Résultats de l'Analyse supplémentaire de Farbar Recovery Scan Tool (x64) Version: 16.02.2024
Exécuté par bernard (16-02-2024 19:13:36)
Exécuté depuis I:\Musiques\Download
Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) (2020-10-30 17:55:08)
Mode d'amorçage: Normal
==========================================================
==================== Comptes: =============================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
Administrateur (S-1-5-21-105964804-4182024700-1347609302-500 - Administrator - Disabled)
bernard (S-1-5-21-105964804-4182024700-1347609302-1001 - Administrator - Enabled) => C:\Users\bernard
DefaultAccount (S-1-5-21-105964804-4182024700-1347609302-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-105964804-4182024700-1347609302-1003 - Limited - Enabled)
Invité (S-1-5-21-105964804-4182024700-1347609302-501 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-105964804-4182024700-1347609302-504 - Limited - Disabled)
==================== Centre de sécurité ========================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Programmes installés ======================
(Seuls les logiciels publicitaires ('adware') avec la marque 'caché' ('Hidden') sont susceptibles d'être ajoutés au fichier fixlist.txt pour qu'ils ne soient plus masqués. Les programmes publicitaires devront être désinstallés manuellement.)
4K Video Downloader 4.7 (HKLM\...\{43CF4D03-5F6E-47EB-A1FC-287A68914755}) (Version: 4.7.0.2602 - Open Media LLC)
4K YouTube to MP3 3.11 (HKLM-x32\...\{2A3A7910-38FD-42A1-BA07-2ACF740DF6AB}) (Version: 3.11.1.3500 - Open Media LLC)
7-Zip 21.06 (x64) (HKLM\...\7-Zip) (Version: 21.06 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\{10E33ABF-D7FB-4F47-900A-7973854AB45A}) (Version: 32.0.0.125 - Adobe) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.125 - Adobe)
Amazon Photos (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Amazon Photos) (Version: 9.0.2 - Amazon.com, Inc.)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Standard Edition 5.8 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Caesium version 1.7.0 (HKLM-x32\...\{88B0F0DE-6937-440D-B5CA-6E69003E55F7}_is1) (Version: 1.7.0 - Matteo Paonessa)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7128 - CDBurnerXP)
Civilization version V1.0 (HKLM-x32\...\{39EBDD02-12AA-444C-B953-0751F9F43353}_is1) (Version: V1.0 - Abandonware-France)
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
ConfigMgr 2012 Toolkit R2 (HKLM-x32\...\{4FFF7ECC-CCF7-4530-B938-E7812BB91186}) (Version: 5.00.7958.1151 - Microsoft Corporation)
Contrôle d’intégrité du PC Windows (HKLM\...\{90C6971F-ABF1-4FBF-BD98-24F14C5F5AB4}) (Version: 3.6.2204.08001 - Microsoft Corporation)
Contrôle d’intégrité du PC Windows (HKLM\...\{DB3AADA3-0996-4427-87CC-8BA140012410}) (Version: 3.7.2204.15001 - Microsoft Corporation)
Contrôle d’intégrité du PC Windows (HKLM\...\{DF8C3BDB-5439-431D-89FA-A45643F262C6}) (Version: 3.1.2109.29003 - Microsoft Corporation)
CPUID HWMonitor 1.52 (HKLM\...\CPUID HWMonitor_is1) (Version: 1.52 - CPUID, Inc.)
Darkseed II version beta1 (HKLM-x32\...\{AAAC1A36-7E9F-45C5-9A08-9B8042BD2C38}_is1) (Version: beta1 - Abandonware-France)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 5.2.0.185 - devolo AG)
Diagnostics d'imprimante Samsung (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.4.28 - Samsung Electronics Co., Ltd.)
Docs (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\4e707cf5b5b817fea4251fac0f4eec7a) (Version: 1.0 - Google\Chrome)
Documentation Manager (HKLM\...\{3EF18AD4-8F08-42FE-B2A4-F2DDB1DFB5D0}) (Version: 21.50.1.1 - Intel Corporation) Hidden
Feuilles de calcul (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\8ed2fc403f40f76fb24465e3bc93a248) (Version: 1.0 - Google\Chrome)
FF Password Exporter (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\4088ae7b-2be7-5157-8053-1b94a5d03d5b) (Version: 1.1.1 - Kyle Spearrin)
FileZilla 3.62.2 (HKLM-x32\...\FileZilla Client) (Version: 3.62.2 - Tim Kosse)
Folder Size (HKLM-x32\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.4.37651 - Foxit Software Inc.)
Free Cam 8 (HKLM-x32\...\{2141C536-4434-4F91-A4C7-9D6C3B5C125E}) (Version: 8.7.27129 - iSpring Solutions Inc.)
FreeCropVideo (HKLM-x32\...\{BAA3FC30-2DC2-47C1-B09D-39D30EB7CEC9}) (Version: 1.06 - Free Crop Video)
Gmail (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\b235c44b6e39411c3122739dd199fd18) (Version: 1.0 - Google\Chrome)
GOG.com The Settlers 4 GOLD (HKLM\...\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 121.0.6167.185 - Google LLC)
Google Drive (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\745c3dcef4b5bc1315a0658e1fedfbfd) (Version: 1.0 - Google\Chrome)
gpedt.msc 2.0 (HKLM-x32\...\gpedit.msc_is1) (Version: - )
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
Hard Disk Wipe Tool 2.35 build 1178 (HKLM-x32\...\Hard Disk Wipe Tool_is1) (Version: - HDDGURU)
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
HWiNFO64 Version 6.20 (HKLM\...\HWiNFO64_is1) (Version: 6.20 - Martin Malik - REALiX)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00001010-0210-1036-84C8-B8D95FA3C8C3}) (Version: 21.10.1.1 - Intel Corporation)
Intel® Software Installer (HKLM-x32\...\{e2b4037f-6ffc-4200-8b24-fdc8512f0dc9}) (Version: 21.50.1.1 - Intel Corporation) Hidden
IrfanView 4.44 (32-bit) (HKLM-x32\...\IrfanView) (Version: 4.44 - Irfan Skiljan)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
IZArc 4.4 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.4 - Ivan Zahariev)
Kaspersky Anti-Virus (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
K-Lite Codec Pack 14.5.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
LAN Speed Test version 4.1 (HKLM-x32\...\{5713259D-1464-49D3-AC1A-C3918A2D4FF0}_is1) (Version: 4.1 - Totusoft)
LetsView V1.3.1.7 (HKLM-x32\...\{6AA74BE4-9506-4D81-A07C-A40F883C2EA7}_is1) (Version: 1.3.1.7 - LetsView LIMITED)
MediaCoder x64 0.8.50.5900 (HKLM\...\MediaCoder x64) (Version: 0.8.50.5900 - Mediatronic)
MediaInfo 0.7.92 (HKLM\...\MediaInfo) (Version: 0.7.92 - MediaArea.net)
Mezzmo (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Mezzmo) (Version: 5.0.3.0 - Conceiva Pty. Ltd.)
Microsoft Access MUI (French) 2016 (HKLM\...\{90160000-0015-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft DCF MUI (French) 2016 (HKLM\...\{90160000-0090-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 121.0.2277.112 - Microsoft Corporation)
Microsoft Excel MUI (French) 2016 (HKLM\...\{90160000-0016-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\{707C8430-DE9D-4385-BA80-91415748009B}) (Version: 4.0.1651.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{510D6833-AD19-4376-ADD2-167AE5AD2732}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Groove MUI (French) 2016 (HKLM\...\{90160000-00BA-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft HEVC Media Extension Installation for Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe (x64) (HKLM\...\{B0169E83-757B-EF66-E2F0-391944D785BC}) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (French) 2016 (HKLM\...\{90160000-0044-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2016 (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2016 – Deutsch (HKLM\...\{90160000-001F-0407-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (French) 2016 (HKLM\...\{90160000-00E1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (French) 2016 (HKLM\...\{90160000-00E2-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2016 (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing (French) 2016 (HKLM\...\{90160000-002C-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - English (HKLM\...\{90160000-001F-0409-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2016 - اللغة العربية (HKLM\...\{90160000-001F-0401-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (French) 2016 (HKLM\...\{90160000-00C1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (French) 2016 (HKLM\...\{90160000-006E-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (French) 2016 (HKLM\...\{90160000-00A1-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (French) 2016 (HKLM\...\{90160000-001A-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (French) 2016 (HKLM\...\{90160000-0018-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (French) 2016 (HKLM\...\{90160000-0019-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Skype for Business MUI (French) 2016 (HKLM\...\{90160000-012B-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Microsoft Update Health Tools (HKLM\...\{1FC1A6C2-576E-489A-9B4A-92D21F542136}) (Version: 3.74.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.32.31326 (HKLM-x32\...\{2d507699-404c-4c8b-a54a-38e352f32cdd}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.32.31326 (HKLM-x32\...\{817e21c1-6b3a-4bc1-8c49-67e4e1887b3a}) (Version: 14.32.31326.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.32.31326 (HKLM\...\{38624EB5-356D-4B08-8357-C33D89A5C0C5}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.32.31326 (HKLM\...\{C96241EA-9900-4FE8-85B3-1E238D509DF6}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.32.31326 (HKLM-x32\...\{A250E750-DB3F-40C1-8460-8EF77C7582DA}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.32.31326 (HKLM-x32\...\{46E11E7F-01E1-44D0-BB86-C67342D253DD}) (Version: 14.32.31326 - Microsoft Corporation) Hidden
Microsoft Word MUI (French) 2016 (HKLM\...\{90160000-001B-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
MKVToolNix 19.0.0 (32-bit) (HKLM-x32\...\MKVToolNix) (Version: 19.0.0 - Moritz Bunkus)
Molotov (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Molotov) (Version: 4.4.0 - Molotov)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox (x64 fr) (HKLM\...\Mozilla Firefox 122.0.1 (x64 fr)) (Version: 122.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.2 - Mozilla)
Mozilla Thunderbird (x86 fr) (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Mozilla Thunderbird 115.7.0 (x86 fr)) (Version: 115.7.0 - Mozilla)
Mozilla Thunderbird 60.7.2 (x86 fr) (HKLM-x32\...\Mozilla Thunderbird 60.7.2 (x86 fr)) (Version: 60.7.2 - Mozilla)
NetBalancer (HKLM\...\NetBalancer_is1) (Version: - SeriousBit)
NetSpot (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\8f902e8bea10afc7) (Version: 2.13.750.1 - Etwok Inc.)
NordPass (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\f7c32559-6c31-590a-9972-0bea54b04213) (Version: 5.9.22 - NordPass Team)
NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.4.0.132 - Nord Security)
NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.18.6.0 - Nord Security)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.4 - Notepad++ Team)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Logiciel système PhysX 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
NVIDIA Pilote audio HD : 1.3.40.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.40.14 - NVIDIA Corporation)
NVIDIA Pilote graphique 551.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 551.23 - NVIDIA Corporation)
Orange Update (HKLM-x32\...\Orange Update) (Version: 3.6.0.1 - Orange)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{02D89175-E08F-401B-BA30-8B7512B57724}) (Version: 4.0.17 - dotPDN LLC)
Paquet Eco Driver (HKLM-x32\...\Samsung Eco Driver Pack) (Version: 2.01.10.00 (28/05/2015) - Samsung Electronics Co., Ltd.)
Peugeot Update 1.2.1 (HKLM\...\{46cf01d6-a405-5b47-a44f-4dd61ad5f7c2}) (Version: 1.2.1 - PSA Automobiles SA)
PhotoFiltre 11.4.0 (HKLM\...\{562D5B35-6D7E-415D-8554-30A2D0146FE6}_is1) (Version: 11.4 - PhotoFiltre)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PowerToys (Preview) (HKLM\...\{34B30ED8-9F6B-4E85-9F57-7AD257B161C8}) (Version: 0.17.0 - Microsoft)
Présentations (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\eaefb6e66d213d63f37deb3b215a01b0) (Version: 1.0 - Google\Chrome)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8228 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.3.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.3.5 - VS Revo Group, Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.59 (13/04/2021) - HP Development Company, L.P.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.34 - HP Inc.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.27 (21/07/2017) - Samsung Electronics Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 2.02.34 (14/04/2021) - HP Development Company, L.P.)
Samsung OCR Software (HKLM-x32\...\Samsung OCR Software) (Version: 1.01.23 (22/01/2021) - HP Inc.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Send Anywhere 23.7.110852 (HKLM-x32\...\20db1975-fda0-5740-b262-81be26ba22ab) (Version: 23.7.110852 - Estmob Inc.)
Skype version 8.110 (HKLM-x32\...\Skype_is1) (Version: 8.110 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Syberia 2 (HKLM-x32\...\{EDBE322C-5CF0-46AC-A6DE-C6713F84B68A}) (Version: - )
System Explorer 7.0.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
The Settlers IV Gold Edition (HKLM-x32\...\The Settlers IV Gold Edition) (Version: - )
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.93 - Samsung Electronics CO., LTD.)
Update for Windows 10 for x64-based Systems (KB5001716) (HKLM\...\{7B63012A-4AC6-40C6-B6AF-B24A84359DD5}) (Version: 8.93.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 95.2 - Ubisoft)
Utopia Box V3 version 3.0 (HKLM-x32\...\{A72FCB0C-EBF2-4882-A96A-48202FF02C7B}_is1) (Version: 3.0 - Abandonware Utopia)
VdhCoApp 1.3.0 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
VirtualDub Plugin Pack 1.0.0.6 Fr (HKLM-x32\...\{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1) (Version: 1.0.0.6 - Trad-Fr)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WhoCrashed 7.06 (HKLM\...\WhoCrashed_is1) (Version: 7.06 - Resplendence Software Projects Sp.)
WinAce Archiver (HKLM-x32\...\WinAce Archiver) (Version: 2.69 - e-merge GmbH)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
XMedia Recode version 3.4.7.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.4.7.4 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.5) (Version: 1.3.5 - Xvid Team)
YouTube (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\8eac9737445453f44fe1ecd7a7b86cc1) (Version: 1.0 - Google\Chrome)
Zoom (HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\ZoomUMX) (Version: 5.14.6 (15434) - Zoom Video Communications, Inc.)
Packages:
=========
Community Showcase Cityscapes 2 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseCityscapes2_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Community Showcase Natural Landscapes 2 -> C:\Program Files\WindowsApps\Microsoft.CommunityShowcaseNaturalLandscapes2_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Composant additionnel Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-02-12] (Microsoft Corporation)
Extension Photos -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-05-22] (Microsoft Corporation)
Fantastical Fantasy -> C:\Program Files\WindowsApps\Microsoft.FantasticalFantasy_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Islands in the Sun -> C:\Program Files\WindowsApps\Microsoft.IslandsintheSun_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
ma Livebox -> C:\Program Files\WindowsApps\OrangeFrance.MaLivebox_1.1.0.27_neutral__3nekra66ya1hy [2022-11-29] (Orange)
Magic Landscapes 2 by Michael Breitung -> C:\Program Files\WindowsApps\Microsoft.MagicLandscapes2byMichaelBreitung_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Magic Landscapes by Michael Breitung -> C:\Program Files\WindowsApps\Microsoft.MagicLandscapesbyMichaelBreitung_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation) [MS Ad]
Mon Calendrier -> C:\Program Files\WindowsApps\25529kineapps.MyCalendar_4.0.82.0_x64__4a6d1yza056d2 [2024-02-15] (kineapps)
Mountain Dwellings -> C:\Program Files\WindowsApps\Microsoft.MountainDwellings_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Mountain's Majesty -> C:\Program Files\WindowsApps\Microsoft.MountainsMajesty_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
My Notifications (alarm) -> C:\Program Files\WindowsApps\60538timecode.MyNotificationalarm_1.0.3.0_neutral__b9dvgf32qk5tp [2024-02-15] (timecode)
myCANAL -> C:\Program Files\WindowsApps\CANALGroupe.CANALTOUCH_5.14.4.0_x64__4d0jsvmsaqz2m [2023-12-06] (Groupe Canal +)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-11-29] (Netflix, Inc.)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.964.0_x64__56jybvy8sckqj [2024-02-05] (NVIDIA Corp.)
PDF Merger & Splitter -> C:\Program Files\WindowsApps\AnywaySoftInc.PDFMergerSplitter_2.0.1.0_x64__0qkrc2qacwvfm [2022-11-29] (AnywaySoft, Inc.) [MS Ad]
Pluto TV - Drop in. Watch Free. -> C:\Program Files\WindowsApps\app-windows.pluto.tv-D903B700_1.4.3.1_neutral__jw8eqqntf07sm [2023-10-15] (app-windows.pluto.tv)
Rambling Pathways -> C:\Program Files\WindowsApps\Microsoft.RamblingPathways_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Samsung Printer Experience -> C:\Program Files\WindowsApps\SAMSUNGELECTRONICSCO.LTD.SamsungPrinterExperience_1.3.15.0_x64__3c1yjt4zspk6g [2022-11-29] (Samsung Electronics Co. Ltd.)
Snowy Mountains -> C:\Program Files\WindowsApps\Microsoft.SnowyMountains_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.19.1262.0_x64__8wekyb3d8bbwe [2024-02-07] (Microsoft Studios) [MS Ad]
Speedtest by Ookla -> C:\Program Files\WindowsApps\Ookla.SpeedtestbyOokla_1.17.186.0_x64__43tkc6nmykmb6 [2024-02-03] (Ookla)
Stunning Waterfalls PREMIUM -> C:\Program Files\WindowsApps\Microsoft.StunningWaterfallsPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Take a Hike -> C:\Program Files\WindowsApps\Microsoft.TakeaHike_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
The Grand Canyon National Park -> C:\Program Files\WindowsApps\Microsoft.TheGrandCanyonNationalPark_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
US National Parks -> C:\Program Files\WindowsApps\Microsoft.USNationalParks_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Waterfall Tour -> C:\Program Files\WindowsApps\Microsoft.WaterfallTour_1.1.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Wooden Walkways PREMIUM -> C:\Program Files\WindowsApps\Microsoft.WoodenWalkwaysPREMIUM_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
World National Parks -> C:\Program Files\WindowsApps\Microsoft.WorldNationalParks_1.0.0.0_neutral__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2022-11-29] (Microsoft Corporation)
==================== Personnalisé CLSID (Avec liste blanche): ==============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
CustomCLSID: HKU\S-1-5-21-105964804-4182024700-1347609302-1001_Classes\CLSID\{047711dd-e595-49e4-b5f5-1046beed83ae}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-105964804-4182024700-1347609302-1001_Classes\CLSID\{4e6f7264-5650-4e00-0000-000000000000}\localserver32 -> K:\NordVPN\NordVPN.exe (nordvpn s.a. -> nordvpn S.A.)
CustomCLSID: HKU\S-1-5-21-105964804-4182024700-1347609302-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> K:\MediaInfos\MediaInfo_InfoTip.dll (MediaArea.net -> MediaArea.net)
CustomCLSID: HKU\S-1-5-21-105964804-4182024700-1347609302-1001_Classes\CLSID\{908c6c7f-a3de-4173-9d21-a94ff307b387}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-105964804-4182024700-1347609302-1001_Classes\CLSID\{9489FEB2-1925-4D01-B788-6D912C70F7F2}\localserver32 -> C:\Users\bernard\AppData\Local\Microsoft\OneDrive\19.103.0527.0003\FileCoAuth.exe => Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> Pas de fichier
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> Pas de fichier
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-08-21] (Notepad++ -> )
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => K:\IZArc\IZArcCM64.dll [2019-03-18] () [Fichier non signé]
ContextMenuHandlers3: [PowerRenameExt] -> {0440049F-D1DC-4E46-B27B-98393D79486B} => K:\powertoys\modules\PowerRenameExt.dll [2020-04-28] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => K:\7zip\7-zip.dll [2021-11-24] (Igor Pavlov) [Fichier non signé]
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => K:\IZArc\IZArcCM64.dll [2019-03-18] () [Fichier non signé]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvmdig.inf_amd64_a3a35b9b20ddd8f1\nvshext.dll [2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => K:\7zip\7-zip.dll [2021-11-24] (Igor Pavlov) [Fichier non signé]
==================== Codecs (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [475672 2007-10-12] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [251392 2017-12-08] () [Fichier non signé]
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2007-10-12] (Logitech Inc -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2017-12-08] () [Fichier non signé]
==================== Raccourcis & WMI ========================
(Les éléments sont susceptibles d'être inscrits dans le fichier fixlist.txt afin d'être supprimés ou restaurés.)
ShortcutWithArgument: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Docs.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=mpnpojknpmmopombnjdcgaaiekajbnjb
ShortcutWithArgument: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Feuilles de calcul.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fhihpiojkbmbpdjeoajapmgkhlnakfjf
ShortcutWithArgument: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Google Drive.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=aghbiahbpaijignceidepookljebhfak
ShortcutWithArgument: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\Présentations.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=kefjledonklijopmnomlcbpllchaibag
ShortcutWithArgument: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome\YouTube.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=agimnkijcaahngcdmfeangaknmldooml
==================== Modules chargés (Avec liste blanche) =============
2017-05-02 14:42 - 2016-08-10 12:07 - 002847744 _____ () [Fichier non signé] C:\WINDOWS\system32\DlgSearchEngine.dll
2018-10-05 10:08 - 2018-10-05 10:08 - 000087552 _____ () [Fichier non signé] C:\WINDOWS\system32\ssdevm64.dll
2021-08-20 18:16 - 2021-04-14 10:11 - 000586240 _____ (HP Development Company, L.P.) [Fichier non signé] C:\WINDOWS\System32\NetFaxPort64.dll
2021-08-20 18:16 - 2021-04-14 10:10 - 000146944 _____ (HP Development Company, L.P.) [Fichier non signé] C:\WINDOWS\system32\spool\PRTPROCS\x64\NetFaxProc64.dll
2021-02-25 04:09 - 2021-02-25 04:09 - 003696128 _____ (TODO: <Company name>) [Fichier non signé] C:\Program Files (x86)\Samsung\Easy Printer Manager\ScanFax2PC\CDAScan2PCMonitor64.dll
==================== Alternate Data Streams (Avec liste blanche) ========
(Si un élément est inclus dans le fichier fixlist.txt, seul le flux de données additionnel (ADS - Alternate Data Stream) sera supprimé.)
AlternateDataStreams: C:\ProgramData:iSpring Solutions [128]
AlternateDataStreams: C:\Users\All Users:iSpring Solutions [128]
AlternateDataStreams: C:\ProgramData\Application Data:iSpring Solutions [128]
AlternateDataStreams: C:\Users\bernard\Application Data:iSpring Solutions [128]
AlternateDataStreams: C:\Users\bernard\AppData\Roaming:iSpring Solutions [128]
==================== Mode sans échec (Avec liste blanche) ==================
==================== Association (Avec liste blanche) =================
==================== Internet Explorer (Avec liste blanche) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://r.orange.fr/r/Oodc_oi_promoHP
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-13] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-105964804-4182024700-1347609302-1001 -> Pas de nom - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - Pas de fichier
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - K:\Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - K:\Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts contenu: =========================
(Si nécessaire, la commande Hosts: peut être incluse dans le fichier fixlist.txt afin de réinitialiser le fichier hosts.)
2017-03-18 22:03 - 2017-03-18 22:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2019-11-02 18:21 - 2024-01-01 13:36 - 000000375 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
==================== Autres zones ===========================
(Actuellement, il n'y a pas de correction automatique pour cette section.)
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 1.1.1.1 - 1.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Le Pare-feu est activé.
Network Binding:
=============
Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet 2: NetBalancer Filter -> nt_nbdrv (enabled)
Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled)
Ethernet: NetBalancer Filter -> nt_nbdrv (enabled)
Ethernet 4: NetBalancer Filter -> nt_nbdrv (enabled)
Ethernet 4: NordVPN LightWeight Firewall -> NordLwf (enabled)
Wi-Fi 2: NetBalancer Filter -> nt_nbdrv (enabled)
Wi-Fi 2: NordVPN LightWeight Firewall -> NordLwf (enabled)
==================== MSCONFIG/TASK MANAGER éléments désactivés ==
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé.)
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\StartupApproved\StartupFolder: => "LiveBoxMonitor2.exe - Raccourci.lnk"
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\StartupApproved\Run: => "EEDSpeedLauncher"
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\StartupApproved\Run: => "STUISpeedLauncher"
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\StartupApproved\Run: => "SendAnywhere"
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\StartupApproved\Run: => "Amazon Photos"
==================== RèglesPare-feu (Avec liste blanche) ================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
FirewallRules: [UDP Query User{D2A30C0D-AC7E-4265-8096-A1E551CDA29F}K:\servio\serviio\jre\bin\javaw.exe] => (Allow) K:\servio\serviio\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [TCP Query User{2D7DF1A9-0C39-4664-B5FB-07EC93F18CC8}K:\servio\serviio\jre\bin\javaw.exe] => (Allow) K:\servio\serviio\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [{A4F00626-9AF8-4D9B-950B-27C6FFFB037B}] => (Allow) LPort=1900
FirewallRules: [{03AED4AA-01E5-4769-8742-A0F02CE1ADBC}] => (Allow) LPort=2869
FirewallRules: [{DBDF662C-8F4D-4AD9-B61F-68027C1F1250}] => (Allow) LPort=53168
FirewallRules: [{FB8C3916-23E5-4B70-8C6F-09FD4A6E02A7}] => (Allow) LPort=1900
FirewallRules: [{D86CFD33-801A-4A24-8779-C0AE212D93EA}] => (Allow) LPort=2869
FirewallRules: [{0616AD77-34E1-42F9-83B2-11A4ECAE9D7F}] => (Allow) LPort=53168
FirewallRules: [{32F295C4-F644-4266-801C-FB7949DF4AC0}] => (Allow) C:\Users\bernard\AppData\Roaming\Zoom\bin\airhost.exe => Pas de fichier
FirewallRules: [{7D0A9BE2-DFA0-4145-8E76-82A99495144B}] => (Allow) C:\Users\bernard\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{02720633-D5E2-4B29-9BD3-42000ECAC41E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{26051087-6AFC-4150-99EB-408E61ECB1D8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [UDP Query User{75AC7211-20F1-41F9-948F-36F72E520BAF}K:\vlc\vlc.exe] => (Block) K:\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B357D983-7F77-4501-BA46-F6D190558024}K:\vlc\vlc.exe] => (Block) K:\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{BBF30E5E-01C4-4D72-BB7A-2D72B61DE905}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{189ACE0B-A470-4E06-BA62-640D492B7873}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{64DC11D4-36AB-477A-9D75-DD707502D027}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{08C4104E-0560-4A60-9EEA-8568A8ED1548}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{9B1F9686-E33B-444C-AF05-9CCDD74D3BAF}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [TCP Query User{DF712C1C-D3B7-4691-84B6-388EA0DF888D}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Allow) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{BCA0F551-1E67-44A9-9112-871E15EC8A03}] => (Allow) L:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [Fichier non signé]
FirewallRules: [{FAC696B3-BF88-4F2D-A989-3764E649CB3B}] => (Allow) L:\SteamLibrary\steamapps\common\Sid Meier's Civilization VI\LaunchPad\LaunchPad.exe () [Fichier non signé]
FirewallRules: [{64F28F04-0318-4488-8FCC-2275DE8F4C7E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{6806E33E-A6DA-44F8-957E-973E50D65F25}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => Pas de fichier
FirewallRules: [{713093AC-1A41-43C5-9A7F-8F289132D1EB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E7044868-5070-47CC-9E25-8AA97A035EEB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6D2E489B-559E-49CB-AA10-5E54BF14F9C9}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{E24783D3-0CB6-4473-9CA2-E7FC771FF388}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [Fichier non signé]
FirewallRules: [{1327052C-20C3-4114-AC2C-CBCF2CF31E50}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe () [Fichier non signé]
FirewallRules: [{72053535-CEA6-40B7-A5BE-8FA29BE979E2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [Fichier non signé]
FirewallRules: [{0DE43C31-1CA4-4246-811F-F338D4A7C5DE}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe () [Fichier non signé]
FirewallRules: [{0A6E078D-8DF8-401C-AC24-ABAF00B22D1F}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe (HP Inc. -> )
FirewallRules: [{C8DB8285-31CD-4211-B11C-E7C80DE350D1}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe (HP Inc. -> )
FirewallRules: [{2EDB0D87-8496-4943-B790-46E3FF82A7C6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{03A11D5A-1705-4C09-87C1-E6C71DD446AB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe (HP Inc. -> )
FirewallRules: [{E52C8704-AE6A-4CE9-B523-446B423A5B8D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [UDP Query User{22229682-5912-4DD4-9D54-DF5B95103C9C}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{815BB6BE-51ED-4428-850F-5EBEBA435062}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D7E3D3AF-8183-47FB-AFFA-A24ED3410E1A}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\ESM.exe (HP Inc. -> )
FirewallRules: [UDP Query User{A8B66F63-C69C-4957-8A2B-D0C1F9B1DED1}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [TCP Query User{E022C26F-095D-4DE8-9B3D-88EEF3970108}C:\program files\common files\common desktop agent\cdasrv.exe] => (Allow) C:\program files\common files\common desktop agent\cdasrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{740E56DA-9247-4B80-9ED9-6DB72027CBE7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7E710F98-57C9-4C56-B4C7-231C1A4C23C7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C9362E25-1573-4DCA-A17F-D3DD9415FF87}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [{30E949E3-C0E1-451A-B8DE-8ACD3A979561}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{60A7E091-B0E0-46F7-AE3D-E0DC4FF9E000}] => (Allow) C:\Windows\twain_32\Samsung\SLM2070\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0CFBC841-B01B-46C0-AFA5-BFEA3E2ECA76}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D469969A-40F6-4ADE-AF8A-BA991F7E0E10}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{347C942E-2CD3-43C9-AE37-3FED5717CF22}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{16879418-963A-4751-94E7-5763F8CB32FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{68849F17-1BDD-434D-954B-44CA03D54B4B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{43309E45-85FB-4DA1-9C06-4E4055F43FF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4C9B3DE3-4666-4F64-BA03-E308A58A3635}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{20B3A4B4-3F84-465C-B2F1-51CFA4B0E88C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DCFBD204-46B6-4BD6-BB5B-A9AA2DAD7C61}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A9783EB8-F05D-4806-92B1-30A2579CF49E}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\WebInstallAgent\SPNTInst.exe (HP Inc. -> )
FirewallRules: [TCP Query User{09689762-7641-47C7-9EF0-FA25124CA5A5}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{5ED7F0CD-1B02-4630-A0DA-AD4C54FCA94D}C:\program files\serviio\jre\bin\javaw.exe] => (Allow) C:\program files\serviio\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [{FDADA70D-43A2-453A-B399-0F8FF0BC99ED}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Center\SamsungPrinterCenter.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
FirewallRules: [TCP Query User{39BE7084-33D9-487C-9B0A-ED02ACE8BAA4}K:\mediacoder\mcagent.exe] => (Block) K:\mediacoder\mcagent.exe () [Fichier non signé]
FirewallRules: [UDP Query User{D38EF504-7107-4113-A0AA-6C99E16CC7A4}K:\mediacoder\mcagent.exe] => (Block) K:\mediacoder\mcagent.exe () [Fichier non signé]
FirewallRules: [{62F152B3-6495-4E97-BA2C-2FC4AB2CD9E0}] => (Allow) LPort=53168
FirewallRules: [{506E89A4-2FFB-4B62-9132-4882A2F79DFD}] => (Allow) LPort=2869
FirewallRules: [{81EBAD24-E000-41EC-ACDB-557BCF69FBFB}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{7F02968A-96D3-411F-93EB-F173D91B57F1}K:\serviio\jre\bin\javaw.exe] => (Allow) K:\serviio\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [UDP Query User{F18976BA-BD3D-4FBF-BD18-902E0468FBF4}K:\serviio\jre\bin\javaw.exe] => (Allow) K:\serviio\jre\bin\javaw.exe => Pas de fichier
FirewallRules: [{83315731-F69D-4BF4-95A6-88DEB119946F}] => (Allow) K:\Letsview\LetsView.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{3CCBC84F-2806-4D99-8D0C-02E8754B741C}] => (Allow) K:\Letsview\LetsView.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [TCP Query User{E870A2CD-1B2D-45E0-A9F8-BB955BAF5535}K:\letsview\wxmcast.exe] => (Allow) K:\letsview\wxmcast.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [UDP Query User{D2B2A54C-8B55-4F7A-A828-EBF31B6EA8BA}K:\letsview\wxmcast.exe] => (Allow) K:\letsview\wxmcast.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{927473E1-6E79-4D94-A7F3-68D02F64AAC4}] => (Block) K:\letsview\wxmcast.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [{2F56B7EE-34E5-4B48-8790-E32F83B8CF48}] => (Block) K:\letsview\wxmcast.exe (Apowersoft Ltd -> Apowersoft)
FirewallRules: [TCP Query User{F5B36530-39DD-4A1C-BE1A-175CD5B50A91}K:\mezzmo\mezzmo.exe] => (Allow) K:\mezzmo\mezzmo.exe (Conceiva Pty Ltd -> Conceiva Pty. Ltd.)
FirewallRules: [UDP Query User{C1C578FC-2561-4787-B6DF-DF1D985396A5}K:\mezzmo\mezzmo.exe] => (Allow) K:\mezzmo\mezzmo.exe (Conceiva Pty Ltd -> Conceiva Pty. Ltd.)
FirewallRules: [TCP Query User{92DF014E-28AC-466C-856D-68DBA977175A}K:\mezzmo\mezzmomediaserver.exe] => (Allow) K:\mezzmo\mezzmomediaserver.exe (Conceiva Pty Ltd -> Conceiva Pty. Ltd.)
FirewallRules: [UDP Query User{9F7904A1-18B0-463D-96F1-468F15C39E56}K:\mezzmo\mezzmomediaserver.exe] => (Allow) K:\mezzmo\mezzmomediaserver.exe (Conceiva Pty Ltd -> Conceiva Pty. Ltd.)
FirewallRules: [{0DACCA92-D5B8-4726-9485-F5816C6145B7}] => (Allow) LPort=53168
FirewallRules: [{890CD385-4783-4AB5-9672-3F611E5581B3}] => (Allow) LPort=2869
FirewallRules: [{7DC96245-16AA-4538-A390-B3CAB6A07FEE}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{241E175D-7334-43D8-85A3-080BB68D801C}K:\mezzmo\mezzmomediaserver.exe] => (Block) K:\mezzmo\mezzmomediaserver.exe (Conceiva Pty Ltd -> Conceiva Pty. Ltd.)
FirewallRules: [UDP Query User{025C3549-63B5-4B1F-B360-6A70354765B1}K:\mezzmo\mezzmomediaserver.exe] => (Block) K:\mezzmo\mezzmomediaserver.exe (Conceiva Pty Ltd -> Conceiva Pty. Ltd.)
FirewallRules: [{845A5C42-1E2B-40A0-BB5A-6E8B7BCBBACE}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe (HP Development Company, L.P.) [Fichier non signé]
FirewallRules: [{64492C4E-D73D-4317-8C1B-50E0DBA48480}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe (HP Development Company, L.P.) [Fichier non signé]
FirewallRules: [{07CAE893-7F7B-4C3D-889D-8181D99CEB9D}] => (Allow) C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxMon64.exe (HP Development Company, L.P.) [Fichier non signé]
FirewallRules: [{F012EC48-00AA-489B-B84B-EC6DA357D01B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{C9EFC493-09F4-48AC-9EEC-EB33DDDDDDE6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{E3B7AAC2-1CCB-4A18-9CB1-5AB7B20834A9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{492532A0-790E-41BA-8735-7DADAE60742B}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> HP Development Company, L.P.)
FirewallRules: [{98A48B10-AF84-4EB0-9183-F98C003054AC}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0D2F8778-3AE1-4191-9464-E8855992D372}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{BAB8B580-462F-4D8F-98F4-5495AEBBAE1F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{315E049C-2AFC-4704-B202-2793E6E05B9F}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{3C818B8B-D784-4EA3-B1F2-48CCF94FEC19}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe (HP Development Company, L.P.) [Fichier non signé]
FirewallRules: [{8E956FDA-1954-419A-940B-6CE40A59D31B}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe (HP Development Company, L.P.) [Fichier non signé]
FirewallRules: [{C1482F88-7F1B-48F7-8385-478E282A69E8}] => (Allow) C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxMon64.exe (HP Development Company, L.P.) [Fichier non signé]
FirewallRules: [TCP Query User{DD7924AD-7E00-42E1-9729-07BFB8D46F4E}C:\program files (x86)\letsview\letsview\wxmcast.exe] => (Allow) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [UDP Query User{04AA2A46-9129-4B20-A510-21DE5DD0BB81}C:\program files (x86)\letsview\letsview\wxmcast.exe] => (Allow) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{5CF3FFFE-C0A3-413C-BE47-15025334010A}] => (Block) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{08E30078-D062-4D3D-852F-1910419804FF}] => (Block) C:\program files (x86)\letsview\letsview\wxmcast.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [TCP Query User{994FF0B0-165B-47D9-96DE-6E5E24A4864A}K:\send\send anywhere\send anywhere.exe] => (Allow) K:\send\send anywhere\send anywhere.exe (Estmob Inc. -> Estmob Inc.)
FirewallRules: [UDP Query User{C4938530-C0E6-4F80-BCD4-C6F140D0378C}K:\send\send anywhere\send anywhere.exe] => (Allow) K:\send\send anywhere\send anywhere.exe (Estmob Inc. -> Estmob Inc.)
FirewallRules: [{D5687D69-5522-4693-A203-5B8CE2E54C5A}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{F716CB51-6D59-4DD4-8D1B-DE23FB37BA52}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (devolo AG -> devolo AG)
FirewallRules: [{E845EA3E-6E08-4CE4-8870-E768A97443DA}] => (Allow) C:\Program Files (x86)\LetsView\LetsView\LetsView.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{74BF4860-BE1B-4D6B-8C82-2128ABF4D13D}] => (Allow) C:\Program Files (x86)\LetsView\LetsView\LetsView.exe (Apowersoft Ltd -> LetsView)
FirewallRules: [{11C840CC-F8AE-484E-BD43-9DF69F8BFEE0}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{E99F87F3-7EC6-4BB6-BBEE-3CCA26C93E1C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{346CD0AB-38E5-41BB-BDC7-2748760D203F}C:\users\bernard\appdata\local\rustdesk\rustdesk.exe] => (Allow) C:\users\bernard\appdata\local\rustdesk\rustdesk.exe (Zhou Huabing -> com.carriez)
FirewallRules: [UDP Query User{87CFB55C-B89A-4A7A-B1D8-4AF5AD7F4859}C:\users\bernard\appdata\local\rustdesk\rustdesk.exe] => (Allow) C:\users\bernard\appdata\local\rustdesk\rustdesk.exe (Zhou Huabing -> com.carriez)
FirewallRules: [{B23B006F-BA84-4A13-A271-D1876EC5429C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1E7CE36F-5276-4D8F-B37B-EBC4926C0FBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{78305B7F-7525-41D1-9A22-EA6E2AA6EF19}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F3D087D0-656A-4563-A8B9-C5E478829D22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{29D8E014-B0E9-4774-B537-6897D6AEC484}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\121.0.2277.112\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9306522F-D21A-4774-9946-188FCEAAA65B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Points de restauration =========================
27-01-2024 19:54:33 Point de contrôle planifié
05-02-2024 19:24:10 Point de contrôle planifié
14-02-2024 09:00:20 Programme d’installation pour les modules Windows
14-02-2024 09:01:28 Programme d’installation pour les modules Windows
14-02-2024 09:02:16 Programme d’installation pour les modules Windows
==================== Éléments en erreur du Gestionnaire de périphériques ============
Name: Kaspersky Security Data Escort Adapter #2
Description: Kaspersky Security Data Escort Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Kaspersky Security Data Escort Provider
Service: kltap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Erreurs du Journal des événements: ========================
Erreurs Application:
==================
Error: (02/16/2024 05:02:01 PM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: AUTORITE NT)
Description: Windows ne peut pas charger la DLL de compteur extensible « C:\WINDOWS\system32\sysmain.dll » (code d'erreur Win32 126).
Error: (02/16/2024 03:25:30 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (02/16/2024 08:10:46 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/15/2024 04:56:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nom de l’application défaillante HxCalendarAppImm.exe, version : 16.0.14326.21812, horodatage : 0x65bdae46
Nom du module défaillant : hxcomm.dll, version : 16.0.14326.21812, horodatage : 0x65bc5380
Code d’exception : 0x01648363
Décalage d’erreur : 0x00000000001e7c1c
ID du processus défaillant : 0x1e94
Heure de début de l’application défaillante : 0x01da602788592862
Chemin d’accès de l’application défaillante : C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21812.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
Chemin d’accès du module défaillant: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21812.0_x64__8wekyb3d8bbwe\hxcomm.dll
ID de rapport : 73e1729e-386f-4ae3-ab4b-7a4e02a1a6ab
Nom complet du package défaillant : microsoft.windowscommunicationsapps_16005.14326.21812.0_x64__8wekyb3d8bbwe
ID de l’application relative au package défaillant : microsoft.windowslive.calendar
Error: (02/15/2024 03:25:29 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (02/15/2024 08:21:51 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (02/14/2024 03:25:30 PM) (Source: Firefox Default Browser Agent) (EventID: 2) (User: )
Description: Event-ID 2
Error: (02/14/2024 09:27:26 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Erreur du service de cliché instantané des volumes : erreur lors de l’appel de la routine CoCreateInstance. hr = 0x8007045b, Un arrêt système est en cours..
Erreurs système:
=============
Error: (02/16/2024 05:46:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (02/16/2024 05:46:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service Google Update (gupdate).
Error: (02/16/2024 05:44:36 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: L'interface TCP/IP IPv6 avec l'index 11 a échoué dans la liaison à son fournisseur.
Error: (02/16/2024 05:44:36 PM) (Source: Tcpip) (EventID: 4207) (User: )
Description: L'interface TCP/IP IPv4 avec l'index 11 a échoué dans la liaison à son fournisseur.
Error: (02/16/2024 08:06:14 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: L'authentification mutuelle entre la carte locale Bluetooth et un périphérique avec l'adresse de carte Bluetooth (d4:e6:b7:c9:ef:ae) a échoué.
Error: (02/16/2024 08:05:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Le service Service Google Update (gupdate) n’a pas pu démarrer en raison de l’erreur :
Le service n’a pas répondu assez vite à la demande de lancement ou de contrôle.
Error: (02/16/2024 08:05:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Le dépassement de délai (30000 millisecondes) a été atteint lors de l’attente de la connexion du service Service Google Update (gupdate).
Error: (02/16/2024 08:05:47 AM) (Source: BTHUSB) (EventID: 16) (User: )
Description: L'authentification mutuelle entre la carte locale Bluetooth et un périphérique avec l'adresse de carte Bluetooth (d4:e6:b7:c9:ef:ae) a échoué.
Windows Defender:
================
Date: 2024-02-16 19:10:40
Description:
L'apport de modification par I:\Musiques\Download\FRST64.exe à I:\Musiques\Download\ a été bloqué par l'Accès contrôlé aux dossiers.
Heure de la détection : 2024-02-16T18:10:40.669Z
Utilisateur : DESKTOP-P6OR2RT\bernard
Chemin d'accès : I:\Musiques\Download\
Nom du processus : I:\Musiques\Download\FRST64.exe
Version de la veille de sécurité : 1.405.74.0
Version du moteur : 1.1.24010.10
Version du produit : 4.18.23110.3
Date: 2024-02-16 17:19:41
Description:
L'accès contrôlé aux dossiers a empêché C:\Users\bernard\AppData\Local\Temp\udiag\SIV32X.exe de modifier la mémoire.
Heure de détection : 2024-02-16T16:19:41.583Z
Utilisateur : DESKTOP-P6OR2RT\bernard
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Users\bernard\AppData\Local\Temp\udiag\SIV32X.exe
Version de la veille de sécurité : 1.405.58.0
Version du moteur : 1.1.24010.10
Version du produit : 4.18.23110.3
Date: 2024-02-16 17:19:30
Description:
L'accès contrôlé aux dossiers a empêché C:\Users\bernard\AppData\Local\Temp\udiag\DiskInfo32.exe de modifier la mémoire.
Heure de détection : 2024-02-16T16:19:30.435Z
Utilisateur : DESKTOP-P6OR2RT\bernard
Chemin d'accès : \Device\Harddisk0\DR0
Nom du processus : C:\Users\bernard\AppData\Local\Temp\udiag\DiskInfo32.exe
Version de la veille de sécurité : 1.405.58.0
Version du moteur : 1.1.24010.10
Version du produit : 4.18.23110.3
Date: 2024-02-16 11:43:12
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Vigorf.A&threatid=2147714384&enterprise=0
Nom : Trojan:Win32/Vigorf.A
ID : 2147714384
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_K:\Privacy\W10Privacy 5.1.0.0 Setup.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-P6OR2RT\bernard
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.405.58.0, AS: 1.405.58.0, NIS: 1.405.58.0
Version du moteur : AM: 1.1.24010.10, NIS: 1.1.24010.10
Date: 2024-02-16 11:42:21
Description:
Antivirus Microsoft Defender a détecté un logiciel malveillant ou potentiellement indésirable.
Pour plus d’informations, reportez-vous aux éléments suivants :
https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Vigorf.A&threatid=2147714384&enterprise=0
Nom : Trojan:Win32/Vigorf.A
ID : 2147714384
Gravité : Grave
Catégorie : Cheval de Troie
Chemin : file:_K:\Privacy\W10Privacy 5.1.0.0 Setup.exe
Origine de la détection : Ordinateur local
Type de détection : Chemin rapide
Source de détection : Protection en temps réel
Utilisateur : DESKTOP-P6OR2RT\bernard
Nom du processus : C:\Windows\explorer.exe
Version de la veille de sécurité : AV: 1.405.58.0, AS: 1.405.58.0, NIS: 1.405.58.0
Version du moteur : AM: 1.1.24010.10, NIS: 1.1.24010.10
Event[0]:
Date: 2023-05-22 11:14:19
Description:
Antivirus Microsoft Defender a rencontré une erreur lors de la mise à jour de la veille de sécurité.
Nouvelle version de la veille de sécurité :
Version précédente de la veille de sécurité : 1.389.2084.0
Source de mise à jour : Serveur Microsoft Update
Type de veille de sécurité : Anti-virus
Type de mise à jour : Complet
Utilisateur : AUTORITE NT\Système
Version actuelle du moteur :
Version précédente du moteur : 1.1.20300.3
Code d’erreur : 0x80240438
Description de l’erreur : Un problème inattendu s’est produit lors de la vérification des mises à jour. Pour plus d’informations sur l’installation ou la résolution des problèmes de mise à jour, voir Aide et support.
CodeIntegrity:
===============
Date: 2023-12-05 10:28:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.23100.2009-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Infos Mémoire ===========================
BIOS: American Megatrends Inc. FD 02/26/2016
Carte mère: Gigabyte Technology Co., Ltd. 970A-DS3P
Processeur: AMD FX(tm)-8300 Eight-Core Processor
Pourcentage de mémoire utilisée: 50%
Mémoire physique - RAM - totale: 8149.85 MB
Mémoire physique - RAM - disponible: 4074.92 MB
Mémoire virtuelle totale: 25941.85 MB
Mémoire virtuelle disponible: 20813.22 MB
==================== Lecteurs ================================
Drive c: () (Fixed) (Total:222.53 GB) (Free:135.19 GB) (Model: SanDisk SDSSDA240G) NTFS
Drive i: (SAVE) (Fixed) (Total:488.28 GB) (Free:316.71 GB) (Model: ST2000DM006-2DM164) NTFS
Drive j: (Médias) (Fixed) (Total:488.28 GB) (Free:370.56 GB) (Model: ST2000DM006-2DM164) NTFS
Drive k: (Softs) (Fixed) (Total:488.28 GB) (Free:477.96 GB) (Model: ST2000DM006-2DM164) NTFS
Drive l: (Divers) (Fixed) (Total:398.17 GB) (Free:362.32 GB) (Model: ST2000DM006-2DM164) NTFS
Drive m: (Ex Saves) (Fixed) (Total:297.1 GB) (Free:233.4 GB) (Model: MAXTOR STM3320613AS) NTFS
Drive n: (Sup) (Fixed) (Total:0.98 GB) (Free:0.56 GB) (Model: MAXTOR STM3320613AS) NTFS
\\?\Volume{0b1d076c-9c6d-4f1d-8c28-84ed4fbcb439}\ () (Fixed) (Total:0.44 GB) (Free:0.43 GB) NTFS
\\?\Volume{eb1e31b7-ed53-41cf-945c-8dd9514005d2}\ () (Fixed) (Total:0.49 GB) (Free:0.05 GB) NTFS
\\?\Volume{2d4ee7bf-02a2-4988-8707-3c5782c141dc}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Table des partitions ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 1863 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 2 (Size: 298.1 GB) (Disk ID: 26DEDBF4)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0F Extended)
==================== Fin de Addition.txt =======================
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16.02.2024
Exécuté par bernard (administrateur) sur DESKTOP-P6OR2RT (16-02-2024 19:12:12)
Exécuté depuis I:\Musiques\Download\FRST64.exe
Profils chargés: bernard
Plate-forme: Microsoft Windows 10 Famille Version 22H2 19045.4046 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(explorer.exe ->) (HP Development Company, L.P.) [Fichier non signé] C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(services.exe ->) (Apowersoft Ltd -> ) C:\Program Files (x86)\LetsView\LetsView\WXCastService.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Brio) [Fichier non signé] K:\Size\FolderSizeSvc.exe
(services.exe ->) (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(services.exe ->) (devolo AG -> devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) C:\Program Files\NordUpdater\NordUpdateService.exe
(services.exe ->) (nordvpn s.a. -> nordvpn S.A.) K:\NordVPN\nordvpn-service.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvmdig.inf_amd64_a3a35b9b20ddd8f1\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\SecUPDUtilSvc.exe
(services.exe ->) (Samsung Electronics CO., LTD. -> ) C:\Windows\SysWOW64\spdsvc.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.0.2.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21830.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.21830.0_x64__8wekyb3d8bbwe\HxTsr.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealthHost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(svchost.exe ->) (Orange -> Orange) C:\Users\bernard\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-08-10] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher [1856888 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Run: [STUISpeedLauncher] => C:\Program Files\Samsung\Stylish UI Pack\TouchBasedUI.exe [411136 2015-02-09] () [Fichier non signé]
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Run: [MicrosoftEdgeAutoLaunch_E818CB28145050EDAD2CEDAC5B63A4AC] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3788856 2024-02-08] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123171344 2023-12-13] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-105964804-4182024700-1347609302-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKLM\...\Windows x64\Print Processors\Samsung Network PC Fax Print Processor: C:\Windows\System32\spool\prtprocs\x64\NetFaxProc64.dll [146944 2021-04-14] (HP Development Company, L.P.) [Fichier non signé]
HKLM\...\Windows x64\Print Processors\ssm4mPC: C:\Windows\System32\spool\prtprocs\x64\ssm4mpc.dll [52088 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us00aPC: C:\Windows\System32\spool\prtprocs\x64\us00apc.dll [43520 2015-08-20] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Windows x64\Print Processors\us015PC: C:\Windows\System32\spool\prtprocs\x64\us015pc.dll [52088 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
HKLM\...\Print\Monitors\Samsung Network PC Fax Port: C:\Windows\system32\NetFaxPort64.dll [586240 2021-04-14] (HP Development Company, L.P.) [Fichier non signé]
HKLM\...\Print\Monitors\ssm4m Langmon: C:\Windows\system32\ssm4mlm.dll [31096 2019-06-20] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us00a Langmon: C:\Windows\system32\us00alm.dll [22528 2015-03-12] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\us015 Langmon: C:\Windows\system32\us015lm.dll [31096 2019-08-26] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\...\AppCompatFlags\Custom\S4Editor.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\Custom\S4_Main.exe: [{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb] -> GOG.com The Settlers 4 GOLD
HKLM\Software\...\AppCompatFlags\InstalledSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}: [DatabasePath] -> C:\WINDOWS\AppPatch\CustomSDB\{ff2cad6c-eb68-4e98-88d7-49887440affb}.sdb [2013-07-16]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\121.0.6167.185\Installer\chrmstp.exe [2024-02-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy-Firefox-x32: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {F4FEC33F-1A91-4323-8FA6-9E234DAD7AF0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2144664 2023-08-02] (Avast Software s.r.o. -> Avast Software)
Task: {69B8E710-3D81-4442-BDF8-424C249311C6} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [752384 2021-02-25] (HP Inc. -> )
Task: {BFC444C8-AA17-42EB-AEE8-3BDFE8EE135F} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem123.0.6288.0{9720228C-BA19-493D-9C8C-0CE75053FB7D} => C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
Task: {BD0DF316-FBE9-40E1-9F42-27B8F5009673} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {70FC1156-4382-4D59-A9B1-A4D372C88A37} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => K:\Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BACD54D6-5D69-4C5F-88B9-EB1928207BA1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => K:\Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0EF8F41-BDFC-4E5A-88B4-6C56A7B87315} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\bernard\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe [1967856 2022-08-17] (Orange -> Orange)
Task: {5382E12A-583B-45D6-8713-7B4443BF6A3C} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Install => C:\Program Files (x86)\Orange Update\install.bat [0 2019-09-18] () <==== ATTENTION [zéro octet Fichier/Dossier] <==== ATTENTION
Task: {A7329384-1F5B-4D96-BF0E-483D3F48BA7F} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(1): Net -> stop "Orange Update Core Service"
Task: {A7329384-1F5B-4D96-BF0E-483D3F48BA7F} - System32\Tasks\Microsoft\Windows\OrangeUpdate_Launch => Command(2): Net -> start "Orange Update Core Service"
Task: {07092E3F-E181-4AB4-8F1C-13308D300D85} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9379E119-8702-43C4-92CF-FA2013774CDE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {43C23063-A990-4D31-83E1-9443FE4256FE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3820C14F-CEA9-4EC7-8EEA-552F1DB465D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MpCmdRun.exe [1608808 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83AA1AFA-E4BE-4B50-9C74-D4FFE7B49EA2} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [34720 2024-02-07] (Mozilla Corporation -> Mozilla Foundation)
Task: {8607BC13-4CE4-4739-814F-C724480D12B3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {F2825607-1891-4522-9ACB-ED39ECFC850C} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0F0BE283-C717-4745-9D0A-C6100C2E1058} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {0E86646B-722A-41A7-A755-12C13343EECA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {AF16CB0F-814A-4502-ABD1-635C04204E34} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [910888 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4258E2D0-0C5A-49B9-BEEE-B2426F9E8F61} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D3C3D77C-112E-46BB-A638-47CE69ADA3CC} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1C5C24BC-7D5E-4060-A6B3-EC06D21E0867} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65922E4F-D931-4399-BBCD-E69D65D4844A} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6862be39-0f4a-46e1-99ed-e2a5e6a5cb66}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{d69428f3-52dd-4149-ae7c-4a9fe3cb4d7b}: [NameServer] 1.1.1.1,1.0.0.1
Tcpip\..\Interfaces\{d69428f3-52dd-4149-ae7c-4a9fe3cb4d7b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d69428f3-52dd-4149-ae7c-4a9fe3cb4d7b}: [DhcpDomain] home
Edge:
=======
Edge Profile: C:\Users\bernard\AppData\Local\Microsoft\Edge\User Data\Default [2024-02-16]
Edge DownloadDir: Default -> I:\Download
Edge Notifications: Default -> hxxps://my-notification-fe249.web.app; hxxps://www.futura-sciences.com
Edge Extension: (Netflix Bilingual Subtitles) - C:\Users\bernard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\dkfioidkakpcnickhflecgbcpaecialb [2024-02-09]
Edge Extension: (Google Docs hors connexion) - C:\Users\bernard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-22]
Edge Extension: (Edge relevant text changes) - C:\Users\bernard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-31]
Edge Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\bernard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-02-01]
Edge Extension: (uBlock Origin) - C:\Users\bernard\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2024-01-04]
Edge HKU\S-1-5-21-105964804-4182024700-1347609302-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: 92zz98sf.default
FF ProfilePath: C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default [2024-02-16]
FF DownloadDir: I:\Download
FF Homepage: Mozilla\Firefox\Profiles\92zz98sf.default -> hxxps://r.orange.fr/r/Oodc_oi_promoHP
FF NetworkProxy: Mozilla\Firefox\Profiles\92zz98sf.default -> type", 0
FF Notifications: Mozilla\Firefox\Profiles\92zz98sf.default -> hxxps://forum.kaspersky.com; hxxp://forum.frandroid.com; hxxps://web.whatsapp.com; hxxps://forum.k9mail.app
FF Extension: (Firefox DevTools ADB Extension) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\adb@mozilla.org.xpi [2019-03-21] [UpdateUrl:hxxps://ftp.mozilla.org/pub/labs/devtools/adb-extension/win32/update.json]
FF Extension: (AutoCopy) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\autocopy@mozilla.org.xpi [2022-02-09]
FF Extension: (Enhancer for YouTube™) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi [2024-02-08]
FF Extension: (ProxTube) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\ich@maltegoetz.de.xpi [2021-05-14]
FF Extension: (To Google Translate) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-11-24]
FF Extension: (Substital: Ajoutez des sous-titres aux vidéos) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\jid1-Cn7LiNrWh4k6RA@jetpack.xpi [2024-01-22]
FF Extension: (Print Edit WE) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\printedit-we@DW-dev.xpi [2023-08-01]
FF Extension: (Gestionnaire de téléchargements (S3)) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\s3download@statusbar.xpi [2019-12-19]
FF Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2023-06-22]
FF Extension: (Cute cats 1) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{1c534141-5653-408a-8661-0c2ac96bb64e}.xpi [2019-05-14]
FF Extension: (Video Speed Controller) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2023-11-06]
FF Extension: (bbCodeWebex) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{7e19f8dd-0cf6-498a-8072-bae5b2db65e5}.xpi [2023-09-17]
FF Extension: (Animated Cat - It moves) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{927507e8-a190-410a-9416-8b0045ae6c46}.xpi [2019-05-13]
FF Extension: (Absolute Right Click) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{9350bc42-47fb-4598-ae0f-825e3dd9ceba}.xpi [2022-11-06]
FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2023-12-04]
FF Extension: (WX Download Status Bar) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{a1c84bb7-d5fc-4906-90b4-965e520b29bf}.xpi [2021-02-04]
FF Extension: (Video DownloadHelper) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2024-02-16]
FF Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2024-01-27]
FF Extension: (DownThemAll!) - C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\92zz98sf.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2024-02-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> K:\Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> K:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> K:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> K:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> K:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> K:\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2021-04-26] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> K:\picasa\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> K:\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> K:\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> K:\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.14 -> K:\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> K:\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> K:\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> K:\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-11-20] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-11-20] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default [2024-02-15]
CHR HomePage: Default -> orange.fr
CHR StartupUrls: Default -> "hxxp://www.orange.fr/"
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2024-02-08]
CHR Extension: (PagesJaunes) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiebajnnakcjkedcfamhdfgckcbnhke [2017-04-26]
CHR Extension: (Super Video Speed Controller) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\chnccghejnflbccphgkncbmllhfljdfa [2023-11-06]
CHR Extension: (SearchBar) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjefgkhmchopegjeicnblodnidbammed [2023-10-20]
CHR Extension: (Google Docs hors connexion) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-01-09]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2024-01-09]
CHR Extension: (Super Netflix) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\iakpdiefpdniabbekcbofaanjcpjkloe [2022-06-01]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2024-02-01]
CHR Extension: (Orange page d'accueil) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2024-01-09]
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Guest Profile [2023-02-14]
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Profile 1 [2024-02-02]
CHR HomePage: Profile 1 -> orange.fr
CHR Extension: (Google Docs hors connexion) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-09-08]
CHR Extension: (Avast Online Security & Privacy) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2023-09-08]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-11]
CHR Extension: (Orange page d'accueil) - C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\onghofjobpgcdeeifjfbcfepkchnenoh [2023-09-08]
CHR Profile: C:\Users\bernard\AppData\Local\Google\Chrome\User Data\System Profile [2023-12-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [onghofjobpgcdeeifjfbcfepkchnenoh]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S4 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\avp.exe [184768 2021-06-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [122728 2017-09-04] (CHENGDU AOMEI Tech Co., Ltd. -> AOMEI Tech Co., Ltd.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [5751024 2022-03-30] (devolo AG -> devolo AG)
R2 FolderSize; K:\Size\FolderSizeSvc.exe [114688 2013-02-12] (Brio) [Fichier non signé]
S4 FoxitReaderUpdateService; K:\FOXIT READER\FoxitReaderUpdateService.exe [2356800 2021-04-20] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
S2 GoogleUpdaterInternalService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
S2 GoogleUpdaterService123.0.6288.0; C:\Program Files (x86)\Google\GoogleUpdater\123.0.6288.0\updater.exe [4682528 2024-02-08] (Google LLC -> Google LLC) <==== ATTENTION
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 LetsViewService; C:\Program Files (x86)\LetsView\LetsView\usbmmidd_v2\..\WXCastService.exe [400448 ] (Apowersoft Ltd -> )
S4 NetBalancerService; K:\NetBalancer\SeriousBit.NetBalancer.Service.exe [197864 2023-02-08] (SeriousBit Srl -> SeriousBit)
S3 nordsec-threatprotection-service; K:\NordVPN\NordSec ThreatProtection\nordsec-threatprotection-service.exe [320088 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NordUpdaterService; C:\Program Files\NordUpdater\NordUpdateService.exe [297848 2022-11-21] (nordvpn s.a. -> nordvpn S.A.)
R2 nordvpn-service; K:\NordVPN\nordvpn-service.exe [263256 2023-09-25] (nordvpn s.a. -> nordvpn S.A.)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvmdig.inf_amd64_a3a35b9b20ddd8f1\Display.NvContainer\NVDisplay.Container.exe [1275440 2024-01-18] (NVIDIA Corporation -> NVIDIA Corporation)
S4 Orange Update Core Service; C:\Program Files (x86)\Orange Update\OUService.exe [167168 2019-09-18] (Orange -> Orange) [Fichier non signé]
S4 Samsung Network Fax Server; C:\WINDOWS\system32\spool\drivers\x64\3\NetFaxServer64.exe [700928 2021-04-14] (HP Development Company, L.P.) [Fichier non signé]
R2 Samsung Printer Dianostics Service; C:\Windows\SysWOW64\spdsvc.exe [507184 2017-08-31] (Samsung Electronics CO., LTD. -> )
R2 SamsungUPDUtilSvc; C:\Windows\SysWOW64\SecUPDUtilSvc.exe [143664 2018-10-03] (Samsung Electronics CO., LTD. -> )
S3 SystemExplorerHelpService; K:\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Miroslav Topolar -> Mister Group)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\NisSrv.exe [3174840 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.23110.3-0\MsMpEng.exe [133592 2023-12-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 WsAppService3; C:\Program Files (x86)\Wondershare\WAF3\3.0.0.308\WsAppService3.exe [83232 2019-07-09] (Wondershare Technology Co.,Ltd -> Wondershare)
S4 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [X] <==== ATTENTION
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2015-02-25] (Aomei Technology Co., Limited -> ) [Fichier non signé]
S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] (ChengDu AoMei Tech Co., Ltd -> ) [Fichier non signé]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-02-25] (Aomei Technology Co., Limited -> ) [Fichier non signé]
S3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [244832 2022-11-23] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 nbdrv; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [42128 2021-07-15] (SeriousBit Srl -> SeriousBit)
R2 NDivert; K:\NordVPN\7.18.6.0\Drivers\NDivert.sys [131472 2023-08-04] (nordvpn s.a. -> Nordvpn S.A.)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R2 NPF_devolo; C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys [36496 2022-01-17] (devolo AG -> Riverbed Technology, Inc.)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2022-07-14] (Nvidia Corporation -> NVIDIA Corporation)
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [27440 2022-04-15] () [Fichier non signé]
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [202248 2023-08-14] (Microsoft Windows Hardware Compatibility Publisher -> Ray Hinchliffe)
R2 SSPORT; C:\WINDOWS\system32\Drivers\SSPORT.sys [14224 2021-04-01] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
S3 tapprotonvpn; C:\WINDOWS\System32\drivers\tapprotonvpn.sys [49024 2022-04-01] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [55856 2023-12-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [594304 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105856 2023-12-06] (Microsoft Windows -> Microsoft Corporation)
S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2022-05-30] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2023-02-27] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC)
S3 dg_ssudbus; \SystemRoot\system32\DRIVERS\ssudbus.sys [X]
S1 nordlwf; \SystemRoot\system32\DRIVERS\nordlwf.sys [X]
S3 ssudmdm; \SystemRoot\system32\DRIVERS\ssudmdm.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-02-16 19:10 - 2024-02-16 19:11 - 000000000 ____D C:\FRST
2024-02-14 12:54 - 2024-02-14 12:48 - 000331238 _____ C:\Users\bernard\Desktop\Stop and start.pdf
2024-02-14 09:13 - 2024-02-14 09:13 - 000019697 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-02-14 09:13 - 2024-02-14 09:13 - 000019697 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-02-14 09:01 - 2024-02-14 09:01 - 000000000 ___HD C:\$WinREAgent
2024-02-07 18:42 - 2024-02-08 00:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2024-02-05 15:48 - 2024-02-05 15:48 - 000000000 ____D C:\Users\bernard\AppData\LocalLow\NVIDIA
2024-02-05 15:42 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2024-02-05 15:42 - 2024-01-18 21:14 - 002095480 _____ C:\WINDOWS\system32\vulkaninfo.exe
2024-02-05 15:42 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-02-05 15:42 - 2024-01-18 21:14 - 001655568 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2024-02-05 15:42 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2024-02-05 15:42 - 2024-01-18 21:14 - 001434488 _____ C:\WINDOWS\system32\vulkan-1.dll
2024-02-05 15:42 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2024-02-05 15:42 - 2024-01-18 21:14 - 001278840 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2024-02-05 15:42 - 2024-01-18 21:13 - 001487496 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2024-02-05 15:42 - 2024-01-18 21:13 - 001226888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2024-02-05 15:42 - 2024-01-18 21:09 - 001040408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2024-02-05 15:42 - 2024-01-18 21:09 - 000670360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll
2024-02-05 15:42 - 2024-01-18 21:09 - 000506008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll
2024-02-05 15:42 - 2024-01-18 21:08 - 001542192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2024-02-05 15:42 - 2024-01-18 21:08 - 001199128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2024-02-05 15:42 - 2024-01-18 21:08 - 000841864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2024-02-05 15:42 - 2024-01-18 21:07 - 002174104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2024-02-05 15:42 - 2024-01-18 21:07 - 001625648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2024-02-05 15:42 - 2024-01-18 21:07 - 001023512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2024-02-05 15:42 - 2024-01-18 21:07 - 000786968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2024-02-05 15:42 - 2024-01-18 21:06 - 016032904 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2024-02-05 15:42 - 2024-01-18 21:06 - 012928136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2024-02-05 15:42 - 2024-01-18 21:06 - 006780976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2024-02-05 15:42 - 2024-01-18 21:06 - 005772936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll
2024-02-05 15:42 - 2024-01-18 21:06 - 003721352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2024-02-05 15:42 - 2024-01-18 21:06 - 000459928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2024-02-05 15:42 - 2024-01-18 21:05 - 005907480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2024-02-05 15:42 - 2024-01-18 21:05 - 000853016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2024-02-05 15:42 - 2024-01-18 21:03 - 006030576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2024-02-05 15:42 - 2024-01-18 12:32 - 000120271 _____ C:\WINDOWS\system32\nvinfo.pb
2024-01-19 11:09 - 2024-01-19 11:09 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2024-02-16 19:04 - 2022-02-08 19:00 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-02-16 19:03 - 2020-10-30 18:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-02-16 18:58 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-02-16 17:50 - 2020-10-30 18:51 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-02-16 17:50 - 2019-12-07 15:49 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2024-02-16 17:50 - 2019-12-07 15:49 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2024-02-16 17:50 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2024-02-16 17:44 - 2017-12-05 09:29 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2024-02-16 17:44 - 2017-04-26 19:03 - 000000082 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2024-02-16 17:44 - 2017-04-26 10:53 - 000000000 ____D C:\ProgramData\NVIDIA
2024-02-16 17:43 - 2020-10-30 18:54 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-02-16 17:43 - 2020-10-30 18:41 - 000008192 ___SH C:\DumpStack.log.tmp
2024-02-16 17:43 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-02-16 12:51 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2024-02-16 12:51 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-02-16 12:51 - 2017-10-18 12:46 - 000000000 ____D C:\Users\bernard\AppData\Local\Packages
2024-02-16 10:11 - 2018-07-18 14:12 - 000000000 ____D C:\ProgramData\Packages
2024-02-16 10:10 - 2017-10-18 12:53 - 000000000 ____D C:\Users\bernard\AppData\Local\PlaceholderTileLogoFolder
2024-02-16 08:06 - 2021-12-15 07:56 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-02-16 08:05 - 2017-04-26 12:40 - 000002522 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-02-15 18:15 - 2022-05-30 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordSec
2024-02-15 16:56 - 2017-04-27 09:00 - 000000000 ____D C:\Users\bernard\AppData\Local\CrashDumps
2024-02-15 08:14 - 2019-12-07 10:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2024-02-14 12:37 - 2017-04-26 17:40 - 000000000 ____D C:\Users\bernard\AppData\Roaming\Microsoft\Word
2024-02-14 09:28 - 2020-10-30 18:41 - 000439152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\setup
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-02-14 09:26 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-02-14 09:17 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-02-14 09:12 - 2020-10-30 18:43 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-02-14 08:52 - 2017-04-26 12:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-02-14 08:40 - 2017-04-26 12:44 - 191155960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-02-12 00:55 - 2022-05-30 16:38 - 000000000 ____D C:\Users\bernard\AppData\Local\NordVPN
2024-02-10 17:21 - 2017-04-26 17:40 - 000000000 ____D C:\Users\bernard\AppData\Roaming\Microsoft\Office
2024-02-10 17:12 - 2017-05-16 12:02 - 000000000 ____D C:\Users\bernard\AppData\Roaming\Microsoft\Excel
2024-02-10 10:44 - 2020-07-20 07:26 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-02-08 15:19 - 2017-04-26 12:56 - 000000000 ____D C:\Users\bernard\AppData\Roaming\Samsung
2024-02-08 14:00 - 2017-04-26 14:00 - 000000000 ____D C:\ProgramData\boost_interprocess
2024-02-08 00:43 - 2017-04-26 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-02-07 18:44 - 2017-04-26 14:53 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-02-05 15:49 - 2020-10-30 18:54 - 000004308 _____ C:\WINDOWS\system32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:49 - 2020-10-30 18:54 - 000003976 _____ C:\WINDOWS\system32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:49 - 2020-10-30 18:54 - 000003940 _____ C:\WINDOWS\system32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:49 - 2020-10-30 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:49 - 2020-10-30 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:49 - 2020-10-30 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:49 - 2020-10-30 18:54 - 000003858 _____ C:\WINDOWS\system32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:49 - 2017-04-26 14:29 - 000000000 ____D C:\Users\bernard\AppData\Local\NVIDIA
2024-02-05 15:49 - 2017-04-26 14:24 - 000000000 ____D C:\NVIDIA
2024-02-05 15:49 - 2017-04-26 10:53 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2024-02-05 15:49 - 2017-04-26 10:53 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2024-02-05 15:49 - 2017-04-26 10:53 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2024-02-05 15:48 - 2020-10-30 18:54 - 000003894 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:48 - 2020-10-30 18:54 - 000003654 _____ C:\WINDOWS\system32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2024-02-05 15:48 - 2018-10-05 18:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2024-01-31 21:36 - 2020-10-30 18:54 - 000003690 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-01-31 21:36 - 2020-10-30 18:54 - 000003566 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-01-28 11:35 - 2017-04-29 10:36 - 000000000 ____D C:\Users\bernard\AppData\Local\ElevatedDiagnostics
2024-01-26 23:44 - 2020-03-24 10:50 - 000000000 ____D C:\Users\bernard\AppData\Roaming\Microsoft\Skype for Desktop
2024-01-24 19:56 - 2017-12-26 19:57 - 000000000 ____D C:\Users\bernard\AppData\Roaming\ZHP
2024-01-24 17:56 - 2017-04-26 10:04 - 000000000 ___SD C:\Users\bernard\AppData\Roaming\Microsoft\Credentials
2024-01-23 00:58 - 2022-09-05 11:08 - 000000000 ____D C:\Users\bernard\AppData\Roaming\Send Anywhere
2024-01-19 11:09 - 2017-04-26 12:40 - 000000000 ____D C:\Program Files (x86)\Google
2024-01-18 21:03 - 2020-10-08 06:48 - 006942912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2024-01-18 12:32 - 2021-06-12 15:24 - 000086568 _____ C:\WINDOWS\system32\FvSDK_x64.dll
2024-01-18 12:32 - 2021-06-12 15:24 - 000075304 _____ C:\WINDOWS\SysWOW64\FvSDK_x86.dll
2024-01-18 12:32 - 2020-10-08 06:48 - 000121880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2024-01-18 12:32 - 2020-03-13 09:14 - 002905128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2024-01-18 12:32 - 2020-03-13 09:14 - 002235944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2024-01-18 12:32 - 2020-03-13 09:14 - 001296936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2024-01-18 12:32 - 2020-03-13 09:14 - 000170040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2024-01-18 12:32 - 2020-03-13 09:14 - 000149048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2024-01-18 12:32 - 2020-03-13 09:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
==================== Fichiers à la racine de certains dossiers ========
2022-12-12 16:44 - 2022-12-12 16:44 - 000000128 ____H () C:\Users\bernard\AppData\Roaming\ecf00c38dc807e105d881c433a6b455dd2c606b6
2020-02-29 17:29 - 2020-02-29 17:29 - 000282894 _____ () C:\Users\bernard\AppData\Roaming\tax_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-11-04 08:22 - 2019-11-04 08:23 - 000000600 _____ () C:\Users\bernard\AppData\Local\PUTTY.RND
2018-03-24 11:26 - 2018-03-24 11:26 - 000000730 _____ () C:\Users\bernard\AppData\Local\recently-used.xbel
2017-04-26 12:51 - 2020-11-01 06:42 - 000007611 _____ () C:\Users\bernard\AppData\Local\resmon.resmoncfg
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================