Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 01-09-2021
Exécuté par Begarie (administrateur) sur BEGARIE-HP (Hewlett-Packard p6514fr) (04-09-2021 20:08:29)
Exécuté depuis C:\Users\Begarie\Downloads
Profils chargés: Begarie & postgres
Platform: Windows 10 Pro Version 20H2 19042.1165 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(OpenOffice.org) [Fichier non signé] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(OpenOffice.org) [Fichier non signé] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\postgres.exe <5>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUBE.EXE
(Sun Microsystems, Inc. -> Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [HoldemManager.Server] => C:\Users\Begarie\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [1218 2019-12-12] () [Fichier non signé]
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUBE.EXE [416408 2017-05-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Begarie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Begarie\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\RunOnce: [Uninstall 21.139.0711.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Begarie\AppData\Local\Microsoft\OneDrive\21.139.0711.0001"
HKU\S-1-5-21-737747166-3725976222-688586907-1011\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-5100 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUBE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP 5512 Status Monitor: C:\WINDOWS\system32\hpinksts5512LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-17] (Google LLC -> Google LLC)
Startup: C:\Users\Begarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2016-12-19]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [Fichier non signé]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0B5514CA-0330-4713-8713-3C561B27E377} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {1F5B4F7B-CB6E-4AD8-B45E-5C9C7122F3F6} - System32\Tasks\EPSON XP-5100 Series Update {3D587D6F-513D-439F-853F-FF1B9547A037} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {30BE6F78-ADC1-4537-B44E-F50A07938CAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B36E169-5C19-4D01-966B-789A5D12FD93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55527EBA-B3CF-4AA5-956C-9167F6A9E4D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68A69469-9D6C-4305-A6F3-149BCD6A86F3} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {848A106C-FFB8-4D05-9615-8AE8F0E1BF34} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {B10BFF80-A65C-4DEF-9522-288FA35023F8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B3B0B155-67EF-4E91-980E-4A8664D2894D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {CBA06657-5142-4759-A6A4-BF0228B629EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD1CFEAB-E1A6-449E-9AE5-478623C9F88E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\EPSON XP-5100 Series Update {3D587D6F-513D-439F-853F-FF1B9547A037}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUBE.EXE:/EXE:{3D587D6F-513D-439F-853F-FF1B9547A037} /F:UpdateWORKGROUP\BEGARIE-HP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5d0b0463-9357-4806-8461-35d1f7e74703}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Begarie\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-29]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2016-12-19] (Sun Microsystems, Inc.) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default [2021-09-04]
CHR Notifications: Default -> hxxps://blog.jacquesdemeter.fr; hxxps://captcha-bros.com; hxxps://captchacheckout.top; hxxps://captchaverifier.top; hxxps://tinder.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.francecasse.fr; hxxps://www.netflix.com; hxxps://www.winamax.fr; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.lequipe.fr/"
CHR Extension: (Slides) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
CHR Extension: (Docs) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
CHR Extension: (Google Drive) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-08-08]
CHR Extension: (YouTube) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-04]
CHR Extension: (uBlock Origin) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-08-01]
CHR Extension: (Recherche Google) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Sheets) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-28]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-08]
CHR Profile: C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-22]
CHR Profile: C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-22]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-10-05] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-09-04] (Malwarebytes Inc -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-07-22] (PostgreSQL Global Development Group) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-08-09] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-09-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-07-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-07-24] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 20:08 - 2021-09-04 20:15 - 000020974 _____ C:\Users\Begarie\Downloads\FRST.txt
2021-09-04 19:18 - 2021-09-04 19:22 - 002302464 _____ (Farbar) C:\Users\Begarie\Downloads\FRST64 (2).exe
2021-09-04 14:28 - 2021-09-04 14:28 - 000002096 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-09-04 14:28 - 2021-09-04 14:28 - 000002096 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-09-04 14:27 - 2021-09-04 14:27 - 000002088 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-09-04 14:27 - 2021-09-04 14:27 - 000002066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-04 14:27 - 2021-08-09 14:57 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-09-04 13:41 - 2021-09-04 13:41 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-09-04 13:41 - 2021-09-04 13:41 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-09-04 13:41 - 2021-09-04 13:41 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-09-03 12:58 - 2021-09-03 12:58 - 000718238 _____ C:\Users\Begarie\Downloads\s1105_puma_transfert_resid_remp (1).pdf
2021-09-01 15:46 - 2021-09-01 15:46 - 001675724 _____ C:\Users\Begarie\Downloads\Devis 2106-075 - Construction d'un batiment agricole (BEGARIE à Poumarous - Fabien PUJOL) . (1).pdf
2021-08-31 13:47 - 2021-08-31 13:47 - 000234654 _____ C:\Users\Begarie\Downloads\1589_001 (1).pdf
2021-08-31 13:38 - 2021-08-31 13:38 - 001150366 _____ C:\Users\Begarie\Downloads\Devis_'00000405'.PDF
2021-08-23 11:18 - 2021-08-23 11:18 - 000100682 _____ C:\Users\Begarie\Downloads\Begarie bruno.pdf
2021-08-13 08:16 - 2021-08-13 08:18 - 005051755 _____ C:\Users\Begarie\Downloads\1705_MaterielAgricole_5115_DFBD.pdf
2021-08-13 08:14 - 2021-08-13 08:18 - 017904053 _____ C:\Users\Begarie\Downloads\cd0bbd6d-3579-49e8-b6ec-403501873dc3_(2).pdf
2021-08-11 04:23 - 2021-08-11 04:23 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2021-08-11 04:23 - 2021-08-11 04:23 - 000002243 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2021-08-11 03:51 - 2021-08-11 03:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-11 03:51 - 2021-08-11 03:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-11 03:50 - 2021-08-11 03:50 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-11 03:50 - 2021-08-11 03:50 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-11 03:48 - 2021-08-11 03:48 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-11 03:48 - 2021-08-11 03:48 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-11 03:46 - 2021-08-11 03:46 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-11 02:19 - 2021-08-11 02:19 - 000000000 ___HD C:\$WinREAgent
2021-08-08 16:39 - 2021-08-08 16:39 - 002309258 _____ C:\Users\Begarie\Downloads\PRESENTATION_TX_LOCATION_v2.pdf
2021-08-06 13:08 - 2021-08-06 13:08 - 000231546 _____ C:\Users\Begarie\Documents\img20210806_13083672.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 20:12 - 2015-05-31 21:50 - 000000000 ____D C:\FRST
2021-09-04 20:06 - 2021-03-09 19:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-04 19:48 - 2021-03-09 20:32 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CD49E3B9-70BD-494B-98CE-203066E9C5B4}
2021-09-04 19:27 - 2015-08-29 21:41 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-04 19:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-04 14:28 - 2020-08-18 13:38 - 000002075 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-09-04 14:28 - 2020-08-18 13:38 - 000002073 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-09-04 14:28 - 2020-08-18 13:38 - 000002063 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-09-04 14:28 - 2020-08-18 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-09-04 14:27 - 2020-08-13 01:47 - 000000000 ____D C:\Program Files\Google
2021-09-04 13:36 - 2020-10-16 18:10 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-09-04 13:36 - 2020-10-16 18:10 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-09-04 13:36 - 2020-07-16 09:07 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-04 13:36 - 2019-08-15 11:53 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-04 13:35 - 2019-08-15 11:53 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-09-04 12:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-04 12:26 - 2020-06-13 19:42 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-04 12:26 - 2020-06-13 19:42 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-04 12:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-04 12:21 - 2020-09-30 21:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-31 13:40 - 2020-01-27 22:59 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-30 12:55 - 2021-03-09 20:06 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-30 12:55 - 2019-12-07 16:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-30 12:55 - 2019-12-07 16:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-30 12:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-24 14:55 - 2021-03-09 20:32 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-737747166-3725976222-688586907-1001
2021-08-24 14:55 - 2021-03-09 19:49 - 000002425 _____ C:\Users\Begarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-24 09:42 - 2017-08-26 18:17 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-24 09:10 - 2021-03-09 20:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-24 09:10 - 2021-03-09 19:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-24 09:09 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-18 09:58 - 2021-04-26 04:40 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7150eac9e117d
2021-08-18 09:58 - 2021-03-09 20:32 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-17 01:22 - 2020-09-30 21:35 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-08-17 01:22 - 2020-02-19 01:54 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-11 04:42 - 2021-03-09 19:32 - 000378632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-11 04:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-11 04:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-11 04:34 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-11 04:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-11 04:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-11 04:33 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-11 04:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-11 04:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-11 00:21 - 2021-03-09 19:49 - 000000000 ____D C:\Users\postgres.Begarie-HP
2021-08-11 00:18 - 2021-03-09 19:49 - 000000000 ____D C:\Users\Begarie
2021-08-10 23:31 - 2015-08-29 23:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-10 23:26 - 2015-08-29 23:17 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-09 21:51 - 2017-12-21 20:54 - 000000000 ____D C:\Users\Begarie\AppData\Local\Packages
2021-08-09 11:35 - 2014-02-23 09:37 - 000000000 ___RD C:\Users\Begarie\OneDrive
==================== Fichiers à la racine de certains dossiers ========
2019-12-12 23:52 - 2019-12-12 23:53 - 000010028 _____ () C:\Users\Begarie\AppData\Roaming\Microsoft\83b968be-efe4-4a91-894a-ec489147e1aa
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par Begarie (administrateur) sur BEGARIE-HP (Hewlett-Packard p6514fr) (04-09-2021 20:08:29)
Exécuté depuis C:\Users\Begarie\Downloads
Profils chargés: Begarie & postgres
Platform: Windows 10 Pro Version 20H2 19042.1165 (X64) Langue: Français (France)
Navigateur par défaut: Edge
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe <2>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.102\GoogleCrashHandler64.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20206.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(OpenOffice.org) [Fichier non signé] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(OpenOffice.org) [Fichier non signé] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) [Fichier non signé] C:\postgreSQL\bin\postgres.exe <5>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Samsung Electronics CO., LTD. -> Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNAVI.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\spool\drivers\x64\3\E_YATIUBE.EXE
(Sun Microsystems, Inc. -> Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318248 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1572648 2016-01-08] (Samsung Electronics CO., LTD. -> Samsung)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4110568 2021-07-21] (Valve -> Valve Corporation)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [HoldemManager.Server] => C:\Users\Begarie\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk [1218 2019-12-12] () [Fichier non signé]
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIUBE.EXE [416408 2017-05-30] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Begarie\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\Begarie\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-737747166-3725976222-688586907-1001\...\RunOnce: [Uninstall 21.139.0711.0001] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Begarie\AppData\Local\Microsoft\OneDrive\21.139.0711.0001"
HKU\S-1-5-21-737747166-3725976222-688586907-1011\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\50.0.11.0\GoogleDriveFS.exe [53381464 2021-08-09] (Google LLC -> Google, Inc.)
HKLM\...\Print\Monitors\EPSON XP-5100 Series 64MonitorBE: C:\WINDOWS\system32\E_YLMBUBE.DLL [184832 2017-07-14] (Microsoft Windows Hardware Compatibility Publisher -> Seiko Epson Corporation)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\WINDOWS\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [Fichier non signé]
HKLM\...\Print\Monitors\HP 5512 Status Monitor: C:\WINDOWS\system32\hpinksts5512LM.dll [332176 2012-09-12] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.159\Installer\chrmstp.exe [2021-08-17] (Google LLC -> Google LLC)
Startup: C:\Users\Begarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2016-12-19]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [Fichier non signé]
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0B5514CA-0330-4713-8713-3C561B27E377} - System32\Tasks\Microsoft\Windows\rempl\shell => C:\Program Files\rempl\sedlauncher.exe
Task: {1F5B4F7B-CB6E-4AD8-B45E-5C9C7122F3F6} - System32\Tasks\EPSON XP-5100 Series Update {3D587D6F-513D-439F-853F-FF1B9547A037} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUBE.EXE [680440 2017-06-07] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
Task: {30BE6F78-ADC1-4537-B44E-F50A07938CAC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3B36E169-5C19-4D01-966B-789A5D12FD93} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {55527EBA-B3CF-4AA5-956C-9167F6A9E4D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {68A69469-9D6C-4305-A6F3-149BCD6A86F3} - \Microsoft\Windows\UNP\RunCampaignManager -> Pas de fichier <==== ATTENTION
Task: {848A106C-FFB8-4D05-9615-8AE8F0E1BF34} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {B10BFF80-A65C-4DEF-9522-288FA35023F8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {B3B0B155-67EF-4E91-980E-4A8664D2894D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {CBA06657-5142-4759-A6A4-BF0228B629EE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MpCmdRun.exe [673816 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {DD1CFEAB-E1A6-449E-9AE5-478623C9F88E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\EPSON XP-5100 Series Update {3D587D6F-513D-439F-853F-FF1B9547A037}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSUBE.EXE:/EXE:{3D587D6F-513D-439F-853F-FF1B9547A037} /F:UpdateWORKGROUP\BEGARIE-HP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{5d0b0463-9357-4806-8461-35d1f7e74703}: [DhcpNameServer] 192.168.1.254
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\WINDOWS\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\Begarie\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-29]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2016-12-19] (Sun Microsystems, Inc.) [Fichier non signé]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default [2021-09-04]
CHR Notifications: Default -> hxxps://blog.jacquesdemeter.fr; hxxps://captcha-bros.com; hxxps://captchacheckout.top; hxxps://captchaverifier.top; hxxps://tinder.com; hxxps://twitter.com; hxxps://www.facebook.com; hxxps://www.francecasse.fr; hxxps://www.netflix.com; hxxps://www.winamax.fr; hxxps://www.youtube.com
CHR StartupUrls: Default -> "hxxp://www.lequipe.fr/"
CHR Extension: (Slides) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-10]
CHR Extension: (Docs) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-10]
CHR Extension: (Google Drive) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (WOT pour la sécurité des sites Web et une navigation sûre) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2021-08-08]
CHR Extension: (YouTube) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-04]
CHR Extension: (uBlock Origin) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-08-01]
CHR Extension: (Recherche Google) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Sheets) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-10]
CHR Extension: (Google Docs hors connexion) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-28]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-09-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-08-08]
CHR Profile: C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-22]
CHR Profile: C:\Users\Begarie\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-22]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2017-10-05] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7497336 2021-09-04] (Malwarebytes Inc -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-07-22] (PostgreSQL Global Development Group) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5394872 2021-08-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\NisSrv.exe [2727416 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe [136656 2021-07-24] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [Fichier non signé]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [160176 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R1 googledrivefs3525; C:\WINDOWS\System32\DRIVERS\googledrivefs3525.sys [389640 2021-08-09] (Google LLC -> Google, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2020-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-09-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [68528 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-09-04] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [149424 2021-09-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49568 2021-07-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [434424 2021-07-24] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [78072 2021-07-24] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 20:08 - 2021-09-04 20:15 - 000020974 _____ C:\Users\Begarie\Downloads\FRST.txt
2021-09-04 19:18 - 2021-09-04 19:22 - 002302464 _____ (Farbar) C:\Users\Begarie\Downloads\FRST64 (2).exe
2021-09-04 14:28 - 2021-09-04 14:28 - 000002096 _____ C:\Users\Default\Desktop\Google Slides.lnk
2021-09-04 14:28 - 2021-09-04 14:28 - 000002096 _____ C:\Users\Default\Desktop\Google Sheets.lnk
2021-09-04 14:27 - 2021-09-04 14:27 - 000002088 _____ C:\Users\Default\Desktop\Google Docs.lnk
2021-09-04 14:27 - 2021-09-04 14:27 - 000002066 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2021-09-04 14:27 - 2021-08-09 14:57 - 000389640 _____ (Google, Inc.) C:\WINDOWS\system32\Drivers\googledrivefs3525.sys
2021-09-04 13:41 - 2021-09-04 13:41 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-09-04 13:41 - 2021-09-04 13:41 - 000149424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-09-04 13:41 - 2021-09-04 13:41 - 000068528 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-09-03 12:58 - 2021-09-03 12:58 - 000718238 _____ C:\Users\Begarie\Downloads\s1105_puma_transfert_resid_remp (1).pdf
2021-09-01 15:46 - 2021-09-01 15:46 - 001675724 _____ C:\Users\Begarie\Downloads\Devis 2106-075 - Construction d'un batiment agricole (BEGARIE à Poumarous - Fabien PUJOL) . (1).pdf
2021-08-31 13:47 - 2021-08-31 13:47 - 000234654 _____ C:\Users\Begarie\Downloads\1589_001 (1).pdf
2021-08-31 13:38 - 2021-08-31 13:38 - 001150366 _____ C:\Users\Begarie\Downloads\Devis_'00000405'.PDF
2021-08-23 11:18 - 2021-08-23 11:18 - 000100682 _____ C:\Users\Begarie\Downloads\Begarie bruno.pdf
2021-08-13 08:16 - 2021-08-13 08:18 - 005051755 _____ C:\Users\Begarie\Downloads\1705_MaterielAgricole_5115_DFBD.pdf
2021-08-13 08:14 - 2021-08-13 08:18 - 017904053 _____ C:\Users\Begarie\Downloads\cd0bbd6d-3579-49e8-b6ec-403501873dc3_(2).pdf
2021-08-11 04:23 - 2021-08-11 04:23 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2021-08-11 04:23 - 2021-08-11 04:23 - 000002243 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2021-08-11 03:51 - 2021-08-11 03:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-08-11 03:51 - 2021-08-11 03:51 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-08-11 03:50 - 2021-08-11 03:50 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-08-11 03:50 - 2021-08-11 03:50 - 000011347 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-08-11 03:48 - 2021-08-11 03:48 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-08-11 03:48 - 2021-08-11 03:48 - 001393480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-08-11 03:46 - 2021-08-11 03:46 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-08-11 02:19 - 2021-08-11 02:19 - 000000000 ___HD C:\$WinREAgent
2021-08-08 16:39 - 2021-08-08 16:39 - 002309258 _____ C:\Users\Begarie\Downloads\PRESENTATION_TX_LOCATION_v2.pdf
2021-08-06 13:08 - 2021-08-06 13:08 - 000231546 _____ C:\Users\Begarie\Documents\img20210806_13083672.pdf
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-09-04 20:12 - 2015-05-31 21:50 - 000000000 ____D C:\FRST
2021-09-04 20:06 - 2021-03-09 19:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-04 19:48 - 2021-03-09 20:32 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{CD49E3B9-70BD-494B-98CE-203066E9C5B4}
2021-09-04 19:27 - 2015-08-29 21:41 - 000000000 ____D C:\Program Files (x86)\Google
2021-09-04 19:26 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-04 14:28 - 2020-08-18 13:38 - 000002075 _____ C:\Users\Public\Desktop\Google Slides.lnk
2021-09-04 14:28 - 2020-08-18 13:38 - 000002073 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2021-09-04 14:28 - 2020-08-18 13:38 - 000002063 _____ C:\Users\Public\Desktop\Google Docs.lnk
2021-09-04 14:28 - 2020-08-18 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2021-09-04 14:27 - 2020-08-13 01:47 - 000000000 ____D C:\Program Files\Google
2021-09-04 13:36 - 2020-10-16 18:10 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-09-04 13:36 - 2020-10-16 18:10 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-09-04 13:36 - 2020-07-16 09:07 - 000002035 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-04 13:36 - 2019-08-15 11:53 - 000002023 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-04 13:35 - 2019-08-15 11:53 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-09-04 12:27 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-04 12:26 - 2020-06-13 19:42 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-04 12:26 - 2020-06-13 19:42 - 000002282 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-04 12:26 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-04 12:21 - 2020-09-30 21:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-31 13:40 - 2020-01-27 22:59 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-30 12:55 - 2021-03-09 20:06 - 001770910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-08-30 12:55 - 2019-12-07 16:50 - 000791762 _____ C:\WINDOWS\system32\perfh00C.dat
2021-08-30 12:55 - 2019-12-07 16:50 - 000149928 _____ C:\WINDOWS\system32\perfc00C.dat
2021-08-30 12:55 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-08-24 14:55 - 2021-03-09 20:32 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-737747166-3725976222-688586907-1001
2021-08-24 14:55 - 2021-03-09 19:49 - 000002425 _____ C:\Users\Begarie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-24 09:42 - 2017-08-26 18:17 - 000000000 ____D C:\Program Files (x86)\Steam
2021-08-24 09:10 - 2021-03-09 20:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-24 09:10 - 2021-03-09 19:31 - 000008192 ___SH C:\DumpStack.log.tmp
2021-08-24 09:09 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-18 09:58 - 2021-04-26 04:40 - 000003540 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7150eac9e117d
2021-08-18 09:58 - 2021-03-09 20:32 - 000003634 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-17 01:22 - 2020-09-30 21:35 - 000486728 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-08-17 01:22 - 2020-02-19 01:54 - 000740168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-08-11 04:42 - 2021-03-09 19:32 - 000378632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-08-11 04:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-08-11 04:35 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-08-11 04:34 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-08-11 04:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-08-11 04:34 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-08-11 04:33 - 2019-12-07 16:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-08-11 04:33 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-08-11 04:33 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-08-11 04:03 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-08-11 00:21 - 2021-03-09 19:49 - 000000000 ____D C:\Users\postgres.Begarie-HP
2021-08-11 00:18 - 2021-03-09 19:49 - 000000000 ____D C:\Users\Begarie
2021-08-10 23:31 - 2015-08-29 23:17 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-08-10 23:26 - 2015-08-29 23:17 - 133215968 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-08-09 21:51 - 2017-12-21 20:54 - 000000000 ____D C:\Users\Begarie\AppData\Local\Packages
2021-08-09 11:35 - 2014-02-23 09:37 - 000000000 ___RD C:\Users\Begarie\OneDrive
==================== Fichiers à la racine de certains dossiers ========
2019-12-12 23:52 - 2019-12-12 23:53 - 000010028 _____ () C:\Users\Begarie\AppData\Roaming\Microsoft\83b968be-efe4-4a91-894a-ec489147e1aa
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================