Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09-12-2017 Exécuté par Joe (administrateur) sur PC (09-12-2017 15:03:44) Exécuté depuis C:\Users\Joe\Desktop Profils chargés: Joe (Profils disponibles: Joe) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (Pokki) C:\Users\Joe\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe (Microsoft Corporation) C:\Joe\Joehost.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe (Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe (Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe (Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe (Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe (TODO: ) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (Pokki) C:\Users\Joe\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe (Pokki) C:\Users\Joe\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe (Pokki) C:\Users\Joe\AppData\Local\SweetLabs App Platform\Engine\ServiceStartMenuIndexer.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-07] (Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [Adobe ARM] => c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated) HKLM-x32\...\RunOnce: [] => [X] HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Qualcomm®Atheros®) HKU\S-1-5-21-3234378438-3617891033-2030344392-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-08-15] (Spotify Ltd) HKU\S-1-5-21-3234378438-3617891033-2030344392-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.) HKU\S-1-5-21-3234378438-3617891033-2030344392-1001\...\RunOnce: [Application Restart #1] => C:\Users\Joe\AppData\Local\Pokki\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-clien (l'élément de données a 545 caractères en plus). HKU\S-1-5-21-3234378438-3617891033-2030344392-1001\...\RunOnce: [Application Restart #0] => C:\Users\Joe\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe [8614096 2017-12-06] (Pokki) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-12-06] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HelpJoe.lnk [2017-12-09] ShortcutTarget: HelpJoe.lnk -> C:\Joe\Joehost.exe (Microsoft Corporation) Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ManualJoe.lnk [2017-12-09] ShortcutTarget: ManualJoe.lnk -> D:\Joe\Joehost.exe (Microsoft Corporation) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{0D035486-0CE3-4F8F-A8D1-F86B7D1FBB60}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{806379D8-1191-489A-9534-204CBD583D14}: [DhcpNameServer] 192.168.1.254 Internet Explorer: ================== HKU\S-1-5-21-3234378438-3617891033-2030344392-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage-web.com/?s=acer&m=start HKU\S-1-5-21-3234378438-3617891033-2030344392-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\S-1-5-21-3234378438-3617891033-2030344392-1001 -> DefaultScope {617040DD-6B75-11E5-8268-3065EC485EF5} URL = hxxps://secure.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms} SearchScopes: HKU\S-1-5-21-3234378438-3617891033-2030344392-1001 -> {447434CE-CDC9-4E1B-855A-B62F671F90B6} URL = SearchScopes: HKU\S-1-5-21-3234378438-3617891033-2030344392-1001 -> {617040DD-6B75-11E5-8268-3065EC485EF5} URL = hxxps://secure.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms} SearchScopes: HKU\S-1-5-21-3234378438-3617891033-2030344392-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security) Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security) FireFox: ======== FF DefaultProfile: 12s1ztn2.default FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\12s1ztn2.default [2017-12-09] FF Homepage: Mozilla\Firefox\Profiles\12s1ztn2.default -> hxxps://www.google.fr/ FF Extension: (Disable Media WMF NV12 format) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\12s1ztn2.default\features\{07d04c7a-3dcc-4edd-be4a-910cd7540f27}\disable-media-wmf-nv12@mozilla.org.xpi [2017-12-04] [Lagacy] FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\12s1ztn2.default\searchplugins\McSiteAdvisor.xml [2015-10-13] FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\12s1ztn2.default\searchplugins\Web Search.xml [2015-10-16] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-19] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-19] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-07-12] () FF Plugin-x32: Adobe Reader -> c:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.) ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Fichier non signé] R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573544 2014-03-21] (Acer Incorporated) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [235008 2013-07-16] (TODO: ) [Fichier non signé] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-18] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [459496 2014-03-17] (Acer Incorporate) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [404376 2017-09-05] (McAfee, Inc.) R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-04-28] (Acer Incorporate) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] () R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-04-28] (Acer Incorporate) R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-14] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-14] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-14] (McAfee, Inc.) R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [222952 2014-01-24] (acer) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R3 iaLPSS_I2C; C:\Windows\System32\drivers\iaLPSS_I2C.sys [99320 2013-08-08] (Intel Corporation) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.) R1 MpKsl0c006a9e; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{85F60632-9D5B-4179-9358-A7DA1DEB4BC4}\MpKsl0c006a9e.sys [58120 2017-12-09] (Microsoft Corporation) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation ) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) S3 mfeaack01; \Device\mfeaack01.sys [X] S3 OATool; \??\C:\Users\Administrator\AppData\Local\Temp\OAToolx64.sys [X] <==== ATTENTION S3 TDKLIB; \??\C:\Users\Administrator\AppData\Local\Temp\TdkLib64.sys [X] <==== ATTENTION ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-09 15:03 - 2017-12-09 15:04 - 000016789 _____ C:\Users\Joe\Desktop\FRST.txt 2017-12-09 15:03 - 2017-12-09 15:03 - 000000000 ____D C:\FRST 2017-12-09 15:01 - 2017-12-09 15:02 - 002390528 _____ (Farbar) C:\Users\Joe\Desktop\FRST64.exe 2017-12-08 19:26 - 2017-12-08 19:26 - 000145464 _____ C:\Users\Joe\Desktop\ZHPDiag.txt 2017-12-08 19:07 - 2017-12-08 19:36 - 000000000 ____D C:\Users\Joe\AppData\Roaming\ZHP 2017-12-08 19:07 - 2017-12-08 19:07 - 002943360 _____ C:\Users\Joe\Desktop\ZHPDiag3.exe 2017-12-08 19:07 - 2017-12-08 19:07 - 000000830 _____ C:\Users\Joe\Desktop\ZHPDiag.lnk 2017-12-08 19:07 - 2017-12-08 19:07 - 000000000 ____D C:\Users\Joe\AppData\Local\ZHP 2017-12-08 17:21 - 2017-12-08 18:35 - 000001909 _____ C:\Users\Joe\Desktop\UsbFix Anti-Malware.lnk 2017-12-08 17:21 - 2017-12-08 17:26 - 000000000 ____D C:\Program Files (x86)\UsbFix 2017-12-08 17:20 - 2017-12-08 17:21 - 007098344 _____ (SOSVirus) C:\Users\Joe\Desktop\UsbFix_2018.exe 2017-12-08 17:12 - 2017-12-08 17:12 - 000002049 _____ C:\Users\Joe\Desktop\Mozilla Firefox.lnk 2017-12-08 17:12 - 2017-12-08 17:12 - 000001965 _____ C:\Users\Joe\Desktop\Internet Explorer.lnk 2017-12-08 12:22 - 2017-12-08 03:15 - 000637778 _____ C:\Users\Joe\Desktop\Intro to Commun Law.odt 2017-12-08 12:17 - 2017-12-08 12:17 - 000000000 _RSHD C:\Joe 2017-12-08 01:04 - 2017-12-08 01:04 - 000044903 _____ C:\Users\Joe\Desktop\DISSERT DIP FINAL PDF.pdf 2017-12-07 23:34 - 2017-12-08 01:02 - 000027091 _____ C:\Users\Joe\Desktop\DISSERT DIP FINAL.odt 2017-12-06 03:24 - 2017-12-07 23:34 - 000033199 _____ C:\Users\Joe\Desktop\DISSERT DIP.odt 2017-12-06 00:37 - 2017-12-06 00:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2017-12-06 00:37 - 2017-12-06 00:37 - 000000000 ____D C:\ProgramData\McAfee Security Scan 2017-12-01 00:59 - 2017-12-01 00:59 - 003751922 _____ C:\Users\Joe\Desktop\Compte-rendu DIP - Séance 6.pdf 2017-11-28 00:01 - 2017-11-28 00:02 - 000361471 _____ C:\Users\Joe\Downloads\Droit du travail.odt 2017-11-21 18:12 - 2017-11-21 18:12 - 000048162 _____ C:\Users\Joe\Desktop\Intro Commentaire PDF.pdf 2017-11-21 18:09 - 2017-11-21 18:09 - 000122573 _____ C:\Users\Joe\Desktop\RGO TD AK5 PDF.pdf 2017-11-21 18:07 - 2017-11-21 18:07 - 000047784 _____ C:\Users\Joe\Desktop\Sommaire RGO PDF.pdf 2017-11-21 17:23 - 2017-11-21 17:23 - 000003334 _____ C:\Windows\System32\Tasks\AcerCloud 2017-11-21 17:16 - 2017-11-21 17:16 - 000000000 ____D C:\ProgramData\Apple 2017-11-21 17:16 - 2017-11-21 17:16 - 000000000 ____D C:\Program Files\Bonjour 2017-11-21 17:16 - 2017-11-21 17:16 - 000000000 ____D C:\Program Files (x86)\Bonjour 2017-11-21 17:12 - 2017-11-21 17:12 - 000003338 _____ C:\Windows\System32\Tasks\abDocsDllLoader 2017-11-21 17:12 - 2017-11-21 17:12 - 000001969 _____ C:\Users\Public\Desktop\abDocs.lnk 2017-11-21 17:05 - 2017-11-21 17:05 - 000261094 _____ C:\Users\Joe\Desktop\RGO SHORT PDF.pdf 2017-11-18 19:44 - 2017-11-21 03:06 - 000079593 _____ C:\Users\Joe\Desktop\RGO SHORT.odt 2017-11-15 22:24 - 2017-10-11 08:35 - 000143016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-11-15 22:24 - 2017-10-10 16:21 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 002023936 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2017-11-15 22:24 - 2017-10-10 14:18 - 001570304 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 000670208 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 000605184 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 000603648 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 000402944 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 000370688 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 000241664 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-11-15 22:24 - 2017-10-10 14:18 - 000181760 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-11-14 19:27 - 2017-10-14 09:38 - 025731584 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-11-14 19:27 - 2017-10-14 08:30 - 015266816 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-11-14 19:27 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-11-14 19:27 - 2017-10-14 08:05 - 015431680 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2017-11-14 19:27 - 2017-10-14 07:14 - 013317632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2017-11-14 19:26 - 2017-10-17 20:11 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll 2017-11-14 19:26 - 2017-10-16 19:38 - 002013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-11-14 19:26 - 2017-10-14 14:04 - 001548624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-11-14 19:26 - 2017-10-14 09:23 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-11-14 19:26 - 2017-10-14 09:13 - 002903552 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-11-14 19:26 - 2017-10-14 09:11 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-11-14 19:26 - 2017-10-14 09:09 - 005979648 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-11-14 19:26 - 2017-10-14 09:01 - 000816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-11-14 19:26 - 2017-10-14 08:36 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2017-11-14 19:26 - 2017-10-14 08:31 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-11-14 19:26 - 2017-10-14 08:30 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-11-14 19:26 - 2017-10-14 08:30 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-11-14 19:26 - 2017-10-14 08:29 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-11-14 19:26 - 2017-10-14 08:27 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-11-14 19:26 - 2017-10-14 08:21 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-11-14 19:26 - 2017-10-14 08:09 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-11-14 19:26 - 2017-10-14 07:58 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-11-14 19:26 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-11-14 19:26 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-11-14 19:26 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-11-14 19:26 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-11-14 19:26 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-11-14 19:26 - 2017-10-14 07:28 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2017-11-14 19:26 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-11-14 19:26 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-11-14 19:26 - 2017-10-14 07:24 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-11-14 19:26 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-11-14 19:26 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-11-14 19:26 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-11-14 19:26 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-11-14 19:26 - 2017-10-10 17:36 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys 2017-11-14 19:26 - 2017-10-10 16:38 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-11-14 19:26 - 2017-10-10 16:38 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll 2017-11-14 19:26 - 2017-10-10 16:11 - 002749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-11-14 19:26 - 2017-10-10 16:08 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll 2017-11-14 19:26 - 2017-10-05 08:17 - 000380248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2017-11-14 19:26 - 2017-09-15 00:52 - 000986968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2017-11-14 19:26 - 2017-09-08 18:14 - 003084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll 2017-11-14 19:26 - 2017-09-08 17:50 - 002471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll 2017-11-14 19:26 - 2017-09-08 04:31 - 000685440 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2017-11-14 19:26 - 2017-09-08 04:28 - 000507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2017-11-14 19:26 - 2017-09-07 22:31 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\mgmtapi.dll 2017-11-14 19:26 - 2017-09-07 20:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mgmtapi.dll 2017-11-14 19:26 - 2017-09-07 18:20 - 000513456 _____ C:\Windows\SysWOW64\locale.nls 2017-11-14 19:26 - 2017-09-07 18:20 - 000513456 _____ C:\Windows\system32\locale.nls 2017-11-14 19:26 - 2017-09-07 14:40 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2017-11-14 19:26 - 2017-09-07 14:40 - 000922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2017-11-14 19:26 - 2017-09-07 00:07 - 000158552 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2017-11-14 19:26 - 2017-09-06 22:17 - 000461144 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2017-11-14 19:26 - 2017-09-06 22:17 - 000443224 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2017-11-14 19:26 - 2017-09-06 15:14 - 000166400 _____ (Microsoft Corporation) C:\Windows\system32\regsvc.dll 2017-11-14 19:26 - 2017-08-11 02:39 - 002779136 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2017-11-14 19:26 - 2017-08-11 02:30 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2017-11-12 01:26 - 2017-11-12 01:26 - 000254174 _____ C:\Users\Joe\Desktop\Schéma Art 30 CVDT (Application traités successifs).pdf 2017-11-12 01:24 - 2017-11-12 01:24 - 008322202 _____ C:\Users\Joe\Desktop\Compte-rendu DIP - Séance 5.pdf ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-12-09 15:01 - 2014-08-16 02:16 - 000813248 _____ C:\Windows\system32\perfh00C.dat 2017-12-09 15:01 - 2014-08-16 02:16 - 000159750 _____ C:\Windows\system32\perfc00C.dat 2017-12-09 15:01 - 2014-03-18 11:03 - 001826754 _____ C:\Windows\system32\PerfStringBackup.INI 2017-12-09 15:01 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2017-12-09 14:58 - 2015-09-07 11:46 - 000000000 ____D C:\Users\Joe\AppData\Local\SweetLabs App Platform 2017-12-09 00:44 - 2017-09-06 15:06 - 000000000 ____D C:\Users\Joe\Desktop\Droit Y.4 2017-12-08 19:16 - 2015-10-27 15:05 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Skype 2017-12-08 18:27 - 2016-11-19 07:32 - 000000000 ____D C:\Users\Joe\AppData\LocalLow\Mozilla 2017-12-08 17:34 - 2015-09-07 11:53 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3234378438-3617891033-2030344392-1001 2017-12-08 17:11 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-12-08 12:22 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2017-12-07 01:25 - 2015-10-14 10:21 - 000002402 _____ C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk 2017-12-07 01:23 - 2015-11-02 20:52 - 000003272 _____ C:\Windows\System32\Tasks\SweetLabs App Platform 2017-12-06 03:49 - 2015-09-07 12:02 - 000000000 ____D C:\Users\Joe\AppData\Local\CrashDumps 2017-12-06 00:37 - 2017-02-27 21:42 - 000000000 ____D C:\Program Files\McAfee Security Scan 2017-12-06 00:37 - 2017-02-27 21:12 - 000001984 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk 2017-12-06 00:32 - 2016-11-18 14:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2017-12-06 00:32 - 2015-10-08 14:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-12-02 20:30 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps 2017-12-02 20:30 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness 2017-12-01 19:56 - 2015-09-24 15:03 - 000000000 ____D C:\Windows\system32\MRT 2017-12-01 19:54 - 2017-10-12 13:42 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe 2017-12-01 19:54 - 2015-09-24 15:03 - 127017032 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-12-01 12:45 - 2015-10-08 14:50 - 000001179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-11-22 22:33 - 2015-10-27 15:04 - 000000000 ____D C:\ProgramData\Skype 2017-11-22 22:26 - 2015-09-28 19:43 - 000000000 ____D C:\Windows\system32\appraiser 2017-11-21 17:23 - 2014-05-19 09:39 - 000000000 ____D C:\Program Files (x86)\Acer 2017-11-21 17:21 - 2015-09-07 11:49 - 000000000 ____D C:\Users\Joe\AppData\Local\clear.fi 2017-11-21 17:20 - 2014-05-19 09:39 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer 2017-11-21 17:12 - 2015-09-07 11:52 - 000003442 _____ C:\Windows\System32\Tasks\BacKGroundAgent 2017-11-21 17:12 - 2014-05-19 10:08 - 000000000 ___HD C:\OEM 2017-11-20 21:32 - 2016-02-19 19:14 - 000545440 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2017-11-18 19:45 - 2015-10-08 14:50 - 000000000 ____D C:\Users\Joe\AppData\Roaming\Mozilla 2017-11-18 02:34 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2017-11-17 00:54 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache 2017-11-15 22:03 - 2013-08-22 15:44 - 000411032 _____ C:\Windows\system32\FNTCACHE.DAT 2017-11-12 01:18 - 2017-10-22 11:50 - 006459844 _____ C:\Users\Joe\Desktop\DIP(1) Compte-rendu Séance 2 .pdf ==================== Fichiers à la racine de certains dossiers ======= 2015-10-16 14:03 - 2015-10-16 14:03 - 000007595 _____ () C:\Users\Joe\AppData\Local\Resmon.ResmonCfg ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-11-30 18:51 ==================== Fin de FRST.txt ============================