Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-04-2021
Exécuté par nardi (administrateur) sur BATIELEC (LENOVO 20NB001AFR) (01-05-2021 22:05:46)
Exécuté depuis C:\Users\nardi\Desktop
Profils chargés: nardi
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\LegrandGroup\ACWEBTool\ACWEBTool.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.2.10.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.2.10.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkTrayApp.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577b4722c749a41f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_997a69017605b77c\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_997a69017605b77c\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fafb1d329fdfe2c6\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tposd.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_10.2101.9.0_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(pCloud AG -> pCloud AG) C:\Program Files\pCloud Drive\pCloud.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\AFA\CAudioFilterAgent64.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\Flow.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\SA3\SmartAudio3.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\SACmd\SASrv.exe
(Synaptics Incorporated -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagPriv.exe
(ultracopier.first-world.info) [Fichier non signé] C:\Program Files (x86)\Ultracopier\ultracopier.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [DisplayLinkTrayApp] => C:\Program Files\DisplayLink Core Software\DisplayLinkTrayApp.exe [2730928 2020-09-08] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe [8940000 2020-07-29] (TechSmith Corporation -> TechSmith Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2013-03-22] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [RunPUMonitor] => C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe [515560 2020-07-08] (HP Inc. -> HP Development Company, L.P.)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [3312128 2021-04-16] (pCloud AG -> pCloud AG)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [Opera Browser Assistant] => C:\Users\nardi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [253544 2021-04-07] (eM Client, s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [ultracopier] => C:\Program Files (x86)\Ultracopier\ultracopier.exe [1318400 2016-01-02] (ultracopier.first-world.info) [Fichier non signé]
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\MountPoints2: {b86ac967-52a7-11eb-9044-087190c1dde6} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\Windows\system32\custmon64.dll [87040 2010-12-10] () [Fichier non signé]
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2152192 2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\90.1.23.75\Installer\chrmstp.exe [2021-04-29] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mailspring.lnk [2021-03-28]
ShortcutTarget: Mailspring.lnk -> C:\Users\nardi\AppData\Local\Mailspring\Update.exe (Foundry 376, LLC -> )
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0E925EC2-7231-4C53-BD13-EDB0C6EDE32C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION
Task: {11EC0C5F-B79B-4E0C-9827-62A2ADA52096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {1557A6F4-40C6-4761-906C-629C500B5F33} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {199B83E0-67BA-4FC7-8894-B1BA5C381CBF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {199EF64A-1995-425C-9304-9A67E31451D1} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> )
Task: {1B3B8F88-7859-4680-B1F3-868C8FCE7956} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1D8A4823-B2A7-4CB1-B59E-9BA51DD4A88A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {293B76D6-7A33-4C28-B595-4B45C2029B2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {29C65980-8ACA-4154-9F9E-160DAE08A288} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {2C9047EA-F331-4ADA-A57A-235A3BD3591C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {3D69D2AB-B75E-4715-A32E-0B596CA35FFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {483A351B-DEE5-4BD5-8990-FC5248574AC4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {59538E53-D14E-49CA-8385-2AE0A96EFB6C} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {61C6D25E-C133-4C51-A0B1-7EE910B6379B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\21c84fbc-08d7-45aa-bdc9-2027cf567e6d => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {74515C04-6275-40D2-BA70-E0BD74AD1D5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {754AF393-9F79-4863-927E-D9B8611E1246} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {886922CE-2A3D-40FA-A2CF-29C2FB377A6D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\73e8f580-a923-4b87-bd7f-7510146ea6d4 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {92464DC2-ABDC-4970-8E05-7EC27A02BC30} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a84f48fa-db1f-440e-a5c9-bac2ff3f14e0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {9689C117-371C-40ED-A63A-2DD036A7E7A2} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {984ED0CC-BE39-4B6A-99FE-A72E9EE1CE0E} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
Task: {A06D740F-3D06-43E9-BD9D-F21FD4602B0A} - System32\Tasks\Opera scheduled assistant Autoupdate 1601613860 => C:\Users\nardi\AppData\Local\Programs\Opera\launcher.exe [1596568 2021-04-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nardi\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A2493ED2-39E1-4033-93B1-CFD3B488AC42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D642FE3D-BF11-4C26-8AA2-9FC0B08306C7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {D9DBA6A8-F53F-4AB4-B439-515EFC8D176A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {E93F2A2E-7270-48B0-BD88-3D5B5A783115} - System32\Tasks\Opera scheduled Autoupdate 1601613858 => C:\Users\nardi\AppData\Local\Programs\Opera\launcher.exe [1596568 2021-04-26] (Opera Software AS -> Opera Software)
Task: {EE6FCDF9-443F-4869-BEC3-FAD1CF2A7FE3} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
Task: {F0D92999-F009-4DA0-9BF9-0043CFEE3F06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F42FE52C-705F-40BC-AEC9-CF0D11A7A4CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Framework => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {FF2C6F08-0667-41B2-AF72-664627D1D35B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bd209260-016b-4e18-86b7-357705d9e9a6 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {FFDFA6A3-F29B-40FD-A74C-29D2B7F7CF23} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-28] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{5be9789f-0c7b-4459-9a52-2ee82f170525}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{70364293-1465-4ba2-ab5a-299762b6a75c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{7f2303ea-b3ca-47c6-bb58-b38cf45c86c8}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{84a4f1aa-465e-415b-b927-1be48237c812}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{87b659eb-5dae-4d3d-a2a9-2b4c925d9d34}: [DhcpNameServer] 10.0.0.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\nardi\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-01]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: kezc5ewg.default
FF DefaultProfile: 0lj4fk6e.default
FF ProfilePath: C:\Users\nardi\AppData\Roaming\PostboxApp\Profiles\kezc5ewg.default [2021-05-01]
FF Extension: (Dictionnaire français) - C:\Users\nardi\AppData\Roaming\PostboxApp\Profiles\kezc5ewg.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2020-10-02] []
FF Extension: (Cloud Service Providers for Postbox) - C:\Users\nardi\AppData\Roaming\PostboxApp\Profiles\kezc5ewg.default\Extensions\pbfilelink@postbox-inc.com.xpi [2021-01-21] [] [non signé]
FF ProfilePath: C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\0lj4fk6e.default [2021-02-07]
FF NewTab: Mozilla\Firefox\Profiles\0lj4fk6e.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-10-02 03:45:46&bName=&bitmask=0600
FF ProfilePath: C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release [2021-04-26]
FF NewTab: Mozilla\Firefox\Profiles\9613f9fc.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-10-02 03:45:46&bName=&bitmask=0600
FF Extension: (Ant Video downloader) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\anttoolbar@ant.com.xpi [2021-02-19]
FF Extension: (FoxReplace) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\fox@replace.fx.xpi [2020-10-02]
FF Extension: (uBlock Origin) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-03-28]
FF Extension: (Logitech SetPoint) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2020-12-13]
FF Extension: (Video DownloadHelper) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-21]
FF Extension: (Téléchargez les vidéos Dailymotion) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\{f17159cf-e1b2-4f87-8adb-cd0cda9669b1}.xpi [2020-10-02]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-12-18] [non signé]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1067856238-1444573327-3062315761-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1067856238-1444573327-3062315761-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1067856238-1444573327-3062315761-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable [2021-05-01]
OPR Notifications: Opera Stable -> hxxps://allhugefeed.com; hxxps://business.facebook.com; hxxps://web.skype.com; hxxps://web.whatsapp.com; hxxps://www.20minutes.fr; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.gearbest.com; hxxps://www.gentside.com; hxxps://www.maisonsdumonde.com; hxxps://www.maxisciences.com; hxxps://www.messenger.com; hxxps://www.pinterest.fr; hxxps://www.tirexo.pro; hxxps://www.zone-telechargement.al
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Bitwarden - Gestionnaire de mots de passe gratuit) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccnckbpmaceehanjmeomladnmlffdjgn [2021-03-13]
OPR Extension: (Rich Hints Agent) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-19]
OPR Extension: (Installer des extensions Chrome) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-27]
OPR Extension: (Notion Web Clipper) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\knheggckgoiihginacbkhaalnibhilkk [2021-02-23]
OPR Extension: (Mercury Reader) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2021-02-13]
OPR Extension: (Chrome Media Router) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\pphjpkjjljnllpnebififokmoejkeahp [2021-02-12]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-27]
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-15]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-01]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-27]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-11-22]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-03-27]
BRA Extension: (Brave User Model Installer) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2021-01-25]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-11-15]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-11-15]
BRA Extension: (Brave NTP sponsored images) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-03-27]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACWEBTool; C:\Program Files (x86)\LegrandGroup\ACWEBTool\ACWEBTool.exe [69120 2016-06-10] () [Fichier non signé]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Fichier non signé]
R2 CxAudioSvc; C:\Windows\CxSvc\CxAudioSvc.exe [84840 2020-08-20] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxAudMsg; C:\Windows\System32\CxAudMsg64.exe [234856 2020-08-20] (Synaptics Incorporated -> Conexant Systems Inc.)
R2 CxUIUSvc; C:\Windows\System32\CxUIUSvc64.exe [113464 2020-08-20] (Synaptics Incorporated -> Conexant Systems, Inc.)
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe [28592 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LITSSvc.exe [924872 2021-01-14] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [898776 2021-03-01] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo -> Lenovo Group Limited)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Lenovo Instant On; "C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 cbfsconnect2017; C:\Windows\system32\drivers\cbfsconnect2017.sys [481296 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [76520 2016-10-27] (Cypress Semiconductor Technology India Pvt Ltd. -> Cypress Semiconductor)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-05-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [37984 2021-03-01] (Lenovo -> Lenovo.)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1005664 2021-01-20] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 vl810filter; C:\Windows\System32\Drivers\vl810filter.sys [26176 2019-05-07] (VIA TECHNOLOGIES, INC. -> VIA Labs, Inc.)
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [20704 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-01 22:05 - 2021-05-01 22:06 - 000036442 _____ C:\Users\nardi\Desktop\FRST.txt
2021-05-01 22:05 - 2021-05-01 22:06 - 000000000 ____D C:\FRST
2021-05-01 22:04 - 2021-05-01 22:04 - 002298368 _____ (Farbar) C:\Users\nardi\Desktop\FRST64.exe
2021-05-01 22:01 - 2021-05-01 22:01 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-05-01 21:54 - 2021-05-01 21:54 - 000483526 _____ C:\Users\nardi\Desktop\KEbtDxqF2c5_CleProductKey.zip
2021-05-01 21:54 - 2021-05-01 21:54 - 000000379 _____ C:\Users\nardi\Desktop\Notes.txt
2021-05-01 21:54 - 2021-05-01 21:54 - 000000000 ____D C:\Users\nardi\Desktop\KEbtDxqF2c5_CleProductKey
2021-05-01 13:36 - 2021-05-01 13:36 - 000002517 _____ C:\Users\Public\Desktop\pCloud Drive.lnk
2021-05-01 13:36 - 2021-05-01 13:36 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\pCloud Drive.lnk
2021-05-01 13:36 - 2021-05-01 13:36 - 000000000 ____D C:\Program Files\pCloud Drive
2021-04-30 18:19 - 2021-04-30 18:45 - 000194212 _____ C:\Users\nardi\Desktop\Vestiaire Bâtiment 8 - Modèle schéma.pdf
2021-04-30 16:13 - 2021-04-30 16:14 - 000187663 _____ C:\Users\nardi\Desktop\essai.pdf
2021-04-30 16:01 - 2021-04-30 16:17 - 000001191 _____ C:\Windows\HRCM.INI
2021-04-30 16:01 - 2021-04-30 16:01 - 000002093 _____ C:\Users\nardi\Desktop\EcoStruxure Power Build - Rapsody FR V2.1.19.lnk
2021-04-30 16:01 - 2021-04-30 16:01 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schneider Electric
2021-04-30 15:54 - 2021-04-30 15:58 - 214143632 _____ C:\Users\nardi\Downloads\EcoStruxure Power Build - Rapsody_V2.1.19FR_setup.exe
2021-04-29 19:57 - 2021-04-29 19:57 - 000000000 ____D C:\Users\nardi\Apple
2021-04-28 16:50 - 2021-04-28 16:50 - 000004194 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1601613858
2021-04-28 16:50 - 2021-04-28 16:50 - 000001393 _____ C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-04-28 14:15 - 2021-04-28 14:15 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-04-27 21:17 - 2021-04-27 21:17 - 000046946 _____ C:\Users\nardi\Desktop\Le Serac - Modèle étiquettes.pdf
2021-04-27 06:25 - 2021-04-27 06:25 - 000010550 _____ C:\Users\nardi\Downloads\f (2).txt
2021-04-27 06:24 - 2021-04-27 06:24 - 000009750 _____ C:\Users\nardi\Downloads\f (1).txt
2021-04-19 18:03 - 2021-04-19 18:03 - 002001677 _____ C:\Users\nardi\Downloads\Ferme Dunant (1).pdf
2021-04-18 17:29 - 2021-04-18 17:29 - 000061145 _____ C:\Users\nardi\Downloads\32100323540.pdf
2021-04-18 17:17 - 2021-04-18 17:17 - 000164808 _____ C:\Users\nardi\Downloads\solocal_invoice_F18299017.pdf
2021-04-18 17:12 - 2021-04-18 17:12 - 000072601 _____ C:\Users\nardi\Downloads\202103_50996895_10946753_Invoice.pdf
2021-04-18 14:52 - 2021-04-18 14:52 - 000555584 _____ C:\Users\nardi\Downloads\3703491963_FRE_20210418_145236.PDF
2021-04-17 16:17 - 2021-04-17 16:17 - 000000000 ____D C:\Users\nardi\AppData\Local\pCloud_AG
2021-04-16 19:39 - 2021-04-16 19:39 - 000126633 _____ C:\Users\nardi\Downloads\Attestation60121000186612.pdf
2021-04-16 18:55 - 2021-04-16 18:55 - 000015081 _____ C:\Users\nardi\Downloads\f.txt
2021-04-16 15:32 - 2021-04-16 15:32 - 001246327 _____ C:\Users\nardi\Downloads\CR 1133013-éclairage artificiel bâtiments ruminants (1).pdf
2021-04-16 15:13 - 2021-04-16 15:41 - 001725973 _____ C:\Users\nardi\Downloads\Ferme Dunant.pdf
2021-04-16 11:20 - 2021-04-16 11:20 - 001246327 _____ C:\Users\nardi\Downloads\CR 1133013-éclairage artificiel bâtiments ruminants.pdf
2021-04-14 14:02 - 2021-04-14 14:02 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-04-14 14:02 - 2021-04-14 14:02 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-04-14 14:02 - 2021-04-14 14:02 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-04-13 11:30 - 2021-04-13 11:30 - 000000000 ____D C:\Users\nardi\AppData\Roaming\FLEXnet
2021-04-13 11:28 - 2021-04-13 11:29 - 034978992 _____ C:\Users\nardi\Downloads\EcoStruxure Power Design - Ecodial FR V4.9.1.exe
2021-04-12 15:07 - 2021-04-12 16:51 - 000319067 _____ C:\Users\nardi\Desktop\Le Serac - Modèle schéma.pdf
2021-04-12 14:38 - 2021-04-28 06:37 - 000167898 _____ C:\Users\nardi\Desktop\Le Serac.xl2
2021-04-11 10:28 - 2021-04-12 11:54 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parental Controls
2021-04-11 10:28 - 2021-04-11 10:28 - 000001047 _____ C:\Windows\system32\parent.lnk
2021-04-10 14:56 - 2021-04-10 14:56 - 000276645 _____ C:\Users\nardi\Downloads\Facture_certifiee_20000379290421_09042021.pdf
2021-04-09 07:42 - 2021-04-09 07:42 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-04-09 07:41 - 2021-04-09 07:42 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-04-08 23:33 - 2021-04-08 23:33 - 000113213 _____ C:\Users\nardi\Desktop\Fraix Burnet Marcel - Modèle étiquettes.xlsx
2021-04-08 22:33 - 2021-04-08 22:33 - 000064762 _____ C:\Users\nardi\Desktop\Fraix Burnet Marcel - Modèle étiquettes.pdf
2021-04-08 22:23 - 2021-04-08 22:23 - 000044792 _____ C:\Users\nardi\Desktop\Lateur - Modèle étiquettes.xlsx
2021-04-08 22:22 - 2021-04-08 22:22 - 000088881 _____ C:\Users\nardi\Desktop\Lateur.xl2
2021-04-08 21:04 - 2021-04-08 22:28 - 000150702 _____ C:\Users\nardi\Desktop\Lateur - Modèle schéma.pdf
2021-04-08 17:45 - 2021-04-08 23:31 - 000524963 _____ C:\Users\nardi\Desktop\Fraix Burnet Marcel - Modèle schéma.pdf
2021-04-06 21:00 - 2021-04-30 18:19 - 000000000 ____D C:\Users\nardi\AppData\Local\CUSTPDF Writer
2021-04-06 06:50 - 2021-04-08 23:33 - 000242269 _____ C:\Users\nardi\Desktop\Fraix Burnet.xl2
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\Users\nardi\Documents\Legrand
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legrand
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\Program Files (x86)\Legrand
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\Program Files (x86)\GPLGS
2021-04-06 06:27 - 2010-12-10 11:24 - 000087040 _____ C:\Windows\system32\custmon64.dll
2021-04-06 06:26 - 2021-04-06 06:26 - 000000000 ____D C:\LEG
2021-04-05 16:54 - 2021-04-05 16:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-01 22:06 - 2020-10-01 07:35 - 001763164 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-01 22:06 - 2019-12-07 16:49 - 000791086 _____ C:\Windows\system32\perfh00C.dat
2021-05-01 22:06 - 2019-12-07 16:49 - 000149918 _____ C:\Windows\system32\perfc00C.dat
2021-05-01 22:06 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-05-01 22:04 - 2021-02-02 20:05 - 000000000 ____D C:\Users\nardi\AppData\Roaming\eM Client
2021-05-01 22:03 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-01 22:01 - 2020-10-06 17:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-01 22:01 - 2020-10-01 07:37 - 000000000 ____D C:\Intel
2021-05-01 22:01 - 2020-10-01 07:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-01 22:01 - 2020-10-01 07:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-01 22:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-05-01 22:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-01 22:01 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-05-01 21:59 - 2020-12-31 00:22 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Bitwarden
2021-05-01 21:53 - 2020-10-01 07:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-05-01 19:32 - 2020-11-26 12:53 - 000000000 ____D C:\Users\nardi\AppData\Local\CrashDumps
2021-05-01 18:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-05-01 18:47 - 2020-10-02 06:48 - 000000000 ____D C:\Users\nardi\AppData\LocalLow\Mozilla
2021-05-01 18:43 - 2020-12-31 17:18 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Notion
2021-05-01 17:44 - 2020-10-01 07:37 - 000000000 ____D C:\Users\nardi\AppData\Local\Packages
2021-05-01 17:01 - 2020-10-23 21:20 - 000004164 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A8246BF8-23D8-478B-A321-64EED8450869}
2021-05-01 13:37 - 2020-10-02 17:14 - 000000000 ____D C:\Users\nardi\AppData\Local\pCloud
2021-05-01 13:36 - 2020-10-02 07:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-01 11:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-01 11:56 - 2020-10-10 13:15 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-30 18:46 - 2020-10-02 07:35 - 000013245 _____ C:\Windows\BRRBCOM.INI
2021-04-30 16:18 - 2020-12-20 15:26 - 000000000 ____D C:\TEMP
2021-04-30 16:01 - 2020-12-20 15:26 - 000000000 ____D C:\Schneider Electric
2021-04-30 16:01 - 2020-12-20 15:26 - 000000000 ____D C:\Program Files (x86)\Schneider
2021-04-29 19:57 - 2021-01-31 17:18 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Apple Computer
2021-04-29 19:57 - 2020-10-02 21:02 - 000000000 ____D C:\ProgramData\Apple
2021-04-29 19:57 - 2020-10-01 07:35 - 000000000 ____D C:\Users\nardi
2021-04-29 05:15 - 2020-11-15 16:16 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-04-28 06:37 - 2020-12-19 20:35 - 000000000 ____D C:\Users\nardi\Documents\Apowersoft PDF Converter
2021-04-26 18:09 - 2021-03-28 13:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-26 18:09 - 2020-10-02 06:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-26 14:21 - 2020-10-01 18:47 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2021-04-26 14:17 - 2020-10-10 13:19 - 000000000 ____D C:\Windows\Lenovo
2021-04-26 14:17 - 2020-10-01 18:47 - 000000000 ____D C:\Users\nardi\AppData\Local\Lenovo
2021-04-26 14:17 - 2020-10-01 18:47 - 000000000 ____D C:\ProgramData\Lenovo
2021-04-26 00:51 - 2020-10-10 13:15 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 00:51 - 2020-10-10 13:15 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-18 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2021-04-14 20:29 - 2020-10-04 21:13 - 000000000 ____D C:\Users\nardi\AppData\Roaming\vlc
2021-04-14 18:56 - 2020-10-01 07:26 - 001813512 _____ C:\Windows\system32\FNTCACHE.DAT
2021-04-14 18:55 - 2020-09-12 13:16 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-04-14 14:04 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-04-14 14:02 - 2020-10-01 07:29 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-04-14 13:16 - 2020-10-01 19:16 - 000000000 ____D C:\Windows\system32\MRT
2021-04-14 13:13 - 2020-10-01 19:16 - 131963968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-04-11 12:34 - 2020-10-01 07:26 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-04-11 10:30 - 2021-03-02 08:12 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Max Lock Softwareentwicklung
2021-04-11 10:26 - 2020-11-22 13:15 - 000000000 ____D C:\Users\nardi\AppData\Local\SquirrelTemp
2021-04-09 12:24 - 2021-03-28 17:13 - 000000000 ____D C:\Users\nardi\AppData\Local\Mailspring
2021-04-09 12:23 - 2020-10-02 06:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-07 07:33 - 2020-10-10 13:20 - 000006613 _____ C:\Windows\system32\InstallUtil.InstallLog
2021-04-06 06:26 - 2020-12-13 13:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-05 16:54 - 2020-10-02 06:48 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-05 13:37 - 2021-01-05 07:22 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-04-02 19:27 - 2021-02-12 08:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================
Exécuté par nardi (administrateur) sur BATIELEC (LENOVO 20NB001AFR) (01-05-2021 22:05:46)
Exécuté depuis C:\Users\nardi\Desktop
Profils chargés: nardi
Platform: Windows 10 Pro Version 20H2 19042.928 (X64) Langue: Français (France)
Navigateur par défaut: Opera
Mode d'amorçage: Normal
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\LegrandGroup\ACWEBTool\ACWEBTool.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.2.10.0_x86__nzyj5cx40ttqa\iCloud\APSDaemon.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iCloud_12.2.10.0_x86__nzyj5cx40ttqa\iCloud\iCloudServices.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12113.17.53090.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) [Fichier non signé] C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Conexant Systems LLC -> Conexant Systems, Inc.) C:\Windows\CxSvc\CxUtilSvc.exe
(DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkTrayApp.exe
(Dolby Laboratories, Inc. -> ) C:\Windows\System32\dolbyaposvc\DAX3API.exe <2>
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\GCP.ML.BackgroundSysTray\IGCCTray.exe
(INTEL CORP) C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3282.0_x64__8j3eq9eme6ctt\IGCC.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_4a3ae74cfa6c37d6\esif_uf.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_0b214be229a13e84\jhi_service.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_efb119a73d6b56f6\igfxCUIService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_577b4722c749a41f\OneApp.IGCC.WinService.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_997a69017605b77c\IntelCpHDCPSvc.exe
(Intel(R) pGFX 2020 -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_997a69017605b77c\IntelCpHeciSvc.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\sgx_psw.inf_amd64_fafb1d329fdfe2c6\aesm_service.exe
(Intel(R) Trust Services -> Intel(R) Corporation) C:\Windows\System32\DriverStore\FileRepository\iclsclient.inf_amd64_75ffca5eec865b4b\lib\SocketHeciServer.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\shtctky.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tphkload.exe
(Lenovo -> Lenovo Group Limited) C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\tposd.exe
(Lenovo -> Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe
(Lenovo -> Lenovo Group Ltd.) C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Lenovo -> Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Lenovo -> Lenovo.) C:\Windows\System32\LITSSvc.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\LAClient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2103.17603.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2103.8.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsMaps_10.2101.9.0_x64__8wekyb3d8bbwe\Maps.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe
(pCloud AG -> pCloud AG) C:\Program Files\pCloud Drive\pCloud.exe
(Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\AFA\CAudioFilterAgent64.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\Flow\Flow1\Flow.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\SA3\SmartAudio3.exe
(Synaptics Hong Kong Limited, Taiwan Branch (H.K.)) C:\Program Files\WindowsApps\22094SynapticsIncorporate.SmartAudio3_1.0.85.0_x64__qt57b6kdvhcfw\SACmd\SASrv.exe
(Synaptics Incorporated -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Synaptics Incorporated -> Conexant Systems LLC.) C:\Windows\CxSvc\CxAudioSvc.exe
(Synaptics Incorporated -> Conexant Systems, Inc.) C:\Windows\System32\CxUIUSvc64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagitEditor.exe
(TechSmith Corporation -> TechSmith Corporation) C:\Program Files\TechSmith\Snagit 2019\SnagPriv.exe
(ultracopier.first-world.info) [Fichier non signé] C:\Program Files (x86)\Ultracopier\ultracopier.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [DisplayLinkTrayApp] => C:\Program Files\DisplayLink Core Software\DisplayLinkTrayApp.exe [2730928 2020-09-08] (DISPLAYLINK (UK) LIMITED -> DisplayLink Corp.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1667208 2020-11-24] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3136136 2020-11-21] (Logitech Inc -> Logitech, Inc.)
HKLM\...\Run: [TechSmithSnagit] => C:\Program Files\TechSmith\Snagit 2019\Snagit32.exe [8940000 2020-07-29] (TechSmith Corporation -> TechSmith Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [146584 2017-11-07] (Brother Industries, Ltd. -> Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4522496 2013-03-22] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [RunPUMonitor] => C:\Program Files (x86)\HP\HP DesignJet Utility\DesignJet Utility\HPDesignJetUtility.exe [515560 2020-07-08] (HP Inc. -> HP Development Company, L.P.)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [pCloud] => C:\Program Files\pCloud Drive\pCloud.exe [3312128 2021-04-16] (pCloud AG -> pCloud AG)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [Opera Browser Assistant] => C:\Users\nardi\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [3154456 2020-11-25] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [253544 2021-04-07] (eM Client, s.r.o. -> eM Client s.r.o.)
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\Run: [ultracopier] => C:\Program Files (x86)\Ultracopier\ultracopier.exe [1318400 2016-01-02] (ultracopier.first-world.info) [Fichier non signé]
HKU\S-1-5-21-1067856238-1444573327-3062315761-1001\...\MountPoints2: {b86ac967-52a7-11eb-9044-087190c1dde6} - "G:\HiSuiteDownLoader.exe"
HKLM\...\Print\Monitors\CUSTPDF Writer Monitor x86: C:\Windows\system32\custmon64.dll [87040 2010-12-10] () [Fichier non signé]
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\Windows\system32\pxcpmL.dll [2152192 2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\90.1.23.75\Installer\chrmstp.exe [2021-04-29] (Brave Software, Inc. -> Brave Software, Inc.)
Startup: C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mailspring.lnk [2021-03-28]
ShortcutTarget: Mailspring.lnk -> C:\Users\nardi\AppData\Local\Mailspring\Update.exe (Foundry 376, LLC -> )
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {0E925EC2-7231-4C53-BD13-EDB0C6EDE32C} - \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask -> Pas de fichier <==== ATTENTION
Task: {11EC0C5F-B79B-4E0C-9827-62A2ADA52096} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {1557A6F4-40C6-4761-906C-629C500B5F33} - \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance -> Pas de fichier <==== ATTENTION
Task: {199B83E0-67BA-4FC7-8894-B1BA5C381CBF} - System32\Tasks\Lenovo\Vantage\Lenovo.Vantage.ServiceMaintainance => %systemroot%\system32\sc.exe start LenovoVantageService
Task: {199EF64A-1995-425C-9304-9A67E31451D1} - System32\Tasks\Lenovo\Power Manager\Uninstall task => C:\Windows\SysWOW64\PowerMgrInst.exe [62152 2020-12-20] (Lenovo -> )
Task: {1B3B8F88-7859-4680-B1F3-868C8FCE7956} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1D8A4823-B2A7-4CB1-B59E-9BA51DD4A88A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {293B76D6-7A33-4C28-B595-4B45C2029B2F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {29C65980-8ACA-4154-9F9E-160DAE08A288} - System32\Tasks\Lenovo\BatteryGauge\BatteryGaugeMaintenance => C:\ProgramData\Lenovo\ImController\Plugins\LenovoBatteryGaugePackage\x64\BGHelper.exe [143888 2021-03-02] (Lenovo -> Lenovo Group Ltd.)
Task: {2C9047EA-F331-4ADA-A57A-235A3BD3591C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {3D69D2AB-B75E-4715-A32E-0B596CA35FFB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {483A351B-DEE5-4BD5-8990-FC5248574AC4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {59538E53-D14E-49CA-8385-2AE0A96EFB6C} - System32\Tasks\Lenovo\Power Manager\Background monitor => C:\Windows\SysWOW64\Lenovo\PowerMgr\PowerMgr.exe
Task: {61C6D25E-C133-4C51-A0B1-7EE910B6379B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\21c84fbc-08d7-45aa-bdc9-2027cf567e6d => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {74515C04-6275-40D2-BA70-E0BD74AD1D5E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {754AF393-9F79-4863-927E-D9B8611E1246} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {886922CE-2A3D-40FA-A2CF-29C2FB377A6D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\73e8f580-a923-4b87-bd7f-7510146ea6d4 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {92464DC2-ABDC-4970-8E05-7EC27A02BC30} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a84f48fa-db1f-440e-a5c9-bac2ff3f14e0 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {9689C117-371C-40ED-A63A-2DD036A7E7A2} - \Lenovo\ImController\Lenovo iM Controller Monitor -> Pas de fichier <==== ATTENTION
Task: {984ED0CC-BE39-4B6A-99FE-A72E9EE1CE0E} - System32\Tasks\Lenovo\Vantage\Schedule\DailyTelemetryTransmission => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
Task: {A06D740F-3D06-43E9-BD9D-F21FD4602B0A} - System32\Tasks\Opera scheduled assistant Autoupdate 1601613860 => C:\Users\nardi\AppData\Local\Programs\Opera\launcher.exe [1596568 2021-04-26] (Opera Software AS -> Opera Software) -> --scheduledautoupdate --component-name=assistant --component-path="C:\Users\nardi\AppData\Local\Programs\Opera\assistant" $(Arg0)
Task: {A2493ED2-39E1-4033-93B1-CFD3B488AC42} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D642FE3D-BF11-4C26-8AA2-9FC0B08306C7} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {D9DBA6A8-F53F-4AB4-B439-515EFC8D176A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {E93F2A2E-7270-48B0-BD88-3D5B5A783115} - System32\Tasks\Opera scheduled Autoupdate 1601613858 => C:\Users\nardi\AppData\Local\Programs\Opera\launcher.exe [1596568 2021-04-26] (Opera Software AS -> Opera Software)
Task: {EE6FCDF9-443F-4869-BEC3-FAD1CF2A7FE3} - System32\Tasks\Lenovo\Vantage\Schedule\VantageTelemetryAddinTask => C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\ScheduleEventAction.exe [23984 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
Task: {F0D92999-F009-4DA0-9BF9-0043CFEE3F06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MpCmdRun.exe [566368 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F42FE52C-705F-40BC-AEC9-CF0D11A7A4CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Framework => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {FF2C6F08-0667-41B2-AF72-664627D1D35B} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\bd209260-016b-4e18-86b7-357705d9e9a6 => C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
Task: {FFDFA6A3-F29B-40FD-A74C-29D2B7F7CF23} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [696816 2021-03-28] (Mozilla Corporation -> Mozilla Foundation)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{5be9789f-0c7b-4459-9a52-2ee82f170525}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{70364293-1465-4ba2-ab5a-299762b6a75c}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{7f2303ea-b3ca-47c6-bb58-b38cf45c86c8}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{84a4f1aa-465e-415b-b927-1be48237c812}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{87b659eb-5dae-4d3d-a2a9-2b4c925d9d34}: [DhcpNameServer] 10.0.0.1
Edge:
=======
Edge Extension: (Pas de nom) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [non trouvé(e)]
Edge Extension: (Pas de nom) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [non trouvé(e)]
Edge Extension: (Pas de nom) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [non trouvé(e)]
Edge Extension: (Pas de nom) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [non trouvé(e)]
Edge DefaultProfile: Default
Edge Profile: C:\Users\nardi\AppData\Local\Microsoft\Edge\User Data\Default [2021-05-01]
Edge HomePage: Default -> hxxps://go.microsoft.com/fwlink/p/?LinkId=620947&OCID=AVRES000&pc=UE00
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: kezc5ewg.default
FF DefaultProfile: 0lj4fk6e.default
FF ProfilePath: C:\Users\nardi\AppData\Roaming\PostboxApp\Profiles\kezc5ewg.default [2021-05-01]
FF Extension: (Dictionnaire français) - C:\Users\nardi\AppData\Roaming\PostboxApp\Profiles\kezc5ewg.default\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org [2020-10-02] []
FF Extension: (Cloud Service Providers for Postbox) - C:\Users\nardi\AppData\Roaming\PostboxApp\Profiles\kezc5ewg.default\Extensions\pbfilelink@postbox-inc.com.xpi [2021-01-21] [] [non signé]
FF ProfilePath: C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\0lj4fk6e.default [2021-02-07]
FF NewTab: Mozilla\Firefox\Profiles\0lj4fk6e.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-10-02 03:45:46&bName=&bitmask=0600
FF ProfilePath: C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release [2021-04-26]
FF NewTab: Mozilla\Firefox\Profiles\9613f9fc.default-release -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-10-02 03:45:46&bName=&bitmask=0600
FF Extension: (Ant Video downloader) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\anttoolbar@ant.com.xpi [2021-02-19]
FF Extension: (FoxReplace) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\fox@replace.fx.xpi [2020-10-02]
FF Extension: (uBlock Origin) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-03-28]
FF Extension: (Logitech SetPoint) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\{84380428-8c9d-4bdf-913d-b2c34d6562d9}.xpi [2020-12-13]
FF Extension: (Video DownloadHelper) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-12-21]
FF Extension: (Téléchargez les vidéos Dailymotion) - C:\Users\nardi\AppData\Roaming\Mozilla\Firefox\Profiles\9613f9fc.default-release\Extensions\{f17159cf-e1b2-4f87-8adb-cd0cda9669b1}.xpi [2020-10-02]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2020-12-18] [non signé]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1067856238-1444573327-3062315761-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1067856238-1444573327-3062315761-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1067856238-1444573327-3062315761-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2020-05-07] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable [2021-05-01]
OPR Notifications: Opera Stable -> hxxps://allhugefeed.com; hxxps://business.facebook.com; hxxps://web.skype.com; hxxps://web.whatsapp.com; hxxps://www.20minutes.fr; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.gearbest.com; hxxps://www.gentside.com; hxxps://www.maisonsdumonde.com; hxxps://www.maxisciences.com; hxxps://www.messenger.com; hxxps://www.pinterest.fr; hxxps://www.tirexo.pro; hxxps://www.zone-telechargement.al
OPR DefaultSuggestURL: Opera Stable -> hxxps://www.google.com/complete/search?client=opera&q={searchTerms}&ie={inputEncoding}&oe={outputEncoding}
OPR Extension: (Bitwarden - Gestionnaire de mots de passe gratuit) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\ccnckbpmaceehanjmeomladnmlffdjgn [2021-03-13]
OPR Extension: (Rich Hints Agent) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2021-04-19]
OPR Extension: (Installer des extensions Chrome) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi [2020-12-27]
OPR Extension: (Notion Web Clipper) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\knheggckgoiihginacbkhaalnibhilkk [2021-02-23]
OPR Extension: (Mercury Reader) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi [2021-02-13]
OPR Extension: (Chrome Media Router) - C:\Users\nardi\AppData\Roaming\Opera Software\Opera Stable\Extensions\pphjpkjjljnllpnebififokmoejkeahp [2021-02-12]
Brave:
=======
BRA DefaultProfile: Default
BRA Profile: C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2021-03-27]
BRA DefaultSearchKeyword: Default -> :g
BRA Extension: (Malwarebytes Browser Guard) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-15]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2021-02-01]
BRA Extension: (Brave Ad Block Updater (Default)) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cffkpbalmllkdoenhmdmpbkajipdjfam [2021-03-27]
BRA Extension: (Brave Tor Client Updater (Windows)) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\cpoalefficncklhjfpglfiplenlpccdb [2020-11-22]
BRA Extension: (Brave Ad Block Updater (AdGuard Français)) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\emaecjinaegfkoklcdafkiocjhoeilao [2021-03-27]
BRA Extension: (Brave User Model Installer) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\hbejpnagkgeeohiojniljejpdpojmfdp [2021-01-25]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2020-11-15]
BRA Extension: (Brave SpeedReader Updater) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\jicbkmdloagakknpihibphagfckhjdih [2020-11-15]
BRA Extension: (Brave NTP sponsored images) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\lcenblphbmngnohghkhpojmpflebkcpd [2021-03-27]
BRA Extension: (Brave HTTPS Everywhere Updater) - C:\Users\nardi\AppData\Local\BraveSoftware\Brave-Browser\User Data\oofiananboodjbbmdelgdommihjbkfag [2021-03-27]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 ACWEBTool; C:\Program Files (x86)\LegrandGroup\ACWEBTool\ACWEBTool.exe [69120 2016-06-10] () [Fichier non signé]
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [163528 2020-11-15] (Brave Software, Inc. -> BraveSoftware Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Fichier non signé]
R2 CxAudioSvc; C:\Windows\CxSvc\CxAudioSvc.exe [84840 2020-08-20] (Synaptics Incorporated -> Conexant Systems LLC.)
R2 CxAudMsg; C:\Windows\System32\CxAudMsg64.exe [234856 2020-08-20] (Synaptics Incorporated -> Conexant Systems Inc.)
R2 CxUIUSvc; C:\Windows\System32\CxUIUSvc64.exe [113464 2020-08-20] (Synaptics Incorporated -> Conexant Systems, Inc.)
R2 DolbyDAXAPI; C:\Windows\system32\dolbyaposvc\DAX3API.exe [1926600 2019-09-02] (Dolby Laboratories, Inc. -> )
R2 ImControllerService; C:\Windows\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [81824 2021-03-14] (Lenovo -> Lenovo Group Ltd.)
R2 LenovoVantageService; C:\Program Files (x86)\Lenovo\VantageService\3.6.15.0\LenovoVantageService.exe [28592 2021-03-11] (Lenovo -> Lenovo Group Ltd.)
R2 LITSSVC; C:\Windows\System32\LITSSvc.exe [924872 2021-01-14] (Lenovo -> Lenovo.)
S2 LPlatSvc; C:\Windows\System32\LPlatSvc.exe [898776 2021-03-01] (Lenovo -> Lenovo.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-05] (Malwarebytes Inc -> Malwarebytes)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5361256 2021-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12849960 2021-03-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3658832 2019-06-28] (TechSmith Corporation -> TechSmith Corporation)
R2 TPHKLOAD; C:\Windows\System32\DriverStore\FileRepository\fn.inf_amd64_700aca387f1cbd51\driver\TPHKLOAD.exe [465200 2020-12-28] (Lenovo -> Lenovo Group Limited)
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746504 2020-10-16] (Oracle Corporation -> Oracle Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\NisSrv.exe [2624104 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2103.7-0\MsMpEng.exe [128376 2021-04-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 Lenovo Instant On; "C:\Windows\SysWOW64\Lenovo\PowerMgr\EasyResume.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
R1 cbfsconnect2017; C:\Windows\system32\drivers\cbfsconnect2017.sys [481296 2020-06-24] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S3 CYUSB3; C:\Windows\System32\Drivers\CYUSB3.sys [76520 2016-10-27] (Cypress Semiconductor Technology India Pvt Ltd. -> Cypress Semiconductor)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation -> EldoS Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220752 2021-05-01] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [19912 2021-01-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-04-28] (Malwarebytes Inc -> Malwarebytes)
S3 Netaapl; C:\Windows\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R1 PMDRVS; C:\Windows\System32\drivers\pmdrvs.sys [37984 2021-03-01] (Lenovo -> Lenovo.)
S3 Revoflt; C:\Windows\System32\DRIVERS\revoflt.sys [38400 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R3 rtump64x64; C:\Windows\System32\drivers\rtump64x64.sys [1005664 2021-01-20] (Realtek Semiconductor Corp. -> Realtek Corporation)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [47920 2020-02-20] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
R3 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [239432 2020-10-16] (Oracle Corporation -> Oracle Corporation)
S3 vl810filter; C:\Windows\System32\Drivers\vl810filter.sys [26176 2019-05-07] (VIA TECHNOLOGIES, INC. -> VIA Labs, Inc.)
R3 vpnpbus; C:\Windows\System32\drivers\vpnpbus.sys [20704 2019-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Callback Technologies, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49560 2021-04-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [421088 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [72928 2021-04-11] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) (Avec liste blanche) =========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-01 22:05 - 2021-05-01 22:06 - 000036442 _____ C:\Users\nardi\Desktop\FRST.txt
2021-05-01 22:05 - 2021-05-01 22:06 - 000000000 ____D C:\FRST
2021-05-01 22:04 - 2021-05-01 22:04 - 002298368 _____ (Farbar) C:\Users\nardi\Desktop\FRST64.exe
2021-05-01 22:01 - 2021-05-01 22:01 - 000220752 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-05-01 21:54 - 2021-05-01 21:54 - 000483526 _____ C:\Users\nardi\Desktop\KEbtDxqF2c5_CleProductKey.zip
2021-05-01 21:54 - 2021-05-01 21:54 - 000000379 _____ C:\Users\nardi\Desktop\Notes.txt
2021-05-01 21:54 - 2021-05-01 21:54 - 000000000 ____D C:\Users\nardi\Desktop\KEbtDxqF2c5_CleProductKey
2021-05-01 13:36 - 2021-05-01 13:36 - 000002517 _____ C:\Users\Public\Desktop\pCloud Drive.lnk
2021-05-01 13:36 - 2021-05-01 13:36 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\pCloud Drive.lnk
2021-05-01 13:36 - 2021-05-01 13:36 - 000000000 ____D C:\Program Files\pCloud Drive
2021-04-30 18:19 - 2021-04-30 18:45 - 000194212 _____ C:\Users\nardi\Desktop\Vestiaire Bâtiment 8 - Modèle schéma.pdf
2021-04-30 16:13 - 2021-04-30 16:14 - 000187663 _____ C:\Users\nardi\Desktop\essai.pdf
2021-04-30 16:01 - 2021-04-30 16:17 - 000001191 _____ C:\Windows\HRCM.INI
2021-04-30 16:01 - 2021-04-30 16:01 - 000002093 _____ C:\Users\nardi\Desktop\EcoStruxure Power Build - Rapsody FR V2.1.19.lnk
2021-04-30 16:01 - 2021-04-30 16:01 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Schneider Electric
2021-04-30 15:54 - 2021-04-30 15:58 - 214143632 _____ C:\Users\nardi\Downloads\EcoStruxure Power Build - Rapsody_V2.1.19FR_setup.exe
2021-04-29 19:57 - 2021-04-29 19:57 - 000000000 ____D C:\Users\nardi\Apple
2021-04-28 16:50 - 2021-04-28 16:50 - 000004194 _____ C:\Windows\system32\Tasks\Opera scheduled Autoupdate 1601613858
2021-04-28 16:50 - 2021-04-28 16:50 - 000001393 _____ C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2021-04-28 14:15 - 2021-04-28 14:15 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-04-27 21:17 - 2021-04-27 21:17 - 000046946 _____ C:\Users\nardi\Desktop\Le Serac - Modèle étiquettes.pdf
2021-04-27 06:25 - 2021-04-27 06:25 - 000010550 _____ C:\Users\nardi\Downloads\f (2).txt
2021-04-27 06:24 - 2021-04-27 06:24 - 000009750 _____ C:\Users\nardi\Downloads\f (1).txt
2021-04-19 18:03 - 2021-04-19 18:03 - 002001677 _____ C:\Users\nardi\Downloads\Ferme Dunant (1).pdf
2021-04-18 17:29 - 2021-04-18 17:29 - 000061145 _____ C:\Users\nardi\Downloads\32100323540.pdf
2021-04-18 17:17 - 2021-04-18 17:17 - 000164808 _____ C:\Users\nardi\Downloads\solocal_invoice_F18299017.pdf
2021-04-18 17:12 - 2021-04-18 17:12 - 000072601 _____ C:\Users\nardi\Downloads\202103_50996895_10946753_Invoice.pdf
2021-04-18 14:52 - 2021-04-18 14:52 - 000555584 _____ C:\Users\nardi\Downloads\3703491963_FRE_20210418_145236.PDF
2021-04-17 16:17 - 2021-04-17 16:17 - 000000000 ____D C:\Users\nardi\AppData\Local\pCloud_AG
2021-04-16 19:39 - 2021-04-16 19:39 - 000126633 _____ C:\Users\nardi\Downloads\Attestation60121000186612.pdf
2021-04-16 18:55 - 2021-04-16 18:55 - 000015081 _____ C:\Users\nardi\Downloads\f.txt
2021-04-16 15:32 - 2021-04-16 15:32 - 001246327 _____ C:\Users\nardi\Downloads\CR 1133013-éclairage artificiel bâtiments ruminants (1).pdf
2021-04-16 15:13 - 2021-04-16 15:41 - 001725973 _____ C:\Users\nardi\Downloads\Ferme Dunant.pdf
2021-04-16 11:20 - 2021-04-16 11:20 - 001246327 _____ C:\Users\nardi\Downloads\CR 1133013-éclairage artificiel bâtiments ruminants.pdf
2021-04-14 14:02 - 2021-04-14 14:02 - 001823304 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2021-04-14 14:02 - 2021-04-14 14:02 - 000231248 _____ C:\Windows\system32\containerdevicemanagement.dll
2021-04-14 14:02 - 2021-04-14 14:02 - 000011357 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-04-13 11:30 - 2021-04-13 11:30 - 000000000 ____D C:\Users\nardi\AppData\Roaming\FLEXnet
2021-04-13 11:28 - 2021-04-13 11:29 - 034978992 _____ C:\Users\nardi\Downloads\EcoStruxure Power Design - Ecodial FR V4.9.1.exe
2021-04-12 15:07 - 2021-04-12 16:51 - 000319067 _____ C:\Users\nardi\Desktop\Le Serac - Modèle schéma.pdf
2021-04-12 14:38 - 2021-04-28 06:37 - 000167898 _____ C:\Users\nardi\Desktop\Le Serac.xl2
2021-04-11 10:28 - 2021-04-12 11:54 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Parental Controls
2021-04-11 10:28 - 2021-04-11 10:28 - 000001047 _____ C:\Windows\system32\parent.lnk
2021-04-10 14:56 - 2021-04-10 14:56 - 000276645 _____ C:\Users\nardi\Downloads\Facture_certifiee_20000379290421_09042021.pdf
2021-04-09 07:42 - 2021-04-09 07:42 - 000001106 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eM Client.lnk
2021-04-09 07:41 - 2021-04-09 07:42 - 000000000 ____D C:\Program Files (x86)\eM Client
2021-04-08 23:33 - 2021-04-08 23:33 - 000113213 _____ C:\Users\nardi\Desktop\Fraix Burnet Marcel - Modèle étiquettes.xlsx
2021-04-08 22:33 - 2021-04-08 22:33 - 000064762 _____ C:\Users\nardi\Desktop\Fraix Burnet Marcel - Modèle étiquettes.pdf
2021-04-08 22:23 - 2021-04-08 22:23 - 000044792 _____ C:\Users\nardi\Desktop\Lateur - Modèle étiquettes.xlsx
2021-04-08 22:22 - 2021-04-08 22:22 - 000088881 _____ C:\Users\nardi\Desktop\Lateur.xl2
2021-04-08 21:04 - 2021-04-08 22:28 - 000150702 _____ C:\Users\nardi\Desktop\Lateur - Modèle schéma.pdf
2021-04-08 17:45 - 2021-04-08 23:31 - 000524963 _____ C:\Users\nardi\Desktop\Fraix Burnet Marcel - Modèle schéma.pdf
2021-04-06 21:00 - 2021-04-30 18:19 - 000000000 ____D C:\Users\nardi\AppData\Local\CUSTPDF Writer
2021-04-06 06:50 - 2021-04-08 23:33 - 000242269 _____ C:\Users\nardi\Desktop\Fraix Burnet.xl2
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\Users\nardi\Documents\Legrand
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Legrand
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\Program Files (x86)\Legrand
2021-04-06 06:27 - 2021-04-06 06:27 - 000000000 ____D C:\Program Files (x86)\GPLGS
2021-04-06 06:27 - 2010-12-10 11:24 - 000087040 _____ C:\Windows\system32\custmon64.dll
2021-04-06 06:26 - 2021-04-06 06:26 - 000000000 ____D C:\LEG
2021-04-05 16:54 - 2021-04-05 16:54 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2021-05-01 22:06 - 2020-10-01 07:35 - 001763164 _____ C:\Windows\system32\PerfStringBackup.INI
2021-05-01 22:06 - 2019-12-07 16:49 - 000791086 _____ C:\Windows\system32\perfh00C.dat
2021-05-01 22:06 - 2019-12-07 16:49 - 000149918 _____ C:\Windows\system32\perfc00C.dat
2021-05-01 22:06 - 2019-12-07 11:13 - 000000000 ____D C:\Windows\INF
2021-05-01 22:04 - 2021-02-02 20:05 - 000000000 ____D C:\Users\nardi\AppData\Roaming\eM Client
2021-05-01 22:03 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-05-01 22:01 - 2020-10-06 17:42 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-05-01 22:01 - 2020-10-01 07:37 - 000000000 ____D C:\Intel
2021-05-01 22:01 - 2020-10-01 07:26 - 000008192 ___SH C:\DumpStack.log.tmp
2021-05-01 22:01 - 2020-10-01 07:26 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-05-01 22:01 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\ServiceState
2021-05-01 22:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-05-01 22:01 - 2019-12-07 11:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-05-01 21:59 - 2020-12-31 00:22 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Bitwarden
2021-05-01 21:53 - 2020-10-01 07:26 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-05-01 19:32 - 2020-11-26 12:53 - 000000000 ____D C:\Users\nardi\AppData\Local\CrashDumps
2021-05-01 18:53 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\AppReadiness
2021-05-01 18:47 - 2020-10-02 06:48 - 000000000 ____D C:\Users\nardi\AppData\LocalLow\Mozilla
2021-05-01 18:43 - 2020-12-31 17:18 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Notion
2021-05-01 17:44 - 2020-10-01 07:37 - 000000000 ____D C:\Users\nardi\AppData\Local\Packages
2021-05-01 17:01 - 2020-10-23 21:20 - 000004164 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A8246BF8-23D8-478B-A321-64EED8450869}
2021-05-01 13:37 - 2020-10-02 17:14 - 000000000 ____D C:\Users\nardi\AppData\Local\pCloud
2021-05-01 13:36 - 2020-10-02 07:21 - 000000000 ____D C:\ProgramData\Package Cache
2021-05-01 11:57 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-05-01 11:56 - 2020-10-10 13:15 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-04-30 18:46 - 2020-10-02 07:35 - 000013245 _____ C:\Windows\BRRBCOM.INI
2021-04-30 16:18 - 2020-12-20 15:26 - 000000000 ____D C:\TEMP
2021-04-30 16:01 - 2020-12-20 15:26 - 000000000 ____D C:\Schneider Electric
2021-04-30 16:01 - 2020-12-20 15:26 - 000000000 ____D C:\Program Files (x86)\Schneider
2021-04-29 19:57 - 2021-01-31 17:18 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Apple Computer
2021-04-29 19:57 - 2020-10-02 21:02 - 000000000 ____D C:\ProgramData\Apple
2021-04-29 19:57 - 2020-10-01 07:35 - 000000000 ____D C:\Users\nardi
2021-04-29 05:15 - 2020-11-15 16:16 - 000002362 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2021-04-28 06:37 - 2020-12-19 20:35 - 000000000 ____D C:\Users\nardi\Documents\Apowersoft PDF Converter
2021-04-26 18:09 - 2021-03-28 13:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-04-26 18:09 - 2020-10-02 06:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-04-26 14:21 - 2020-10-01 18:47 - 000000000 ____D C:\Windows\system32\Tasks\Lenovo
2021-04-26 14:17 - 2020-10-10 13:19 - 000000000 ____D C:\Windows\Lenovo
2021-04-26 14:17 - 2020-10-01 18:47 - 000000000 ____D C:\Users\nardi\AppData\Local\Lenovo
2021-04-26 14:17 - 2020-10-01 18:47 - 000000000 ____D C:\ProgramData\Lenovo
2021-04-26 00:51 - 2020-10-10 13:15 - 000003634 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-04-26 00:51 - 2020-10-10 13:15 - 000003510 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-04-18 20:26 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\NDF
2021-04-14 20:29 - 2020-10-04 21:13 - 000000000 ____D C:\Users\nardi\AppData\Roaming\vlc
2021-04-14 18:56 - 2020-10-01 07:26 - 001813512 _____ C:\Windows\system32\FNTCACHE.DAT
2021-04-14 18:55 - 2020-09-12 13:16 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\SystemResources
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\setup
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\oobe
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lv-LV
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\lt-LT
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\et-EE
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\system32\es-MX
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\Provisioning
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-04-14 18:55 - 2019-12-07 11:14 - 000000000 ____D C:\Windows\bcastdvr
2021-04-14 14:04 - 2019-12-07 11:03 - 000000000 ____D C:\Windows\CbsTemp
2021-04-14 14:02 - 2020-10-01 07:29 - 002877440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2021-04-14 13:16 - 2020-10-01 19:16 - 000000000 ____D C:\Windows\system32\MRT
2021-04-14 13:13 - 2020-10-01 19:16 - 131963968 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-04-11 12:34 - 2020-10-01 07:26 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-04-11 10:30 - 2021-03-02 08:12 - 000000000 ____D C:\Users\nardi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Max Lock Softwareentwicklung
2021-04-11 10:26 - 2020-11-22 13:15 - 000000000 ____D C:\Users\nardi\AppData\Local\SquirrelTemp
2021-04-09 12:24 - 2021-03-28 17:13 - 000000000 ____D C:\Users\nardi\AppData\Local\Mailspring
2021-04-09 12:23 - 2020-10-02 06:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-04-07 07:33 - 2020-10-10 13:20 - 000006613 _____ C:\Windows\system32\InstallUtil.InstallLog
2021-04-06 06:26 - 2020-12-13 13:08 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2021-04-05 16:54 - 2020-10-02 06:48 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-04-05 13:37 - 2021-01-05 07:22 - 000199128 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-04-02 19:27 - 2021-02-12 08:06 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ========================