Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2021
Exécuté par berna (administrateur) sur DESKTOP-56NJAKP (ASUS All Series) (07-08-2021 13:23:58)
Exécuté depuis C:\Users\berna\Desktop
Profils chargés: berna
Platform: Windows 10 Pro Version 21H1 19043.1110 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Opera Software AS -> Opera Software) C:\Users\berna\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe <22>
(Opera Software AS -> Opera Software) C:\Users\berna\AppData\Local\Programs\Opera\77.0.4054.277\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Popcorn Time) [Fichier non signé] C:\Program Files (x86)\Popcorn Time\Updater.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [289840 2018-08-30] (Intel(R) Rapid Storage Technology enterprise -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-04-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [165928 2021-06-27] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2012-12-05] (Luis Cobian, CobianSoft) [Fichier non signé]
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [117864 2021-04-30] (VMware, Inc. -> VMware, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1001\...\Run: [Opera Browser Assistant] => C:\Users\berna\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-06-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2021-06-19]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2021-06-24]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\berna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 2050 J510 series.lnk [2021-06-20]
ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 2050 J510 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2050 J510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0C33F1MS05D1;CONNECTION=USB;MONITOR=1;
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {011B27FA-E17E-4818-B0E6-5A6AE2C725E1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {10FB5461-0867-4230-8192-40D6F2205A0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-25] (Google LLC -> Google LLC)
Task: {17DA6B35-27FC-4873-891B-8CB4FE8311CC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1551520 2015-05-14] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {1A1F8475-C628-44D5-9CE3-AAC044808258} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {1F31614B-9F6D-4A2A-9AB1-B209903EE2E0} - System32\Tasks\Opera scheduled Autoupdate 1624117567 => C:\Users\berna\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software)
Task: {338C74ED-908B-4C48-9238-3E13770261F9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A8D44B8-4C34-4855-8763-4B0CCDDE7B59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3E9C7218-5B48-4039-AB34-21F25CD0246A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {45965A5C-F8B4-4E02-906D-65AD6330C8FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D3123F7-37AA-4FDA-8876-6C5B92139BC7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65503BFC-B639-4D79-8839-9FBB54EEDC18} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {67926F82-3676-46ED-A2B5-BC416497DF12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A90F7CA-927A-4FA7-AED6-1F5E1E280085} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {788DE589-D677-42DD-827A-CDF56E7FD9A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7BA62983-4559-42DF-962B-3CD59821B147} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {7D81FE11-B178-4875-92D5-A76541C6F542} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {82C4F7FC-220D-472D-8229-790F4D7E5531} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {88824AC4-90E1-4D06-BE41-EC198B8C6C74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8CD1AF3B-F202-4700-8476-BC0CA7EDB103} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {95317F49-7C73-4292-B55B-FB9245530A4C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4541312 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0C69A03-1EF7-485B-AB3F-4E26881067EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-25] (Google LLC -> Google LLC)
Task: {A37EBCDD-842C-41E1-A05C-001B0BCC20CE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {A54AF3B1-4964-475B-BA78-67E690543C33} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\berna\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-11] (ESET, spol. s r.o. -> ESET)
Task: {A6B5C812-BFF7-4638-9CD1-87CD0401D13F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139136 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB46221D-EB81-439B-AA9D-30303B6531D3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CCC782A8-3D20-4530-AB0E-AF81D1BF7991} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E990580F-F7C5-42DA-A3E4-8942A6C9A85C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9BEE5CA-5184-4E6C-82CE-47BAE149D257} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\berna\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-11] (ESET, spol. s r.o. -> ESET)
Task: {ECE88415-1EFE-42F6-9485-2BCB8C632016} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722552 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED2E1A7A-FC5D-49C9-B6BA-40864B90C5B4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139136 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA4B8731-EAC9-440A-9750-E85503AF274D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {FB0A6DB2-C381-4B09-B00E-FDAED60A8A52} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722552 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{814bbae0-59e1-4f2e-8943-c40886f8e9bb}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\berna\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-07]
FireFox:
========
FF DefaultProfile: 1xep7yhj.default
FF ProfilePath: C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\1xep7yhj.default [2021-07-13]
FF ProfilePath: C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\d0f0k5wn.default-release [2021-08-07]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-08-07]
Chrome:
=======
CHR Profile: C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default [2021-07-25]
CHR Extension: (Slides) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-25]
CHR Extension: (Safe Torrent Scanner) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-07-25]
CHR Extension: (Docs) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-25]
CHR Extension: (Google Drive) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-25]
CHR Extension: (YouTube) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-25]
CHR Extension: (Avira Password Manager) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-07-25]
CHR Extension: (Avira Safe Shopping) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-07-25]
CHR Extension: (Sheets) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-25]
CHR Extension: (Protection Web Avira) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-25]
CHR Extension: (Social Book Post Manager) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-07-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-25]
CHR Extension: (Gmail) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-25]
CHR Extension: (Chrome Media Router) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-25]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable [2021-08-07]
OPR Notifications: Opera Stable -> hxxps://www.cnetfrance.fr; hxxps://www.excel-downloads.com; hxxps://www.facebook.com
OPR StartupUrls: Opera Stable -> "hxxps://actus.sfr.fr/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25]
OPR Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\glaedmooikiamindhmfcfccncmmdagge [2021-07-30]
OPR Extension: (Social Book Post Manager) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-07-25]
OPR Extension: (FranceVerif) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\mhkejggchhilmabpicojddgaahkkgoln [2021-08-04]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-07-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9141648 2021-07-21] (Microsoft Corporation -> Microsoft Corporation)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [Fichier non signé]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncHelper.exe [3240296 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783344 2021-01-28] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226800 2021-01-28] (MiniTool Software Limited -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\OneDriveUpdaterService.exe [3703144 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2020-08-27] (Popcorn Time) [Fichier non signé]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15223552 2021-04-30] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169424 2021-08-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123472 2021-08-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194776 2021-08-03] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43904 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70232 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R1 kbdclass; C:\WINDOWS\System32\drivers\f5dnkcls.sys [58344 2016-03-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 MonitorFunction; C:\WINDOWS\System32\drivers\lockscr.sys [24560 2019-01-21] (Remote Utilities LLC -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 Serial; C:\WINDOWS\system32\DRIVERS\wdfserial.sys [89976 2018-04-26] (LG Electronics Inc. -> LG Electronics Inc.)
R3 usbcamcl; C:\WINDOWS\system32\DRIVERS\usbcamcl.sys [62184 2011-12-08] (Ark Pioneer Microelectronics (Shenzhen) Co., Ltd. -> usb camera)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49112 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [54592 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-07 13:23 - 2021-08-07 13:24 - 000029289 _____ C:\Users\berna\Desktop\FRST.txt
2021-08-07 13:23 - 2021-08-07 13:24 - 000000000 ____D C:\FRST
2021-08-07 13:22 - 2021-08-07 13:22 - 002300416 _____ (Farbar) C:\Users\berna\Downloads\FRST64.exe
2021-08-07 13:22 - 2021-08-07 13:22 - 002300416 _____ (Farbar) C:\Users\berna\Desktop\FRST64.exe
2021-08-07 10:26 - 2021-08-07 10:26 - 000000000 ____D C:\Users\berna\AppData\Roaming\ZHP
2021-08-07 10:26 - 2021-08-07 10:26 - 000000000 ____D C:\Users\berna\AppData\Local\ZHP
2021-08-07 09:04 - 2021-08-07 09:04 - 000231041 _____ C:\Users\berna\Downloads\MECHEN Mp3 Q&A-FR.pdf
2021-08-06 11:33 - 2021-08-06 11:34 - 544283340 _____ C:\Users\berna\Downloads\facebook-bernardpautal.zip
2021-08-05 13:27 - 2021-08-05 13:27 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-05 13:27 - 2021-08-05 13:27 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-05 13:27 - 2021-08-05 13:27 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-05 13:26 - 2021-08-05 13:26 - 000000000 ____D C:\Users\berna\AppData\Local\mbam
2021-08-05 13:26 - 2021-08-05 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-05 13:26 - 2021-08-05 13:26 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-04 11:23 - 2021-08-04 17:51 - 000000000 ____D C:\Users\berna\Desktop\Ma Musique
2021-08-04 09:49 - 2021-08-04 09:49 - 002232782 _____ C:\Users\berna\Downloads\e72d336ec12348dfb7fcad2500f2651c.pdf
2021-08-03 17:18 - 2021-08-03 17:21 - 620910592 _____ C:\Users\berna\Downloads\fr_windows_xp_professional_with_service_pack_3_x86_cd_x14-80440.iso
2021-08-03 16:40 - 2021-08-03 16:40 - 000242326 _____ C:\Users\berna\Documents\Impots 2020-3.pdf
2021-08-03 16:39 - 2021-08-03 16:39 - 000385393 _____ C:\Users\berna\Documents\Impots 2020-2.pdf
2021-08-03 16:38 - 2021-08-03 16:38 - 000394020 _____ C:\Users\berna\Documents\Impots 2020-1.pdf
2021-08-02 13:37 - 2021-08-02 13:42 - 000000000 ____D C:\Program Files (x86)\Alawar
2021-08-02 10:03 - 2021-08-02 10:03 - 000000000 ____D C:\Users\berna\AppData\Local\cache
2021-08-02 08:25 - 2021-08-02 08:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d77186eaea32d3
2021-07-26 11:00 - 2021-07-26 11:00 - 000000000 ____D C:\Users\berna\Desktop\Mes Photos
2021-07-25 10:56 - 2021-08-07 13:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-25 10:56 - 2021-08-05 09:02 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-25 10:56 - 2021-08-05 09:02 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-25 10:56 - 2021-08-05 08:56 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-25 10:56 - 2021-08-05 08:56 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-25 10:56 - 2021-07-25 11:11 - 000000000 ____D C:\Users\berna\AppData\Local\Google
2021-07-25 10:56 - 2021-07-25 10:56 - 000000000 ____D C:\Program Files\Google
2021-07-19 17:51 - 2021-07-19 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-07-19 17:51 - 2021-07-19 17:51 - 000000000 ____D C:\Program Files\7-Zip
2021-07-18 10:27 - 2021-07-18 10:27 - 000043362 _____ C:\Users\berna\Documents\cc_20210718_102752.reg
2021-07-18 09:32 - 2021-07-18 09:32 - 000000000 ____D C:\Users\berna\AppData\Local\Plarium
2021-07-16 11:39 - 2021-07-16 17:07 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-07-14 09:06 - 2021-07-14 09:06 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-14 09:06 - 2021-07-14 09:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 09:06 - 2021-07-14 09:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 09:06 - 2021-07-14 09:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 09:06 - 2021-07-14 09:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 09:06 - 2021-07-14 09:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-13 09:06 - 2021-07-13 09:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-13 09:06 - 2021-07-13 09:06 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-07-13 09:06 - 2021-07-13 09:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-13 09:06 - 2021-07-13 09:06 - 000000000 ____D C:\Users\berna\AppData\Local\Mozilla
2021-07-13 09:06 - 2021-07-13 09:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-11 13:29 - 2021-07-11 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker
2021-07-11 13:29 - 2021-03-09 17:41 - 000037336 _____ C:\WINDOWS\system32\pwdrvio.sys
2021-07-11 13:29 - 2019-11-08 09:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2021-07-11 13:29 - 2019-11-08 09:15 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
2021-07-11 13:28 - 2021-07-11 13:29 - 000000000 ____D C:\Program Files\MiniTool ShadowMaker
2021-07-11 13:28 - 2021-07-11 13:29 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2021-07-11 13:28 - 2021-07-11 13:28 - 000003276 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2021-07-11 13:28 - 2021-07-11 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2021-07-11 09:33 - 2021-07-11 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-07-11 09:33 - 2021-07-11 09:33 - 000000000 ____D C:\ProgramData\ESET
2021-07-11 09:33 - 2021-07-11 09:33 - 000000000 ____D C:\Program Files\ESET
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-07 13:20 - 2021-07-05 12:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-07 12:29 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-07 12:25 - 2021-06-19 11:27 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-07 11:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-07 11:33 - 2021-06-19 11:32 - 000000000 ____D C:\Users\berna\AppData\Local\PlaceholderTileLogoFolder
2021-08-07 11:33 - 2021-06-19 11:30 - 000000000 ____D C:\Users\berna\AppData\Local\Packages
2021-08-07 11:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-07 10:26 - 2021-06-22 13:14 - 000000000 ____D C:\Users\berna\Desktop\Téléchargements
2021-08-07 09:13 - 2021-06-26 09:30 - 000000000 ____D C:\Users\berna\Desktop\Vidéos
2021-08-07 09:13 - 2021-06-20 08:53 - 000000000 ____D C:\Users\berna\Desktop\Captvty
2021-08-07 09:10 - 2021-06-19 13:32 - 000000000 ____D C:\Users\berna\Desktop\Analyses LabOffice
2021-08-07 08:31 - 2021-06-20 09:40 - 000000000 ____D C:\Program Files\CCleaner
2021-08-07 08:30 - 2021-06-19 11:22 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-07 08:29 - 2021-06-19 12:04 - 000000000 ____D C:\Users\berna\AppData\LocalLow\Mozilla
2021-08-07 08:28 - 2021-07-04 12:12 - 000000443 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-08-06 17:29 - 2021-06-21 13:59 - 000000000 ____D C:\Users\berna\AppData\Roaming\vlc
2021-08-06 08:46 - 2021-06-20 10:30 - 000000000 ___HD C:\ProgramData\Hsynbwv
2021-08-06 08:46 - 2021-06-19 18:55 - 000000000 ____D C:\ProgramData\73
2021-08-06 08:46 - 2021-06-19 18:52 - 000000000 ____D C:\Program Files (x86)\Company
2021-08-06 08:46 - 2019-02-14 12:31 - 000000000 ____D C:\ProgramData\FoldQuick
2021-08-05 13:30 - 2021-06-19 17:07 - 000000000 ____D C:\Users\berna\Desktop\Anti Virus
2021-08-05 13:26 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-04 16:59 - 2021-06-19 11:50 - 000000000 ____D C:\Users\berna\Desktop\Bernard
2021-08-04 11:36 - 2021-06-21 17:31 - 000000000 ____D C:\Users\berna\AppData\Roaming\VMware
2021-08-04 11:36 - 2021-06-21 17:31 - 000000000 ____D C:\Users\berna\AppData\Local\VMware
2021-08-04 11:03 - 2021-06-21 17:27 - 000000000 ____D C:\ProgramData\VMware
2021-08-03 17:25 - 2021-06-30 11:34 - 000000000 ____D C:\Users\berna\Documents\Virtual Machines
2021-08-03 17:23 - 2021-06-25 13:01 - 000194776 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000169424 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000123472 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000070232 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000043904 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-08-03 17:23 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-02 10:25 - 2021-06-19 17:33 - 000000000 ____D C:\Users\berna\Desktop\Altice S62
2021-08-02 08:25 - 2021-07-05 12:20 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-01 17:50 - 2021-07-05 12:20 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-08-01 17:50 - 2021-07-05 12:20 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-08-01 17:50 - 2021-06-23 08:24 - 000001382 _____ C:\Users\berna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-07-31 16:27 - 2021-06-29 11:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-31 09:24 - 2021-06-20 18:17 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-31 09:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-29 08:51 - 2021-07-05 12:23 - 001687526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-29 08:51 - 2019-12-07 16:50 - 000755342 _____ C:\WINDOWS\system32\perfh00C.dat
2021-07-29 08:51 - 2019-12-07 16:50 - 000142148 _____ C:\WINDOWS\system32\perfc00C.dat
2021-07-29 08:44 - 2021-07-05 12:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-29 08:44 - 2021-06-19 11:21 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-28 13:21 - 2021-07-05 12:20 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1624117567
2021-07-28 13:21 - 2021-06-19 17:46 - 000001409 _____ C:\Users\berna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-07-28 13:17 - 2021-06-21 18:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-07-27 13:18 - 2021-06-19 17:33 - 000000000 ____D C:\Users\berna\Desktop\Girac
2021-07-26 10:15 - 2021-07-05 12:20 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-07-26 10:15 - 2021-06-23 09:06 - 000000000 ___RD C:\Users\Bernard\OneDrive
2021-07-26 10:15 - 2021-06-20 10:24 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-26 10:15 - 2021-06-19 11:31 - 000000000 ___RD C:\Users\berna\OneDrive
2021-07-25 18:18 - 2021-06-19 11:30 - 000000000 ____D C:\Users\berna\AppData\Local\VirtualStore
2021-07-21 12:54 - 2021-07-05 12:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-21 07:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-19 17:48 - 2021-06-19 11:30 - 000000000 ____D C:\ProgramData\Packages
2021-07-19 13:29 - 2021-06-19 17:32 - 000017901 _____ C:\Users\berna\Desktop\Médicaments.xlsx
2021-07-19 12:53 - 2021-07-05 12:14 - 000446704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-18 10:27 - 2021-07-05 11:32 - 000000000 ___DC C:\WINDOWS\Panther
2021-07-18 09:34 - 2021-06-25 07:21 - 000000000 ____D C:\Users\berna\AppData\Local\D3DSCache
2021-07-18 08:19 - 2021-06-24 11:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-16 17:07 - 2021-06-24 11:01 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-07-14 18:01 - 2021-06-22 17:09 - 000000000 ____D C:\Users\berna\Desktop\Utilitaires
2021-07-14 09:43 - 2021-07-05 11:43 - 000000000 ____D C:\Program Files\Hyper-V
2021-07-14 09:43 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 09:43 - 2019-12-07 11:03 - 002359296 _____ C:\WINDOWS\system32\config\BBI
2021-07-14 09:08 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 09:00 - 2021-06-20 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 08:59 - 2021-06-20 13:27 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-13 09:29 - 2021-06-19 12:03 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-13 09:06 - 2021-06-19 12:04 - 000000000 ____D C:\Users\berna\AppData\Roaming\Mozilla
2021-07-11 13:30 - 2021-06-21 11:55 - 000000000 ____D C:\Users\berna\AppData\Roaming\QtProject
2021-07-11 09:33 - 2021-06-23 08:24 - 000000000 ____D C:\Users\berna\AppData\Local\ESET
2021-07-10 10:12 - 2021-06-19 13:32 - 000000000 ____D C:\Users\berna\Desktop\Divers
2021-07-10 08:46 - 2021-06-19 11:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2021-06-19 18:37 - 2021-06-20 09:46 - 000000684 _____ () C:\Users\berna\AppData\Roaming\OEMSDKHASH.txt
2021-07-18 09:32 - 2021-07-18 09:32 - 000019483 _____ () C:\Users\berna\AppData\Local\PlariumPlay.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par berna (administrateur) sur DESKTOP-56NJAKP (ASUS All Series) (07-08-2021 13:23:58)
Exécuté depuis C:\Users\berna\Desktop
Profils chargés: berna
Platform: Windows 10 Pro Version 21H1 19043.1110 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Intel(R) Rapid Storage Technology enterprise -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Luis Cobian, CobianSoft) [Fichier non signé] C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2106.14307.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.1081_none_7e3d47227c694b34\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> ) C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\System32\vmwp.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\AgentService.exe
(MiniTool Software Limited -> ) C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvSHIM.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Opera Software AS -> Opera Software) C:\Users\berna\AppData\Local\Programs\Opera\77.0.4054.277\opera.exe <22>
(Opera Software AS -> Opera Software) C:\Users\berna\AppData\Local\Programs\Opera\77.0.4054.277\opera_crashreporter.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Popcorn Time) [Fichier non signé] C:\Program Files (x86)\Popcorn Time\Updater.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(VMware, Inc. -> ) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
(VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [289840 2018-08-30] (Intel(R) Rapid Storage Technology enterprise -> Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102832 2021-04-15] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [165928 2021-06-27] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [MTPW] => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Cobian Backup 11 interface] => C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe [4407808 2012-12-05] (Luis Cobian, CobianSoft) [Fichier non signé]
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [117864 2021-04-30] (VMware, Inc. -> VMware, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35062912 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1001\...\Run: [Opera Browser Assistant] => C:\Users\berna\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [4079824 2021-06-29] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3241833146-3736459403-4284518719-1004\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2119040 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\HP 8711 Status Monitor: C:\Windows\system32\hpinksts8711LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2021-06-19]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2021-06-24]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation -> Mozilla Corporation)
Startup: C:\Users\berna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 2050 J510 series.lnk [2021-06-20]
ShortcutAndArgument: Alertes de surveillance de l'encre - HP Deskjet 2050 J510 series.lnk -> C:\Windows\system32\RunDll32.exe => "C:\Program Files\HP\HP Deskjet 2050 J510 series\bin\HPStatusBL.dll",RunDLLEntry SERIALNUMBER=CN0C33F1MS05D1;CONNECTION=USB;MONITOR=1;
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {011B27FA-E17E-4818-B0E6-5A6AE2C725E1} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [690616 2021-06-22] (Mozilla Corporation -> Mozilla Foundation)
Task: {10FB5461-0867-4230-8192-40D6F2205A0D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-25] (Google LLC -> Google LLC)
Task: {17DA6B35-27FC-4873-891B-8CB4FE8311CC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [1551520 2015-05-14] (ASUSTeK Computer Inc. -> ) [Fichier non signé]
Task: {1A1F8475-C628-44D5-9CE3-AAC044808258} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [469952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files (x86)\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {1F31614B-9F6D-4A2A-9AB1-B209903EE2E0} - System32\Tasks\Opera scheduled Autoupdate 1624117567 => C:\Users\berna\AppData\Local\Programs\Opera\launcher.exe [2264784 2021-07-21] (Opera Software AS -> Opera Software)
Task: {338C74ED-908B-4C48-9238-3E13770261F9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2069952 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3A8D44B8-4C34-4855-8763-4B0CCDDE7B59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3E9C7218-5B48-4039-AB34-21F25CD0246A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29136000 2021-07-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {45965A5C-F8B4-4E02-906D-65AD6330C8FE} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D3123F7-37AA-4FDA-8876-6C5B92139BC7} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [976832 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {65503BFC-B639-4D79-8839-9FBB54EEDC18} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
Task: {67926F82-3676-46ED-A2B5-BC416497DF12} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A90F7CA-927A-4FA7-AED6-1F5E1E280085} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {788DE589-D677-42DD-827A-CDF56E7FD9A8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {7BA62983-4559-42DF-962B-3CD59821B147} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-07-16] (Piriform Software Ltd -> Piriform)
Task: {7D81FE11-B178-4875-92D5-A76541C6F542} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [757184 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {82C4F7FC-220D-472D-8229-790F4D7E5531} - System32\Tasks\MiniToolPartitionWizard => C:\Program Files\MiniTool Partition Wizard 12\updatechecker.exe [219616 2020-02-19] (MiniTool Software Limited -> )
Task: {88824AC4-90E1-4D06-BE41-EC198B8C6C74} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MpCmdRun.exe [644888 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8CD1AF3B-F202-4700-8476-BC0CA7EDB103} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253376 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {95317F49-7C73-4292-B55B-FB9245530A4C} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4541312 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0C69A03-1EF7-485B-AB3F-4E26881067EB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-07-25] (Google LLC -> Google LLC)
Task: {A37EBCDD-842C-41E1-A05C-001B0BCC20CE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {A54AF3B1-4964-475B-BA78-67E690543C33} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\berna\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-11] (ESET, spol. s r.o. -> ESET)
Task: {A6B5C812-BFF7-4638-9CD1-87CD0401D13F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139136 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB46221D-EB81-439B-AA9D-30303B6531D3} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {CCC782A8-3D20-4530-AB0E-AF81D1BF7991} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [510912 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E990580F-F7C5-42DA-A3E4-8942A6C9A85C} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [662464 2018-03-24] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E9BEE5CA-5184-4E6C-82CE-47BAE149D257} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\berna\AppData\Local\ESET\ESETOnlineScanner\ESETOnlineScanner.exe [18007968 2021-07-11] (ESET, spol. s r.o. -> ESET)
Task: {ECE88415-1EFE-42F6-9485-2BCB8C632016} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722552 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED2E1A7A-FC5D-49C9-B6BA-40864B90C5B4} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139136 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {FA4B8731-EAC9-440A-9750-E85503AF274D} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {FB0A6DB2-C381-4B09-B00E-FDAED60A8A52} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [5722552 2021-07-31] (Microsoft Corporation -> Microsoft Corporation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{814bbae0-59e1-4f2e-8943-c40886f8e9bb}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\berna\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-07]
FireFox:
========
FF DefaultProfile: 1xep7yhj.default
FF ProfilePath: C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\1xep7yhj.default [2021-07-13]
FF ProfilePath: C:\Users\berna\AppData\Roaming\Mozilla\Firefox\Profiles\d0f0k5wn.default-release [2021-08-07]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-06-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-06-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-06-20] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-07-24] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2021-08-07]
Chrome:
=======
CHR Profile: C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default [2021-07-25]
CHR Extension: (Slides) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-07-25]
CHR Extension: (Safe Torrent Scanner) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2021-07-25]
CHR Extension: (Docs) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-07-25]
CHR Extension: (Google Drive) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-07-25]
CHR Extension: (YouTube) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-07-25]
CHR Extension: (Avira Password Manager) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljgklbbfbcjjanaijlacgncafpegll [2021-07-25]
CHR Extension: (Avira Safe Shopping) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccbpbkebodcjkknkfkpmfeciinhidaeh [2021-07-25]
CHR Extension: (Sheets) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-07-25]
CHR Extension: (Protection Web Avira) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2021-07-25]
CHR Extension: (Google Docs hors connexion) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-07-25]
CHR Extension: (Social Book Post Manager) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-07-25]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-07-25]
CHR Extension: (Gmail) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-07-25]
CHR Extension: (Chrome Media Router) - C:\Users\berna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-25]
CHR HKLM-x32\...\Chrome\Extension: [aegnopegbbhjeeiganiajffnalhlkkjb]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [ccbpbkebodcjkknkfkpmfeciinhidaeh]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
Opera:
=======
OPR Profile: C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable [2021-08-07]
OPR Notifications: Opera Stable -> hxxps://www.cnetfrance.fr; hxxps://www.excel-downloads.com; hxxps://www.facebook.com
OPR StartupUrls: Opera Stable -> "hxxps://actus.sfr.fr/"
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-06-25]
OPR Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\glaedmooikiamindhmfcfccncmmdagge [2021-07-30]
OPR Extension: (Social Book Post Manager) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljfidlkcmdmmibngdfikhffffdmphjae [2021-07-25]
OPR Extension: (FranceVerif) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\mhkejggchhilmabpicojddgaahkkgoln [2021-08-04]
OPR Extension: (Amazon Assistant pour Opera) - C:\Users\berna\AppData\Roaming\Opera Software\Opera Stable\Extensions\mmmbddcnnndpbdflpccgcknaaabgldak [2021-07-22]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936456 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [Fichier non signé]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9141648 2021-07-21] (Microsoft Corporation -> Microsoft Corporation)
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2012-12-05] (Luis Cobian, CobianSoft) [Fichier non signé]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [3079464 2021-06-27] (ESET, spol. s r.o. -> ESET)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\FileSyncHelper.exe [3240296 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R2 MTAgentService; C:\Program Files\MiniTool ShadowMaker\AgentService.exe [783344 2021-01-28] (MiniTool Software Limited -> )
R2 MTSchedulerService; C:\Program Files\MiniTool ShadowMaker\SchedulerService.exe [226800 2021-01-28] (MiniTool Software Limited -> )
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.129.0627.0002\OneDriveUpdaterService.exe [3703144 2021-07-26] (Microsoft Corporation -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2020-08-27] (Popcorn Time) [Fichier non signé]
R2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [15223552 2021-04-30] (VMware, Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15368 2015-05-14] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [169424 2021-08-03] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [123472 2021-08-03] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15824 2021-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [194776 2021-08-03] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43904 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [70232 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [107456 2021-08-03] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 int0800; C:\WINDOWS\System32\drivers\flashud.sys [62984 2019-08-21] (Intel Corporation -> Intel Corporation)
R1 kbdclass; C:\WINDOWS\System32\drivers\f5dnkcls.sys [58344 2016-03-09] (FUJITSU LIMITED -> FUJITSU LIMITED)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-08-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-05] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-05] (Malwarebytes Inc -> Malwarebytes)
R3 MonitorFunction; C:\WINDOWS\System32\drivers\lockscr.sys [24560 2019-01-21] (Remote Utilities LLC -> )
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [37336 2021-03-09] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2019-11-08] (MiniTool Solution Ltd -> )
R3 Serial; C:\WINDOWS\system32\DRIVERS\wdfserial.sys [89976 2018-04-26] (LG Electronics Inc. -> LG Electronics Inc.)
R3 usbcamcl; C:\WINDOWS\system32\DRIVERS\usbcamcl.sys [62184 2011-12-08] (Ark Pioneer Microelectronics (Shenzhen) Co., Ltd. -> usb camera)
R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [67072 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R2 vmparport; C:\WINDOWS\system32\DRIVERS\vmparport.sys [49112 2021-04-30] (VMware, Inc. -> VMware, Inc.)
R0 vsock; C:\WINDOWS\System32\DRIVERS\vsock.sys [105912 2020-08-11] (VMware, Inc. -> VMware, Inc.)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-x64.sys [54592 2020-08-11] (VMware, Inc. -> VMware, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-07-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425192 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-10] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-07 13:23 - 2021-08-07 13:24 - 000029289 _____ C:\Users\berna\Desktop\FRST.txt
2021-08-07 13:23 - 2021-08-07 13:24 - 000000000 ____D C:\FRST
2021-08-07 13:22 - 2021-08-07 13:22 - 002300416 _____ (Farbar) C:\Users\berna\Downloads\FRST64.exe
2021-08-07 13:22 - 2021-08-07 13:22 - 002300416 _____ (Farbar) C:\Users\berna\Desktop\FRST64.exe
2021-08-07 10:26 - 2021-08-07 10:26 - 000000000 ____D C:\Users\berna\AppData\Roaming\ZHP
2021-08-07 10:26 - 2021-08-07 10:26 - 000000000 ____D C:\Users\berna\AppData\Local\ZHP
2021-08-07 09:04 - 2021-08-07 09:04 - 000231041 _____ C:\Users\berna\Downloads\MECHEN Mp3 Q&A-FR.pdf
2021-08-06 11:33 - 2021-08-06 11:34 - 544283340 _____ C:\Users\berna\Downloads\facebook-bernardpautal.zip
2021-08-05 13:27 - 2021-08-05 13:27 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-05 13:27 - 2021-08-05 13:27 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-05 13:27 - 2021-08-05 13:27 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000199128 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-08-05 13:26 - 2021-08-05 13:26 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-05 13:26 - 2021-08-05 13:26 - 000000000 ____D C:\Users\berna\AppData\Local\mbam
2021-08-05 13:26 - 2021-08-05 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-08-05 13:26 - 2021-08-05 13:26 - 000000000 ____D C:\Program Files\Malwarebytes
2021-08-04 11:23 - 2021-08-04 17:51 - 000000000 ____D C:\Users\berna\Desktop\Ma Musique
2021-08-04 09:49 - 2021-08-04 09:49 - 002232782 _____ C:\Users\berna\Downloads\e72d336ec12348dfb7fcad2500f2651c.pdf
2021-08-03 17:18 - 2021-08-03 17:21 - 620910592 _____ C:\Users\berna\Downloads\fr_windows_xp_professional_with_service_pack_3_x86_cd_x14-80440.iso
2021-08-03 16:40 - 2021-08-03 16:40 - 000242326 _____ C:\Users\berna\Documents\Impots 2020-3.pdf
2021-08-03 16:39 - 2021-08-03 16:39 - 000385393 _____ C:\Users\berna\Documents\Impots 2020-2.pdf
2021-08-03 16:38 - 2021-08-03 16:38 - 000394020 _____ C:\Users\berna\Documents\Impots 2020-1.pdf
2021-08-02 13:37 - 2021-08-02 13:42 - 000000000 ____D C:\Program Files (x86)\Alawar
2021-08-02 10:03 - 2021-08-02 10:03 - 000000000 ____D C:\Users\berna\AppData\Local\cache
2021-08-02 08:25 - 2021-08-02 08:25 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d77186eaea32d3
2021-07-26 11:00 - 2021-07-26 11:00 - 000000000 ____D C:\Users\berna\Desktop\Mes Photos
2021-07-25 10:56 - 2021-08-07 13:01 - 000000000 ____D C:\Program Files (x86)\Google
2021-07-25 10:56 - 2021-08-05 09:02 - 000002245 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-07-25 10:56 - 2021-08-05 09:02 - 000002204 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-07-25 10:56 - 2021-08-05 08:56 - 000003590 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-07-25 10:56 - 2021-08-05 08:56 - 000003466 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-07-25 10:56 - 2021-07-25 11:11 - 000000000 ____D C:\Users\berna\AppData\Local\Google
2021-07-25 10:56 - 2021-07-25 10:56 - 000000000 ____D C:\Program Files\Google
2021-07-19 17:51 - 2021-07-19 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2021-07-19 17:51 - 2021-07-19 17:51 - 000000000 ____D C:\Program Files\7-Zip
2021-07-18 10:27 - 2021-07-18 10:27 - 000043362 _____ C:\Users\berna\Documents\cc_20210718_102752.reg
2021-07-18 09:32 - 2021-07-18 09:32 - 000000000 ____D C:\Users\berna\AppData\Local\Plarium
2021-07-16 11:39 - 2021-07-16 17:07 - 000000000 ____D C:\Program Files\Mozilla Thunderbird
2021-07-14 09:06 - 2021-07-14 09:06 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-14 09:06 - 2021-07-14 09:06 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-14 09:06 - 2021-07-14 09:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-14 09:06 - 2021-07-14 09:06 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-14 09:06 - 2021-07-14 09:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-14 09:06 - 2021-07-14 09:06 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-13 09:06 - 2021-07-13 09:06 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-13 09:06 - 2021-07-13 09:06 - 000000993 _____ C:\Users\Public\Desktop\Firefox.lnk
2021-07-13 09:06 - 2021-07-13 09:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-13 09:06 - 2021-07-13 09:06 - 000000000 ____D C:\Users\berna\AppData\Local\Mozilla
2021-07-13 09:06 - 2021-07-13 09:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-11 13:29 - 2021-07-11 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool ShadowMaker
2021-07-11 13:29 - 2021-03-09 17:41 - 000037336 _____ C:\WINDOWS\system32\pwdrvio.sys
2021-07-11 13:29 - 2019-11-08 09:15 - 003600896 _____ C:\WINDOWS\system32\pwNative.exe
2021-07-11 13:29 - 2019-11-08 09:15 - 000012504 _____ C:\WINDOWS\system32\pwdspio.sys
2021-07-11 13:28 - 2021-07-11 13:29 - 000000000 ____D C:\Program Files\MiniTool ShadowMaker
2021-07-11 13:28 - 2021-07-11 13:29 - 000000000 ____D C:\Program Files\MiniTool Partition Wizard 12
2021-07-11 13:28 - 2021-07-11 13:28 - 000003276 _____ C:\WINDOWS\system32\Tasks\MiniToolPartitionWizard
2021-07-11 13:28 - 2021-07-11 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard 12
2021-07-11 09:33 - 2021-07-11 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2021-07-11 09:33 - 2021-07-11 09:33 - 000000000 ____D C:\ProgramData\ESET
2021-07-11 09:33 - 2021-07-11 09:33 - 000000000 ____D C:\Program Files\ESET
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-08-07 13:20 - 2021-07-05 12:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-07 12:29 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-07 12:25 - 2021-06-19 11:27 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-07 11:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-07 11:33 - 2021-06-19 11:32 - 000000000 ____D C:\Users\berna\AppData\Local\PlaceholderTileLogoFolder
2021-08-07 11:33 - 2021-06-19 11:30 - 000000000 ____D C:\Users\berna\AppData\Local\Packages
2021-08-07 11:33 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-07 10:26 - 2021-06-22 13:14 - 000000000 ____D C:\Users\berna\Desktop\Téléchargements
2021-08-07 09:13 - 2021-06-26 09:30 - 000000000 ____D C:\Users\berna\Desktop\Vidéos
2021-08-07 09:13 - 2021-06-20 08:53 - 000000000 ____D C:\Users\berna\Desktop\Captvty
2021-08-07 09:10 - 2021-06-19 13:32 - 000000000 ____D C:\Users\berna\Desktop\Analyses LabOffice
2021-08-07 08:31 - 2021-06-20 09:40 - 000000000 ____D C:\Program Files\CCleaner
2021-08-07 08:30 - 2021-06-19 11:22 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-07 08:29 - 2021-06-19 12:04 - 000000000 ____D C:\Users\berna\AppData\LocalLow\Mozilla
2021-08-07 08:28 - 2021-07-04 12:12 - 000000443 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2021-08-06 17:29 - 2021-06-21 13:59 - 000000000 ____D C:\Users\berna\AppData\Roaming\vlc
2021-08-06 08:46 - 2021-06-20 10:30 - 000000000 ___HD C:\ProgramData\Hsynbwv
2021-08-06 08:46 - 2021-06-19 18:55 - 000000000 ____D C:\ProgramData\73
2021-08-06 08:46 - 2021-06-19 18:52 - 000000000 ____D C:\Program Files (x86)\Company
2021-08-06 08:46 - 2019-02-14 12:31 - 000000000 ____D C:\ProgramData\FoldQuick
2021-08-05 13:30 - 2021-06-19 17:07 - 000000000 ____D C:\Users\berna\Desktop\Anti Virus
2021-08-05 13:26 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-08-04 16:59 - 2021-06-19 11:50 - 000000000 ____D C:\Users\berna\Desktop\Bernard
2021-08-04 11:36 - 2021-06-21 17:31 - 000000000 ____D C:\Users\berna\AppData\Roaming\VMware
2021-08-04 11:36 - 2021-06-21 17:31 - 000000000 ____D C:\Users\berna\AppData\Local\VMware
2021-08-04 11:03 - 2021-06-21 17:27 - 000000000 ____D C:\ProgramData\VMware
2021-08-03 17:25 - 2021-06-30 11:34 - 000000000 ____D C:\Users\berna\Documents\Virtual Machines
2021-08-03 17:23 - 2021-06-25 13:01 - 000194776 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000169424 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000123472 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000107456 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000070232 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2021-08-03 17:23 - 2021-06-25 13:01 - 000043904 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2021-08-03 17:23 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-02 10:25 - 2021-06-19 17:33 - 000000000 ____D C:\Users\berna\Desktop\Altice S62
2021-08-02 08:25 - 2021-07-05 12:20 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-01 17:50 - 2021-07-05 12:20 - 000003858 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2021-08-01 17:50 - 2021-07-05 12:20 - 000003416 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2021-08-01 17:50 - 2021-06-23 08:24 - 000001382 _____ C:\Users\berna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESET Online Scanner.lnk
2021-07-31 16:27 - 2021-06-29 11:03 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-07-31 09:24 - 2021-06-20 18:17 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-31 09:24 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-07-29 08:51 - 2021-07-05 12:23 - 001687526 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-29 08:51 - 2019-12-07 16:50 - 000755342 _____ C:\WINDOWS\system32\perfh00C.dat
2021-07-29 08:51 - 2019-12-07 16:50 - 000142148 _____ C:\WINDOWS\system32\perfc00C.dat
2021-07-29 08:44 - 2021-07-05 12:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-07-29 08:44 - 2021-06-19 11:21 - 000008192 ___SH C:\DumpStack.log.tmp
2021-07-28 13:21 - 2021-07-05 12:20 - 000004232 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1624117567
2021-07-28 13:21 - 2021-06-19 17:46 - 000001409 _____ C:\Users\berna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-07-28 13:17 - 2021-06-21 18:21 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-07-27 13:18 - 2021-06-19 17:33 - 000000000 ____D C:\Users\berna\Desktop\Girac
2021-07-26 10:15 - 2021-07-05 12:20 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-07-26 10:15 - 2021-06-23 09:06 - 000000000 ___RD C:\Users\Bernard\OneDrive
2021-07-26 10:15 - 2021-06-20 10:24 - 000002170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-07-26 10:15 - 2021-06-19 11:31 - 000000000 ___RD C:\Users\berna\OneDrive
2021-07-25 18:18 - 2021-06-19 11:30 - 000000000 ____D C:\Users\berna\AppData\Local\VirtualStore
2021-07-21 12:54 - 2021-07-05 12:20 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-07-21 07:29 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-19 17:48 - 2021-06-19 11:30 - 000000000 ____D C:\ProgramData\Packages
2021-07-19 13:29 - 2021-06-19 17:32 - 000017901 _____ C:\Users\berna\Desktop\Médicaments.xlsx
2021-07-19 12:53 - 2021-07-05 12:14 - 000446704 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-18 10:27 - 2021-07-05 11:32 - 000000000 ___DC C:\WINDOWS\Panther
2021-07-18 09:34 - 2021-06-25 07:21 - 000000000 ____D C:\Users\berna\AppData\Local\D3DSCache
2021-07-18 08:19 - 2021-06-24 11:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-16 17:07 - 2021-06-24 11:01 - 000001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2021-07-14 18:01 - 2021-06-22 17:09 - 000000000 ____D C:\Users\berna\Desktop\Utilitaires
2021-07-14 09:43 - 2021-07-05 11:43 - 000000000 ____D C:\Program Files\Hyper-V
2021-07-14 09:43 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-14 09:43 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-14 09:43 - 2019-12-07 11:03 - 002359296 _____ C:\WINDOWS\system32\config\BBI
2021-07-14 09:08 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-14 09:00 - 2021-06-20 13:27 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-14 08:59 - 2021-06-20 13:27 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-13 09:29 - 2021-06-19 12:03 - 000000000 ____D C:\ProgramData\Mozilla
2021-07-13 09:06 - 2021-06-19 12:04 - 000000000 ____D C:\Users\berna\AppData\Roaming\Mozilla
2021-07-11 13:30 - 2021-06-21 11:55 - 000000000 ____D C:\Users\berna\AppData\Roaming\QtProject
2021-07-11 09:33 - 2021-06-23 08:24 - 000000000 ____D C:\Users\berna\AppData\Local\ESET
2021-07-10 10:12 - 2021-06-19 13:32 - 000000000 ____D C:\Users\berna\Desktop\Divers
2021-07-10 08:46 - 2021-06-19 11:21 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
==================== Fichiers à la racine de certains dossiers ========
2021-06-19 18:37 - 2021-06-20 09:46 - 000000684 _____ () C:\Users\berna\AppData\Roaming\OEMSDKHASH.txt
2021-07-18 09:32 - 2021-07-18 09:32 - 000019483 _____ () C:\Users\berna\AppData\Local\PlariumPlay.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================