Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-09-2023 Exécuté par Bernard64 (administrateur) sur OCEAN (ASUS All Series) (10-09-2023 09:44:56) Exécuté depuis C:\Users\Bernard64\Desktop\FRST64.exe Profils chargés: Bernard64 Plate-forme: Microsoft Windows 8.1 Professionnel (Update) (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LogitechUpdate.exe (C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (C:\Program Files\Logitech\SetPointP\SetPoint.exe ->) (Logitech -> Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\sp6\LU1\LULnchr.exe (C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] C:\Program Files\Classic Shell\ClassicStartMenu.exe (explorer.exe ->) (Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (explorer.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (services.exe ->) (ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (services.exe ->) (Softland SRL -> Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (services.exe ->) (VMware, Inc. -> VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9197568 2017-01-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [Fichier non signé] HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech Inc -> Logitech, Inc.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322104 2016-02-03] (Intel(R) Rapid Storage Technology -> Intel Corporation) HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION HKLM\...\Windows x64\Print Processors\hpcpp180: C:\Windows\System32\spool\prtprocs\x64\hpcpp180.dll [647408 2015-08-18] (Hewlett-Packard Company -> Hewlett-Packard Corporation) HKLM\...\Print\Monitors\HP Universal Print Monitor: C:\WINDOWS\system32\HPMPW081.DLL [126704 2015-08-18] (Hewlett-Packard Company -> Hewlett-Packard) HKLM\...\Print\Monitors\HPMLM180: C:\WINDOWS\system32\hpmlm180.dll [309488 2015-08-18] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM\...\Print\Monitors\novaPDF Port Monitor: C:\WINDOWS\system32\novamn8.dll [18944 2016-03-03] (Softland) [Fichier non signé] HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install GroupPolicy: Restriction ? <==== ATTENTION Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {FF3AE66A-9761-40C3-9BE6-F6BAEAA199E0} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [673704 2016-03-03] (Softland SRL -> ) Task: {7C0CF021-9604-4E3D-8009-E21173E48135} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\Bernard64\Desktop\esetonlinescanner.exe LOGON (Pas de fichier) Task: {2DC050F1-B981-4904-BF8F-28E84226932E} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\Bernard64\Desktop\esetonlinescanner.exe SCHED (Pas de fichier) Task: {060E2F72-BB4A-4626-B7F9-76560CDA00B4} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => c:\Program Files\Mozilla Firefox\firefox.exe [686496 2023-09-02] (Mozilla Corporation -> Mozilla Corporation) -> --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate Task: {561E8CF5-FCA2-489D-AA3F-C5D176B8D86B} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-10] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\..\Interfaces\{F814CC79-5306-4839-9CD3-CFF8D50820DA}: [DhcpNameServer] 192.168.0.254 HKLM\System\...\Parameters\PersistentRoutes: [137.116.81.24,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [65.52.108.254,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [65.52.108.103,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [52.167.222.147,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [40.77.226.223,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [134.170.30.202,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [40.77.226.221,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [23.48.106.243,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [23.36.33.135,255.255.255.255,0.0.0.0,1] HKLM\System\...\Parameters\PersistentRoutes: [23.205.214.76,255.255.255.255,0.0.0.0,1] PersistentRoutes: Il y a 84 PersistentRoutes. FireFox: ======== FF DefaultProfile: j7vgwl1j.default FF ProfilePath: C:\Users\Bernard64\AppData\Roaming\Mozilla\Firefox\Profiles\j7vgwl1j.default [2023-09-10] FF Extension: (uBlock Origin) - C:\Users\Bernard64\AppData\Roaming\Mozilla\Firefox\Profiles\j7vgwl1j.default\Extensions\uBlock0@raymondhill.net.xpi [2023-08-16] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-03] (ASUSTeK Computer Inc. -> ) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9286168 2023-09-03] (Malwarebytes Inc. -> Malwarebytes) R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2014-11-17] (Hewlett-Packard) [Fichier non signé] R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [50600 2016-03-03] (Softland SRL -> Microsoft) R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2014-11-17] (Hewlett-Packard) [Fichier non signé] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation) ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-03] (ASUSTeK Computer Inc. -> ) R3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider) R3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (BoiseTest -> Windows (R) Win 7 DDK provider) R3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [43944 2013-06-04] (BoiseTest -> Microsoft Corporation) R3 ElbyCDFL; C:\WINDOWS\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.) R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft Inc. -> SlySoft, Inc.) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2023-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [222272 2023-09-08] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [199640 2023-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [78400 2023-09-10] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239544 2023-08-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [181984 2023-09-10] (Malwarebytes Inc. -> Malwarebytes) R1 veracrypt; C:\WINDOWS\System32\drivers\veracrypt.sys [829320 2020-01-07] (IDRIX -> IDRIX) R0 vmci; C:\WINDOWS\System32\drivers\vmci.sys [104888 2021-11-30] (Microsoft Windows Hardware Compatibility Publisher -> VMware, Inc.) R2 VMnetBridge; C:\WINDOWS\system32\DRIVERS\vmnetbridge.sys [66624 2016-11-11] (VMware, Inc. -> VMware, Inc.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) (Avec liste blanche) ========= (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-09-10 09:44 - 2023-09-10 09:45 - 000011858 _____ C:\Users\Bernard64\Desktop\FRST.txt 2023-09-10 09:44 - 2023-09-10 09:45 - 000000000 ____D C:\FRST 2023-09-10 09:44 - 2023-09-10 09:44 - 002382848 _____ (Farbar) C:\Users\Bernard64\Desktop\FRST64.exe 2023-09-10 09:44 - 2023-09-10 09:44 - 002363152 _____ (kernel-panik) C:\Users\Bernard64\Desktop\kprm_2.15.exe 2023-09-10 09:42 - 2023-09-10 09:42 - 000000000 ____D C:\Users\Bernard64\AppData\Local\Mozilla 2023-09-10 09:38 - 2023-09-10 09:38 - 000181984 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2023-09-10 09:28 - 2023-09-10 09:28 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Free Download Manager 2023-09-10 09:28 - 2023-09-10 09:28 - 000000000 ____D C:\Users\Bernard64\.dbus-keyrings 2023-09-10 09:24 - 2023-09-10 09:24 - 000003184 ____N C:\bootsqm.dat 2023-09-09 16:21 - 2023-09-09 16:21 - 000000036 _____ C:\Users\Bernard64\Documents\Verifier 2023-09-09 16:03 - 2023-09-09 16:03 - 000000521 _____ C:\Users\Bernard64\Documents\Racine_C.lnk 2023-09-07 17:00 - 2023-09-07 17:00 - 000000000 ____D C:\Users\Bernard64\Documents\Z - IMAGES IMPORTEES 2023-09-05 05:46 - 2023-09-05 05:46 - 000015398 _____ C:\Users\Bernard64\Documents\Symphonie_billet.eml 2023-09-03 15:41 - 2023-09-03 15:41 - 000000000 ____D C:\Users\Public\Documents\Hewlett-Packard 2023-09-03 13:03 - 2023-09-03 13:03 - 000001050 __RSH C:\ProgramData\ntuser.pol 2023-09-03 13:02 - 2023-09-03 13:02 - 000000000 ____D C:\WINDOWS\system32\Appraiser 2023-09-03 12:17 - 2023-09-03 12:17 - 000262144 _____ C:\WINDOWS\system32\config\userdiff 2023-09-03 12:17 - 2023-09-03 11:33 - 000000000 ___DC C:\WINDOWS\Panther 2023-09-03 12:16 - 2023-09-03 12:16 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2023-09-03 12:16 - 2023-09-03 12:16 - 000000000 ____D C:\Program Files\Reference Assemblies 2023-09-03 12:16 - 2023-09-03 12:16 - 000000000 ____D C:\Program Files\MSBuild 2023-09-03 12:16 - 2023-09-03 12:16 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2023-09-03 12:16 - 2023-09-03 11:22 - 000000000 ____D C:\Program Files (x86)\MSBuild 2023-09-03 11:33 - 2023-09-03 11:33 - 000001503 _____ C:\Users\Bernard64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2023-09-03 11:33 - 2023-09-03 11:33 - 000000020 ___SH C:\Users\Bernard64\ntuser.ini 2023-09-03 11:23 - 2023-09-03 11:23 - 000023108 _____ C:\WINDOWS\system32\emptyregdb.dat 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Voisinage réseau 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Voisinage d'impression 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Modèles 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Mes documents 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Menu Démarrer 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Documents\Mes vidéos 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Documents\Mes images 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\Documents\Ma musique 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Users\Default\AppData\Local\Historique 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 _SHDL C:\Program Files\Fichiers communs 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Microsoft\SystemCertificates 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Microsoft\Network 2023-09-03 11:23 - 2023-09-03 11:23 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Microsoft\Crypto 2023-09-03 11:22 - 2023-09-03 11:22 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2023-09-03 11:21 - 2023-09-10 09:28 - 000000000 ____D C:\Users\Bernard64 2023-09-03 11:21 - 2023-09-03 11:33 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Microsoft\Windows 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 _SHDL C:\Users\Bernard64\Voisinage réseau 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 _SHDL C:\Users\Bernard64\Voisinage d'impression 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 _SHDL C:\Users\Bernard64\Modèles 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 _SHDL C:\Users\Bernard64\Mes documents 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 _SHDL C:\Users\Bernard64\Menu Démarrer 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 _SHDL C:\Users\Bernard64\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 _SHDL C:\Users\Bernard64\AppData\Local\Historique 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate 2023-09-03 11:21 - 2023-09-03 11:21 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Microsoft\CLR Security Config 2023-09-03 11:20 - 2023-09-03 11:23 - 000028578 _____ C:\WINDOWS\diagwrn.xml 2023-09-03 11:20 - 2023-09-03 11:23 - 000028578 _____ C:\WINDOWS\diagerr.xml 2023-09-03 11:18 - 2023-09-10 09:31 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2023-09-03 11:18 - 2023-09-03 11:21 - 000000000 ____D C:\Program Files\AMD 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____H C:\ProgramData\DP45977C.lfl 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\WINDOWS\system32\DAX3 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\WINDOWS\system32\DAX2 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\ProgramData\Hewlett-Packard 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\ProgramData\Audyssey Labs 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\Program Files\Realtek 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\Program Files\ASUS 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 ____D C:\Program Files (x86)\ASUS 2023-09-03 11:18 - 2023-09-03 11:18 - 000000000 _____ C:\WINDOWS\HPMProp.INI 2023-09-03 11:18 - 2015-08-18 06:11 - 000647408 _____ (Hewlett-Packard Corporation) C:\WINDOWS\system32\spool\prtprocs\x64\hpcpp180.dll 2023-09-03 11:18 - 2013-07-03 20:32 - 000015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2023-09-02 15:37 - 2023-09-05 12:36 - 000000000 ____D C:\BASE ARTICLES 2023-09-02 15:37 - 2023-09-02 15:37 - 000000000 ____D C:\Users\Bernard64\Thunderbird 2023-09-02 15:37 - 2023-09-02 15:37 - 000000000 ____D C:\Users\Bernard64\Desktop\Windows Update 2023-09-02 15:37 - 2023-09-02 15:37 - 000000000 ____D C:\Users\Bernard64\Desktop\REPERTOIRES 2023-09-02 15:37 - 2023-09-02 15:37 - 000000000 ____D C:\Users\Bernard64\Desktop\PARTAGES 2023-09-02 15:37 - 2023-09-02 15:37 - 000000000 ____D C:\Users\Bernard64\Desktop\Liens 2023-09-02 15:37 - 2017-04-30 15:46 - 000000977 _____ C:\Users\Bernard64\Desktop\SAUVEGARDE.lnk 2023-09-02 15:36 - 2023-09-10 09:27 - 000000000 ____D C:\Users\Bernard64\Documents\BUDGET 2023-09-02 15:36 - 2023-09-09 16:36 - 000000000 ____D C:\Users\Bernard64\Documents\Special 2023-09-02 15:36 - 2023-09-09 16:33 - 000000000 ____D C:\Users\Bernard64\Documents\PATIENTS-BIS 2023-09-02 15:36 - 2023-09-09 15:59 - 000000000 ____D C:\Users\Bernard64\Documents\ZZ-Exped 2023-09-02 15:36 - 2023-09-09 15:01 - 000000000 ____D C:\Users\Bernard64\Documents\Wagram 2023-09-02 15:36 - 2023-09-08 10:00 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Ghisler 2023-09-02 15:36 - 2023-09-05 06:22 - 000000000 ____D C:\Users\Bernard64\Documents\Z - LNK 2023-09-02 15:36 - 2023-09-03 15:42 - 000000000 ____D C:\Users\Bernard64\Documents\O 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\FF forums 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Visual Studio 2015 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Url 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Rech SuperFinder 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Rat 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Permis 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Notes 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Livres 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Français 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Eml et news 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Divers 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\Developpement 2023-09-02 15:36 - 2023-09-02 15:36 - 000000000 ____D C:\Users\Bernard64\Documents\CORRESP 2023-09-02 15:36 - 2023-08-29 07:42 - 000066906 _____ C:\Users\Bernard64\Documents\Dev_Net_29_08_23.eml 2023-09-02 15:36 - 2023-08-22 10:18 - 000004763 _____ C:\Users\Bernard64\Documents\Lien_Bateau.eml 2023-09-02 15:36 - 2023-08-03 08:21 - 000504645 _____ C:\Users\Bernard64\Documents\Divers.zip 2023-09-02 15:36 - 2023-05-28 11:30 - 000001425 _____ C:\Users\Bernard64\Documents\Urgent-note 2023-09-02 15:36 - 2023-03-19 08:46 - 000001578 _____ C:\Users\Bernard64\Documents\Gmail_refus 2023-08-16 11:59 - 2023-09-10 09:43 - 000000000 ____D C:\Users\Bernard64\AppData\Local\Malwarebytes 2023-08-16 11:59 - 2023-08-16 11:59 - 000001965 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2023-08-16 11:59 - 2023-08-16 11:59 - 000000000 ____D C:\Program Files\Malwarebytes 2023-08-15 18:39 - 2023-09-09 15:10 - 000000000 ____D C:\Program Files (x86)\CapTvTy 2023-08-15 18:38 - 2023-09-02 15:36 - 000000000 ____D C:\Program Files (x86)\BleachBit-Portable 2023-08-15 18:30 - 2023-09-10 09:44 - 000000000 ____D C:\Program Files\Mozilla Firefox 2023-08-15 18:30 - 2023-08-15 18:30 - 000002176 _____ C:\Users\Bernard64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigation privée de Firefox.lnk 2023-08-15 18:27 - 2023-08-15 18:28 - 000001597 _____ C:\Users\Bernard64\Desktop\LANCEUR WINCMD.lnk 2023-08-15 18:27 - 2023-08-15 13:46 - 000000513 _____ C:\Users\Bernard64\Desktop\Options d’alimentation - Raccourci.lnk 2023-08-15 18:27 - 2023-08-15 11:24 - 000001606 _____ C:\Users\Bernard64\Desktop\BLEACHBIT.lnk 2023-08-15 18:27 - 2023-08-10 10:44 - 000001730 _____ C:\Users\Bernard64\Desktop\POWERSHELL.lnk 2023-08-15 18:27 - 2022-11-29 09:06 - 000001268 _____ C:\Users\Bernard64\Desktop\SPOOLEUR.lnk 2023-08-15 18:27 - 2020-04-28 14:49 - 000001186 _____ C:\Users\Bernard64\Desktop\AUTORUNS.lnk ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2023-09-10 09:44 - 2022-03-08 17:25 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38 2023-09-10 09:44 - 2021-12-03 11:23 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Mozilla 2023-09-10 09:44 - 2017-04-30 14:25 - 000000000 ____D C:\Users\Bernard64\AppData\Local\ClassicShell 2023-09-10 09:42 - 2014-11-21 00:46 - 001820486 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2023-09-10 09:42 - 2014-11-21 00:03 - 000806638 _____ C:\WINDOWS\system32\perfh00C.dat 2023-09-10 09:42 - 2014-11-21 00:03 - 000156992 _____ C:\WINDOWS\system32\perfc00C.dat 2023-09-10 09:42 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2023-09-10 09:38 - 2017-05-01 13:27 - 000000000 ____D C:\ProgramData\VMware 2023-09-10 09:38 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2023-09-10 09:28 - 2017-04-30 14:27 - 000019194 _____ C:\WINDOWS\UEDIT32.INI 2023-09-10 09:07 - 2017-04-30 22:36 - 000000000 ____D C:\ProgramData\Embarcadero 2023-09-10 09:06 - 2017-04-30 15:08 - 000000000 ____D C:\CONVERSION 2023-09-10 07:32 - 2017-04-30 15:09 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\vlc 2023-09-09 09:03 - 2020-02-12 10:27 - 000000000 ____D C:\Users\Bernard64\AppData\Local\mbam 2023-09-08 12:19 - 2017-04-30 20:14 - 000000084 _____ C:\WINDOWS\grwin.ini 2023-09-06 12:22 - 2017-04-30 14:10 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1202028028-2909565076-3435754672-1001 2023-09-06 11:54 - 2013-08-22 17:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2023-09-06 11:18 - 2017-04-30 14:34 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\XnView 2023-09-06 09:13 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2023-09-05 12:09 - 2019-03-29 13:11 - 000000000 ____D C:\Program Files (x86)\KeyPass 2023-09-05 05:38 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppCompat 2023-09-03 17:58 - 2017-04-30 15:31 - 000003162 _____ C:\WINDOWS\system32\Tasks\StartCN 2023-09-03 15:22 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI 2023-09-03 14:50 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2023-09-03 13:11 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2023-09-03 13:03 - 2013-08-22 16:44 - 000428112 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2023-09-03 13:02 - 2014-11-21 08:20 - 000000000 ___SD C:\WINDOWS\system32\CompatTel 2023-09-03 13:02 - 2014-11-21 00:27 - 000000000 ____D C:\WINDOWS\ShellNew 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\WinStore 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\setup 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows Defender 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\System 2023-09-03 13:02 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files (x86)\Windows Defender 2023-09-03 13:02 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism 2023-09-03 13:02 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\oobe 2023-09-03 13:02 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\Dism 2023-09-03 13:02 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2023-09-03 12:33 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2023-09-03 12:17 - 2013-08-22 17:36 - 000262144 _____ C:\WINDOWS\system32\config\BCD-Template 2023-09-03 12:05 - 2017-04-30 20:23 - 000000000 ____D C:\WINDOWS\system32\MRT 2023-09-03 12:04 - 2017-04-30 20:23 - 175983240 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2023-09-03 11:24 - 2017-04-30 14:47 - 001851286 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2023-09-03 11:23 - 2013-08-22 17:36 - 000000000 __RSD C:\WINDOWS\Media 2023-09-03 11:23 - 2013-08-22 17:36 - 000000000 __RHD C:\Users\Public\Libraries 2023-09-03 11:23 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Registration 2023-09-03 11:23 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Windows NT 2023-09-03 11:22 - 2021-12-03 12:29 - 000000000 ____D C:\WINDOWS\system32\gf2engine 2023-09-03 11:22 - 2020-09-14 10:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy 2023-09-03 11:22 - 2020-02-06 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2023-09-03 11:22 - 2018-07-15 18:30 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2023-09-03 11:22 - 2018-04-26 15:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2023-09-03 11:22 - 2017-07-12 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EDGE Diagrammer 2023-09-03 11:22 - 2017-05-01 13:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2023-09-03 11:22 - 2017-05-01 00:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GExperts for RAD Studio XE7 2023-09-03 11:22 - 2017-04-30 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeSite 5 2023-09-03 11:22 - 2017-04-30 22:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CollabNet Subversion Client 2023-09-03 11:22 - 2017-04-30 22:36 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Embarcadero RAD Studio XE7 2023-09-03 11:22 - 2017-04-30 20:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Le Grand Robert 2023-09-03 11:22 - 2017-04-30 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2023-09-03 11:22 - 2017-04-30 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\doPDF 8 2023-09-03 11:22 - 2017-04-30 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Download Manager 2023-09-03 11:22 - 2017-04-30 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings 2023-09-03 11:22 - 2017-04-30 15:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2023-09-03 11:22 - 2017-04-30 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView 2023-09-03 11:22 - 2017-04-30 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2023-09-03 11:22 - 2017-04-30 14:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TreeSize Professional 2023-09-03 11:22 - 2017-04-30 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraEdit 2023-09-03 11:22 - 2017-04-30 14:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2023-09-03 11:22 - 2017-04-30 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2023-09-03 11:22 - 2017-04-30 14:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Commander 2023-09-03 11:22 - 2014-11-21 00:02 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN 2023-09-03 11:22 - 2014-11-21 00:02 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep 2023-09-03 11:22 - 2014-11-21 00:02 - 000000000 ____D C:\WINDOWS\system32\WCN 2023-09-03 11:22 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI 2023-09-03 11:22 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2023-09-03 11:22 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\spool 2023-09-03 11:22 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2023-09-03 11:22 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\MUI 2023-09-03 11:22 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI 2023-09-03 11:22 - 2013-08-22 15:25 - 000008192 ___SH C:\WINDOWS\system32\config\ELAM 2023-09-03 11:21 - 2020-01-07 21:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP 2023-09-03 11:21 - 2020-01-07 19:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FSL 2023-09-03 11:21 - 2017-04-30 22:43 - 000000000 ____D C:\Users\Bernard64\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FastReports 2023-09-03 11:21 - 2017-04-30 20:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft 2023-09-03 11:21 - 2017-04-30 16:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks 2023-09-03 11:21 - 2017-04-30 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2023-09-03 11:21 - 2017-04-30 14:05 - 000000000 ____D C:\Users\Bernard64\AppData\Local\Packages 2023-09-03 11:21 - 2013-08-22 17:43 - 000000000 ____D C:\WINDOWS\DigitalLocker 2023-09-03 11:21 - 2013-08-22 17:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2023-09-03 11:21 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\InputMethod 2023-09-03 11:21 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\IME 2023-09-03 11:21 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\Help 2023-09-03 11:21 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\FileManager 2023-09-03 11:21 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2023-09-03 11:20 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2023-09-03 11:14 - 2017-04-30 15:02 - 000008192 __RSH C:\BOOTSECT.BAK 2023-09-03 09:13 - 2017-04-30 14:13 - 000000000 ____D C:\Program Files (x86)\VERGNES 2023-09-02 17:35 - 2019-03-29 13:07 - 000000000 ____D C:\ProgramData\Mozilla 2023-09-02 15:44 - 2017-09-20 22:26 - 000000918 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2023-08-16 19:34 - 2017-04-30 14:29 - 000001209 _____ C:\Users\Bernard64\Desktop\Lanceur UltraEdit.LNK 2023-08-16 11:59 - 2020-08-30 11:09 - 000001977 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk 2023-08-16 11:59 - 2020-02-12 10:27 - 000000000 ____D C:\ProgramData\Malwarebytes 2023-08-16 11:59 - 2018-04-26 15:16 - 000158640 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys 2023-08-15 18:33 - 2021-12-03 11:22 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) ==================== Fin de FRST.txt ========================