Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17.04.2019
Exécuté par JP BELETTE (administrateur) sur BUREAU (17-04-2019 21:20:27)
Exécuté depuis C:\Users\JP\Downloads
Profils chargés: JP BELETTE (Profils disponibles: JP BELETTE)
Platform: Windows 8 Pro (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(IQ OPTION EUROPE LTD -> ) C:\Program Files (x86)\IQ Option\IQOptionUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nero AG -> ) C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\NisSrv.exe
() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Opera Software AS -> Opera Software) C:\Users\JP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
(IQ OPTION EUROPE LTD -> ) C:\Program Files (x86)\IQ Option\iqtray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(The Document Foundation -> The Document Foundation) [Fichier non signé] C:\Program Files (x86)\LibreOffice 4\program\swriter.exe
(The Document Foundation -> The Document Foundation) [Fichier non signé] C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
(The Document Foundation) [Fichier non signé] C:\Program Files (x86)\LibreOffice 4\program\soffice.bin
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [353056 2018-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => c:\program files (x86)\real\RealDownloader\downloader2.exe [1263392 2018-11-15] (RealNetworks, Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-03-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6950400 2013-10-25] (FreeDownloadManager.ORG) [Fichier non signé]
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [Opera Browser Assistant] => C:\Users\JP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2480728 2019-03-22] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\MountPoints2: {84489298-2d43-11e9-8744-6002b49a3ec5} - "E:\Setup.exe"
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [149504 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2018-12-14]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IQTray.lnk [2018-09-09]
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\iqtray.exe (IQ OPTION EUROPE LTD -> )
Startup: C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2016-01-05] (Leader Technologies) [Fichier non signé]
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 10.88.76.1
Tcpip\..\Interfaces\{1f4c2a1e-8681-4ee7-84a9-87f67350e187}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2098a69d-850d-4353-86e2-96b28e44021d}: [DhcpNameServer] 10.88.76.1
Tcpip\..\Interfaces\{32ded014-2668-4a54-81e7-954b4b8ef63b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b5b790f8-d1d6-4fbe-8a5a-9a50b12abdcd}: [DhcpNameServer] 192.168.100.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-11-15] (RealNetworks, Inc. -> RealDownloader)
BHO: Pas de nom -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> Pas de fichier
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-11-15] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-10-25] (FreeDownloadManager.ORG) [Fichier non signé]
Toolbar: HKLM - Pas de nom - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Pas de fichier
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FireFox:
========
FF DefaultProfile: c2qs3n02.default-1548695276909
FF ProfilePath: C:\Users\JP\AppData\Roaming\Mozilla\Firefox\Profiles\c2qs3n02.default-1548695276909 [2019-04-17]
FF NewTabOverride: Mozilla\Firefox\Profiles\c2qs3n02.default-1548695276909 -> Disabled: _brMembers_@free.yourtemplatefinder.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.15.215 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.15.215 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-12-14] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3417960555-3109201405-1528020211-1001: @citrixonline.com/appdetectorplugin -> C:\Users\JP\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-02] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default [2019-04-16]
CHR Extension: (Google Drive) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (Adobe Acrobat) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-16]
CHR Extension: (Skype) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-12-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JP\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-11-19]
CHR HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2017-10-13] (Advanced Micro Devices, Inc. -> AMD)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-07] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-07] (AVAST Software s.r.o. -> AVAST Software)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-17] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-14] (Microsoft Corporation -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated -> Acer Incorporated)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG -> Nero AG)
R2 IQOptionUpdater; C:\Program Files (x86)\IQ Option\\IQOptionUpdater.exe [2748544 2019-04-08] (IQ OPTION EUROPE LTD -> )
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [459496 2013-11-23] (Acer Incorporated -> Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [38016 2018-11-15] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [990840 2018-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
S2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [4978368 2019-04-03] (Protected Antivirus Limited -> TotalAV)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
S2 AdaptiveSleepService; "C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2018-02-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-02-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2018-02-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes Corporation -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2018-12-17] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2018-12-17] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-04-16] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2018-12-17] (Malwarebytes Corporation -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-08] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [98944 2019-04-02] (Protected Antivirus Limited -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-17 21:20 - 2019-04-17 21:38 - 000023360 _____ C:\Users\JP\Downloads\FRST.txt
2019-04-17 21:17 - 2019-04-17 21:20 - 000000000 ____D C:\FRST
2019-04-17 21:12 - 2019-04-17 21:12 - 002434048 _____ (Farbar) C:\Users\JP\Downloads\FRST64.exe
2019-04-17 18:31 - 2019-04-17 21:54 - 000000093 ____H C:\Users\JP\Desktop\.~lock.Coord.odt#
2019-04-17 09:46 - 2019-04-17 09:46 - 000301283 _____ C:\WINDOWS\SysWOW64\rsslogs.20190417094541
2019-04-17 09:22 - 2019-04-17 09:22 - 000027173 _____ C:\WINDOWS\SysWOW64\rsslogs.20190417092124
2019-04-16 23:42 - 2019-04-16 23:42 - 000000000 ____D C:\Users\JP\Documents\TotalAV
2019-04-16 23:39 - 2019-04-16 23:39 - 000000000 ____D C:\ProgramData\SecuritySuite
2019-04-16 23:16 - 2019-04-02 13:38 - 000098944 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\webshieldfilter.sys
2019-04-16 23:15 - 2019-04-16 23:36 - 000000000 ____D C:\Users\JP\AppData\Roaming\TotalAV
2019-04-16 23:15 - 2019-04-16 23:15 - 000001101 _____ C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2019-04-16 23:13 - 2019-04-17 09:25 - 000000000 ____D C:\Program Files (x86)\TotalAV
2019-04-16 23:13 - 2019-04-16 23:13 - 000001076 _____ C:\Users\JP\Desktop\TotalAV.lnk
2019-04-16 23:05 - 2019-04-16 23:12 - 014142672 _____ C:\Users\JP\Downloads\TotalAV_Setup.exe
2019-04-16 18:03 - 2019-04-16 18:03 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-16 17:45 - 2019-04-16 17:45 - 000634442 _____ C:\WINDOWS\SysWOW64\rsslogs.20190416174421
2019-04-16 14:54 - 2019-04-16 14:54 - 000183046 _____ C:\WINDOWS\SysWOW64\rsslogs.20190416145343
2019-04-15 09:56 - 2019-04-15 09:56 - 000179401 _____ C:\WINDOWS\SysWOW64\rsslogs.20190415095558
2019-04-15 00:53 - 2019-04-15 00:53 - 000059051 _____ C:\WINDOWS\SysWOW64\rsslogs.20190415005251
2019-04-15 00:06 - 2019-04-15 00:06 - 000054303 _____ C:\WINDOWS\SysWOW64\rsslogs.20190415000528
2019-04-14 18:40 - 2019-04-14 18:40 - 000108693 _____ C:\WINDOWS\SysWOW64\rsslogs.20190414183953
2019-04-14 10:28 - 2019-04-14 10:35 - 000000000 ____D C:\Users\JP\Desktop\sauvegarde
2019-04-13 23:28 - 2019-04-13 23:28 - 000216094 _____ C:\WINDOWS\SysWOW64\rsslogs.20190413232735
2019-04-13 00:29 - 2019-04-13 23:28 - 000147596 _____ C:\WINDOWS\SysWOW64\rsslogs.20190413002835
2019-04-12 09:32 - 2019-04-12 09:32 - 000489045 _____ C:\WINDOWS\SysWOW64\rsslogs.20190412093158
2019-04-11 18:25 - 2019-04-11 18:25 - 000151163 _____ C:\WINDOWS\SysWOW64\rsslogs.20190411182426
2019-04-11 09:35 - 2019-04-11 09:35 - 000214968 _____ C:\WINDOWS\SysWOW64\rsslogs.20190411093452
2019-04-11 02:02 - 2019-04-11 18:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-11 00:05 - 2019-04-11 00:05 - 000197216 _____ C:\WINDOWS\SysWOW64\rsslogs.20190411000456
2019-04-10 02:24 - 2019-04-10 02:24 - 000606832 _____ C:\WINDOWS\SysWOW64\rsslogs.20190410022326
2019-04-09 18:10 - 2019-04-09 18:10 - 000263342 _____ C:\WINDOWS\SysWOW64\rsslogs.20190409180908
2019-04-09 10:04 - 2019-04-09 10:04 - 000464388 _____ C:\WINDOWS\SysWOW64\rsslogs.20190409100301
2019-04-08 23:33 - 2019-04-08 23:33 - 000114520 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408233219
2019-04-08 14:54 - 2019-04-08 14:54 - 000199576 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408145314
2019-04-08 14:11 - 2019-04-08 14:11 - 000044891 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408141041
2019-04-08 09:34 - 2019-04-08 09:34 - 000200808 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408093301
2019-04-07 12:06 - 2019-04-07 12:06 - 000473648 _____ C:\WINDOWS\SysWOW64\rsslogs.20190407120544
2019-04-06 09:14 - 2019-04-06 09:14 - 000256273 _____ C:\WINDOWS\SysWOW64\rsslogs.20190406091343
2019-04-05 19:48 - 2019-04-05 19:48 - 000226809 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405194716
2019-04-05 17:53 - 2019-04-05 17:53 - 000133490 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405175216
2019-04-05 09:12 - 2019-04-05 09:12 - 000160652 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405091110
2019-04-05 00:47 - 2019-04-05 00:47 - 000074385 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405004611
2019-04-05 00:45 - 2019-04-05 00:45 - 000003616 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3417960555-3109201405-1528020211-1001
2019-04-04 09:09 - 2019-04-05 00:45 - 000524388 _____ C:\WINDOWS\SysWOW64\rsslogs.20190404090814
2019-04-03 09:46 - 2019-04-03 09:46 - 000501873 _____ C:\WINDOWS\SysWOW64\rsslogs.20190403094505
2019-04-02 19:51 - 2019-04-02 19:51 - 000138116 _____ C:\WINDOWS\SysWOW64\rsslogs.20190402195014
2019-04-02 09:49 - 2019-04-02 09:49 - 000098072 _____ C:\WINDOWS\SysWOW64\rsslogs.20190402094809
2019-04-01 20:32 - 2019-04-01 20:32 - 000155820 _____ C:\WINDOWS\SysWOW64\rsslogs.20190401203212
2019-03-31 20:48 - 2019-04-01 20:32 - 000573957 _____ C:\WINDOWS\SysWOW64\rsslogs.20190331204738
2019-03-31 09:24 - 2019-03-31 09:24 - 000026006 _____ C:\WINDOWS\SysWOW64\rsslogs.20190331092346
2019-03-30 10:25 - 2019-03-31 09:24 - 000086251 _____ C:\WINDOWS\SysWOW64\rsslogs.20190330092502
2019-03-29 10:17 - 2019-03-29 10:17 - 000410977 _____ C:\WINDOWS\SysWOW64\rsslogs.20190329091632
2019-03-28 11:01 - 2019-03-28 11:01 - 000272873 _____ C:\WINDOWS\SysWOW64\rsslogs.20190328100035
2019-03-27 10:57 - 2019-04-17 09:55 - 000000000 ____D C:\Users\JP\Downloads\opera autoupdate
2019-03-27 10:48 - 2019-03-28 11:01 - 000246952 _____ C:\WINDOWS\SysWOW64\rsslogs.20190327094707
2019-03-27 01:54 - 2019-03-27 01:54 - 000004424 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1553644453
2019-03-26 20:25 - 2019-03-26 20:25 - 000125179 _____ C:\WINDOWS\SysWOW64\rsslogs.20190326192440
2019-03-26 10:14 - 2019-03-26 10:14 - 000113452 _____ C:\WINDOWS\SysWOW64\rsslogs.20190326091339
2019-03-25 19:55 - 2019-03-25 19:55 - 000160617 _____ C:\WINDOWS\SysWOW64\rsslogs.20190325185442
2019-03-25 10:30 - 2019-03-25 10:30 - 000070863 _____ C:\WINDOWS\SysWOW64\rsslogs.20190325092927
2019-03-25 02:39 - 2019-03-25 02:39 - 000000239 _____ C:\Users\JP\Desktop\Untitled.URL
2019-03-24 10:53 - 2019-03-24 10:53 - 000361424 _____ C:\WINDOWS\SysWOW64\rsslogs.20190324095202
2019-03-23 10:11 - 2019-03-23 10:11 - 000213758 _____ C:\WINDOWS\SysWOW64\rsslogs.20190323091035
2019-03-22 20:02 - 2019-03-22 20:02 - 000165391 _____ C:\WINDOWS\SysWOW64\rsslogs.20190322190103
2019-03-22 10:52 - 2019-03-22 10:52 - 000100417 _____ C:\WINDOWS\SysWOW64\rsslogs.20190322095155
2019-03-21 20:28 - 2019-03-21 20:28 - 000106227 _____ C:\WINDOWS\SysWOW64\rsslogs.20190321192757
2019-03-20 20:44 - 2019-03-30 01:58 - 000004202 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1553107460
2019-03-20 20:44 - 2019-03-30 01:57 - 000001434 _____ C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2019-03-20 20:44 - 2019-03-20 20:44 - 000000000 ____D C:\Users\JP\AppData\Local\Opera Software
2019-03-20 20:42 - 2019-03-20 20:42 - 002165728 _____ (Opera Software) C:\Users\JP\Downloads\OperaSetup.exe
2019-03-20 20:42 - 2019-03-20 20:42 - 000000000 ____D C:\Users\JP\AppData\Roaming\Opera Software
2019-03-20 20:08 - 2019-03-21 20:28 - 000324721 _____ C:\WINDOWS\SysWOW64\rsslogs.20190320190708
2019-03-20 20:04 - 2019-03-20 20:04 - 000002363 _____ C:\WINDOWS\SysWOW64\rsslogs.20190320190313
2019-03-20 10:33 - 2019-03-20 10:33 - 000082692 _____ C:\WINDOWS\SysWOW64\rsslogs.20190320093252
2019-03-19 19:55 - 2019-03-19 19:55 - 000207743 _____ C:\WINDOWS\SysWOW64\rsslogs.20190319185430
2019-03-19 10:22 - 2019-03-19 10:22 - 000172492 _____ C:\WINDOWS\SysWOW64\rsslogs.20190319092153
2019-03-19 02:02 - 2019-03-19 02:02 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-03-18 20:10 - 2019-03-18 20:10 - 000138150 _____ C:\WINDOWS\SysWOW64\rsslogs.20190318190907
2019-03-18 11:01 - 2019-03-18 11:01 - 000092149 _____ C:\WINDOWS\SysWOW64\rsslogs.20190318100040
2019-03-18 02:43 - 2019-03-18 02:43 - 000150025 _____ C:\WINDOWS\SysWOW64\rsslogs.20190318014249
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-17 21:56 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-17 21:54 - 2019-01-07 15:49 - 000050064 _____ C:\Users\JP\Desktop\Coord.odt
2019-04-17 21:34 - 2018-05-23 17:27 - 000004290 _____ C:\WINDOWS\System32\Tasks\IQOptionUpdateTask
2019-04-17 21:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-04-17 21:24 - 2018-11-19 18:47 - 000000000 ___HD C:\Users\JP\Desktop\.tmp.drivedownload
2019-04-17 21:09 - 2018-05-23 16:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-17 18:46 - 2017-10-29 19:24 - 000000000 ____D C:\Program Files (x86)\IQ Option
2019-04-17 09:52 - 2018-11-19 14:49 - 000000000 ___RD C:\Users\JP\Google Drive
2019-04-17 09:52 - 2018-05-23 17:08 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-17 09:52 - 2018-04-12 18:18 - 000791028 _____ C:\WINDOWS\system32\perfh00C.dat
2019-04-17 09:52 - 2018-04-12 18:18 - 000149524 _____ C:\WINDOWS\system32\perfc00C.dat
2019-04-17 09:52 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-17 09:49 - 2016-11-21 19:34 - 000000000 ____D C:\Users\JP\AppData\LocalLow\Mozilla
2019-04-17 09:49 - 2014-05-09 22:03 - 000000000 ____D C:\Users\JP\AppData\Local\CrashDumps
2019-04-17 09:46 - 2016-01-12 17:05 - 000000000 ____D C:\Users\JP\AppData\Local\HTC MediaHub
2019-04-17 09:45 - 2018-05-23 17:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-17 09:44 - 2018-05-23 16:49 - 000000000 ____D C:\Users\JP
2019-04-17 09:44 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-04-17 09:44 - 2017-07-16 22:14 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-04-17 02:56 - 2019-03-06 15:58 - 000000000 ____D C:\Users\JP\Desktop\Poursar
2019-04-17 00:59 - 2015-06-06 21:29 - 000000000 ____D C:\Users\JP\Desktop\Films
2019-04-17 00:29 - 2019-02-23 12:31 - 000000000 ____D C:\Users\JP\Desktop\Pour xxxx
2019-04-16 22:21 - 2015-01-27 12:39 - 000000000 ____D C:\Users\JP\Desktop\Stick 2014
2019-04-16 20:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-16 17:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-16 15:17 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-16 15:11 - 2018-05-13 10:17 - 000000000 ____D C:\Users\JP\Desktop\Aude
2019-04-15 00:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-15 00:14 - 2018-05-23 17:27 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-13 02:07 - 2014-05-29 22:37 - 000000000 ____D C:\stock
2019-04-12 10:43 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-11 19:32 - 2014-05-09 21:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-11 18:41 - 2014-08-17 22:47 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-11 18:24 - 2015-02-27 03:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-09 19:35 - 2018-10-03 10:27 - 000000000 ____D C:\Users\JP\Desktop\Annonces
2019-04-09 18:38 - 2017-06-27 17:01 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-09 13:58 - 2018-05-23 17:27 - 000004752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-09 13:58 - 2018-05-23 17:27 - 000004558 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-09 13:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-09 13:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-08 23:46 - 2018-03-01 20:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-07 17:53 - 2014-05-09 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2019-04-05 18:13 - 2018-11-17 12:07 - 000000000 ____D C:\Program Files\rempl
2019-04-04 14:17 - 2018-05-27 02:12 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-04 11:37 - 2014-06-13 00:58 - 000000000 ____D C:\Users\JP\AppData\Local\ElevatedDiagnostics
2019-04-04 11:01 - 2017-10-23 02:12 - 000000000 ____D C:\Users\JP\AppData\Local\Packages
2019-04-02 00:12 - 2018-05-23 17:27 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3417960555-3109201405-1528020211-1001
2019-04-02 00:12 - 2018-05-23 16:49 - 000002408 _____ C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-02 00:12 - 2014-05-10 01:49 - 000000000 ___RD C:\Users\JP\OneDrive
2019-04-01 19:51 - 2018-04-12 01:41 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-04-12 01:41 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-01 16:05 - 2018-01-20 18:48 - 000000000 ____D C:\Users\JP\Desktop\Amenagement St Georges
2019-03-30 15:12 - 2018-11-19 17:40 - 000000000 ___HD C:\Users\JP\Documents\.tmp.drivedownload
2019-03-28 14:09 - 2018-05-23 17:27 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 14:09 - 2018-05-23 17:27 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 11:11 - 2018-07-15 18:29 - 000000438 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-03-20 02:44 - 2015-08-20 09:07 - 000000000 ____D C:\Users\JP\AppData\Local\Comms
2019-03-19 02:02 - 2014-05-10 01:35 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-18 11:03 - 2019-03-16 11:05 - 000000000 ____D C:\Users\JP\Desktop\construction nouvelle
==================== Fichiers à la racine de certains dossiers =======
2016-12-02 18:35 - 2016-12-02 18:36 - 016511029 _____ () C:\Program Files (x86)\Quick Access_PackardBell_1.01.3023_W10x64_A.zip
2019-03-08 02:42 - 2019-03-08 02:42 - 000003584 _____ () C:\Users\JP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-22 15:25 - 2016-02-22 15:27 - 000007605 _____ () C:\Users\JP\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dllhost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-05-23 16:41
==================== Fin de FRST.txt ============================
Exécuté par JP BELETTE (administrateur) sur BUREAU (17-04-2019 21:20:27)
Exécuté depuis C:\Users\JP\Downloads
Profils chargés: JP BELETTE (Profils disponibles: JP BELETTE)
Platform: Windows 8 Pro (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(SEIKO EPSON Corporation -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Nero AG -> Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(IQ OPTION EUROPE LTD -> ) C:\Program Files (x86)\IQ Option\IQOptionUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc. -> RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\MsMpEng.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Acer Incorporated -> Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Nero AG -> ) C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.4-0\NisSrv.exe
() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Opera Software AS -> Opera Software) C:\Users\JP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
(IQ OPTION EUROPE LTD -> ) C:\Program Files (x86)\IQ Option\iqtray.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Google Inc -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Protected Antivirus Limited -> TotalAV) C:\Program Files (x86)\TotalAV\TotalAV.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
() [Fichier non signé] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc. -> ) C:\Program Files (x86)\Real\RealDownloader\downloader2.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(The Document Foundation -> The Document Foundation) [Fichier non signé] C:\Program Files (x86)\LibreOffice 4\program\swriter.exe
(The Document Foundation -> The Document Foundation) [Fichier non signé] C:\Program Files (x86)\LibreOffice 4\program\soffice.exe
(The Document Foundation) [Fichier non signé] C:\Program Files (x86)\LibreOffice 4\program\soffice.bin
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11425.20190.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [353056 2018-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => c:\program files (x86)\real\RealDownloader\downloader2.exe [1263392 2018-11-15] (RealNetworks, Inc. -> )
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2014-03-05] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [6950400 2013-10-25] (FreeDownloadManager.ORG) [Fichier non signé]
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46504696 2018-12-07] (Google Inc -> )
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\Run: [Opera Browser Assistant] => C:\Users\JP\AppData\Local\Programs\Opera\assistant\browser_assistant.exe [2480728 2019-03-22] (Opera Software AS -> Opera Software)
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\...\MountPoints2: {84489298-2d43-11e9-8744-6002b49a3ec5} - "E:\Setup.exe"
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [149504 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2013-12-24] (Qualcomm Atheros -> Qualcomm®Atheros®) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2018-12-14]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc. -> RealNetworks, Inc.)
Startup: C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\IQTray.lnk [2018-09-09]
ShortcutTarget: IQTray.lnk -> C:\Program Files (x86)\IQ Option\iqtray.exe (IQ OPTION EUROPE LTD -> )
Startup: C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe [2016-01-05] (Leader Technologies) [Fichier non signé]
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 10.88.76.1
Tcpip\..\Interfaces\{1f4c2a1e-8681-4ee7-84a9-87f67350e187}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2098a69d-850d-4353-86e2-96b28e44021d}: [DhcpNameServer] 10.88.76.1
Tcpip\..\Interfaces\{32ded014-2668-4a54-81e7-954b4b8ef63b}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b5b790f8-d1d6-4fbe-8a5a-9a50b12abdcd}: [DhcpNameServer] 192.168.100.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2018-11-15] (RealNetworks, Inc. -> RealDownloader)
BHO: Pas de nom -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> Pas de fichier
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> c:\program files (x86)\real\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2018-11-15] (RealNetworks, Inc. -> RealDownloader)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-10-25] (FreeDownloadManager.ORG) [Fichier non signé]
Toolbar: HKLM - Pas de nom - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Pas de fichier
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FireFox:
========
FF DefaultProfile: c2qs3n02.default-1548695276909
FF ProfilePath: C:\Users\JP\AppData\Roaming\Mozilla\Firefox\Profiles\c2qs3n02.default-1548695276909 [2019-04-17]
FF NewTabOverride: Mozilla\Firefox\Profiles\c2qs3n02.default-1548695276909 -> Disabled: _brMembers_@free.yourtemplatefinder.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_171.dll [2019-04-09] (Adobe Inc. -> )
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.15.215 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2018-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.15.215 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2018-12-14] (RealNetworks, Inc. -> RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3417960555-3109201405-1528020211-1001: @citrixonline.com/appdetectorplugin -> C:\Users\JP\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-07-02] (Citrix Online -> Citrix Online)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default [2019-04-16]
CHR Extension: (Google Drive) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-12]
CHR Extension: (Adobe Acrobat) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-16]
CHR Extension: (Skype) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2018-12-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-18]
CHR Extension: (Chrome Media Router) - C:\Users\JP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-17]
CHR HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\JP\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2018-11-19]
CHR HKU\S-1-5-21-3417960555-3109201405-1528020211-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [560544 2017-10-13] (Advanced Micro Devices, Inc. -> AMD)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-07] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-07] (AVAST Software s.r.o. -> AVAST Software)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2709760 2014-11-17] (Acer Incorporated -> Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2711736 2015-01-14] (Microsoft Corporation -> Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated -> Acer Incorporated)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (SEIKO EPSON Corporation -> Seiko Epson Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-24] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG -> Nero AG)
R2 IQOptionUpdater; C:\Program Files (x86)\IQ Option\\IQOptionUpdater.exe [2748544 2019-04-08] (IQ OPTION EUROPE LTD -> )
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [459496 2013-11-23] (Acer Incorporated -> Acer Incorporate)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
S3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporated -> Acer Incorporate)
R2 RealPlayerUpdateSvc; C:\program files (x86)\real\UpdateService\RealPlayerUpdateSvc.exe [38016 2018-11-15] (RealNetworks, Inc. -> RealNetworks, Inc.)
R2 RealTimes Desktop Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [990840 2018-12-14] (RealNetworks, Inc. -> RealNetworks, Inc.)
S2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [4978368 2019-04-03] (Protected Antivirus Limited -> TotalAV)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-08] (Microsoft Corporation -> Microsoft Corporation)
S2 AdaptiveSleepService; "C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmdag.sys [38774688 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0318486.inf_amd64_11ba0b4b7cc81d52\atikmpag.sys [549792 2017-10-13] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2018-02-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-02-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2018-02-13] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-12-04] (Malwarebytes Corporation -> Malwarebytes)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [126624 2018-12-17] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [72536 2018-12-17] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [261032 2019-04-16] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [113016 2018-12-17] (Malwarebytes Corporation -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated -> Acer Incorporated)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-08] (Microsoft Windows -> Microsoft Corporation)
R1 webshieldfilter; C:\WINDOWS\System32\drivers\webshieldfilter.sys [98944 2019-04-02] (Protected Antivirus Limited -> Windows (R) Win 7 DDK provider)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-17 21:20 - 2019-04-17 21:38 - 000023360 _____ C:\Users\JP\Downloads\FRST.txt
2019-04-17 21:17 - 2019-04-17 21:20 - 000000000 ____D C:\FRST
2019-04-17 21:12 - 2019-04-17 21:12 - 002434048 _____ (Farbar) C:\Users\JP\Downloads\FRST64.exe
2019-04-17 18:31 - 2019-04-17 21:54 - 000000093 ____H C:\Users\JP\Desktop\.~lock.Coord.odt#
2019-04-17 09:46 - 2019-04-17 09:46 - 000301283 _____ C:\WINDOWS\SysWOW64\rsslogs.20190417094541
2019-04-17 09:22 - 2019-04-17 09:22 - 000027173 _____ C:\WINDOWS\SysWOW64\rsslogs.20190417092124
2019-04-16 23:42 - 2019-04-16 23:42 - 000000000 ____D C:\Users\JP\Documents\TotalAV
2019-04-16 23:39 - 2019-04-16 23:39 - 000000000 ____D C:\ProgramData\SecuritySuite
2019-04-16 23:16 - 2019-04-02 13:38 - 000098944 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\webshieldfilter.sys
2019-04-16 23:15 - 2019-04-16 23:36 - 000000000 ____D C:\Users\JP\AppData\Roaming\TotalAV
2019-04-16 23:15 - 2019-04-16 23:15 - 000001101 _____ C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2019-04-16 23:13 - 2019-04-17 09:25 - 000000000 ____D C:\Program Files (x86)\TotalAV
2019-04-16 23:13 - 2019-04-16 23:13 - 000001076 _____ C:\Users\JP\Desktop\TotalAV.lnk
2019-04-16 23:05 - 2019-04-16 23:12 - 014142672 _____ C:\Users\JP\Downloads\TotalAV_Setup.exe
2019-04-16 18:03 - 2019-04-16 18:03 - 000261032 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-04-16 17:45 - 2019-04-16 17:45 - 000634442 _____ C:\WINDOWS\SysWOW64\rsslogs.20190416174421
2019-04-16 14:54 - 2019-04-16 14:54 - 000183046 _____ C:\WINDOWS\SysWOW64\rsslogs.20190416145343
2019-04-15 09:56 - 2019-04-15 09:56 - 000179401 _____ C:\WINDOWS\SysWOW64\rsslogs.20190415095558
2019-04-15 00:53 - 2019-04-15 00:53 - 000059051 _____ C:\WINDOWS\SysWOW64\rsslogs.20190415005251
2019-04-15 00:06 - 2019-04-15 00:06 - 000054303 _____ C:\WINDOWS\SysWOW64\rsslogs.20190415000528
2019-04-14 18:40 - 2019-04-14 18:40 - 000108693 _____ C:\WINDOWS\SysWOW64\rsslogs.20190414183953
2019-04-14 10:28 - 2019-04-14 10:35 - 000000000 ____D C:\Users\JP\Desktop\sauvegarde
2019-04-13 23:28 - 2019-04-13 23:28 - 000216094 _____ C:\WINDOWS\SysWOW64\rsslogs.20190413232735
2019-04-13 00:29 - 2019-04-13 23:28 - 000147596 _____ C:\WINDOWS\SysWOW64\rsslogs.20190413002835
2019-04-12 09:32 - 2019-04-12 09:32 - 000489045 _____ C:\WINDOWS\SysWOW64\rsslogs.20190412093158
2019-04-11 18:25 - 2019-04-11 18:25 - 000151163 _____ C:\WINDOWS\SysWOW64\rsslogs.20190411182426
2019-04-11 09:35 - 2019-04-11 09:35 - 000214968 _____ C:\WINDOWS\SysWOW64\rsslogs.20190411093452
2019-04-11 02:02 - 2019-04-11 18:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-04-11 00:05 - 2019-04-11 00:05 - 000197216 _____ C:\WINDOWS\SysWOW64\rsslogs.20190411000456
2019-04-10 02:24 - 2019-04-10 02:24 - 000606832 _____ C:\WINDOWS\SysWOW64\rsslogs.20190410022326
2019-04-09 18:10 - 2019-04-09 18:10 - 000263342 _____ C:\WINDOWS\SysWOW64\rsslogs.20190409180908
2019-04-09 10:04 - 2019-04-09 10:04 - 000464388 _____ C:\WINDOWS\SysWOW64\rsslogs.20190409100301
2019-04-08 23:33 - 2019-04-08 23:33 - 000114520 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408233219
2019-04-08 14:54 - 2019-04-08 14:54 - 000199576 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408145314
2019-04-08 14:11 - 2019-04-08 14:11 - 000044891 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408141041
2019-04-08 09:34 - 2019-04-08 09:34 - 000200808 _____ C:\WINDOWS\SysWOW64\rsslogs.20190408093301
2019-04-07 12:06 - 2019-04-07 12:06 - 000473648 _____ C:\WINDOWS\SysWOW64\rsslogs.20190407120544
2019-04-06 09:14 - 2019-04-06 09:14 - 000256273 _____ C:\WINDOWS\SysWOW64\rsslogs.20190406091343
2019-04-05 19:48 - 2019-04-05 19:48 - 000226809 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405194716
2019-04-05 17:53 - 2019-04-05 17:53 - 000133490 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405175216
2019-04-05 09:12 - 2019-04-05 09:12 - 000160652 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405091110
2019-04-05 00:47 - 2019-04-05 00:47 - 000074385 _____ C:\WINDOWS\SysWOW64\rsslogs.20190405004611
2019-04-05 00:45 - 2019-04-05 00:45 - 000003616 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3417960555-3109201405-1528020211-1001
2019-04-04 09:09 - 2019-04-05 00:45 - 000524388 _____ C:\WINDOWS\SysWOW64\rsslogs.20190404090814
2019-04-03 09:46 - 2019-04-03 09:46 - 000501873 _____ C:\WINDOWS\SysWOW64\rsslogs.20190403094505
2019-04-02 19:51 - 2019-04-02 19:51 - 000138116 _____ C:\WINDOWS\SysWOW64\rsslogs.20190402195014
2019-04-02 09:49 - 2019-04-02 09:49 - 000098072 _____ C:\WINDOWS\SysWOW64\rsslogs.20190402094809
2019-04-01 20:32 - 2019-04-01 20:32 - 000155820 _____ C:\WINDOWS\SysWOW64\rsslogs.20190401203212
2019-03-31 20:48 - 2019-04-01 20:32 - 000573957 _____ C:\WINDOWS\SysWOW64\rsslogs.20190331204738
2019-03-31 09:24 - 2019-03-31 09:24 - 000026006 _____ C:\WINDOWS\SysWOW64\rsslogs.20190331092346
2019-03-30 10:25 - 2019-03-31 09:24 - 000086251 _____ C:\WINDOWS\SysWOW64\rsslogs.20190330092502
2019-03-29 10:17 - 2019-03-29 10:17 - 000410977 _____ C:\WINDOWS\SysWOW64\rsslogs.20190329091632
2019-03-28 11:01 - 2019-03-28 11:01 - 000272873 _____ C:\WINDOWS\SysWOW64\rsslogs.20190328100035
2019-03-27 10:57 - 2019-04-17 09:55 - 000000000 ____D C:\Users\JP\Downloads\opera autoupdate
2019-03-27 10:48 - 2019-03-28 11:01 - 000246952 _____ C:\WINDOWS\SysWOW64\rsslogs.20190327094707
2019-03-27 01:54 - 2019-03-27 01:54 - 000004424 _____ C:\WINDOWS\System32\Tasks\Opera scheduled assistant Autoupdate 1553644453
2019-03-26 20:25 - 2019-03-26 20:25 - 000125179 _____ C:\WINDOWS\SysWOW64\rsslogs.20190326192440
2019-03-26 10:14 - 2019-03-26 10:14 - 000113452 _____ C:\WINDOWS\SysWOW64\rsslogs.20190326091339
2019-03-25 19:55 - 2019-03-25 19:55 - 000160617 _____ C:\WINDOWS\SysWOW64\rsslogs.20190325185442
2019-03-25 10:30 - 2019-03-25 10:30 - 000070863 _____ C:\WINDOWS\SysWOW64\rsslogs.20190325092927
2019-03-25 02:39 - 2019-03-25 02:39 - 000000239 _____ C:\Users\JP\Desktop\Untitled.URL
2019-03-24 10:53 - 2019-03-24 10:53 - 000361424 _____ C:\WINDOWS\SysWOW64\rsslogs.20190324095202
2019-03-23 10:11 - 2019-03-23 10:11 - 000213758 _____ C:\WINDOWS\SysWOW64\rsslogs.20190323091035
2019-03-22 20:02 - 2019-03-22 20:02 - 000165391 _____ C:\WINDOWS\SysWOW64\rsslogs.20190322190103
2019-03-22 10:52 - 2019-03-22 10:52 - 000100417 _____ C:\WINDOWS\SysWOW64\rsslogs.20190322095155
2019-03-21 20:28 - 2019-03-21 20:28 - 000106227 _____ C:\WINDOWS\SysWOW64\rsslogs.20190321192757
2019-03-20 20:44 - 2019-03-30 01:58 - 000004202 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1553107460
2019-03-20 20:44 - 2019-03-30 01:57 - 000001434 _____ C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2019-03-20 20:44 - 2019-03-20 20:44 - 000000000 ____D C:\Users\JP\AppData\Local\Opera Software
2019-03-20 20:42 - 2019-03-20 20:42 - 002165728 _____ (Opera Software) C:\Users\JP\Downloads\OperaSetup.exe
2019-03-20 20:42 - 2019-03-20 20:42 - 000000000 ____D C:\Users\JP\AppData\Roaming\Opera Software
2019-03-20 20:08 - 2019-03-21 20:28 - 000324721 _____ C:\WINDOWS\SysWOW64\rsslogs.20190320190708
2019-03-20 20:04 - 2019-03-20 20:04 - 000002363 _____ C:\WINDOWS\SysWOW64\rsslogs.20190320190313
2019-03-20 10:33 - 2019-03-20 10:33 - 000082692 _____ C:\WINDOWS\SysWOW64\rsslogs.20190320093252
2019-03-19 19:55 - 2019-03-19 19:55 - 000207743 _____ C:\WINDOWS\SysWOW64\rsslogs.20190319185430
2019-03-19 10:22 - 2019-03-19 10:22 - 000172492 _____ C:\WINDOWS\SysWOW64\rsslogs.20190319092153
2019-03-19 02:02 - 2019-03-19 02:02 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-03-18 20:10 - 2019-03-18 20:10 - 000138150 _____ C:\WINDOWS\SysWOW64\rsslogs.20190318190907
2019-03-18 11:01 - 2019-03-18 11:01 - 000092149 _____ C:\WINDOWS\SysWOW64\rsslogs.20190318100040
2019-03-18 02:43 - 2019-03-18 02:43 - 000150025 _____ C:\WINDOWS\SysWOW64\rsslogs.20190318014249
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-04-17 21:56 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-17 21:54 - 2019-01-07 15:49 - 000050064 _____ C:\Users\JP\Desktop\Coord.odt
2019-04-17 21:34 - 2018-05-23 17:27 - 000004290 _____ C:\WINDOWS\System32\Tasks\IQOptionUpdateTask
2019-04-17 21:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-04-17 21:24 - 2018-11-19 18:47 - 000000000 ___HD C:\Users\JP\Desktop\.tmp.drivedownload
2019-04-17 21:09 - 2018-05-23 16:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-17 18:46 - 2017-10-29 19:24 - 000000000 ____D C:\Program Files (x86)\IQ Option
2019-04-17 09:52 - 2018-11-19 14:49 - 000000000 ___RD C:\Users\JP\Google Drive
2019-04-17 09:52 - 2018-05-23 17:08 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-17 09:52 - 2018-04-12 18:18 - 000791028 _____ C:\WINDOWS\system32\perfh00C.dat
2019-04-17 09:52 - 2018-04-12 18:18 - 000149524 _____ C:\WINDOWS\system32\perfc00C.dat
2019-04-17 09:52 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-17 09:49 - 2016-11-21 19:34 - 000000000 ____D C:\Users\JP\AppData\LocalLow\Mozilla
2019-04-17 09:49 - 2014-05-09 22:03 - 000000000 ____D C:\Users\JP\AppData\Local\CrashDumps
2019-04-17 09:46 - 2016-01-12 17:05 - 000000000 ____D C:\Users\JP\AppData\Local\HTC MediaHub
2019-04-17 09:45 - 2018-05-23 17:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-17 09:44 - 2018-05-23 16:49 - 000000000 ____D C:\Users\JP
2019-04-17 09:44 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-04-17 09:44 - 2017-07-16 22:14 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-04-17 02:56 - 2019-03-06 15:58 - 000000000 ____D C:\Users\JP\Desktop\Poursar
2019-04-17 00:59 - 2015-06-06 21:29 - 000000000 ____D C:\Users\JP\Desktop\Films
2019-04-17 00:29 - 2019-02-23 12:31 - 000000000 ____D C:\Users\JP\Desktop\Pour xxxx
2019-04-16 22:21 - 2015-01-27 12:39 - 000000000 ____D C:\Users\JP\Desktop\Stick 2014
2019-04-16 20:54 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-04-16 17:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-16 15:17 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-16 15:11 - 2018-05-13 10:17 - 000000000 ____D C:\Users\JP\Desktop\Aude
2019-04-15 00:49 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-04-15 00:14 - 2018-05-23 17:27 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-04-13 02:07 - 2014-05-29 22:37 - 000000000 ____D C:\stock
2019-04-12 10:43 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-11 19:32 - 2014-05-09 21:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-11 18:41 - 2014-08-17 22:47 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-11 18:24 - 2015-02-27 03:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-09 19:35 - 2018-10-03 10:27 - 000000000 ____D C:\Users\JP\Desktop\Annonces
2019-04-09 18:38 - 2017-06-27 17:01 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-09 13:58 - 2018-05-23 17:27 - 000004752 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-09 13:58 - 2018-05-23 17:27 - 000004558 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2019-04-09 13:58 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-04-09 13:57 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-04-08 23:46 - 2018-03-01 20:22 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-07 17:53 - 2014-05-09 18:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2019-04-05 18:13 - 2018-11-17 12:07 - 000000000 ____D C:\Program Files\rempl
2019-04-04 14:17 - 2018-05-27 02:12 - 000000000 ____D C:\WINDOWS\Minidump
2019-04-04 11:37 - 2014-06-13 00:58 - 000000000 ____D C:\Users\JP\AppData\Local\ElevatedDiagnostics
2019-04-04 11:01 - 2017-10-23 02:12 - 000000000 ____D C:\Users\JP\AppData\Local\Packages
2019-04-02 00:12 - 2018-05-23 17:27 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3417960555-3109201405-1528020211-1001
2019-04-02 00:12 - 2018-05-23 16:49 - 000002408 _____ C:\Users\JP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-02 00:12 - 2014-05-10 01:49 - 000000000 ___RD C:\Users\JP\OneDrive
2019-04-01 19:51 - 2018-04-12 01:41 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-04-12 01:41 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-01 16:05 - 2018-01-20 18:48 - 000000000 ____D C:\Users\JP\Desktop\Amenagement St Georges
2019-03-30 15:12 - 2018-11-19 17:40 - 000000000 ___HD C:\Users\JP\Documents\.tmp.drivedownload
2019-03-28 14:09 - 2018-05-23 17:27 - 000003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 14:09 - 2018-05-23 17:27 - 000003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 11:11 - 2018-07-15 18:29 - 000000438 _____ C:\WINDOWS\system32\Drivers\etc\hosts.ics
2019-03-20 02:44 - 2015-08-20 09:07 - 000000000 ____D C:\Users\JP\AppData\Local\Comms
2019-03-19 02:02 - 2014-05-10 01:35 - 000000000 ____D C:\Program Files (x86)\Google
2019-03-18 11:03 - 2019-03-16 11:05 - 000000000 ____D C:\Users\JP\Desktop\construction nouvelle
==================== Fichiers à la racine de certains dossiers =======
2016-12-02 18:35 - 2016-12-02 18:36 - 016511029 _____ () C:\Program Files (x86)\Quick Access_PackardBell_1.01.3023_W10x64_A.zip
2019-03-08 02:42 - 2019-03-08 02:42 - 000003584 _____ () C:\Users\JP\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-22 15:25 - 2016-02-22 15:27 - 000007605 _____ () C:\Users\JP\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dllhost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-05-23 16:41
==================== Fin de FRST.txt ============================