Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-09-2019 01
Exécuté par GUERRA Dominique (administrateur) sur I (Acer Aspire XC-704) (18-09-2019 21:41:37)
Exécuté depuis C:\Users\GUERRA Dominique\Desktop
Profils chargés: GUERRA Dominique (Profils disponibles: GUERRA Dominique)
Platform: Windows 10 Home Version 1803 17134.950 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveUI.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Amazon Services LLC -> ) C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(CyberLink Corp. -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dashlane -> Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-07] (Acer Incorporated -> )
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Fichier non signé]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [] => [X]
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4038688 2019-07-19] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {29A34002-9BBD-4DC8-9CC7-E928C2FA7A59} - System32\Tasks\AcerDriveUpdateChecker => C:\Program Files (x86)\Acer\Acer Drive\CheckUpdate.exe [24416 2015-08-05] (Acer Incorporated -> Acer Incorporated)
Task: {333EDE83-3117-4FB7-A2C9-8123698D195F} - System32\Tasks\pecokukot\{3BE6C5CD-8FDF-1D77-769F-1ADC783BAC59} => C:\Users\GUERRA~1\AppData\Local\PECEME~1\PECOKU~1.EXE <==== ATTENTION
Task: {39F9120D-FD21-477D-B86C-351D248EEC99} - System32\Tasks\AcerDriveTrayLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe [598880 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {4901B38C-2C21-4291-B3C6-E81678FD81BE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757472 2019-09-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {5BBD01AC-9294-4DAA-9107-28D24CA5B5D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {62E51314-1B06-42C3-BB6A-5304B8BF5FED} - System32\Tasks\AcerDriveProxyLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe [2290016 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {7A39372F-EB7C-435C-8DCD-94B563FE3B31} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C74267-172B-4E51-9752-1D8566CC3B44} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-07] (Acer Incorporated -> Acer)
Task: {8F35D0C4-32AD-4255-A5CB-2C4F9284D50A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {948055BF-F228-44BD-A9C2-72F3A8CD1D18} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {AF91C991-7EDF-4364-BCA5-AA9CD02F9740} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-09] (Acer Incorporated -> Acer Incorporated)
Task: {CEA9C193-335C-4665-8926-92E62BACAE21} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {EF603418-C23A-4F51-A357-CD559C03B4F7} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2018-05-28] (Acer Incorporated -> )
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6b86f653-8e8e-4393-8da7-a1e30b609e7d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8142e943-ba33-482b-a08e-a6827f1e0c3c}: [DhcpNameServer] 10.1.93.93 10.1.93.52
Tcpip\..\Interfaces\{c18e4081-1f2d-49ec-aafc-726890b638e0}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbbXRLGIncbgiXy%2B0EWIhDVl%2FSy1LwImsiRWxI%2FDhZl1UReM7fghhOoPxUSTZJ0fkAcGG8qAehE3i0Q7HnwoIq3AyQrmPf8%2BQk57UHnJKL%2FCIp2tnVj44mfjiAQh%2BJiDUlyYMU7D7vHcfO5lrGWEwRlGSH%2Bt%2F3p5%2BEyo1wtg17WkyVLXlBtIO7VGKAtiX0lTeRE7LzH0E8vn7XulTRxy8vFJffg4BF5W5%2Bq8HwVvdmESw9Nsry315nG9X3yG94Cd6uTgxJ%2F3v4tpRZc4Xbd3N%2BkRd70RpbtsaE78T%2FuYbLobTC%2BBY%2BIkRCOLgcpWtpZpNOQ%3D%3D
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> DefaultScope {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbbhqqK1UU2Fmvyz2gLlVAoJ%2FL1jAz0ZXyyvqEbVolBN%2B9%2FzbCDEz3%2FOeTJwkOM3kc3FEeF6Z3sgp1uZ%2B82D0oavV6U8jKIY6lGG18WLbszGCSaYUiZ%2FX4uNI46OMMYYl0Pl1LF92rzZsKRAqQJ0NQb3gU8bJS%2B8MwEi02thxgs5W4i%2Bl4mKHFHkBpYbUu7lA5vID8RcB5cn7n3dDaWNj%2BMZdCD%2F4S8HlIl6%2FVaKn2iud5yOwdiSGYna1nkpqlDl6DsWEGFLVig7wxh2siAS25R84pMTASCNtSHdlnyd%2BOfItVUxKLjmYeGoTmK3ftApuwg%3D%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbbhqqK1UU2Fmvyz2gLlVAoJ%2FL1jAz0ZXyyvqEbVolBN%2B9%2FzbCDEz3%2FOeTJwkOM3kc3FEeF6Z3sgp1uZ%2B82D0oavV6U8jKIY6lGG18WLbszGCSaYUiZ%2FX4uNI46OMMYYl0Pl1LF92rzZsKRAqQJ0NQb3gU8bJS%2B8MwEi02thxgs5W4i%2Bl4mKHFHkBpYbUu7lA5vID8RcB5cn7n3dDaWNj%2BMZdCD%2F4S8HlIl6%2FVaKn2iud5yOwdiSGYna1nkpqlDl6DsWEGFLVig7wxh2siAS25R84pMTASCNtSHdlnyd%2BOfItVUxKLjmYeGoTmK3ftApuwg%3D%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {8A325BFC-729B-49F3-A04E-14FBA5BBE286} URL =
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbWtMLj%2FrpDwT6%2BGxdg4TirZvm5ODeR88s%2F3oCAqOsE9vNvg24i7ZzRYGJcBcsU466cYW5GltizIVux%2FNI1W9ns9h5bBtqkqTHmz5uO4op%2FZQttoFKD9qUe8NksoLSvfdJ9wo8XLvlaVgFoT5MwWVRDDWGH30VelJLekMKX%2FximG5kZ9a%2F43RozBoVM4ibkgDCBZTBZlyI4xRfbqmD16xpk8hFAUnHThcvz6aHuBahCBlkLB5qo2S2IMKQaReHXWSmYGUp33X84oz%2F%2BCLHoM9L7eFyRC4JOL4hC%2FpaZ0VjGp%2BDuVqLSrVNy%2B53ShtOSo2Cw%3D%3D
FireFox:
========
FF DefaultProfile: bkyv5laf.default-1568478271159
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159 [2019-09-18]
FF DownloadDir: C:\Users\GUERRA Dominique\Desktop\telechargements
FF Homepage: Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159 -> www.google.fr
FF Extension: (French spelling dictionary) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2019-09-14]
FF Extension: (Français Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-09-14]
FF Extension: (uBlock Origin) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159\Extensions\uBlock0@raymondhill.net.xpi [2019-09-17]
FF Extension: (Français Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org [2019-09-07] [Legacy] [non signé]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2018-02-22] (Amazon Services LLC -> )
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535360 2019-09-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860248 2015-09-30] (Acer Incorporated -> Acer Incorporated)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [75056 2015-06-25] (Dashlane -> Dashlane SAS)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2019-06-14] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Fichier non signé]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-10-08] (CyberLink Corp. -> )
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970752 2018-03-10] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [286208 2018-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1590576 2019-09-17] (WildTangent Inc -> )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-08-27] (Malwarebytes Corporation -> Malwarebytes)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7408072 2019-06-14] (Intel(R) pGFX -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [225944 2019-09-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-09-18 21:41 - 2019-09-18 21:44 - 000022048 _____ C:\Users\GUERRA Dominique\Desktop\FRST.txt
2019-09-18 21:41 - 2019-09-18 21:41 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\FRST-OlderVersion
2019-09-18 21:30 - 2019-09-18 21:30 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-18 21:30 - 2019-09-18 21:30 - 000225944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-18 21:30 - 2019-09-18 21:30 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-18 21:30 - 2019-09-18 21:30 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-18 13:18 - 2019-09-18 13:18 - 000079481 _____ C:\Users\GUERRA Dominique\Desktop\compte rendu analyse MAM 18 09 19-1.txt
2019-09-18 12:56 - 2019-09-18 20:55 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-18 12:56 - 2019-09-18 20:55 - 000002104 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-18 12:56 - 2019-09-18 12:56 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\mbamtray
2019-09-18 12:56 - 2019-09-18 12:56 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\mbam
2019-09-18 12:56 - 2019-09-18 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-18 12:56 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-18 12:55 - 2019-09-18 12:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-18 12:55 - 2019-09-18 12:55 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-18 12:55 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-18 12:49 - 2019-09-18 11:31 - 066495960 _____ (Malwarebytes ) C:\Users\GUERRA Dominique\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.625-1.0.12519.exe
2019-09-18 11:30 - 2019-09-18 11:36 - 000013777 _____ C:\Users\GUERRA Dominique\Desktop\Fixlog.txt
2019-09-18 11:16 - 2019-09-18 11:14 - 000005020 _____ C:\Users\GUERRA Dominique\Desktop\372760zp.txt
2019-09-17 21:26 - 2019-09-18 21:41 - 000000000 ____D C:\FRST
2019-09-17 21:25 - 2019-09-18 21:41 - 001615360 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe
2019-09-17 21:21 - 2019-09-18 20:55 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-09-17 21:20 - 2019-09-18 20:55 - 000257404 _____ C:\WINDOWS\ntbtlog.txt
2019-09-17 12:18 - 2019-09-17 12:18 - 000000000 ____D C:\AdwCleaner
2019-09-17 10:39 - 2019-09-17 10:37 - 007622344 _____ (Malwarebytes) C:\Users\GUERRA Dominique\Desktop\adwcleaner_7.4.1.exe
2019-09-16 14:38 - 2019-09-16 14:35 - 003041664 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPDiag3.exe
2019-09-16 14:33 - 2019-09-18 13:29 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\telechargements
2019-09-14 18:36 - 2019-09-14 18:36 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\GUERRA Dominique\Downloads\iExplore.exe
2019-09-14 16:52 - 2019-09-16 15:21 - 000000135 _____ C:\Users\GUERRA
2019-09-14 16:48 - 2019-09-14 16:48 - 003041664 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe
2019-09-14 13:17 - 2019-09-14 13:17 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-14 13:17 - 2019-09-14 13:17 - 000000000 _____ C:\WINDOWS\Minidump\091419-19578-01.dmp
2019-09-14 12:00 - 2019-09-16 15:22 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\ZHP
2019-09-14 12:00 - 2019-09-14 16:50 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ZHP
2019-09-14 11:58 - 2019-09-14 11:59 - 003127168 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe
2019-09-12 20:36 - 2019-09-12 21:02 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\102_PANA
2019-09-11 22:16 - 2019-09-11 22:16 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\TempWerEtw-3610256992
2019-09-11 21:07 - 2019-09-11 21:07 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier mercredi 3 juillet journee(3)
2019-09-11 18:58 - 2019-09-11 18:59 - 000087988 _____ C:\Users\GUERRA Dominique\Documents\cc_20190911_185812.reg
2019-09-09 21:22 - 2019-09-09 21:24 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\ccsetup561
2019-09-09 21:22 - 2019-09-09 21:22 - 000000000 ____D C:\Users\GUERRA Dominique\Downloads\ccsetup561
2019-09-09 21:20 - 2019-09-09 21:21 - 019760191 _____ C:\Users\GUERRA Dominique\Downloads\ccsetup561.zip
2019-09-08 10:21 - 2019-09-08 21:11 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\photo
2019-09-07 23:28 - 2019-09-07 23:28 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\HP
2019-09-07 21:31 - 2019-09-12 09:44 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\dominique
2019-09-07 15:40 - 2019-09-14 13:32 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2019-09-07 14:38 - 2019-09-07 14:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-09-07 14:31 - 2015-07-16 06:27 - 000002186 _____ C:\Users\GUERRA Dominique\Documents\abFiles.lnk
2019-09-07 14:30 - 2019-09-07 12:26 - 000000523 _____ C:\Users\GUERRA Dominique\Documents\Disque local (D) - Raccourci.lnk
2019-09-07 14:30 - 2019-09-04 11:37 - 000000969 _____ C:\Users\GUERRA Dominique\Documents\DMC-FZ200 - Raccourci (2).lnk
2019-09-07 14:30 - 2019-07-25 21:32 - 000000969 _____ C:\Users\GUERRA Dominique\Documents\DMC-FZ200 - Raccourci.lnk
2019-09-07 14:27 - 2019-09-07 12:25 - 000001175 _____ C:\Users\GUERRA Dominique\Documents\OpenOffice 4.1.6 (fr) Installation Files - Raccourci.lnk
2019-09-07 14:26 - 2019-09-07 12:26 - 000000359 _____ C:\Users\GUERRA Dominique\Documents\Corbeille - Raccourci.lnk
2019-09-07 14:26 - 2019-09-07 12:26 - 000000287 _____ C:\Users\GUERRA Dominique\Documents\F - Raccourci.lnk
2019-09-07 14:26 - 2012-10-11 22:28 - 007165724 ____R C:\Users\GUERRA Dominique\Documents\guideFRE - Copie (2).pdf
2019-09-07 14:16 - 2019-09-07 14:16 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\OpenOffice
2019-09-07 12:26 - 2019-09-07 12:26 - 000001362 _____ C:\Users\GUERRA Dominique\Desktop\Nouveau dossier mercredi 3 juillet journee(2) - Raccourci ().lnk
2019-09-07 12:26 - 2019-09-07 12:26 - 000000961 _____ C:\Users\GUERRA Dominique\Desktop\101_PANA - Raccourci (2).lnk
2019-09-07 12:26 - 2019-09-07 12:26 - 000000816 _____ C:\Users\GUERRA Dominique\Desktop\Documents - Raccourci.lnk
2019-09-07 12:25 - 2019-09-07 12:25 - 000000784 _____ C:\Users\GUERRA Dominique\Downloads\Bureau - Raccourci.lnk
2019-09-07 12:18 - 2019-09-07 12:20 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6
2019-09-07 12:15 - 2019-09-07 12:17 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-09-05 18:06 - 2019-09-07 11:19 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\D3DSCache
2019-09-05 11:14 - 2019-09-05 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Hotspot Shield
2019-09-05 11:00 - 2019-09-05 11:00 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2019-09-05 11:00 - 2019-09-05 11:00 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2019-09-05 11:00 - 2019-09-05 11:00 - 000000000 ___RD C:\WINDOWS\WebManagement
2019-09-05 10:57 - 2018-04-11 03:45 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationREST.dll
2019-09-05 10:57 - 2018-04-10 21:09 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdPinAuthLsa.dll
2019-09-05 10:57 - 2018-04-10 21:09 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll
2019-09-05 10:57 - 2018-04-10 21:09 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll
2019-09-05 10:57 - 2018-04-10 21:08 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdp.dll
2019-09-05 10:57 - 2018-04-10 21:08 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdBroker.dll
2019-09-05 10:57 - 2018-04-10 21:08 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe
2019-09-05 10:57 - 2018-04-10 21:08 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll
2019-09-05 10:57 - 2018-04-10 21:07 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll
2019-09-05 10:57 - 2018-04-10 21:06 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll
2019-09-05 10:57 - 2018-04-10 21:05 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
2019-09-05 10:57 - 2018-04-10 21:05 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll
2019-09-05 10:49 - 2019-09-05 10:49 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ElevatedDiagnostics
2019-09-04 11:37 - 2019-09-04 11:37 - 000000969 _____ C:\Users\GUERRA Dominique\Desktop\DMC-FZ200 - Raccourci (2).lnk
2019-09-04 11:20 - 2012-10-11 22:28 - 007165724 ____R C:\Users\GUERRA Dominique\Desktop\guideFRE - Copie (2).pdf
2019-09-04 10:06 - 2019-09-04 10:07 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\100NIKON
2019-09-03 18:52 - 2019-09-18 10:46 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\CrashDumps
2019-09-02 21:21 - 2019-09-13 11:58 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-09-02 20:09 - 2019-09-18 13:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\pecokukot
2019-09-02 20:09 - 2019-09-09 19:12 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Pecemepef
2019-09-02 20:06 - 2019-09-18 13:29 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\{0BE43DB8-2F4C-5100-42D4-74E866BC8870}
2019-09-02 20:06 - 2019-09-02 20:06 - 000000000 ____D C:\Program Files\TAP-Windows
2019-09-02 20:04 - 2019-09-18 13:16 - 000000000 ____D C:\ProgramData\Segurazo
2019-09-02 20:04 - 2019-09-18 13:16 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-08-30 10:49 - 2019-09-04 10:32 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\101_PANA
2019-08-29 19:27 - 2019-08-29 19:27 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier (3)
2019-08-26 19:51 - 2019-08-28 19:47 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier (2)
2019-08-24 22:28 - 2019-08-24 22:28 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\WindSolutions
2019-08-24 22:28 - 2019-08-24 22:28 - 000000000 ____D C:\ProgramData\WindSolutions
2019-08-21 12:32 - 2019-08-21 12:32 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\DBG
2019-08-21 11:19 - 2019-08-21 11:19 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\CEF
2019-08-19 18:38 - 2019-08-19 22:06 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\19.08.19
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-09-18 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-18 21:31 - 2019-06-16 23:35 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\LocalLow\Mozilla
2019-09-18 21:30 - 2018-04-30 17:27 - 000000000 __SHD C:\Users\GUERRA Dominique\IntelGraphicsProfiles
2019-09-18 21:30 - 2018-04-30 16:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-09-18 21:29 - 2019-07-20 12:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-18 21:29 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-18 21:28 - 2019-07-20 12:51 - 000000000 ___HD C:\Users\GUERRA Dominique\MicrosoftEdgeBackups
2019-09-18 21:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-18 20:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Avira
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\Program Files (x86)\Avira
2019-09-18 13:29 - 2016-02-26 15:31 - 000000000 ____D C:\Program Files (x86)\Amazon
2019-09-18 13:29 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files\AVAST Software
2019-09-18 13:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-09-18 13:16 - 2018-11-10 20:26 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Mozilla
2019-09-18 13:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\registration
2019-09-18 13:15 - 2016-02-26 15:33 - 000000000 ____D C:\Program Files\Booking.COM
2019-09-18 12:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-18 12:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-18 12:49 - 2018-04-30 17:27 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Packages
2019-09-18 12:48 - 2019-07-20 12:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-18 12:40 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-18 12:30 - 2019-07-20 12:38 - 000000000 ____D C:\Users\GUERRA Dominique
2019-09-18 11:35 - 2019-04-16 19:23 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\LocalLow\Temp
2019-09-17 21:28 - 2016-02-26 15:21 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-16 15:27 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-14 17:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-13 15:01 - 2019-07-20 12:49 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2019-09-13 15:01 - 2019-07-20 12:49 - 000003852 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2019-09-13 15:01 - 2019-07-20 12:49 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4178424111-3086846748-1683071943-1001
2019-09-13 15:01 - 2019-07-20 12:49 - 000002820 _____ C:\WINDOWS\System32\Tasks\ACC
2019-09-13 15:01 - 2019-07-20 12:49 - 000002728 _____ C:\WINDOWS\System32\Tasks\AcerDriveProxyLauncher
2019-09-13 15:01 - 2019-07-20 12:49 - 000002566 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2019-09-13 15:01 - 2019-07-20 12:49 - 000002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2019-09-13 15:01 - 2019-07-20 12:49 - 000002548 _____ C:\WINDOWS\System32\Tasks\AcerDriveTrayLauncher
2019-09-13 15:01 - 2019-07-20 12:49 - 000002546 _____ C:\WINDOWS\System32\Tasks\AcerDriveUpdateChecker
2019-09-13 15:01 - 2019-07-20 12:49 - 000002534 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2019-09-13 15:01 - 2019-07-20 12:49 - 000002328 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2019-09-13 15:01 - 2019-07-20 12:49 - 000002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
2019-09-11 22:02 - 2019-07-20 12:49 - 000002134 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
2019-09-11 18:39 - 2019-07-17 19:46 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-07 23:33 - 2019-05-30 12:02 - 000001592 _____ C:\Users\GUERRA Dominique\Downloads\P1010548.JPG - Raccourci.lnk
2019-09-07 23:33 - 2019-05-30 12:02 - 000001592 _____ C:\Users\GUERRA Dominique\Downloads\P1010547.JPG - Raccourci.lnk
2019-09-07 23:33 - 2019-05-30 12:02 - 000001071 _____ C:\Users\GUERRA Dominique\Downloads\Parties enregistrées - Raccourci.lnk
2019-09-07 16:39 - 2015-07-16 06:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-07 14:42 - 2019-08-18 11:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2019-09-07 14:42 - 2015-07-16 06:20 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-07 14:12 - 2019-07-20 12:25 - 000277408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-07 13:15 - 2015-07-10 11:05 - 000000000 ____D C:\Users\Default.migrated
2019-09-05 11:00 - 2018-04-12 18:22 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-09-05 11:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SystemApps
2019-09-04 11:21 - 2019-07-19 19:34 - 000203440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-09-04 11:21 - 2019-07-19 19:34 - 000195648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2019-09-04 10:34 - 2019-07-22 21:33 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier
2019-09-04 09:44 - 2019-03-19 14:37 - 000000000 ___HD C:\$WINDOWS.~BT
2019-09-04 09:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-04 09:16 - 2019-07-20 12:48 - 000026673 _____ C:\WINDOWS\diagwrn.xml
2019-09-04 09:16 - 2019-07-20 12:48 - 000026673 _____ C:\WINDOWS\diagerr.xml
2019-09-03 21:46 - 2019-02-20 16:26 - 000000000 ___RD C:\Users\GUERRA Dominique\3D Objects
2019-09-03 20:50 - 2018-04-12 18:18 - 000789786 _____ C:\WINDOWS\system32\perfh00C.dat
2019-09-03 20:50 - 2018-04-12 18:18 - 000149318 _____ C:\WINDOWS\system32\perfc00C.dat
2019-09-03 20:50 - 2015-07-16 06:17 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-03 20:45 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-09-03 20:04 - 2019-07-20 12:50 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ConnectedDevicesPlatform
2019-08-30 10:20 - 2019-06-14 22:24 - 000000000 ____D C:\Program Files\rempl
2019-08-29 19:57 - 2019-07-20 17:58 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\PlaceholderTileLogoFolder
2019-08-29 19:28 - 2019-07-20 12:38 - 000002445 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-29 19:28 - 2018-04-30 17:32 - 000000000 ___RD C:\Users\GUERRA Dominique\OneDrive
2019-08-29 19:10 - 2019-05-30 10:32 - 000000000 ___RD C:\Users\GUERRA Dominique\Documents\Scanned Documents
2019-08-29 12:30 - 2015-07-16 06:19 - 000000000 ____D C:\ProgramData\WildTangent
2019-08-24 21:54 - 2019-08-18 11:10 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\tauves
2019-08-22 22:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-08-21 11:19 - 2015-07-16 06:19 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-08-21 11:19 - 2015-07-16 06:19 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
==================== SigCheck ===============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ============================
Exécuté par GUERRA Dominique (administrateur) sur I (Acer Aspire XC-704) (18-09-2019 21:41:37)
Exécuté depuis C:\Users\GUERRA Dominique\Desktop
Profils chargés: GUERRA Dominique (Profils disponibles: GUERRA Dominique)
Platform: Windows 10 Home Version 1803 17134.950 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
() [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Acer Incorporated -> ) C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated -> Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\Acer Drive\AcerDriveUI.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated -> Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Amazon Services LLC -> ) C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe
(CyberLink Corp. -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dashlane -> Dashlane SAS) C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mshta.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [92928 2015-05-07] (Acer Incorporated -> )
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Fichier non signé]
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Run: [] => [X]
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\...\Winlogon: [Shell] C:\WINDOWS\explorer.exe [4038688 2019-07-19] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION
Lsa: [Authentication Packages] msv1_0 SshdPinAuthLsa
==================== Tâches planifiées (Avec liste blanche) =============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {29A34002-9BBD-4DC8-9CC7-E928C2FA7A59} - System32\Tasks\AcerDriveUpdateChecker => C:\Program Files (x86)\Acer\Acer Drive\CheckUpdate.exe [24416 2015-08-05] (Acer Incorporated -> Acer Incorporated)
Task: {333EDE83-3117-4FB7-A2C9-8123698D195F} - System32\Tasks\pecokukot\{3BE6C5CD-8FDF-1D77-769F-1ADC783BAC59} => C:\Users\GUERRA~1\AppData\Local\PECEME~1\PECOKU~1.EXE <==== ATTENTION
Task: {39F9120D-FD21-477D-B86C-351D248EEC99} - System32\Tasks\AcerDriveTrayLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveTray.exe [598880 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {4901B38C-2C21-4291-B3C6-E81678FD81BE} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2757472 2019-09-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {5BBD01AC-9294-4DAA-9107-28D24CA5B5D5} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [4696880 2018-05-28] (Acer Incorporated -> )
Task: {62E51314-1B06-42C3-BB6A-5304B8BF5FED} - System32\Tasks\AcerDriveProxyLauncher => C:\Program Files (x86)\Acer\Acer Drive\AcerDriveProxy.exe [2290016 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [40288 2015-07-10] (Acer Incorporated -> )
Task: {7A39372F-EB7C-435C-8DCD-94B563FE3B31} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [989864 2015-03-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {84C74267-172B-4E51-9752-1D8566CC3B44} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2574080 2015-05-07] (Acer Incorporated -> Acer)
Task: {8F35D0C4-32AD-4255-A5CB-2C4F9284D50A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {948055BF-F228-44BD-A9C2-72F3A8CD1D18} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [30976 2015-05-14] (Acer Incorporated -> )
Task: {AF91C991-7EDF-4364-BCA5-AA9CD02F9740} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [379232 2015-07-09] (Acer Incorporated -> Acer Incorporated)
Task: {CEA9C193-335C-4665-8926-92E62BACAE21} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [65752 2015-09-30] (Acer Incorporated -> Acer Incorporated)
Task: {EF603418-C23A-4F51-A357-CD559C03B4F7} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2920752 2018-05-28] (Acer Incorporated -> )
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6b86f653-8e8e-4393-8da7-a1e30b609e7d}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8142e943-ba33-482b-a08e-a6827f1e0c3c}: [DhcpNameServer] 10.1.93.93 10.1.93.52
Tcpip\..\Interfaces\{c18e4081-1f2d-49ec-aafc-726890b638e0}: [DhcpNameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbbXRLGIncbgiXy%2B0EWIhDVl%2FSy1LwImsiRWxI%2FDhZl1UReM7fghhOoPxUSTZJ0fkAcGG8qAehE3i0Q7HnwoIq3AyQrmPf8%2BQk57UHnJKL%2FCIp2tnVj44mfjiAQh%2BJiDUlyYMU7D7vHcfO5lrGWEwRlGSH%2Bt%2F3p5%2BEyo1wtg17WkyVLXlBtIO7VGKAtiX0lTeRE7LzH0E8vn7XulTRxy8vFJffg4BF5W5%2Bq8HwVvdmESw9Nsry315nG9X3yG94Cd6uTgxJ%2F3v4tpRZc4Xbd3N%2BkRd70RpbtsaE78T%2FuYbLobTC%2BBY%2BIkRCOLgcpWtpZpNOQ%3D%3D
HKU\S-1-5-21-4178424111-3086846748-1683071943-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKLM -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL =
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {38C138C3-8A17-4C5F-8F12-AAAB7425B86E} URL =
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> DefaultScope {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbbhqqK1UU2Fmvyz2gLlVAoJ%2FL1jAz0ZXyyvqEbVolBN%2B9%2FzbCDEz3%2FOeTJwkOM3kc3FEeF6Z3sgp1uZ%2B82D0oavV6U8jKIY6lGG18WLbszGCSaYUiZ%2FX4uNI46OMMYYl0Pl1LF92rzZsKRAqQJ0NQb3gU8bJS%2B8MwEi02thxgs5W4i%2Bl4mKHFHkBpYbUu7lA5vID8RcB5cn7n3dDaWNj%2BMZdCD%2F4S8HlIl6%2FVaKn2iud5yOwdiSGYna1nkpqlDl6DsWEGFLVig7wxh2siAS25R84pMTASCNtSHdlnyd%2BOfItVUxKLjmYeGoTmK3ftApuwg%3D%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {80325BFC-729B-49F3-A04E-14FBA5BBE286} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbbhqqK1UU2Fmvyz2gLlVAoJ%2FL1jAz0ZXyyvqEbVolBN%2B9%2FzbCDEz3%2FOeTJwkOM3kc3FEeF6Z3sgp1uZ%2B82D0oavV6U8jKIY6lGG18WLbszGCSaYUiZ%2FX4uNI46OMMYYl0Pl1LF92rzZsKRAqQJ0NQb3gU8bJS%2B8MwEi02thxgs5W4i%2Bl4mKHFHkBpYbUu7lA5vID8RcB5cn7n3dDaWNj%2BMZdCD%2F4S8HlIl6%2FVaKn2iud5yOwdiSGYna1nkpqlDl6DsWEGFLVig7wxh2siAS25R84pMTASCNtSHdlnyd%2BOfItVUxKLjmYeGoTmK3ftApuwg%3D%3D&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {8A325BFC-729B-49F3-A04E-14FBA5BBE286} URL =
SearchScopes: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-4178424111-3086846748-1683071943-1001 -> hxxps://fr.search.yahoo.com/yhs/web?hspart=omr&hsimp=yhs-001&type=87aeuhewiom1bdfhjlntz65m003619¶m1=y6bdVFVIsvuYsgEClQfz8BEHyfjxxjkHQamhIz6yP8A%2Fe7Qq4DIbtb%2BQ7CgSQNTQDBPAIA6ColjFL0X5pffjbWtMLj%2FrpDwT6%2BGxdg4TirZvm5ODeR88s%2F3oCAqOsE9vNvg24i7ZzRYGJcBcsU466cYW5GltizIVux%2FNI1W9ns9h5bBtqkqTHmz5uO4op%2FZQttoFKD9qUe8NksoLSvfdJ9wo8XLvlaVgFoT5MwWVRDDWGH30VelJLekMKX%2FximG5kZ9a%2F43RozBoVM4ibkgDCBZTBZlyI4xRfbqmD16xpk8hFAUnHThcvz6aHuBahCBlkLB5qo2S2IMKQaReHXWSmYGUp33X84oz%2F%2BCLHoM9L7eFyRC4JOL4hC%2FpaZ0VjGp%2BDuVqLSrVNy%2B53ShtOSo2Cw%3D%3D
FireFox:
========
FF DefaultProfile: bkyv5laf.default-1568478271159
FF ProfilePath: C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159 [2019-09-18]
FF DownloadDir: C:\Users\GUERRA Dominique\Desktop\telechargements
FF Homepage: Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159 -> www.google.fr
FF Extension: (French spelling dictionary) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159\Extensions\fr-dicollecte@dictionaries.addons.mozilla.org.xpi [2019-09-14]
FF Extension: (Français Language Pack) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159\Extensions\langpack-fr@firefox.mozilla.org.xpi [2019-09-14]
FF Extension: (uBlock Origin) - C:\Users\GUERRA Dominique\AppData\Roaming\Mozilla\Firefox\Profiles\bkyv5laf.default-1568478271159\Extensions\uBlock0@raymondhill.net.xpi [2019-09-17]
FF Extension: (Français Language Pack) - C:\Program Files (x86)\Mozilla Firefox\distribution\extensions\langpack-fr@firefox.mozilla.org [2019-09-07] [Legacy] [non signé]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [Pas de fichier]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [105136 2018-02-22] (Amazon Services LLC -> )
R2 AntivirProtectedService; C:\Program Files (x86)\Avira\Antivirus\ProtectedService.exe [535360 2019-09-04] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860248 2015-09-30] (Acer Incorporated -> Acer Incorporated)
R2 Dashlane Upgrade Service; C:\Program Files (x86)\Dashlane\Upgrade\DashlaneUpgradeService.exe [75056 2015-06-25] (Dashlane -> Dashlane SAS)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2019-06-14] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Fichier non signé]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated -> Acer Incorporated)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-10-08] (CyberLink Corp. -> )
S3 sshd; C:\WINDOWS\System32\OpenSSH\sshd.exe [970752 2018-03-10] (Microsoft Windows -> )
S3 SshdBroker; C:\WINDOWS\System32\SshdBroker.dll [286208 2018-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (Acer Incorporated -> acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1590576 2019-09-17] (WildTangent Inc -> )
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-07-19] (Microsoft Corporation -> Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [78936 2019-06-07] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S0 avelam; C:\WINDOWS\System32\drivers\avelam.sys [22336 2019-03-20] (Microsoft Windows Early Launch Anti-malware Publisher -> Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [45472 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-08-27] (Malwarebytes Corporation -> Malwarebytes)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7408072 2019-06-14] (Intel(R) pGFX -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [225944 2019-09-18] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-09-18] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
U3 aswbdisk; pas de ImagePath
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-09-18 21:41 - 2019-09-18 21:44 - 000022048 _____ C:\Users\GUERRA Dominique\Desktop\FRST.txt
2019-09-18 21:41 - 2019-09-18 21:41 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\FRST-OlderVersion
2019-09-18 21:30 - 2019-09-18 21:30 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-18 21:30 - 2019-09-18 21:30 - 000225944 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-09-18 21:30 - 2019-09-18 21:30 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-09-18 21:30 - 2019-09-18 21:30 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-09-18 13:18 - 2019-09-18 13:18 - 000079481 _____ C:\Users\GUERRA Dominique\Desktop\compte rendu analyse MAM 18 09 19-1.txt
2019-09-18 12:56 - 2019-09-18 20:55 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-09-18 12:56 - 2019-09-18 20:55 - 000002104 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-09-18 12:56 - 2019-09-18 12:56 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\mbamtray
2019-09-18 12:56 - 2019-09-18 12:56 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\mbam
2019-09-18 12:56 - 2019-09-18 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-09-18 12:56 - 2019-06-26 13:00 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-09-18 12:55 - 2019-09-18 12:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-09-18 12:55 - 2019-09-18 12:55 - 000000000 ____D C:\Program Files\Malwarebytes
2019-09-18 12:55 - 2019-08-27 05:50 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-09-18 12:49 - 2019-09-18 11:31 - 066495960 _____ (Malwarebytes ) C:\Users\GUERRA Dominique\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.625-1.0.12519.exe
2019-09-18 11:30 - 2019-09-18 11:36 - 000013777 _____ C:\Users\GUERRA Dominique\Desktop\Fixlog.txt
2019-09-18 11:16 - 2019-09-18 11:14 - 000005020 _____ C:\Users\GUERRA Dominique\Desktop\372760zp.txt
2019-09-17 21:26 - 2019-09-18 21:41 - 000000000 ____D C:\FRST
2019-09-17 21:25 - 2019-09-18 21:41 - 001615360 _____ (Farbar) C:\Users\GUERRA Dominique\Desktop\FRST64.exe
2019-09-17 21:21 - 2019-09-18 20:55 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-09-17 21:20 - 2019-09-18 20:55 - 000257404 _____ C:\WINDOWS\ntbtlog.txt
2019-09-17 12:18 - 2019-09-17 12:18 - 000000000 ____D C:\AdwCleaner
2019-09-17 10:39 - 2019-09-17 10:37 - 007622344 _____ (Malwarebytes) C:\Users\GUERRA Dominique\Desktop\adwcleaner_7.4.1.exe
2019-09-16 14:38 - 2019-09-16 14:35 - 003041664 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Desktop\ZHPDiag3.exe
2019-09-16 14:33 - 2019-09-18 13:29 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\telechargements
2019-09-14 18:36 - 2019-09-14 18:36 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\GUERRA Dominique\Downloads\iExplore.exe
2019-09-14 16:52 - 2019-09-16 15:21 - 000000135 _____ C:\Users\GUERRA
2019-09-14 16:48 - 2019-09-14 16:48 - 003041664 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPDiag3.exe
2019-09-14 13:17 - 2019-09-14 13:17 - 000000000 ____D C:\WINDOWS\Minidump
2019-09-14 13:17 - 2019-09-14 13:17 - 000000000 _____ C:\WINDOWS\Minidump\091419-19578-01.dmp
2019-09-14 12:00 - 2019-09-16 15:22 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\ZHP
2019-09-14 12:00 - 2019-09-14 16:50 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ZHP
2019-09-14 11:58 - 2019-09-14 11:59 - 003127168 _____ (Nicolas Coolman) C:\Users\GUERRA Dominique\Downloads\ZHPCleaner.exe
2019-09-12 20:36 - 2019-09-12 21:02 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\102_PANA
2019-09-11 22:16 - 2019-09-11 22:16 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\TempWerEtw-3610256992
2019-09-11 21:07 - 2019-09-11 21:07 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier mercredi 3 juillet journee(3)
2019-09-11 18:58 - 2019-09-11 18:59 - 000087988 _____ C:\Users\GUERRA Dominique\Documents\cc_20190911_185812.reg
2019-09-09 21:22 - 2019-09-09 21:24 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\ccsetup561
2019-09-09 21:22 - 2019-09-09 21:22 - 000000000 ____D C:\Users\GUERRA Dominique\Downloads\ccsetup561
2019-09-09 21:20 - 2019-09-09 21:21 - 019760191 _____ C:\Users\GUERRA Dominique\Downloads\ccsetup561.zip
2019-09-08 10:21 - 2019-09-08 21:11 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\photo
2019-09-07 23:28 - 2019-09-07 23:28 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\HP
2019-09-07 21:31 - 2019-09-12 09:44 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\dominique
2019-09-07 15:40 - 2019-09-14 13:32 - 000000000 ____D C:\WINDOWS\system32\%LOCALAPPDATA%
2019-09-07 14:38 - 2019-09-07 14:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-09-07 14:31 - 2015-07-16 06:27 - 000002186 _____ C:\Users\GUERRA Dominique\Documents\abFiles.lnk
2019-09-07 14:30 - 2019-09-07 12:26 - 000000523 _____ C:\Users\GUERRA Dominique\Documents\Disque local (D) - Raccourci.lnk
2019-09-07 14:30 - 2019-09-04 11:37 - 000000969 _____ C:\Users\GUERRA Dominique\Documents\DMC-FZ200 - Raccourci (2).lnk
2019-09-07 14:30 - 2019-07-25 21:32 - 000000969 _____ C:\Users\GUERRA Dominique\Documents\DMC-FZ200 - Raccourci.lnk
2019-09-07 14:27 - 2019-09-07 12:25 - 000001175 _____ C:\Users\GUERRA Dominique\Documents\OpenOffice 4.1.6 (fr) Installation Files - Raccourci.lnk
2019-09-07 14:26 - 2019-09-07 12:26 - 000000359 _____ C:\Users\GUERRA Dominique\Documents\Corbeille - Raccourci.lnk
2019-09-07 14:26 - 2019-09-07 12:26 - 000000287 _____ C:\Users\GUERRA Dominique\Documents\F - Raccourci.lnk
2019-09-07 14:26 - 2012-10-11 22:28 - 007165724 ____R C:\Users\GUERRA Dominique\Documents\guideFRE - Copie (2).pdf
2019-09-07 14:16 - 2019-09-07 14:16 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\OpenOffice
2019-09-07 12:26 - 2019-09-07 12:26 - 000001362 _____ C:\Users\GUERRA Dominique\Desktop\Nouveau dossier mercredi 3 juillet journee(2) - Raccourci ().lnk
2019-09-07 12:26 - 2019-09-07 12:26 - 000000961 _____ C:\Users\GUERRA Dominique\Desktop\101_PANA - Raccourci (2).lnk
2019-09-07 12:26 - 2019-09-07 12:26 - 000000816 _____ C:\Users\GUERRA Dominique\Desktop\Documents - Raccourci.lnk
2019-09-07 12:25 - 2019-09-07 12:25 - 000000784 _____ C:\Users\GUERRA Dominique\Downloads\Bureau - Raccourci.lnk
2019-09-07 12:18 - 2019-09-07 12:20 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6
2019-09-07 12:15 - 2019-09-07 12:17 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-09-05 18:06 - 2019-09-07 11:19 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\D3DSCache
2019-09-05 11:14 - 2019-09-05 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Hotspot Shield
2019-09-05 11:00 - 2019-09-05 11:00 - 000000000 __RSD C:\WINDOWS\SysWOW64\WindowsDevicePortal
2019-09-05 11:00 - 2019-09-05 11:00 - 000000000 __RSD C:\WINDOWS\system32\WindowsDevicePortal
2019-09-05 11:00 - 2019-09-05 11:00 - 000000000 ___RD C:\WINDOWS\WebManagement
2019-09-05 10:57 - 2018-04-11 03:45 - 000260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationREST.dll
2019-09-05 10:57 - 2018-04-10 21:09 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdPinAuthLsa.dll
2019-09-05 10:57 - 2018-04-10 21:09 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvcapi.dll
2019-09-05 10:57 - 2018-04-10 21:09 - 000020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperTools.ProxyStub.dll
2019-09-05 10:57 - 2018-04-10 21:08 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdp.dll
2019-09-05 10:57 - 2018-04-10 21:08 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshdBroker.dll
2019-09-05 10:57 - 2018-04-10 21:08 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevToolsLauncher.exe
2019-09-05 10:57 - 2018-04-10 21:08 - 000058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeployUtil.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSession.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshSftp.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshProxy.dll
2019-09-05 10:57 - 2018-04-10 21:07 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperToolsSvc.exe
2019-09-05 10:57 - 2018-04-10 21:07 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\debugregsvc.dll
2019-09-05 10:57 - 2018-04-10 21:06 - 000382976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SshBroker.dll
2019-09-05 10:57 - 2018-04-10 21:05 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebManagement.exe
2019-09-05 10:57 - 2018-04-10 21:05 - 000913408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdp.dll
2019-09-05 10:49 - 2019-09-05 10:49 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ElevatedDiagnostics
2019-09-04 11:37 - 2019-09-04 11:37 - 000000969 _____ C:\Users\GUERRA Dominique\Desktop\DMC-FZ200 - Raccourci (2).lnk
2019-09-04 11:20 - 2012-10-11 22:28 - 007165724 ____R C:\Users\GUERRA Dominique\Desktop\guideFRE - Copie (2).pdf
2019-09-04 10:06 - 2019-09-04 10:07 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\100NIKON
2019-09-03 18:52 - 2019-09-18 10:46 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\CrashDumps
2019-09-02 21:21 - 2019-09-13 11:58 - 000000000 _____ C:\WINDOWS\system32\last.dump
2019-09-02 20:09 - 2019-09-18 13:29 - 000000000 ____D C:\WINDOWS\System32\Tasks\pecokukot
2019-09-02 20:09 - 2019-09-09 19:12 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Pecemepef
2019-09-02 20:06 - 2019-09-18 13:29 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\{0BE43DB8-2F4C-5100-42D4-74E866BC8870}
2019-09-02 20:06 - 2019-09-02 20:06 - 000000000 ____D C:\Program Files\TAP-Windows
2019-09-02 20:04 - 2019-09-18 13:16 - 000000000 ____D C:\ProgramData\Segurazo
2019-09-02 20:04 - 2019-09-18 13:16 - 000000000 ____D C:\Program Files (x86)\Segurazo
2019-08-30 10:49 - 2019-09-04 10:32 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\101_PANA
2019-08-29 19:27 - 2019-08-29 19:27 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier (3)
2019-08-26 19:51 - 2019-08-28 19:47 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier (2)
2019-08-24 22:28 - 2019-08-24 22:28 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Roaming\WindSolutions
2019-08-24 22:28 - 2019-08-24 22:28 - 000000000 ____D C:\ProgramData\WindSolutions
2019-08-21 12:32 - 2019-08-21 12:32 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\DBG
2019-08-21 11:19 - 2019-08-21 11:19 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\CEF
2019-08-19 18:38 - 2019-08-19 22:06 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\19.08.19
==================== Un mois (modifiés) ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2019-09-18 21:38 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-18 21:31 - 2019-06-16 23:35 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\LocalLow\Mozilla
2019-09-18 21:30 - 2018-04-30 17:27 - 000000000 __SHD C:\Users\GUERRA Dominique\IntelGraphicsProfiles
2019-09-18 21:30 - 2018-04-30 16:50 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-09-18 21:29 - 2019-07-20 12:49 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-18 21:29 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-18 21:28 - 2019-07-20 12:51 - 000000000 ___HD C:\Users\GUERRA Dominique\MicrosoftEdgeBackups
2019-09-18 21:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-09-18 20:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\ProgramData\Avira
2019-09-18 13:29 - 2019-06-17 09:26 - 000000000 ____D C:\Program Files (x86)\Avira
2019-09-18 13:29 - 2016-02-26 15:31 - 000000000 ____D C:\Program Files (x86)\Amazon
2019-09-18 13:29 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files\AVAST Software
2019-09-18 13:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2019-09-18 13:16 - 2018-11-10 20:26 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Mozilla
2019-09-18 13:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\registration
2019-09-18 13:15 - 2016-02-26 15:33 - 000000000 ____D C:\Program Files\Booking.COM
2019-09-18 12:56 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-09-18 12:50 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-18 12:49 - 2018-04-30 17:27 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\Packages
2019-09-18 12:48 - 2019-07-20 12:25 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-18 12:40 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-18 12:30 - 2019-07-20 12:38 - 000000000 ____D C:\Users\GUERRA Dominique
2019-09-18 11:35 - 2019-04-16 19:23 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\LocalLow\Temp
2019-09-17 21:28 - 2016-02-26 15:21 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-16 15:27 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-09-14 17:07 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-09-13 15:01 - 2019-07-20 12:49 - 000004302 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2019-09-13 15:01 - 2019-07-20 12:49 - 000003852 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2019-09-13 15:01 - 2019-07-20 12:49 - 000002862 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4178424111-3086846748-1683071943-1001
2019-09-13 15:01 - 2019-07-20 12:49 - 000002820 _____ C:\WINDOWS\System32\Tasks\ACC
2019-09-13 15:01 - 2019-07-20 12:49 - 000002728 _____ C:\WINDOWS\System32\Tasks\AcerDriveProxyLauncher
2019-09-13 15:01 - 2019-07-20 12:49 - 000002566 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2019-09-13 15:01 - 2019-07-20 12:49 - 000002564 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2019-09-13 15:01 - 2019-07-20 12:49 - 000002548 _____ C:\WINDOWS\System32\Tasks\AcerDriveTrayLauncher
2019-09-13 15:01 - 2019-07-20 12:49 - 000002546 _____ C:\WINDOWS\System32\Tasks\AcerDriveUpdateChecker
2019-09-13 15:01 - 2019-07-20 12:49 - 000002534 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2019-09-13 15:01 - 2019-07-20 12:49 - 000002328 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2019-09-13 15:01 - 2019-07-20 12:49 - 000002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
2019-09-11 22:02 - 2019-07-20 12:49 - 000002134 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
2019-09-11 18:39 - 2019-07-17 19:46 - 000000000 ___DC C:\WINDOWS\Panther
2019-09-07 23:33 - 2019-05-30 12:02 - 000001592 _____ C:\Users\GUERRA Dominique\Downloads\P1010548.JPG - Raccourci.lnk
2019-09-07 23:33 - 2019-05-30 12:02 - 000001592 _____ C:\Users\GUERRA Dominique\Downloads\P1010547.JPG - Raccourci.lnk
2019-09-07 23:33 - 2019-05-30 12:02 - 000001071 _____ C:\Users\GUERRA Dominique\Downloads\Parties enregistrées - Raccourci.lnk
2019-09-07 16:39 - 2015-07-16 06:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-07 14:42 - 2019-08-18 11:57 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox.bak
2019-09-07 14:42 - 2015-07-16 06:20 - 000001236 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-09-07 14:12 - 2019-07-20 12:25 - 000277408 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-07 13:15 - 2015-07-10 11:05 - 000000000 ____D C:\Users\Default.migrated
2019-09-05 11:00 - 2018-04-12 18:22 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2019-09-05 11:00 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SystemApps
2019-09-04 11:21 - 2019-07-19 19:34 - 000203440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2019-09-04 11:21 - 2019-07-19 19:34 - 000195648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2019-09-04 10:34 - 2019-07-22 21:33 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\Nouveau dossier
2019-09-04 09:44 - 2019-03-19 14:37 - 000000000 ___HD C:\$WINDOWS.~BT
2019-09-04 09:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-04 09:16 - 2019-07-20 12:48 - 000026673 _____ C:\WINDOWS\diagwrn.xml
2019-09-04 09:16 - 2019-07-20 12:48 - 000026673 _____ C:\WINDOWS\diagerr.xml
2019-09-03 21:46 - 2019-02-20 16:26 - 000000000 ___RD C:\Users\GUERRA Dominique\3D Objects
2019-09-03 20:50 - 2018-04-12 18:18 - 000789786 _____ C:\WINDOWS\system32\perfh00C.dat
2019-09-03 20:50 - 2018-04-12 18:18 - 000149318 _____ C:\WINDOWS\system32\perfc00C.dat
2019-09-03 20:50 - 2015-07-16 06:17 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-03 20:45 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-09-03 20:04 - 2019-07-20 12:50 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\ConnectedDevicesPlatform
2019-08-30 10:20 - 2019-06-14 22:24 - 000000000 ____D C:\Program Files\rempl
2019-08-29 19:57 - 2019-07-20 17:58 - 000000000 ____D C:\Users\GUERRA Dominique\AppData\Local\PlaceholderTileLogoFolder
2019-08-29 19:28 - 2019-07-20 12:38 - 000002445 _____ C:\Users\GUERRA Dominique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-29 19:28 - 2018-04-30 17:32 - 000000000 ___RD C:\Users\GUERRA Dominique\OneDrive
2019-08-29 19:10 - 2019-05-30 10:32 - 000000000 ___RD C:\Users\GUERRA Dominique\Documents\Scanned Documents
2019-08-29 12:30 - 2015-07-16 06:19 - 000000000 ____D C:\ProgramData\WildTangent
2019-08-24 21:54 - 2019-08-18 11:10 - 000000000 ____D C:\Users\GUERRA Dominique\Desktop\tauves
2019-08-22 22:26 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2019-08-21 11:19 - 2015-07-16 06:19 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-08-21 11:19 - 2015-07-16 06:19 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
==================== SigCheck ===============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
==================== Fin de FRST.txt ============================