 22:46 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-6.pdf 2025-03-05 20:38 - 2025-03-05 20:38 - 000239282 _____ C:\Users\MCFIVE\Downloads\LINKS.pdf 2025-03-05 14:11 - 2025-03-05 14:11 - 000106960 _____ C:\Users\MCFIVE\Downloads\MAIL.pdf 2025-03-01 17:00 - 2025-03-01 17:02 - 000000000 ____D C:\Users\MCFIVE\Documents\RIB LIVAXEN VICTORIA SUIESEBASE 2025-03-01 15:28 - 2025-03-01 15:28 - 016885213 _____ C:\Users\MCFIVE\Downloads\20250301_151135.mp4 2025-02-28 21:07 - 2025-02-28 21:07 - 000001743 _____ C:\Users\Public\Desktop\NordVPN.lnk 2025-02-28 21:07 - 2025-02-28 21:07 - 000000000 ___SD C:\Users\MICHEL MVK\AppData\Roaming\Microsoft\Credentials 2025-02-28 10:24 - 2025-02-28 10:24 - 000000107 _____ C:\Users\MCFIVE\Downloads\ZIP 1.rar 2025-02-28 01:26 - 2025-02-28 21:09 - 000000008 _____ C:\Users\MCFIVE\Downloads\octobre novembre 2024.txt 2025-02-25 18:13 - 2025-02-25 18:13 - 000018021 _____ C:\Users\MCFIVE\Downloads\b9335d55-dc62-4db1-9f41-d2955d36a80c 2025-02-24 08:24 - 2025-02-24 08:24 - 000203665 _____ C:\Users\MCFIVE\Downloads\archive(5).zip 2025-02-24 08:24 - 2025-02-24 08:24 - 000203665 _____ C:\Users\MCFIVE\Downloads\archive(4).zip 2025-02-22 11:15 - 2025-02-22 11:15 - 001130200 _____ C:\Users\MCFIVE\Downloads\Notice _ scan.pdf 2025-02-21 20:24 - 2025-02-21 20:24 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire-1.pdf 2025-02-21 19:32 - 2025-02-21 19:32 - 004120835 _____ C:\Users\MCFIVE\Downloads\archive(3).zip 2025-02-21 19:32 - 2025-02-21 19:32 - 004120835 _____ C:\Users\MCFIVE\Downloads\archive(2).zip 2025-02-21 19:27 - 2025-02-21 19:27 - 004767622 _____ C:\Users\MCFIVE\Desktop\WhatsApp Vidéo 2025-02-07 à 18.19.36_7b8168a0.mp4 2025-02-21 17:29 - 2025-02-21 17:29 - 000236653 _____ C:\Users\MCFIVE\Downloads\Formulaire.pdf 2025-02-21 17:14 - 2025-02-21 17:14 - 001638646 _____ C:\Users\MCFIVE\Downloads\blockchain formulaire 21 02 2025.htm 2025-02-21 17:14 - 2025-02-21 17:14 - 000000000 ____D C:\Users\MCFIVE\Downloads\blockchain formulaire 21 02 2025_fichiers 2025-02-19 17:18 - 2025-02-19 17:18 - 000020608 _____ C:\Users\MCFIVE\Downloads\rib-revolut_e36c08.pdf 2025-02-17 16:09 - 2025-02-17 16:09 - 000020608 _____ C:\Users\MCFIVE\Desktop\rib-revolut_e36c08.pdf 2025-02-12 11:21 - 2025-02-12 11:21 - 000000000 ___HD C:\$WinREAgent 2025-02-09 21:00 - 2025-02-09 21:00 - 000099673 _____ C:\Users\MCFIVE\Downloads\coordonnees-bancaires-fortuneo-5.pdf 2025-02-09 20:15 - 2025-02-09 20:15 - 000000463 _____ C:\Users\MCFIVE\Downloads\HistoriqueOperations_013193528042.zip 2025-02-09 18:09 - 2025-02-10 08:12 - 000021504 _____ C:\Users\MCFIVE\Downloads\comptes(8).xlsx 2025-02-09 17:01 - 2025-02-09 17:01 - 000022515 _____ C:\Users\MCFIVE\Downloads\comptes (1).xlsx 2025-02-09 16:59 - 2025-02-09 16:59 - 000030452 _____ C:\Users\MCFIVE\Downloads\Extrait de comptes Compte 10150 000203886.. C_C CONTRAT PERSONNEL GLOBAL M OU MME MICHEL CARMAGNAT au 2025-01-31.pdf 2025-02-09 16:13 - 2025-02-09 16:13 - 000018832 _____ C:\Users\MCFIVE\Downloads\I05D24355N01673D.pdf 2025-02-09 15:33 - 2025-02-09 15:33 - 000018780 _____ C:\Users\MCFIVE\Downloads\I05D24359N00358D.pdf 2025-02-07 17:29 - 2025-02-07 17:29 - 000002233 _____ C:\Users\MCFIVE\Desktop\Exodus.lnk 2025-02-07 17:29 - 2025-02-07 17:29 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\exodus 2025-02-07 17:27 - 2025-02-07 17:29 - 235343208 _____ (Exodus Movement Inc) C:\Users\MCFIVE\Downloads\exodus-windows-x64-25.5.3 (1).exe 2025-02-07 17:24 - 2025-02-07 17:26 - 058792602 _____ C:\Users\MCFIVE\Downloads\exodus-windows-x64-25.kowEHlb1.5.3.exe.part 2025-02-07 17:24 - 2025-02-07 17:24 - 000000000 _____ C:\Users\MCFIVE\Downloads\exodus-windows-x64-25.5.3.exe 2025-02-07 10:37 - 2025-02-07 10:37 - 000381463 _____ C:\Users\MCFIVE\Downloads\Confirmation de virement_1738346398307.pdf 2025-02-06 11:47 - 2025-02-06 11:47 - 000027943 _____ C:\Users\MCFIVE\Downloads\p2p-transaction-confirmation-report_fr-fr_ee1acf.pdf 2025-02-05 16:53 - 2025-02-05 16:53 - 011068381 _____ C:\Users\MCFIVE\Downloads\VID-20250117-WA0002(1).mp4 2025-02-05 16:52 - 2025-02-05 16:52 - 011068381 _____ C:\Users\MCFIVE\Downloads\VID-20250117-WA0002.mp4 ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-03-07 22:01 - 2024-11-29 14:33 - 000000000 ____D C:\FRST 2025-03-07 22:00 - 2024-07-13 07:21 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Roaming\Adobe 2025-03-07 22:00 - 2024-07-13 07:21 - 000000000 ____D C:\Users\MICHEL MVK 2025-03-07 21:57 - 2021-01-14 15:17 - 001770910 _____ C:\windows\system32\PerfStringBackup.INI 2025-03-07 21:57 - 2019-12-07 15:49 - 000791762 _____ C:\windows\system32\perfh00C.dat 2025-03-07 21:57 - 2019-12-07 15:49 - 000149928 _____ C:\windows\system32\perfc00C.dat 2025-03-07 21:57 - 2019-12-07 10:14 - 000000000 ____D C:\windows\AppReadiness 2025-03-07 21:57 - 2019-12-07 10:13 - 000000000 ____D C:\windows\INF 2025-03-07 21:55 - 2022-02-12 01:07 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-03-07 21:54 - 2024-07-13 07:21 - 000002423 _____ C:\Users\MICHEL MVK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-03-07 21:54 - 2023-01-21 10:24 - 000000000 ____D C:\windows\system32\Tasks\Mozilla 2025-03-07 21:51 - 2024-11-25 06:04 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Lifesize 2025-03-07 21:51 - 2024-07-13 07:21 - 000000000 ____D C:\Users\MICHEL MVK\AppData\Roaming\Microsoft\Windows 2025-03-07 21:51 - 2022-12-06 13:22 - 000000000 ___RD C:\Users\MCFIVE\OneDrive - etu.u-cergy.fr 2025-03-07 21:51 - 2022-05-07 16:33 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Microsoft\Teams 2025-03-07 21:51 - 2021-12-16 03:15 - 000000000 ____D C:\windows\SystemTemp 2025-03-07 21:51 - 2021-06-24 07:04 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\CrashDumps 2025-03-07 21:51 - 2021-05-17 08:21 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\WhatsApp 2025-03-07 21:51 - 2021-03-15 00:15 - 000088720 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\windows\system32\GigabyteDownloadAssistant.exe 2025-03-07 21:51 - 2021-02-12 08:28 - 000000000 ____D C:\ProgramData\NVIDIA 2025-03-07 21:51 - 2020-11-19 00:32 - 000000000 __RHD C:\Users\Public\AccountPictures 2025-03-07 21:51 - 2019-12-07 10:14 - 000000000 ___RD C:\windows\ImmersiveControlPanel 2025-03-07 21:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps 2025-03-07 21:51 - 2019-12-07 10:14 - 000000000 ____D C:\windows\Registration 2025-03-07 21:51 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-03-07 21:50 - 2021-03-15 00:15 - 000536720 _____ (GIGA-BYTE TECHNOLOGY CO., LTD.) C:\windows\system32\GigabyteUpdateService.exe 2025-03-07 21:50 - 2021-02-12 08:21 - 000550928 _____ C:\windows\system32\wpbbin.exe 2025-03-07 21:50 - 2021-01-14 15:06 - 000008192 ___SH C:\DumpStack.log.tmp 2025-03-07 21:50 - 2020-11-19 00:29 - 000000006 ____H C:\windows\Tasks\SA.DAT 2025-03-07 21:50 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ServiceState 2025-03-07 21:50 - 2019-12-07 10:03 - 001048576 _____ C:\windows\system32\config\BBI 2025-03-07 21:46 - 2021-03-20 16:23 - 000000000 ___SD C:\Users\MCFIVE\AppData\Roaming\Microsoft\Protect 2025-03-07 21:24 - 2020-11-18 23:28 - 000000000 ____D C:\windows\system32\SleepStudy 2025-03-07 20:55 - 2021-03-23 09:06 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\D3DSCache 2025-03-07 20:53 - 2023-01-21 10:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2025-03-07 19:22 - 2024-11-29 14:36 - 000085308 _____ C:\Users\MCFIVE\Downloads\Addition.txt 2025-03-07 19:21 - 2024-11-29 14:34 - 000056996 _____ C:\Users\MCFIVE\Downloads\FRST.txt 2025-03-07 19:17 - 2024-11-29 16:41 - 000000000 ____D C:\Users\MCFIVE\Desktop\FRST-OlderVersion 2025-03-07 19:06 - 2023-01-21 10:46 - 000004300 _____ C:\windows\system32\Tasks\Opera scheduled Autoupdate 1674294370 2025-03-07 19:06 - 2023-01-21 10:46 - 000001396 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2025-03-07 16:47 - 2020-11-19 00:31 - 000003690 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA 2025-03-07 16:47 - 2020-11-19 00:31 - 000003566 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore 2025-03-07 10:38 - 2025-01-15 20:56 - 000000000 ____D C:\Users\MCFIVE\Desktop\C R Y P T O 2 0 2 4 2025-03-07 09:12 - 2025-01-29 09:37 - 000003572 _____ C:\windows\system32\Tasks\OneDrive Startup Task-S-1-5-21-916869094-3403233507-1452638425-1010 2025-03-07 09:12 - 2021-12-11 19:19 - 000003588 _____ C:\windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-916869094-3403233507-1452638425-1010 2025-03-07 09:12 - 2021-03-20 16:24 - 000003380 _____ C:\windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-916869094-3403233507-1452638425-1010 2025-03-07 09:12 - 2021-03-20 16:23 - 000002427 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2025-03-07 06:20 - 2023-01-21 10:24 - 000001036 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2025-03-07 06:18 - 2023-01-20 12:08 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\NordVPN 2025-03-06 13:43 - 2021-03-20 17:19 - 000000527 _____ C:\Users\MCFIVE\.vivaldi_reporting_data 2025-03-06 07:42 - 2020-11-19 00:29 - 000000000 ____D C:\windows\system32\Drivers\wd 2025-03-05 23:18 - 2024-11-11 14:33 - 000000000 ____D C:\Users\MCFIVE\Desktop\Trading 2025-03-05 22:52 - 2022-10-24 17:03 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2025-03-05 22:52 - 2022-10-24 17:03 - 000002028 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk 2025-03-05 22:52 - 2021-04-26 10:04 - 000004562 _____ C:\windows\system32\Tasks\Adobe Acrobat Update Task 2025-03-05 18:56 - 2024-08-23 14:51 - 000002629 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2025-03-05 18:56 - 2024-08-23 14:51 - 000002592 _____ C:\Users\MCFIVE\Desktop\Brave.lnk 2025-03-03 18:24 - 2022-02-24 15:59 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Telegram Desktop 2025-03-02 17:23 - 2021-03-24 14:23 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\vlc 2025-03-01 19:29 - 2023-03-26 08:46 - 000000000 ____D C:\Users\MCFIVE\Documents\F AC T U R E S P A Y E E S 2025-03-01 17:23 - 2021-03-20 16:23 - 000000000 ____D C:\Users\MCFIVE 2025-03-01 06:48 - 2020-11-19 00:31 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-03-01 06:48 - 2020-11-19 00:31 - 000002287 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk 2025-02-28 21:08 - 2023-01-20 12:08 - 000000000 ____D C:\ProgramData\NordVPN 2025-02-28 21:07 - 2023-01-20 12:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec 2025-02-28 21:07 - 2023-01-20 12:08 - 000000000 ____D C:\Program Files\NordVPN 2025-02-28 21:06 - 2021-12-13 11:28 - 000000000 ____D C:\windows\system32\Tasks\HP 2025-02-28 19:35 - 2021-03-20 17:19 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\Vivaldi 2025-02-27 12:41 - 2024-09-28 13:24 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Exodus 2025-02-27 12:03 - 2023-10-26 11:02 - 000002395 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk 2025-02-27 12:03 - 2023-10-26 11:02 - 000002358 _____ C:\Users\MCFIVE\Desktop\Vivaldi.lnk 2025-02-27 02:32 - 2022-03-07 23:57 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Signal 2025-02-14 01:45 - 2020-11-18 23:28 - 000462976 _____ C:\windows\system32\FNTCACHE.DAT 2025-02-14 01:44 - 2024-07-16 00:36 - 000000000 ____D C:\windows\system32\compatrel 2025-02-14 01:44 - 2023-12-16 01:37 - 000000000 ____D C:\windows\InboxApps 2025-02-14 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SysWOW64\setup 2025-02-14 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\windows\SystemResources 2025-02-14 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\setup 2025-02-14 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\windows\system32\oobe 2025-02-14 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\windows\ShellExperiences 2025-02-14 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\windows\bcastdvr 2025-02-14 01:44 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\USOPrivate 2025-02-14 01:44 - 2019-12-07 10:03 - 000000000 ____D C:\windows\servicing 2025-02-13 16:36 - 2023-01-20 12:08 - 000000000 ____D C:\Program Files\NordUpdater 2025-02-12 11:27 - 2019-12-07 10:03 - 000000000 ____D C:\windows\CbsTemp 2025-02-12 11:25 - 2020-11-19 00:31 - 003016192 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll 2025-02-12 11:15 - 2021-02-12 08:54 - 000000000 ____D C:\windows\system32\MRT 2025-02-12 11:12 - 2021-02-12 08:54 - 209365816 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe 2025-02-08 19:25 - 2023-11-29 13:50 - 000002376 _____ C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams classic.lnk 2025-02-08 01:24 - 2021-05-17 08:20 - 000000000 ____D C:\Users\MCFIVE\AppData\Local\SquirrelTemp 2025-02-07 17:29 - 2024-09-28 13:24 - 000000000 ____D C:\Users\MCFIVE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc ==================== Fichiers à la racine de certains dossiers ======== 2021-09-16 16:50 - 2021-09-16 16:50 - 034595824 _____ (Audacity Team ) C:\Users\MCFIVE\audacity-win-3.0.4-x64.exe 2021-12-14 12:16 - 2021-12-14 12:16 - 001243560 ____N (BraveSoftware Inc.) C:\Users\MCFIVE\BraveBrowserSetup.exe 2021-09-22 18:06 - 2021-09-22 18:06 - 030128864 _____ (CleverFiles) C:\Users\MCFIVE\disk-drill-win.exe 2021-12-07 08:32 - 2021-12-07 08:32 - 024477344 ____N () C:\Users\MCFIVE\fortuneo-livetrader-x64 (1).exe 2021-12-03 09:05 - 2021-12-03 09:05 - 024477344 ____N () C:\Users\MCFIVE\fortuneo-livetrader-x64.exe 2021-10-20 12:35 - 2021-10-20 12:35 - 136008120 _____ (Microsoft Corporation) C:\Users\MCFIVE\MSERT.exe 2021-09-16 17:04 - 2021-09-16 17:04 - 356282440 _____ () C:\Users\MCFIVE\NIKON D850 LOGICIEL FOTO S-NXD___-010605WF-ALLIN-ALL___.exe 2021-07-15 09:48 - 2021-07-15 09:48 - 056431504 _____ (TEFINCOM S.A. ) C:\Users\MCFIVE\NordLockerSetup.exe 2021-07-30 11:23 - 2021-07-30 11:23 - 056867264 _____ (TEFINCOM S.A. ) C:\Users\MCFIVE\NordVPNSetup.exe 2021-09-18 12:12 - 2021-09-18 12:12 - 017385800 ____N (Google Inc.) C:\Users\MCFIVE\picasa-3-9-138-150-multi-win.exe 2021-09-16 17:00 - 2021-09-16 17:00 - 001249032 _____ (Adobe Inc) C:\Users\MCFIVE\readerdc64_fr_ha_crd_install.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================