Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21-06-2025 Exécuté par bidul (administrateur) sur BIDULMANIAK-PC (ASUS System Product Name) (21-06-2025 19:15:57) Exécuté depuis C:\Users\bidul\Desktop\FRST64.exe Profils chargés: bidul & WsiAccount Plate-forme: Microsoft Windows 11 Professionnel Version 24H2 26100.4351 (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2> (C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\FuncRun.exe (C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe (C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe (C:\Program Files\DefenderUI\DefenderUIService.exe ->) (VoodooSoft, LLC -> VoodooSoft, LLC) C:\Program Files\DefenderUI\DefenderUI.exe (C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe (C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe (C:\Program Files\Logitech Gaming Software\LCore.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech Gaming Software\LAClient\laclient.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\CEF\NVIDIA Overlay.exe <5> (C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA app\ShadowPlay\nvsphelper64.exe (explorer.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (services.exe ->) (Ascensio System SIA -> Ascensio System SIA) C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe (services.exe ->) (Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (services.exe ->) (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_af50fdb80983f7bc\jhi_service.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_5aab0cb93cd60e87\RstMwService.exe (services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe (services.exe ->) (Logitech Inc -> Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe (services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <4> (services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0ce7c82068b0dff7\Display.NvContainer\NVDisplay.Container.exe <2> (services.exe ->) (Reason Software Company Inc. -> Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe (services.exe ->) (VoodooSoft, LLC -> VoodooSoft, LLC) C:\Program Files\DefenderUI\DefenderUIService.exe (svchost.exe ->) (ADLICE -> ) C:\Program Files\UCheck\UCheck64.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4> (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe (svchost.exe ->) (Tweaking LLC -> Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18725336 2022-05-12] (Logitech Inc -> Logitech Inc.) HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKU\S-1-5-21-1794391155-712591620-8018336-1001\...\Run: [Proton VPN] => C:\Program Files\Proton\VPN\ProtonVPN.Launcher.exe [18793304 2025-06-13] (Proton AG -> ProtonVPN) HKU\S-1-5-21-1794391155-712591620-8018336-1001\...\Run: [MicrosoftEdgeAutoLaunch_E02D3B20C103F6ACDB33C8A7E04F3079] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4141624 2025-06-19] (Microsoft Corporation -> Microsoft Corporation) HKLM\...\Windows x64\Print Processors\Canon TR4500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEU.DLL [506368 2023-06-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR4500 series: C:\WINDOWS\system32\CNCALEU.DLL [254464 2018-03-22] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\...\Print\Monitors\Canon BJ Language Monitor TR4500 series: C:\WINDOWS\system32\CNMLMEU.DLL [1326080 2023-06-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.) HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\137.0.7151.120\Installer\chrmstp.exe [2025-06-18] (Google LLC -> Google LLC) HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\137.1.79.126\Installer\chrmstp.exe [2025-06-18] (Brave Software, Inc. -> Brave Software, Inc.) GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {D9162CD4-5953-4359-936E-95B639F90508} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.) Task: {DD6404BF-1719-4358-BAA5-9829BC508EEE} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{84E64A33-8E74-494D-9EE3-2303638C59B1} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-02-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {78975115-1FBF-4542-BB30-C82F586DFE99} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{861B4858-9C0E-4FAB-B0C5-89CF01C7D3A4} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-02-07] (Brave Software, Inc. -> BraveSoftware Inc.) Task: {C9D8D432-7A91-4808-AA50-61EC02B58101} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{D4BBEA66-A7AC-4810-AF4C-641040E6719E} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [6070368 2025-05-22] (Google LLC -> Google LLC) Task: {C3562FFF-F146-4E57-B121-57E17D8A02D8} - System32\Tasks\IObit ET2025Sale (One-time) => "C:\Program Files (x86)\IObit\Driver Booster\Pub\etml.exe" -> C:\Program Files (x86)\IObit\Driver Booster\Pub\\/rpop Task: {CC5B2B37-F07C-489E-8E11-CC51B061FF2D} - System32\Tasks\Microsoft\Windows\Hotpatch\Monitoring => C:\WINDOWS\system32\cmd.exe [376832 2025-06-16] (Microsoft Windows -> Microsoft Corporation) -> /d /c %systemroot%\system32\hpatchmonTask.cmd Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (Pas de fichier) Task: {BFB2C651-AEA4-4596-A913-4C2B71D64BEA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {F783FA7A-6852-4717-B01B-77A77670A1DF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {E15E8CF2-832D-422D-8814-C6BAE7D0BD5D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {040A21A6-A2B2-49F8-BFF2-39BBDC79F466} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) Task: {B073D176-C2D1-47D9-A790-6B6162FF09EA} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34880 2025-06-16] (Mozilla Corporation -> Mozilla Foundation) Task: {58F50923-5D6F-4306-A1B2-6CA0DAE4B4D1} - System32\Tasks\NVIDIA App SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA App\CEF\NVIDIA App.exe [3275808 2025-05-06] (NVIDIA Corporation -> NVIDIA Corporation) Task: {7A11AC42-1879-4CC7-8D89-0009BABAD3D1} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-1794391155-712591620-8018336-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe /reporting (Pas de fichier) <==== ATTENTION Task: {354E3D4B-618A-47DE-AB5C-B483CEF929E5} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1794391155-712591620-8018336-1003 => %localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (Pas de fichier) <==== ATTENTION Task: {5EB14A53-D9F9-4CB8-8F97-EA44C886F9CC} - System32\Tasks\Opera scheduled assistant Autoupdate 1750097490 => C:\Users\bidul\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6072792 2025-06-17] (Opera Norway AS -> Opera Software) -> --scheduledtask --productiscomponent --bypasslauncher --installdir="C:\Users\bidul\AppData\Local\Programs\Opera\assistant" --producttype=assistant $(Arg0) Task: {E34F1128-23DD-4007-A1B7-062A57F3708E} - System32\Tasks\Opera scheduled Autoupdate 1750097487 => C:\Users\bidul\AppData\Local\Programs\Opera\autoupdate\opera_autoupdate.exe [6072792 2025-06-17] (Opera Norway AS -> Opera Software) Task: {1D71A410-CC3B-47C2-A401-52AB3DD1267D} - System32\Tasks\PrivaZer_SkipUAC => C:\Program Files (x86)\PrivaZer\PrivaZer.exe [35109464 2025-06-16] (Goversoft LLC -> Goversoft LLC) -> C:\Program Files (x86)\PrivaZer\\$(Arg0) Task: {EA799737-3C16-4D65-A2C9-B38AF2FEB795} - System32\Tasks\Remove AdwCleaner Application => C:\WINDOWS\system32\CMD.EXE [376832 2025-06-16] (Microsoft Windows -> Microsoft Corporation) -> /C DEL /F /Q "E:\0A LOGICIELS 2025\adwcleaner.exe" Task: {3606F91B-D25C-468D-937F-CBBB574A9A88} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [220816 2019-09-30] (Tweaking LLC -> Tweaking.com) Task: {A77B5947-385D-4040-8C47-3C83DAEAAB6D} - System32\Tasks\UCheck => C:\Program Files\UCheck\UCheck64.exe [30490184 2025-06-05] (ADLICE -> ) Task: {C59BED8D-C389-42BD-9EE5-62DBE58F598B} - System32\Tasks\Uninstall AdwCleaner Application => E:\0A LOGICIELS 2025\adwcleaner.exe [9566696 2025-03-08] (Malwarebytes Inc. -> Malwarebytes) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Winsock: Catalog5 02 %SystemRoot%\system32\pnrpnsp.dll => Pas de fichier Winsock: Catalog5 03 %SystemRoot%\system32\pnrpnsp.dll => Pas de fichier Winsock: Catalog9 17 %windir%\system32\vsocklib.dll => Pas de fichier Winsock: Catalog9 18 %windir%\system32\vsocklib.dll => Pas de fichier Winsock: Catalog5-x64 02 %SystemRoot%\system32\pnrpnsp.dll => Pas de fichier Winsock: Catalog5-x64 03 %SystemRoot%\system32\pnrpnsp.dll => Pas de fichier Winsock: Catalog9-x64 17 %windir%\system32\vsocklib.dll => Pas de fichier Winsock: Catalog9-x64 18 %windir%\system32\vsocklib.dll => Pas de fichier Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\..\Interfaces\{86d4c2a8-e807-4e4c-9987-24b9ac84d81b}: [DhcpNameServer] 192.168.1.1 Edge: ======= Edge Profile: C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-21] Edge HomePage: Default -> hxxps://www.orange.fr/portail Edge DefaultSearchURL: Default -> hxxps://www.bing.com/search?PC=U523&q={searchTerms} Edge Extension: (Microsoft Rewards) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bnplfnhcidhhdapmblniehfaaompjlck [2025-02-01] Edge Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elhekieabhbkpmcefcoobjddigjcaadp [2025-06-16] Edge Extension: (Google Docs hors connexion) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-16] Edge Extension: (Edge relevant text changes) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-02-01] Edge Extension: (Decentraleyes) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lmijmgnfconjockjeepmlmkkibfgjmla [2025-02-01] Edge Extension: (Privacy Badger) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mkejgcgkdlddbggjhhflekkondicpnop [2025-06-16] Edge Extension: (Full Moon) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\nklkchjlghiijkcbkldjidhkealceaio [2025-02-01] Edge Extension: (uBlock Origin) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2025-06-16] Edge Extension: (I don't care about cookies) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\oholpbloipjbbhlhohaebmieiiieioal [2025-02-01] Edge Extension: (AdBlocker Ultimate) - C:\Users\bidul\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\pciakllldcajllepkbbihkmfkikheffb [2025-06-21] FireFox: ======== FF DefaultProfile: r8lgejtp.default FF ProfilePath: C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\r8lgejtp.default [2025-06-18] FF ProfilePath: C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292 [2025-06-21] FF Homepage: Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292 -> hxxps://www.orange.fr/portail FF Extension: (Signal Spam) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\@addonsignalspam.xpi [2025-05-28] FF Extension: (Bloody Vikings!) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\bloodyvikings@ffs.bplaced.net.xpi [2025-02-02] FF Extension: (Super History & Cache Cleaner) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\click-and-clean@freebusinessapps.xpi [2025-04-22] FF Extension: (Notifier for Gmail™) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\jid0-GjwrPchS3Ugt7xydvqVK4DQk8Ls@jetpack.xpi [2025-03-12] FF Extension: (To Google Translate) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2025-02-02] FF Extension: (Decentraleyes) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\jid1-BoFifL9Vbdl2zQ@jetpack.xpi [2025-02-02] FF Extension: (I don't care about cookies) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2025-02-02] FF Extension: (Privacy Badger) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\jid1-MnnxcxisBPnSXQ@jetpack.xpi [2025-06-06] FF Extension: (Show my Password) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\jid1-ytAaKUpYnPSfGA@jetpack.xpi [2025-02-02] FF Extension: (Correcteur d’orthographe et reformulateur — LanguageTool) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\languagetool-webextension@languagetool.org.xpi [2025-04-15] FF Extension: (Microsoft Rewards) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\MicrosoftRewards@microsoft.com.xpi [2025-03-20] [UpdateUrl:hxxps://browserdefaults.microsoft.com/FirefoxExtn/updateextension.json] FF Extension: (Print Edit WE) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\printedit-we@DW-dev.xpi [2025-04-30] FF Extension: (Gestionnaire de téléchargements (S3)) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\s3download@statusbar.xpi [2025-02-14] FF Extension: (Google Translator for Firefox) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\translator@zoli.bod.xpi [2025-02-02] FF Extension: (uBlock Origin) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\uBlock0@raymondhill.net.xpi [2025-05-17] FF Extension: (Privacy Possum) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\woop-NoopscooPsnSXQ@jetpack.xpi [2025-02-02] FF Extension: (Airguns) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{00280c6e-d1ef-4e44-8853-ff6ec2dc8c46}.xpi [2025-02-02] FF Extension: (fractal fiesta) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{031a6045-f6a8-4356-a92e-fe17c2fda9a1}.xpi [2025-02-02] FF Extension: (Woodblock Classic) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{0b00979f-7327-4ca3-96c0-b458ebff890e}.xpi [2025-02-02] FF Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}.xpi [2025-02-02] FF Extension: (Beautiful Sunny Day) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{0de9b5b5-efa4-450a-bd87-652b6b9aa26f}.xpi [2025-02-02] FF Extension: (Media Converter and Muxer - Audio Tools) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{0ff128a1-c286-4e73-bffa-9ae879b244d5}.xpi [2025-02-02] FF Extension: (Flagfox) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2025-06-06] FF Extension: (Light Sea) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{124ac638-9949-4296-83e5-0a30089482fa}.xpi [2025-02-02] FF Extension: (ThunderBird (Mozilla)) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{13c8bf18-576a-44cd-bce6-7ee1bc8e4277}.xpi [2025-02-02] FF Extension: (-Mozilla-Firefox-) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{157debda-ba63-441e-9f01-be751a2cd248}.xpi [2025-02-02] FF Extension: (Ice Fractal) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{15e2ba98-aa1b-4649-a585-d9c109861343}.xpi [2025-02-02] FF Extension: (Soft Aqua) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{17378f9c-a793-4700-aee6-40eb33485e70}.xpi [2025-02-02] FF Extension: (Fire is Super Foxy) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{1b3ed393-00e6-4dc7-946d-b9554ca3a704}.xpi [2025-02-02] FF Extension: (Bokeh Beta) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{1f4a5643-1ea1-488b-9873-40bea3870d85}.xpi [2025-02-02] FF Extension: (Stormy Sky Drive by M♥Donna) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{23336f66-94ea-4796-a6f2-93717a004760}.xpi [2025-02-02] FF Extension: (Blue Mozilla Firefox) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{250785ec-4aec-42b6-823f-05343d80e109}.xpi [2025-02-02] FF Extension: (Colorful) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{292182d9-9fcc-49f4-8bf9-ab513eb35e22}.xpi [2025-02-02] FF Extension: (Download All Images) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2025-05-26] FF Extension: (Red fox in space aurora) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{3ed7fa4e-c341-4b1b-b2d5-d24ffde49cd6}.xpi [2025-02-02] FF Extension: (SingleFile) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{531906d3-e22f-4a6c-a102-8057b88a1a63}.xpi [2025-04-24] FF Extension: (Watercolour Plants) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{54e07f7a-d937-44a5-936a-4d3c11f0941b}.xpi [2025-02-02] FF Extension: (OM - Olympique de Marseille) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{575bc7ed-c153-43fb-9021-9fa0e7921448}.xpi [2025-02-02] FF Extension: (owl first snow by candelora) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{5768d8ad-83b7-49ac-92a8-d762eb338665}.xpi [2025-02-02] FF Extension: (First Mountain Snow by M♥Donna) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{58ed0b89-8436-4436-be1c-0f56273f1adf}.xpi [2025-02-02] FF Extension: (OM 110 ans) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{59f9fc4c-0dab-474e-8b52-3e618224b152}.xpi [2025-02-02] FF Extension: (FirefoxChristmas) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{6517e5e5-9012-40d4-ba36-cc976f9f52a6}.xpi [2025-02-02] FF Extension: (Rainbow Peony by MaDonna) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{711824f2-1f81-42cc-ba4f-348a6231f2c8}.xpi [2025-02-02] FF Extension: (Bulk Media Downloader) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{72b2e02b-3a71-4895-886c-fd12ebe36ba3}.xpi [2025-02-02] FF Extension: (NoScript) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2025-05-27] FF Extension: (dreams beach by candelora) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{762d3c34-2c8d-4e12-8230-19850d1f4e5e}.xpi [2025-02-02] FF Extension: (Snoopy et la canicule) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{8ba91db1-4fbf-4007-bdd5-4e550b66e4b8}.xpi [2025-02-02] FF Extension: (Fluffy Little White Birds by MaDonna) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{8be36b23-4549-4cde-af33-c753bfe61659}.xpi [2025-02-02] FF Extension: (Mozilla: Firefox OS) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{93645565-f282-4c96-a85a-8133740c6273}.xpi [2025-02-02] FF Extension: (Spring Garden Serenity by MaDonna) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{9623927c-641b-4408-b5c1-55c439395826}.xpi [2025-02-02] FF Extension: (Colorful Abstract Neon) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{9fd56529-f621-4820-8128-f0bbbdbd8a73}.xpi [2025-02-02] FF Extension: (Two little birds) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{a78f47b9-eac6-4996-bc9a-54701987af18}.xpi [2025-02-02] FF Extension: (Random User-Agent (Switcher)) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{b43b974b-1d3a-4232-b226-eaa2ac6ebb69}.xpi [2025-05-18] FF Extension: (esafox) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{b526b65f-3165-4dcc-a534-3474d1de766b}.xpi [2025-02-02] FF Extension: (Green Low Poly) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{b578691e-ad2e-4ba9-9c67-bca813d36ef3}.xpi [2025-02-02] FF Extension: (The universe of ancient times.) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{b6d370bd-f532-4049-9a82-f53b47f369b3}.xpi [2025-02-02] FF Extension: (Video DownloadHelper) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2025-06-05] FF Extension: (Blue Grass Rain Shower Petite by MaDonna) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{c1e85863-311d-4a55-93fa-77b3fd30c19e}.xpi [2025-02-02] FF Extension: (Spring Singer) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{cfaa60c2-536c-4035-b23b-3b10d9517577}.xpi [2025-02-02] FF Extension: (Vocaloid Miku Future) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{dc24feba-0bb5-4ebd-8a61-88b810f44464}.xpi [2025-02-02] FF Extension: (FirefoxClassicalBlue) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{dc4152a2-0127-4e36-aaf9-7a0ab4c46dc0}.xpi [2025-02-02] FF Extension: (Xenon Dark-Blue) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{f17e60f9-c49f-4fe7-928d-d3d0bc1e04c4}.xpi [2025-02-02] FF Extension: (Space Fantasy Redux) - C:\Users\bidul\AppData\Roaming\Mozilla\Firefox\Profiles\29zigofe.default-release-1738456889292\Extensions\{f5453979-a039-4066-8aee-cb64fc98f936}.xpi [2025-02-02] FF Plugin: @videolan.org/vlc,version=3.0.21 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2024-06-08] (VideoLAN -> VideoLAN) FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-06-06] (Adobe Inc. -> Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\bidul\AppData\Local\Google\Chrome\User Data\Default [2025-06-18] CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\bidul\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-06-11] CHR Extension: (Google Docs hors connexion) - C:\Users\bidul\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-27] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\bidul\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2025-05-27] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] Opera: ======= OPR DefaultProfile: Default Brave: ======= BRA Profile: C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-06-21] BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-05-15] BRA Extension: (Brave Local Data Files Updater) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-06-16] BRA Extension: (Brave NTP background images) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-05-15] BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-05-15] BRA Extension: (Brave Ads Resources) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\bgifagoclclhhoflocdefiklgodpihog [2025-05-15] BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-05-15] BRA Extension: (Brave Ad Block Updater (AdGuard Français (plaintext))) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\flnkmpokemfpaajmiimmjeiandgoodgg [2025-05-15] BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-05-15] BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2025-02-07] BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-05-15] BRA Extension: (Brave NTP sponsored images) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2025-06-16] BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\bidul\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-05-15] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.) S4 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-02-07] (Brave Software, Inc. -> BraveSoftware Inc.) S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\137.1.79.126\elevation_service.exe [3195472 2025-06-18] (Brave Software, Inc. -> Brave Software, Inc.) S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2025-02-07] (Brave Software, Inc. -> BraveSoftware Inc.) R2 DefenderUIService; C:\Program Files\DefenderUI\DefenderUIService.exe [342608 2025-03-23] (VoodooSoft, LLC -> VoodooSoft, LLC) R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [60352 2025-01-03] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) S3 EPMVssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{F3563446-C715-456D-96D8-97682859A737} [50504 2025-03-01] (Microsoft Windows -> Microsoft Corporation) S3 hpatchmon; C:\WINDOWS\system32\hpatchmon.dll [173472 2025-06-16] (Microsoft Windows -> Microsoft Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [460488 2024-04-03] (Canon Inc. -> ) S3 LibreOfficeMaintenance; C:\Program Files\LibreOffice\program\update_service.exe [123304 2025-06-06] (The Document Foundation -> The Document Foundation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206808 2022-05-12] (Logitech Inc -> Logitech Inc.) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9577376 2025-06-16] (Malwarebytes Inc -> Malwarebytes) S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-02-01] (Malwarebytes Inc. -> Malwarebytes) R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_0ce7c82068b0dff7\Display.NvContainer\NVDisplay.Container.exe [1275016 2025-06-13] (NVIDIA Corporation -> NVIDIA Corporation) R2 ONLYOFFICE Update Service; C:\Program Files\ONLYOFFICE\DesktopEditors\updatesvc.exe [644360 2025-06-18] (Ascensio System SIA -> Ascensio System SIA) S3 ProtonVPN Service; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPNService.exe [464624 2025-06-13] (Proton AG -> ProtonVPN) S3 ProtonVPN WireGuard; C:\Program Files\Proton\VPN\v4.2.0\ProtonVPN.WireGuardService.exe [464112 2025-06-13] (Proton AG -> ProtonVPN) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [917472 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation) R2 unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [297240 2025-04-20] (Reason Software Company Inc. -> Reason Software Company Inc.) R3 VssEaseusProvider; C:\WINDOWS\system32\dllhost.exe /Processid:{48752819-4082-40D7-9879-655974B01C8A} [50504 2025-03-01] (Microsoft Windows -> Microsoft Corporation) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-13] (Microsoft Windows Publisher -> Microsoft Corporation) S3 Browser; %SystemRoot%\System32\browser.dll [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (C-MEDIA ELECTRONICS INC. -> Windows (R) Win 7 DDK provider) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus2.sys [167440 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ebrntdrv; C:\WINDOWS\system32\ebrntdrv.sys [27728 2023-06-19] (Microsoft Windows Hardware Compatibility Publisher -> ) S3 epmdkdrv; C:\WINDOWS\system32\epmdkdrv.sys [27728 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> ) R0 EPMVolFl; C:\WINDOWS\System32\drivers\EPMVolFl.sys [30136 2022-12-29] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider) R0 EUBAKUP; C:\WINDOWS\System32\drivers\eubakup.sys [75848 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [55352 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> ) R0 EUDCPDC; C:\WINDOWS\System32\drivers\EUDCPDC.sys [77904 2024-07-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R0 EUDCPEPM; C:\WINDOWS\System32\drivers\EUDCPEPM.sys [76344 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUDSKACS; C:\WINDOWS\system32\drivers\eudskacs.sys [24152 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUEDKDC; C:\WINDOWS\system32\drivers\EUEDKDC.sys [25200 2024-07-15] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUEDKEPM; C:\WINDOWS\System32\drivers\EUEDKEPM.sys [24656 2022-12-29] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R1 EUFDDISK; C:\WINDOWS\system32\drivers\EuFdDisk.sys [565456 2024-07-11] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd) R3 euimgprt; C:\WINDOWS\System32\DRIVERS\euimgprt.sys [45776 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 EUSSRDVR; C:\WINDOWS\System32\drivers\EUSSRDVR.sys [119512 2024-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2025-03-01] (Microsoft Windows -> Microsoft Corporation) S3 GeneStor; C:\WINDOWS\System32\drivers\GeneStor.sys [181824 2025-03-16] (GENESYS LOGIC, INC. -> Genesys Logic) R3 iaLPSS2_GPIO2_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_tgl.inf_amd64_4fcff055ed32f652\iaLPSS2_GPIO2_TGL.sys [132072 2025-03-16] (Intel Corporation -> Intel Corporation) R3 iaLPSS2_I2C_TGL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_tgl.inf_amd64_bd1c0a60b9594248\iaLPSS2_I2C_TGL.sys [205400 2025-03-16] (Intel Corporation -> Intel Corporation) R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-13] (Microsoft Windows -> Microsoft Corporation) S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140728 2025-06-16] (Microsoft Windows -> Microsoft Corporation) S3 ladfGSS; C:\WINDOWS\system32\drivers\ladfGSS.sys [45168 2022-05-12] (Logitech Inc -> Logitech Inc.) R3 LGBusEnum; C:\WINDOWS\system32\drivers\LGBusEnum64.sys [46264 2022-05-12] (Logitech Inc -> Logitech Inc.) R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore64.sys [76480 2022-05-12] (Logitech Inc -> Logitech Inc.) R3 LGPBTDD; C:\WINDOWS\System32\Drivers\LGPBTDD.sys [30728 2022-05-12] (Logitech -> Logitech Inc.) R3 LGSHidFilt; C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys [64280 2022-05-12] (Logitech -> Logitech Inc.) R3 LGVirHid; C:\WINDOWS\system32\drivers\LGVirHid64.sys [34496 2022-05-12] (Logitech Inc -> Logitech Inc.) S3 logi_joy_vir_hid; C:\WINDOWS\system32\drivers\logi_joy_vir_hid.sys [32080 2025-02-15] (Logitech Inc -> Logitech) R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-02-22] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) S3 PlutonHeci; C:\WINDOWS\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_f74945e2fcb1d3d7\pluton-heci.sys [75168 2025-06-16] (Microsoft Windows -> Microsoft Corporation) S3 ProtonVPNCallout; C:\Program Files\Proton\VPN\v4.2.0\Resources\ProtonVPN.CalloutDriver.sys [40360 2025-02-10] (Proton AG -> Proton AG) S3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group) R3 rt25cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt25cx21x64.inf_amd64_3439fa398930e398\rt25cx21x64.sys [889816 2025-03-16] (Realtek Semiconductor Corp. -> Realtek) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ss_conn_usb_driver2; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver2.sys [50720 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-28] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation) S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-06-16] (Microsoft Windows -> Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-13] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-13] (Microsoft Windows -> Microsoft Corporation) S3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [29592 2025-02-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WireGuard; C:\WINDOWS\System32\drivers\wireguard.sys [489368 2025-02-10] (Microsoft Windows Hardware Compatibility Publisher -> WireGuard LLC) S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-03-01] (Microsoft Windows -> Microsoft Corporation) S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2025-03-01] (Microsoft Windows -> Microsoft Corporation) S3 EuGdiDrv; \SystemRoot\system32\EuGdiDrv.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-06-21 19:15 - 2025-06-21 19:16 - 000044126 _____ C:\Users\bidul\Desktop\FRST.txt 2025-06-21 19:15 - 2025-06-21 19:15 - 002406912 _____ (Farbar) C:\Users\bidul\Desktop\FRST64.exe 2025-06-21 10:58 - 2025-06-21 10:58 - 000740656 _____ C:\WINDOWS\system32\perfh00C.dat 2025-06-21 10:58 - 2025-06-21 10:58 - 000146256 _____ C:\WINDOWS\system32\perfc00C.dat 2025-06-18 03:56 - 2025-06-13 06:24 - 002072448 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe 2025-06-18 03:56 - 2025-06-13 06:24 - 002072448 _____ C:\WINDOWS\system32\vulkaninfo.exe 2025-06-18 03:56 - 2025-06-13 06:24 - 001614184 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe 2025-06-18 03:56 - 2025-06-13 06:24 - 001614184 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe 2025-06-18 03:56 - 2025-06-13 06:24 - 001576800 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll 2025-06-18 03:56 - 2025-06-13 06:24 - 001576800 _____ C:\WINDOWS\system32\vulkan-1.dll 2025-06-18 03:56 - 2025-06-13 06:24 - 001389928 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll 2025-06-18 03:56 - 2025-06-13 06:24 - 001389928 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll 2025-06-18 03:56 - 2025-06-13 06:24 - 000478424 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2025-06-18 03:56 - 2025-06-13 06:24 - 000374408 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2025-06-18 03:56 - 2025-06-13 06:20 - 001259656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll 2025-06-18 03:56 - 2025-06-13 06:20 - 000674416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvofapi64.dll 2025-06-18 03:56 - 2025-06-13 06:20 - 000509120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvofapi.dll 2025-06-18 03:56 - 2025-06-13 06:19 - 026004696 _____ C:\WINDOWS\system32\nvidia-pcc.exe 2025-06-18 03:56 - 2025-06-13 06:19 - 002313920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2025-06-18 03:56 - 2025-06-13 06:19 - 001713880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2025-06-18 03:56 - 2025-06-13 06:19 - 001569496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2025-06-18 03:56 - 2025-06-13 06:19 - 001220224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2025-06-18 03:56 - 2025-06-13 06:19 - 001053888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2025-06-18 03:56 - 2025-06-13 06:19 - 000942272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe 2025-06-18 03:56 - 2025-06-13 06:19 - 000809576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2025-06-18 03:56 - 2025-06-13 06:19 - 000467648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe 2025-06-18 03:56 - 2025-06-13 06:18 - 023035072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2025-06-18 03:56 - 2025-06-13 06:18 - 020517592 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2025-06-18 03:56 - 2025-06-13 06:18 - 007323328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2025-06-18 03:56 - 2025-06-13 06:18 - 005917888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2025-06-18 03:56 - 2025-06-13 06:18 - 005239944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcudadebugger.dll 2025-06-18 03:56 - 2025-06-13 06:18 - 003993736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2025-06-18 03:56 - 2025-06-13 06:18 - 000853104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe 2025-06-18 03:56 - 2025-06-13 06:17 - 005601584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll 2025-06-18 03:56 - 2025-06-13 06:17 - 004901688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll 2025-06-18 03:56 - 2025-06-12 08:58 - 000143026 _____ C:\WINDOWS\system32\nvinfo.pb 2025-06-16 23:33 - 2025-06-16 23:33 - 000003186 _____ C:\WINDOWS\system32\Tasks\PrivaZer_SkipUAC 2025-06-16 23:32 - 2025-06-18 02:55 - 000000000 ____D C:\Users\bidul\AppData\Local\PrivaZer 2025-06-16 23:32 - 2025-06-16 23:33 - 000000000 ____D C:\Program Files (x86)\PrivaZer 2025-06-16 23:32 - 2025-06-16 23:32 - 000001962 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PrivaZer.lnk 2025-06-16 23:32 - 2025-06-16 23:32 - 000000000 ____D C:\Users\bidul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PrivaZer 2025-06-16 23:32 - 2025-06-16 23:32 - 000000000 ____D C:\ProgramData\privazer 2025-06-16 20:11 - 2025-06-18 12:04 - 000004290 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1750097487 2025-06-16 20:11 - 2025-06-18 12:04 - 000001426 _____ C:\Users\bidul\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2025-06-16 20:11 - 2025-06-16 20:11 - 000004546 _____ C:\WINDOWS\system32\Tasks\Opera scheduled assistant Autoupdate 1750097490 2025-06-16 20:11 - 2025-06-16 20:11 - 000000000 ____D C:\Users\bidul\AppData\Local\Opera Software 2025-06-16 20:10 - 2025-06-16 20:10 - 000000000 ____D C:\Users\bidul\AppData\Roaming\Opera Software 2025-06-16 19:23 - 2025-06-21 12:54 - 000000000 ____D C:\WINDOWS\CbsTemp 2025-06-16 19:23 - 2025-06-16 19:23 - 000033224 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json 2025-06-16 19:23 - 2025-06-16 19:23 - 000033224 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json 2025-06-16 19:23 - 2025-06-16 19:23 - 000001555 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json 2025-06-16 15:46 - 2025-06-16 15:46 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 2025-06-16 15:29 - 2025-06-16 15:30 - 000000000 ___HD C:\Users\bidul\Downloads\.opera 2025-06-15 22:56 - 2025-06-15 22:56 - 000304028 _____ C:\Users\bidul\Downloads\Nouvelle_demande_AJ.pdf 2025-06-15 22:56 - 2025-06-15 22:56 - 000110229 _____ C:\Users\bidul\Downloads\getNotice.pdf 2025-06-15 22:56 - 2025-06-15 22:56 - 000089263 _____ C:\Users\bidul\Downloads\cerfa_15173.pdf 2025-06-15 22:01 - 2025-06-15 22:01 - 000000000 ___HD C:\$SysReset 2025-06-15 00:46 - 2025-06-15 00:46 - 000000000 ____D C:\Users\Default\AppData\LocalLow\NVIDIA 2025-06-15 00:46 - 2025-06-15 00:46 - 000000000 ____D C:\Users\Default\AppData\Local\NVIDIA 2025-06-15 00:46 - 2025-06-15 00:46 - 000000000 ____D C:\Users\Default\AppData\Local\D3DSCache 2025-06-12 12:37 - 2025-06-21 19:16 - 000000000 ____D C:\FRST 2025-06-11 15:01 - 2025-06-14 15:37 - 000000000 ____D C:\WINDOWS\SoftwareDistribution.old 2025-06-11 14:59 - 2025-06-16 15:21 - 000000000 ____D C:\WINDOWS\system32\catroot2.old 2025-06-06 01:43 - 2025-06-06 01:43 - 000000000 ____D C:\ProgramData\Emsisoft 2025-06-06 00:45 - 2025-06-16 15:21 - 000000000 ____D C:\WINDOWS\system32\HvsiSettingsProviders 2025-06-06 00:36 - 2025-06-06 00:45 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK 2025-05-28 00:54 - 2025-06-18 03:06 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2025-05-28 00:54 - 2025-05-28 00:54 - 000000000 ____D C:\WINDOWS\system32\Tasks\GoogleSystem 2025-05-28 00:54 - 2025-05-28 00:54 - 000000000 ____D C:\Users\bidul\AppData\Local\Google 2025-05-28 00:54 - 2025-05-28 00:54 - 000000000 ____D C:\Program Files\Google 2025-05-27 19:44 - 2025-05-27 19:44 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2025-05-24 02:21 - 2025-05-24 02:21 - 000000000 ____D C:\Users\bidul\AppData\Roaming\NVIDIA 2025-05-22 18:20 - 2025-05-22 18:20 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-BIDULMANIAK-PC-Windows-10-Pro-(64-bit).dat 2025-05-22 18:20 - 2025-05-22 18:20 - 000000000 ____D C:\RegBackup 2025-05-22 15:23 - 2025-05-22 18:16 - 000003780 _____ C:\WINDOWS\system32\Tasks\Tweaking.com - Windows Repair Tray Icon 2025-05-22 15:23 - 2025-05-22 15:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2025-05-22 15:23 - 2025-05-22 15:23 - 000000000 ____D C:\Program Files (x86)\Tweaking.com 2025-05-22 15:22 - 2025-05-22 18:16 - 000763527 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2025-06-21 19:15 - 2025-02-01 09:30 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2025-06-21 19:14 - 2025-02-01 08:07 - 000000000 ____D C:\Users\bidul\AppData\Local\Malwarebytes 2025-06-21 19:11 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2025-06-21 19:04 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp 2025-06-21 18:47 - 2025-02-01 07:54 - 000000000 ____D C:\Users\bidul\AppData\Local\D3DSCache 2025-06-21 18:46 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\registration 2025-06-21 12:22 - 2025-03-01 14:13 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2025-06-21 12:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness 2025-06-21 11:00 - 2025-02-01 07:44 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk 2025-06-21 10:58 - 2025-03-01 14:16 - 001684128 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2025-06-21 10:58 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps 2025-06-21 10:58 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF 2025-06-21 10:54 - 2025-04-21 00:40 - 000000000 ____D C:\ProgramData\Unchecky 2025-06-21 10:54 - 2025-03-01 14:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2025-06-21 10:54 - 2025-02-01 07:49 - 000000000 ____D C:\ProgramData\NVIDIA 2025-06-21 10:54 - 2025-02-01 07:44 - 000039712 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 2025-06-21 10:54 - 2025-02-01 07:43 - 000012288 ___SH C:\DumpStack.log.tmp 2025-06-21 03:09 - 2025-02-12 03:32 - 000000000 ____D C:\Users\bidul\AppData\Local\CrashDumps 2025-06-20 19:56 - 2025-02-01 10:37 - 000000000 ____D C:\Users\bidul\AppData\Local\NVIDIA 2025-06-20 13:45 - 2025-03-04 20:00 - 000000000 ___RD C:\Users\bidul\Desktop\ICONES MES LOGICIELS 2025-06-20 13:45 - 2025-02-01 09:09 - 000000000 ____D C:\Users\bidul\AppData\Roaming\XnView 2025-06-20 13:45 - 2025-02-01 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView 2025-06-20 13:45 - 2025-02-01 09:09 - 000000000 ____D C:\Program Files (x86)\XnView 2025-06-20 13:44 - 2025-04-20 17:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ONLYOFFICE 2025-06-20 13:44 - 2025-02-11 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proton 2025-06-20 03:42 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2025-06-18 23:19 - 2025-02-07 20:13 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk 2025-06-18 22:36 - 2025-02-05 02:32 - 000000000 ____D C:\Users\bidul\AppData\Roaming\vlc 2025-06-18 22:31 - 2025-02-01 08:37 - 000000000 ____D C:\Users\bidul\AppData\Local\PlaceholderTileLogoFolder 2025-06-18 22:31 - 2025-02-01 07:53 - 000000000 ____D C:\Users\bidul\AppData\Local\Packages 2025-06-18 22:31 - 2025-02-01 07:45 - 000000000 ____D C:\ProgramData\Packages 2025-06-18 03:58 - 2025-02-01 14:40 - 000000000 ____D C:\Program Files (x86)\Steam 2025-06-17 23:06 - 2025-02-01 09:19 - 000000000 ____D C:\ProgramData\Package Cache 2025-06-17 15:06 - 2025-02-01 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2025-06-16 23:37 - 2025-02-10 19:39 - 000000000 ____D C:\Program Files\CrystalDiskInfo 2025-06-16 23:03 - 2025-02-01 07:53 - 000000000 ____D C:\Users\bidul\AppData\Local\ConnectedDevicesPlatform 2025-06-16 19:32 - 2025-03-08 20:30 - 000454272 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2025-06-16 19:31 - 2024-04-01 18:37 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2025-06-16 19:31 - 2024-04-01 18:36 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ___RD C:\Program Files\Windows Defender 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\migwiz 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\DDFs 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Com 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\BrowserCore 2025-06-16 19:31 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr 2025-06-16 19:22 - 2025-03-01 14:15 - 003383808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2025-06-16 18:47 - 2025-02-01 09:30 - 000000000 ____D C:\Program Files\Mozilla Firefox 2025-06-16 18:47 - 2025-02-01 09:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2025-06-16 16:28 - 2025-02-01 08:32 - 000000000 ____D C:\WINDOWS\system32\MRT 2025-06-16 16:27 - 2025-02-01 08:31 - 216824056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2025-06-16 16:05 - 2025-03-01 13:51 - 000000000 ____D C:\Users\bidul 2025-06-16 15:57 - 2025-02-10 19:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo 2025-06-16 15:50 - 2025-02-05 16:52 - 000000000 ____D C:\Program Files\dotnet 2025-06-16 15:49 - 2025-04-16 15:16 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thunderbird.lnk 2025-06-16 15:49 - 2025-04-16 15:16 - 000000000 ____D C:\Program Files\Mozilla Thunderbird 2025-06-16 15:46 - 2025-02-01 10:35 - 000000000 ____D C:\Program Files\LibreOffice 2025-06-16 15:38 - 2025-02-01 08:07 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2025-06-16 15:38 - 2025-02-01 08:06 - 000000000 ____D C:\ProgramData\Malwarebytes 2025-06-16 15:38 - 2025-02-01 08:06 - 000000000 ____D C:\Program Files\Malwarebytes 2025-06-16 15:35 - 2025-04-01 03:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UCheck 2025-06-16 15:35 - 2025-04-01 03:13 - 000000000 ____D C:\Program Files\UCheck 2025-06-16 15:32 - 2025-03-01 14:17 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task 2025-06-16 15:32 - 2025-02-21 17:39 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk 2025-06-16 15:28 - 2025-02-01 09:30 - 000001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2025-06-16 15:22 - 2025-03-28 14:08 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets 2025-06-16 15:22 - 2025-03-04 19:54 - 000000000 ____D C:\Users\WsiAccount 2025-06-16 15:22 - 2024-04-01 18:37 - 000000000 ___SD C:\WINDOWS\system32\AppV 2025-06-16 15:22 - 2024-04-01 18:37 - 000000000 ____D C:\Program Files\Windows Photo Viewer 2025-06-16 15:22 - 2024-04-01 18:37 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2025-06-16 15:22 - 2024-04-01 18:36 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2025-06-16 15:22 - 2024-04-01 18:36 - 000000000 ____D C:\WINDOWS\system32\OpenSSH 2025-06-16 15:22 - 2024-04-01 18:36 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2025-06-16 15:22 - 2024-04-01 18:34 - 000000000 ____D C:\WINDOWS\SysWOW64\fr 2025-06-16 15:22 - 2024-04-01 18:34 - 000000000 ____D C:\WINDOWS\system32\fr 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 __RSD C:\WINDOWS\Media 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\lxss 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\lxss 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\dsc 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\PerceptionSimulation 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\DDFs 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Keywords 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\icsxml 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\downlevel 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Provisioning 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\L2Schemas 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\IME 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\IdentityCRL 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\DiagTrack 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Cursors 2025-06-16 15:22 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System 2025-06-16 15:22 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing 2025-06-16 15:21 - 2025-04-22 03:04 - 000000000 ____D C:\Users\bidul\AppData\Roaming\BleachBit 2025-06-16 15:21 - 2025-04-01 03:13 - 000000000 ____D C:\ProgramData\UCheck 2025-06-16 15:21 - 2025-02-01 17:37 - 000000000 ___HD C:\ProgramData\CanonIJScan 2025-06-16 15:21 - 2025-02-01 09:25 - 000000000 ____D C:\Program Files (x86)\Google 2025-06-16 15:21 - 2025-02-01 09:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2025-06-16 15:21 - 2025-02-01 09:19 - 000000000 ____D C:\Program Files\Logitech Gaming Software 2025-06-16 15:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2025-06-16 15:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Pbr 2025-06-16 15:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\MUI 2025-06-16 15:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\InputMethod 2025-06-16 15:21 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\Help 2025-06-16 15:13 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps 2025-06-16 15:10 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps.tmp 2025-06-15 22:00 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\registration.tmp 2025-06-13 10:45 - 2025-02-01 07:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2025-06-12 20:02 - 2025-02-01 17:36 - 000000000 ____D C:\Users\bidul\SCAN IMPRIMANTE CANON 2025-06-12 00:07 - 2025-02-01 17:27 - 000000000 ____D C:\ProgramData\CanonIJPLM 2025-06-11 02:01 - 2024-04-01 20:12 - 000000000 ___HD C:\$WINDOWS.~BT 2025-06-11 02:00 - 2025-04-16 11:38 - 000000000 ____D C:\WINDOWS\Panther 2025-06-01 12:09 - 2025-02-06 00:44 - 000000000 ____D C:\Users\bidul\AppData\Local\ElevatedDiagnostics 2025-05-28 17:23 - 2025-02-01 09:30 - 000000000 ____D C:\Users\bidul\AppData\Roaming\Mozilla 2025-05-28 01:31 - 2025-02-05 18:11 - 000000000 ____D C:\Users\bidul\AppData\Local\SquirrelTemp 2025-05-28 00:51 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2025-05-27 17:39 - 2025-03-16 00:06 - 000000000 ____D C:\WINDOWS\pss 2025-05-27 00:50 - 2025-02-16 18:42 - 000000000 ___RD C:\Users\bidul\dwhelper 2025-05-24 01:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth 2025-05-22 20:59 - 2025-02-07 12:47 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2025-05-22 20:59 - 2025-02-01 08:07 - 000242752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys ==================== Fichiers à la racine de certains dossiers ======== 2025-03-12 23:11 - 2025-03-12 23:11 - 000000055 _____ () C:\Users\bidul\AppData\Roaming\epm_user.ini ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== BCD ================================ Gestionnaire de démarrage du microprogramme ------------------------------------------- identificateur {fwbootmgr} displayorder {bootmgr} {042b4928-4831-11f0-bbb2-806e6f6e6963} {042b4929-4831-11f0-bbb2-806e6f6e6963} {042b492a-4831-11f0-bbb2-806e6f6e6963} timeout 1 Gestionnaire de démarrage Windows --------------------------------- identificateur {bootmgr} device partition=\Device\HarddiskVolume2 path \EFI\MICROSOFT\BOOT\BOOTMGFW.EFI description Windows Boot Manager locale fr-FR inherit {globalsettings} default {current} resumeobject {65372a15-f696-11ef-bad8-14857fb72a4a} displayorder {current} toolsdisplayorder {memdiag} timeout 10 Application logicielle (101fffff) -------------------------------- identificateur {042b4928-4831-11f0-bbb2-806e6f6e6963} description UEFI:CD/DVD Drive Application logicielle (101fffff) -------------------------------- identificateur {042b4929-4831-11f0-bbb2-806e6f6e6963} description UEFI:Removable Device Application logicielle (101fffff) -------------------------------- identificateur {042b492a-4831-11f0-bbb2-806e6f6e6963} description UEFI:Network Device Chargeur de démarrage Windows ----------------------------- identificateur {current} device partition=C: path \WINDOWS\system32\winload.efi description Windows 11 locale fr-FR inherit {bootloadersettings} recoverysequence {65372a18-f696-11ef-bad8-14857fb72a4a} displaymessageoverride Recovery recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \WINDOWS resumeobject {65372a15-f696-11ef-bad8-14857fb72a4a} nx OptIn bootmenupolicy Standard hypervisorlaunchtype Auto Chargeur de démarrage Windows ----------------------------- identificateur {65372a18-f696-11ef-bad8-14857fb72a4a} device ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{65372a19-f696-11ef-bad8-14857fb72a4a} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery osdevice ramdisk=[\Device\HarddiskVolume4]\Recovery\WindowsRE\Winre.wim,{65372a19-f696-11ef-bad8-14857fb72a4a} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Chargeur de démarrage Windows ----------------------------- identificateur {c2fdc79d-e052-11ef-af71-d7196b7e8c38} device ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{c2fdc79e-e052-11ef-af71-d7196b7e8c38} path \windows\system32\winload.efi description Windows Recovery Environment locale fr-FR inherit {bootloadersettings} displaymessage Recovery isolatedcontext Yes osdevice ramdisk=[unknown]\Recovery\WindowsRE\Winre.wim,{c2fdc79e-e052-11ef-af71-d7196b7e8c38} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Reprendre à partir de la mise en veille prolongée ------------------------------------------------- identificateur {65372a15-f696-11ef-bad8-14857fb72a4a} device partition=C: path \WINDOWS\system32\winresume.efi description Windows Resume Application locale fr-FR inherit {resumeloadersettings} recoverysequence {65372a18-f696-11ef-bad8-14857fb72a4a} recoveryenabled Yes isolatedcontext Yes allowedinmemorysettings 0x15000075 filedevice partition=C: custom:21000026 partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Testeur de mémoire Windows -------------------------- identificateur {memdiag} device partition=\Device\HarddiskVolume2 path \EFI\Microsoft\Boot\memtest.efi description Diagnostics mémoire Windows locale fr-FR inherit {globalsettings} badmemoryaccess Yes Paramètres EMS -------------- identificateur {emssettings} bootems No isolatedcontext Yes Paramètres du débogueur ----------------------- identificateur {dbgsettings} debugtype Local isolatedcontext Yes Erreurs de mémoire RAM ---------------------- identificateur {badmemory} Paramètres globaux ------------------ identificateur {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Paramètres du chargeur de démarrage ----------------------------------- identificateur {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Paramètres de l'hyperviseur ------------------- identificateur {hypervisorsettings} isolatedcontext Yes hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Paramètres du chargeur de reprise --------------------------------- identificateur {resumeloadersettings} inherit {globalsettings} Options de périphérique ----------------------- identificateur {65372a19-f696-11ef-bad8-14857fb72a4a} description Windows Recovery ramdisksdidevice partition=\Device\HarddiskVolume4 ramdisksdipath \Recovery\WindowsRE\boot.sdi ==================== Fin de FRST.txt ========================