Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 15-11-2017 Exécuté par secrétariat SDDRH (administrateur) sur SECRÉTARIATSDDR (16-11-2017 14:33:26) Exécuté depuis C:\Users\secrétariat SDDRH\Desktop Profils chargés: secrétariat SDDRH & DefaultAppPool (Profils disponibles: secrétariat SDDRH & DefaultAppPool) Platform: Microsoft Windows 10 Professionnel Version 1703 15063.674 (X86) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Edge) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\afwServ.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe () C:\Windows\KMS-R@1n.exe (Nero AG) C:\Program Files\Nero\Nero 2018\Nero BackItUp\NBService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe (IObit) C:\Program Files\IObit\IObit Uninstaller\IUService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe (Nero AG) C:\Program Files\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.480.0_x86__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE (Mega Limited) C:\ProgramData\MEGAsync\MEGAsync.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe (IObit) C:\Program Files\IObit\IObit Uninstaller\UninstallMonitor.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Farbar) C:\Users\secrétariat SDDRH\Desktop\FRST(1).exe () C:\Windows\KMS-R@1nHook.exe (Microsoft Corporation) C:\Windows\System32\SppExtComObj.Exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504 2011-10-17] (Realtek Semiconductor) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2017-03-28] (Adobe Systems Incorporated) HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [302744 2017-11-14] (AVG Technologies CZ, s.r.o.) HKLM\...\Run: [Nero BackItUp] => C:\Program Files\Nero\Nero 2018\Nero BackItup\BackItUp.exe [1164664 2017-09-12] (Nero AG) HKLM\...\Run: [Advanced File Optimizer] => C:\Program Files\Advanced File Optimizer\AdvancedFileOptimizer.exe [5468992 2015-08-06] (Systweak) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [401408 2017-10-24] (Power Software Ltd) HKU\S-1-5-21-473494750-2487399406-2400400686-1000\...\Run: [Free Download Manager] => C:\Program Files\FreeDownloadManager.ORG\Free Download Manager\fdm.exe [8315080 2017-07-26] (FreeDownloadManager.org) HKU\S-1-5-21-473494750-2487399406-2400400686-1000\...\Run: [core_i] => C:\Users\secrétariat SDDRH\AppData\Roaming\Architecture\member\Systemcore.exe [4529152 2017-10-17] (Soft core) HKU\S-1-5-21-473494750-2487399406-2400400686-1000\...\Run: [Google_sync] => C:\Users\secrétariat SDDRH\AppData\Roaming\nserver\serversocket.exe HKU\S-1-5-21-473494750-2487399406-2400400686-1000\...\Run: [broadcom] => C:\Users\secrétariat SDDRH\AppData\Roaming\nserver\serversocket.exe HKU\S-1-5-21-473494750-2487399406-2400400686-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [515072 2017-03-18] (Microsoft Corporation) IFEO\AcroRd32.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\advancedfileoptimizer.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\bluestacks.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\chrome.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\fdm.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\hd-runapp.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\onedrive.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\OSppSvc.exe: [Debugger] KMS-R@1nHook.exe IFEO\smartdefrag.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\SppExtComObj.exe: [Debugger] KMS-R@1nHook.exe IFEO\unins000.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" IFEO\wscript.exe: [Debugger] "C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe" Startup: C:\Users\secrétariat SDDRH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2017-11-08] ShortcutTarget: MEGAsync.lnk -> C:\ProgramData\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [NameServer] 82.163.143.136 82.163.142.138 Tcpip\..\Interfaces\{b914cd8a-8310-48a9-80fc-8c5c9fe2b83f}: [NameServer] 82.163.143.136 82.163.142.138 Internet Explorer: ================== BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer.dll [2017-05-22] (IObit) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-09-12] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-11] (Microsoft Corporation) Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-08-15] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: hisqiopj.default FF ProfilePath: C:\Users\secrétariat SDDRH\AppData\Roaming\Mozilla\Firefox\Profiles\hisqiopj.default [2017-11-14] FF user.js: detected! => C:\Users\secrétariat SDDRH\AppData\Roaming\Mozilla\Firefox\Profiles\hisqiopj.default\user.js [2017-11-16] FF Homepage: Mozilla\Firefox\Profiles\hisqiopj.default -> google.com/ FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> autoconfig_url", "hxxp://192.168.0.2/" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> backup.ftp", "" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> backup.ftp_port", 0 FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> backup.socks", "" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> backup.socks_port", 0 FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> backup.ssl", "" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> backup.ssl_port", 0 FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> ftp", "192.168.0.2" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> ftp_port", 3128 FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> http", "192.168.0.2" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> http_port", 3128 FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> share_proxy_settings", true FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> socks", "192.168.0.2" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> socks_port", 3128 FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> ssl", "192.168.0.2" FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> ssl_port", 3128 FF NetworkProxy: Mozilla\Firefox\Profiles\hisqiopj.default -> type", 0 FF NewTabOverride: Mozilla\Firefox\Profiles\hisqiopj.default -> Enabled: "id":"{fa73622c-8b41-45b8-9d93-6d66e7633765 FF Extension: (Tables) - C:\Users\secrétariat SDDRH\AppData\Roaming\Mozilla\Firefox\Profiles\hisqiopj.default\Extensions\300414@extcorp.com.xpi [2017-10-14] FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\secrétariat SDDRH\AppData\Roaming\Mozilla\Firefox\Profiles\hisqiopj.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-11-08] [Legacy] FF Extension: (goMusix) - C:\Users\secrétariat SDDRH\AppData\Roaming\Mozilla\Firefox\Profiles\hisqiopj.default\Extensions\{fa73622c-8b41-45b8-9d93-6d66e7633765}.xpi [2017-10-12] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-11-03] () FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-18] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-27] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-09-27] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\18958390.js [2017-10-24] <==== ATTENTION (Pointe vers un fichier *.cfg) FF ExtraCheck: C:\Program Files\mozilla firefox\18958390.cfg [2017-10-24] <==== ATTENTION Chrome: ======= CHR Session Restore: Default -> est activé. CHR Profile: C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default [2017-11-09] CHR Extension: (Slides) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-17] CHR Extension: (Docs) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17] CHR Extension: (Google Drive) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-27] CHR Extension: (YouTube) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-27] CHR Extension: (Sheets) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-17] CHR Extension: (Tables) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-10-17] CHR Extension: (Google Docs hors connexion) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-28] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-27] CHR Extension: (Gmail) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-27] CHR Extension: (Chrome Media Router) - C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-01] CHR Profile: C:\Users\secrétariat SDDRH\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-23] Opera: ======= OPR Extension: (Tables) - C:\Users\secrétariat SDDRH\AppData\Roaming\Opera Software\Opera Stable\Extensions\egafjhhpbipcmpoiomegbckljbbbphoj [2017-10-17] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [282536 2017-11-14] (AVG Technologies CZ, s.r.o.) R2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [333488 2017-11-14] (AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5954792 2017-11-14] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-10-31] (AVG Technologies CZ, s.r.o.) S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [369720 2017-07-21] (BlueStack Systems, Inc.) S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [300120 2017-03-10] (Intel Corporation) R4 IObitUnSvr; C:\Program Files\IObit\IObit Uninstaller\IUService.exe [206112 2017-06-14] (IObit) R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [23040 2017-10-27] () [Fichier non signé] U2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [795000 2017-08-10] (Nero AG) R2 NeroBackItUpBackgroundService2018; C:\Program Files\Nero\Nero 2018\Nero BackItUp\NBService.exe [287096 2017-09-12] (Nero AG) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-19] (Microsoft Corporation) R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [4677904 2017-07-26] (AVG Technologies CZ, s.r.o.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-07-11] (Microsoft Corporation) S4 AdsService; C:\Users\secrétariat SDDRH\AppData\Local\AdService\AdService.dll [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [149592 2017-11-14] (AVG Technologies CZ, s.r.o.) R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiskx.sys [135872 2017-11-14] (AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriverx.sys [249232 2017-11-14] (AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidshx.sys [151024 2017-11-14] (AVG Technologies CZ, s.r.o.) R0 avgblog; C:\WINDOWS\System32\drivers\avgblogx.sys [270344 2017-11-14] (AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbunivx.sys [43992 2017-11-14] (AVG Technologies CZ, s.r.o.) S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [35264 2017-11-14] (AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [117368 2017-11-14] (AVG Technologies CZ, s.r.o.) S3 avgNetNd6; C:\WINDOWS\system32\DRIVERS\avgNetNd6.sys [28408 2017-10-10] (AVG Technologies CZ, s.r.o.) R1 avgNetSec; C:\WINDOWS\System32\drivers\avgNetSec.sys [412440 2017-11-14] (AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\WINDOWS\System32\drivers\avgRdr2.sys [91976 2017-11-14] (AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [63280 2017-11-14] (AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [775552 2017-11-14] (AVG Technologies CZ, s.r.o.) R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [381184 2017-11-15] (AVG Technologies CZ, s.r.o.) R2 avgStm; C:\WINDOWS\System32\drivers\avgStm.sys [143264 2017-11-14] (AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [290776 2017-11-14] (AVG Technologies CZ, s.r.o.) S3 BstkDrv; C:\Program Files\BlueStacks\BstkDrv.sys [220216 2017-06-21] (Bluestack System Inc. ) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.) R3 IUFileFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IUFileFilter.sys [38304 2017-06-06] (IObit.com) R3 IURegProcessFilter; C:\Program Files\IObit\IObit Uninstaller\drivers\win10_x86\IURegProcessFilter.sys [38264 2017-09-28] (IObit.com) R3 MEI; C:\WINDOWS\System32\drivers\HECI.sys [41216 2011-09-22] (Intel Corporation) R3 rt640x86; C:\WINDOWS\System32\drivers\rt640x86.sys [504832 2017-03-18] (Realtek ) R1 SCDEmu; C:\WINDOWS\system32\Drivers\SCDEmu.sys [124616 2017-06-07] (Power Software Ltd) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [18800 2016-03-22] (IObit) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.) R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [31792 2017-07-26] (AVG Netherlands B.V.) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation) S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [119952 2016-07-15] (MBB) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation) R3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation) U3 idsvc; pas de ImagePath U3 wpcsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-11-16 14:33 - 2017-11-16 14:33 - 000019490 _____ C:\Users\secrétariat SDDRH\Desktop\FRST.txt 2017-11-14 16:06 - 2017-11-14 16:11 - 104359576 _____ (AVG Technologies CZ, s.r.o.) C:\Users\secrétariat SDDRH\Downloads\AVG_PCTuneUp_x86_811 (1).exe 2017-11-14 15:33 - 2017-11-14 16:21 - 104359576 _____ (AVG Technologies CZ, s.r.o.) C:\Users\secrétariat SDDRH\Downloads\AVG_PCTuneUp_x86_811.exe 2017-11-14 15:19 - 2017-11-14 15:56 - 254862704 _____ (AVG Technologies CZ, s.r.o.) C:\Users\secrétariat SDDRH\Downloads\AVG_Antivirus_Business_x86_839.exe 2017-11-14 15:15 - 2017-11-14 15:15 - 000003964 _____ C:\Users\secrétariat SDDRH\Downloads\display.php (1).html 2017-11-14 15:08 - 2017-11-14 15:08 - 000027423 _____ C:\Users\secrétariat SDDRH\Downloads\download.prd-trimsb.html 2017-11-14 14:25 - 2017-11-14 14:25 - 000001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Internet Security.lnk 2017-11-14 14:25 - 2017-11-14 14:25 - 000001987 _____ C:\Users\Public\Desktop\AVG Internet Security.lnk 2017-11-14 14:24 - 2017-11-14 14:24 - 000306448 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe 2017-11-14 14:24 - 2017-11-14 14:24 - 000149592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys 2017-11-14 12:21 - 2017-11-14 12:21 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\PowerISO 2017-11-14 12:18 - 2017-11-14 14:28 - 000000000 ____D C:\Program Files\PowerISO 2017-11-14 12:18 - 2017-11-14 12:18 - 000001034 _____ C:\Users\Public\Desktop\PowerISO.lnk 2017-11-14 12:18 - 2017-11-14 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO 2017-11-14 12:15 - 2017-11-14 12:17 - 004260256 _____ (Power Software Ltd) C:\Users\secrétariat SDDRH\Downloads\PowerISO7.exe 2017-11-10 15:35 - 2017-11-10 16:48 - 000000000 ____D C:\Program Files\Virtual WiFi 2017-11-10 15:35 - 2017-11-10 15:35 - 000002003 _____ C:\Users\secrétariat SDDRH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Virtual WiFi.lnk 2017-11-10 15:35 - 2017-11-10 15:35 - 000001973 _____ C:\Users\secrétariat SDDRH\Desktop\Virtual WiFi.lnk 2017-11-10 15:35 - 2017-11-10 15:35 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\VirtualWiFi 2017-11-10 15:34 - 2017-09-09 21:00 - 000000000 ____D C:\Users\secrétariat SDDRH\Downloads\Virtual WiFi 3.2.1_TrucNet.com 2017-11-09 16:38 - 2017-11-09 16:38 - 000002377 _____ C:\Users\secrétariat SDDRH\Desktop\Schtroumpfs.lnk 2017-11-09 16:38 - 2017-11-09 16:38 - 000002369 _____ C:\Users\secrétariat SDDRH\Desktop\The Bible in MP3.lnk 2017-11-09 16:34 - 2017-11-09 16:34 - 000002317 _____ C:\Users\secrétariat SDDRH\Desktop\Witch Puzzle.lnk 2017-11-09 16:29 - 2017-11-09 16:29 - 000002297 _____ C:\Users\secrétariat SDDRH\Desktop\Match Fruit.lnk 2017-11-09 13:16 - 2017-11-14 12:08 - 000000000 ____D C:\Users\secrétariat SDDRH\Documents\impression 2017-11-09 11:50 - 2017-11-09 11:50 - 000001187 _____ C:\Users\Public\Desktop\Smart Defrag 5.lnk 2017-11-09 11:50 - 2017-11-09 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2017-11-09 11:50 - 2016-03-25 14:33 - 000111392 _____ (IObit) C:\WINDOWS\system32\IObitSmartDefragExtension.dll 2017-11-09 11:50 - 2016-03-22 11:02 - 000033192 _____ (IObit) C:\WINDOWS\system32\SmartDefragBootTime.exe 2017-11-09 11:50 - 2016-03-22 11:02 - 000018800 _____ (IObit) C:\WINDOWS\system32\Drivers\SmartDefragDriver.sys 2017-11-09 11:39 - 2017-11-16 12:38 - 000000000 ____D C:\ProgramData\ProductData 2017-11-09 11:38 - 2017-11-09 11:50 - 000000000 ____D C:\Program Files\Common Files\IObit 2017-11-09 11:38 - 2017-11-09 11:39 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\LocalLow\IObit 2017-11-09 11:38 - 2017-11-09 11:38 - 000002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2017-11-09 11:38 - 2017-11-09 11:38 - 000002167 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2017-11-09 11:38 - 2017-11-09 11:38 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2017-11-09 11:38 - 2017-11-09 11:38 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Dashlane 2017-11-09 11:38 - 2017-11-09 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2017-11-09 11:38 - 2017-11-09 11:38 - 000000000 ____D C:\Program Files\Dashlane 2017-11-09 11:37 - 2017-11-09 11:50 - 000000000 ____D C:\Program Files\IObit 2017-11-09 11:36 - 2017-11-09 12:08 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\IObit 2017-11-09 11:36 - 2017-11-09 11:50 - 000000000 ____D C:\ProgramData\IObit 2017-11-09 11:30 - 2017-11-09 11:35 - 015871160 _____ (IObit ) C:\Users\secrétariat SDDRH\Downloads\iobituninstaller.exe 2017-11-09 10:14 - 2017-11-09 10:14 - 000000022 _____ C:\Users\secrétariat SDDRH\Downloads\MEGA-RECOVERYKEY (2).txt 2017-11-09 10:12 - 2017-11-09 10:12 - 000000022 _____ C:\Users\secrétariat SDDRH\Downloads\MEGA-RECOVERYKEY (1).txt 2017-11-09 10:11 - 2017-11-09 10:11 - 000000022 _____ C:\Users\secrétariat SDDRH\Downloads\MEGA-RECOVERYKEY.txt 2017-11-08 16:54 - 2017-11-08 16:55 - 002281917 _____ C:\Users\secrétariat SDDRH\Downloads\Virtual_WiFi_3.2.1_TrucNet.com.rar 2017-11-08 16:38 - 2017-11-08 17:22 - 382143493 _____ C:\Users\secrétariat SDDRH\Downloads\Nero Platinum 2018 Suite Patch-IZOFILE.COM.rar 2017-11-08 16:18 - 2017-11-08 16:18 - 000003964 _____ C:\Users\secrétariat SDDRH\Downloads\display.php.html 2017-11-08 11:28 - 2017-11-09 10:18 - 000000000 ____D C:\Users\secrétariat SDDRH\Documents\MEGAsync Downloads 2017-11-08 11:28 - 2017-11-08 12:09 - 000000000 ___RD C:\Users\secrétariat SDDRH\Documents\MEGA 2017-11-08 11:24 - 2017-11-08 11:24 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\Mega Limited 2017-11-08 11:23 - 2017-11-08 11:23 - 000000799 _____ C:\Users\Public\Desktop\MEGAsync.lnk 2017-11-08 11:23 - 2017-11-08 11:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEGAsync 2017-11-08 11:23 - 2017-11-08 11:23 - 000000000 ____D C:\ProgramData\MEGAsync 2017-11-08 11:13 - 2017-11-08 11:22 - 014975256 _____ (MEGA Limited) C:\Users\secrétariat SDDRH\Downloads\MEGAsyncSetup.exe 2017-11-08 10:20 - 2017-11-08 10:21 - 254862704 _____ (AVG Technologies CZ, s.r.o.) C:\Users\secrétariat SDDRH\Downloads\AVG_Internet_Security_Business_x86_750.exe.9qqbiyv (1).partial 2017-11-07 13:01 - 2017-11-07 13:01 - 000000000 ____D C:\Users\secrétariat SDDRH\Documents\FeedbackHub 2017-11-07 12:38 - 2017-11-07 12:38 - 001300480 _____ C:\Users\secrétariat SDDRH\Downloads\AVG PC Tuneup 2017 Crack Serial Number.iso 2017-11-07 10:19 - 2017-11-07 11:13 - 282976312 _____ (AVG Technologies CZ, s.r.o.) C:\Users\secrétariat SDDRH\Downloads\AVG_Internet_Security_Business_x64_749.exe 2017-11-06 13:26 - 2017-11-06 15:10 - 254862704 _____ (AVG Technologies CZ, s.r.o.) C:\Users\secrétariat SDDRH\Downloads\AVG_Internet_Security_Business_x86_750.exe.9qqbiyv.partial 2017-11-06 10:32 - 2017-11-06 10:32 - 003634824 _____ (AVG Technologies CZ, s.r.o.) C:\Users\secrétariat SDDRH\Downloads\Antivirus_Free_2075.exe 2017-11-03 10:51 - 2017-11-03 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2017-11-03 10:51 - 2017-11-03 10:51 - 000000000 ____D C:\Program Files\7-Zip 2017-11-03 10:38 - 2017-11-03 10:38 - 005430032 _____ C:\Users\secrétariat SDDRH\Downloads\ljP2035-gdi-pnp-win64-fr.exe 2017-11-03 10:32 - 2017-11-03 10:32 - 005026160 _____ C:\Users\secrétariat SDDRH\Downloads\ljP2035-gdi-pnp-win32-fr.exe 2017-11-03 10:25 - 2017-11-09 10:08 - 000000000 ____D C:\ProgramData\60eda6f8-5773-0 2017-11-03 10:25 - 2017-11-09 10:08 - 000000000 ____D C:\ProgramData\60eda6f8-33c3-1 2017-11-03 10:25 - 2017-11-08 10:38 - 000000000 ____D C:\ProgramData\60eda6f8-3ec3-0 2017-11-03 10:25 - 2017-11-08 10:38 - 000000000 ____D C:\ProgramData\{3d5e4e2b-712c-0} 2017-11-03 10:25 - 2017-11-08 10:38 - 000000000 ____D C:\ProgramData\{1ebd20d8-512c-1} 2017-11-03 10:25 - 2017-11-08 10:36 - 000000000 ____D C:\ProgramData\60eda6f8-5f15-1 2017-11-03 10:25 - 2017-11-06 15:17 - 000000000 ____D C:\ProgramData\1de32f4d 2017-11-01 11:35 - 2017-11-01 11:44 - 379647184 _____ (Nero AG) C:\Users\secrétariat SDDRH\Downloads\Nero2018-19.0.07000_nsx_trial.exe 2017-11-01 11:09 - 2017-11-01 11:09 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Obsidium 2017-11-01 11:09 - 2016-10-10 13:59 - 000000000 ____D C:\Users\secrétariat SDDRH\Desktop\Nero 2017 Platinum Serial Activation Patch 2017-11-01 10:55 - 2017-11-01 10:55 - 000000000 ____D C:\ProgramData\simplitec 2017-11-01 10:47 - 2017-11-09 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2018 2017-11-01 10:46 - 2017-11-09 12:20 - 000000000 ____D C:\ProgramData\Nero 2017-11-01 10:46 - 2017-11-09 12:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2017-11-01 10:46 - 2017-11-09 12:20 - 000000000 ____D C:\Program Files\Common Files\Nero 2017-11-01 10:46 - 2017-11-07 13:54 - 000000000 ____D C:\Program Files\Nero 2017-10-31 16:17 - 2017-10-31 16:17 - 000534950 _____ C:\Users\secrétariat SDDRH\Desktop\Nero 2017 Platinum Serial Activation Patch.rar 2017-10-31 16:11 - 2017-11-07 12:39 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Nero 2017-10-31 16:08 - 2017-10-31 16:08 - 003139608 _____ (Nero AG) C:\Users\secrétariat SDDRH\Downloads\Nero2018-1.10.0.9_stub_trial.exe 2017-10-30 11:51 - 2017-10-30 11:51 - 000000000 ____D C:\Users\secrétariat SDDRH\Documents\Modèles Office personnalisés 2017-10-27 14:20 - 2017-11-09 14:22 - 000002267 _____ C:\Users\secrétariat SDDRH\Desktop\Lite.lnk 2017-10-27 14:20 - 2017-10-27 14:20 - 000002367 _____ C:\Users\secrétariat SDDRH\Desktop\Play Jeux.lnk 2017-10-27 14:19 - 2017-10-27 14:19 - 000002207 _____ C:\Users\secrétariat SDDRH\Desktop\WhatsApp.lnk 2017-10-27 14:01 - 2017-10-27 14:01 - 000001354 _____ C:\Users\Public\Desktop\Utilitaire d'identification du processeur Intel(R).lnk 2017-10-27 14:01 - 2017-10-27 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilitaire d'identification du processeur Intel(R) 2017-10-27 14:01 - 2017-10-27 14:01 - 000000000 ____D C:\Program Files\Intel Corporation 2017-10-27 13:56 - 2017-10-27 13:56 - 004411392 _____ C:\Users\secrétariat SDDRH\Downloads\pidfra47.msi 2017-10-27 13:09 - 2017-10-27 13:09 - 000023040 _____ C:\WINDOWS\KMS-R@1n.exe 2017-10-27 13:09 - 2017-10-27 13:09 - 000004608 _____ C:\WINDOWS\KMS-R@1nHook.exe 2017-10-27 13:09 - 2017-10-27 13:09 - 000003584 _____ C:\WINDOWS\KMS-R@1nHook.dll 2017-10-27 12:26 - 2017-10-27 12:26 - 000002729 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Entreprise 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk 2017-10-27 12:26 - 2017-10-27 12:26 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office 2016 2017-10-27 12:23 - 2017-10-27 12:23 - 000000000 ____D C:\Program Files\Common Files\DESIGNER 2017-10-27 12:22 - 2017-10-27 12:22 - 000000000 ____D C:\WINDOWS\PCHEALTH 2017-10-27 12:22 - 2017-10-27 12:22 - 000000000 ____D C:\Program Files\Microsoft SQL Server 2017-10-27 11:59 - 2017-10-27 11:59 - 000000000 ___SD C:\Users\secrétariat SDDRH\Documents\Mes formes 2017-10-27 11:40 - 2017-10-27 11:40 - 000000024 _____ C:\ScrubRetValFile.txt 2017-10-26 15:18 - 2017-10-27 10:22 - 000000000 ____D C:\WINDOWS\AutoKMS 2017-10-26 15:01 - 2017-10-26 15:02 - 055944192 _____ C:\Users\secrétariat SDDRH\Desktop\Microsoft Toolkit 2.6 BETA bd genius tutorial.exe 2017-10-26 13:41 - 2017-10-26 13:42 - 000703363 _____ ( ) C:\Users\secrétariat SDDRH\Downloads\Microsoft_Toolkit_2.6.6_Activator_Full_Version (1).exe 2017-10-25 12:58 - 2017-11-16 12:41 - 000001044 _____ C:\WINDOWS\Tasks\Chromium tiror.job 2017-10-25 12:58 - 2017-10-25 17:21 - 000000000 ____D C:\Program Files\Common Files\crowminio 2017-10-25 12:57 - 2017-10-25 12:58 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\focole 2017-10-25 12:57 - 2017-10-25 12:58 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\{390E0F52-1DA6-63EA-703E-46025456BA9A} 2017-10-25 10:21 - 2017-11-16 13:50 - 000000000 ____D C:\Users\secrétariat SDDRH\Desktop\FRST-OlderVersion 2017-10-24 17:02 - 2015-07-19 18:02 - 051970048 _____ C:\Users\secrétariat SDDRH\Desktop\Microsoft Toolkit.exe 2017-10-24 16:46 - 2017-10-24 16:49 - 051072977 _____ C:\Users\secrétariat SDDRH\Desktop\Microsoft Toolkit.rar 2017-10-24 15:18 - 2017-10-24 15:19 - 001130496 _____ C:\Users\secrétariat SDDRH\Desktop\Microsoft_Toolkit_2.6.6_Activator_Full_Version.iso 2017-10-20 17:01 - 2017-10-20 17:02 - 000333056 _____ C:\Users\secrétariat SDDRH\Downloads\pjjoint_uploader.exe 2017-10-20 16:11 - 2017-11-16 14:33 - 000000000 ____D C:\FRST 2017-10-20 16:03 - 2017-11-16 13:50 - 001788928 _____ (Farbar) C:\Users\secrétariat SDDRH\Desktop\FRST(1).exe 2017-10-20 11:26 - 2017-10-20 11:26 - 000000000 ___HD C:\OneDriveTemp 2017-10-19 11:01 - 2017-10-19 11:01 - 001798656 _____ (Farbar) C:\Users\secrétariat SDDRH\Downloads\FRST.exe 2017-10-19 10:35 - 2017-10-19 10:39 - 024421584 _____ (Microsoft Corporation) C:\Users\secrétariat SDDRH\Downloads\OneDriveSetup.exe 2017-10-18 11:09 - 2017-10-18 11:09 - 000002516 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk 2017-10-18 11:09 - 2017-10-18 11:09 - 000002504 _____ C:\Users\Public\Desktop\AVG PC TuneUp.lnk 2017-10-18 11:09 - 2017-07-26 09:15 - 000049936 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe 2017-10-18 10:32 - 2017-10-23 13:49 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\imwj2x0wanl 2017-10-18 10:32 - 2017-10-18 16:39 - 000000000 ____D C:\Program Files\AN5O3VC9O9 2017-10-18 10:32 - 2017-10-18 16:39 - 000000000 ____D C:\Program Files\AL7J7GZLEA 2017-10-18 10:31 - 2017-10-23 13:49 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\gunutnovx3y 2017-10-18 10:31 - 2017-10-23 10:44 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\axeq1iwhg5x 2017-10-18 10:30 - 2017-10-18 10:46 - 000000000 ____D C:\Program Files\SQ2259EEWN 2017-10-18 10:29 - 2017-10-19 16:39 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\3opzxnowlop 2017-10-17 17:49 - 2017-10-18 16:40 - 000000000 ____D C:\Program Files\JC6AC0N6EY 2017-10-17 17:48 - 2017-10-19 10:22 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\w2qsgg2bby1 2017-10-17 17:48 - 2017-10-19 10:22 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\l3uetezpbnw 2017-10-17 17:48 - 2017-10-19 10:22 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\0r52redao5k 2017-10-17 17:48 - 2017-10-18 10:42 - 000000000 ____D C:\Program Files\K4O7DKSDFQ 2017-10-17 17:17 - 2017-10-18 16:39 - 000000000 ____D C:\Program Files\2L9YXS7R08 2017-10-17 17:16 - 2017-10-19 10:22 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\xcyyw2wdc2c 2017-10-17 17:16 - 2017-10-19 10:22 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\m2b2c03oh5r 2017-10-17 17:16 - 2017-10-18 10:40 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\zbkcsgy02hu 2017-10-17 17:16 - 2017-10-18 10:40 - 000000000 ____D C:\Program Files\TEEI2SMXUP 2017-10-17 17:16 - 2017-10-17 17:16 - 000140800 _____ C:\Users\secrétariat SDDRH\AppData\Local\installer.dat 2017-10-17 17:16 - 2017-10-17 17:16 - 000011568 _____ C:\Users\secrétariat SDDRH\AppData\Local\InstallationConfiguration.xml 2017-10-17 17:01 - 2017-10-17 17:19 - 008204775 _____ C:\Users\secrétariat SDDRH\Documents\nconsole.exe 2017-10-17 17:01 - 2017-10-17 17:01 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\WinZip 2017-10-17 17:01 - 2017-10-17 17:01 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Opera Software 2017-10-17 17:01 - 2017-10-17 17:01 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\Opera Software 2017-10-17 16:54 - 2017-10-17 16:54 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\systembackup 2017-10-17 16:54 - 2017-10-17 16:54 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\FileZilla 2017-10-17 16:53 - 2017-10-17 17:25 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\CasinoX 2017-10-17 16:53 - 2017-10-17 16:53 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\WindowsNT 2017-10-17 16:53 - 2017-10-17 16:53 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Architecture 2017-10-17 16:52 - 2017-10-17 16:52 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\BrowserModule 2017-10-17 16:52 - 2017-10-17 16:52 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\1337 2017-10-17 16:52 - 2017-10-17 16:52 - 000000000 ____D C:\Program Files\Miped 2017-10-17 16:46 - 2017-11-08 13:50 - 000000000 ____D C:\ProgramData\DreamCompress 2017-10-17 16:46 - 2017-10-18 10:42 - 000000000 ____D C:\ProgramData\DreamScreen 2017-10-17 16:46 - 2017-10-17 16:46 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\DreamScreen 2017-10-17 16:46 - 2017-10-17 16:46 - 000000000 ____D C:\ProgramData\CupCheck 2017-10-17 16:45 - 2017-11-14 14:33 - 000000000 ____D C:\Disk 2017-10-17 16:45 - 2017-10-19 10:24 - 000000000 ____D C:\Applications 2017-10-17 16:45 - 2017-10-17 16:45 - 000000000 ____D C:\WinSys 2017-10-17 16:45 - 2017-10-17 16:45 - 000000000 ____D C:\Windat 2017-10-17 16:45 - 2017-10-17 16:45 - 000000000 ____D C:\Program Files\LaCie Private Public 2017-10-17 16:44 - 2017-10-19 10:22 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\lqcnwnrto4n 2017-10-17 16:44 - 2017-10-18 16:40 - 000000000 ____D C:\Program Files\Q2Q7KUM1X2 2017-10-17 16:44 - 2017-10-18 10:43 - 000000000 ____D C:\Program Files\KNEBVZAMWA 2017-10-17 16:43 - 2017-11-03 10:26 - 000000000 ____D C:\ProgramData\a9241814-0af7-1 2017-10-17 16:43 - 2017-11-03 10:25 - 000000000 ____D C:\ProgramData\a9241814-5333-0 2017-10-17 16:43 - 2017-10-19 10:22 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\vg5swwd2hqy 2017-10-17 16:43 - 2017-10-18 10:39 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\z4qsn3uqsqc 2017-10-17 16:43 - 2017-10-17 16:43 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage réseau 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Voisinage d'impression 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Modèles 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Mes documents 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Menu Démarrer 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes vidéos 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Mes images 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Ma musique 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programmes 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Historique 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\TileDataLayer 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 ____D C:\Users\DefaultAppPool 2017-10-17 16:43 - 2017-10-17 16:43 - 000000000 ____D C:\Program Files\FastDataX 2017-10-17 16:43 - 2017-10-13 13:40 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Local\Microsoft Help 2017-10-17 16:43 - 2017-10-12 17:34 - 000002102 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2017-10-17 16:43 - 2009-07-14 10:00 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs 2017-10-17 16:42 - 2017-10-18 10:45 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\b3ytvtocgx4 2017-10-17 16:42 - 2017-10-18 10:39 - 000000000 ____D C:\Program Files\MQ1LNDOTUZ 2017-10-17 16:41 - 2017-10-18 16:52 - 000000000 ____D C:\Program Files\ShutdownTime 2017-10-17 16:41 - 2017-10-10 17:04 - 001736704 ___SH C:\Users\secrétariat SDDRH\AppData\Roaming\tmp546.dat 2017-10-17 16:40 - 2017-10-18 17:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YeaDesktop 2017-10-17 16:40 - 2017-10-18 16:59 - 000000000 ____D C:\Program Files\YeaDesktop 2017-10-17 16:36 - 2017-10-17 16:36 - 000000000 ____D C:\ProgramData\Microleaves 2017-10-17 16:33 - 2017-10-18 16:41 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\AdService 2017-10-17 16:33 - 2017-10-17 16:33 - 000000000 ____D C:\Program Files\Microleaves 2017-10-17 16:32 - 2017-10-17 16:32 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Microleaves 2017-10-17 16:32 - 2017-10-17 16:32 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\AdvinstAnalytics 2017-10-17 16:21 - 2017-10-17 16:21 - 000000000 ___HD C:\$AV_AVG 2017-10-17 16:09 - 2017-10-17 16:52 - 000000000 ____D C:\Program Files\Microsoft Toolkit Final 2017-10-17 12:14 - 2017-10-17 12:14 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\PeerDistRepub 2017-10-17 10:30 - 2017-10-13 01:21 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2017-10-17 10:30 - 2017-10-13 01:21 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-11-16 14:03 - 2017-09-28 10:09 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\AvgSetupLog 2017-11-16 11:02 - 2017-09-28 10:18 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinRAR.lnk 2017-11-16 11:02 - 2017-09-28 10:18 - 000001140 _____ C:\Users\Public\Desktop\WinRAR.lnk 2017-11-16 11:02 - 2017-09-27 15:10 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-11-16 11:02 - 2017-09-27 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-11-16 11:02 - 2017-09-27 15:10 - 000000000 ____D C:\Program Files\WinRAR 2017-11-15 14:25 - 2017-10-10 16:06 - 000381184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys 2017-11-15 14:20 - 2017-10-12 21:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2017-11-15 14:18 - 2017-09-27 15:29 - 000001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-11-15 14:18 - 2017-09-27 15:29 - 000000000 ____D C:\Program Files\Mozilla Firefox 2017-11-15 10:40 - 2017-10-12 21:27 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2017-11-14 17:10 - 2017-03-18 07:02 - 000786432 _____ C:\WINDOWS\system32\config\BBI 2017-11-14 17:09 - 2017-09-29 11:37 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\Free Download Manager 2017-11-14 16:57 - 2017-09-28 10:58 - 000000000 ____D C:\Users\secrétariat SDDRH\Documents\Nouveau dossier 2017-11-14 14:24 - 2017-10-10 16:06 - 000775552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys 2017-11-14 14:24 - 2017-10-10 16:06 - 000381184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys.151075233189001 2017-11-14 14:24 - 2017-10-10 16:06 - 000290776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys 2017-11-14 14:24 - 2017-10-10 16:06 - 000143264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStm.sys 2017-11-14 14:24 - 2017-10-10 16:06 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys 2017-11-14 14:24 - 2017-10-10 16:06 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr2.sys 2017-11-14 14:24 - 2017-10-10 16:06 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys 2017-11-14 14:24 - 2017-10-10 16:06 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys 2017-11-14 14:23 - 2017-10-10 16:06 - 000412440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgNetSec.sys 2017-11-14 14:23 - 2017-10-10 16:06 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys 2017-11-14 14:23 - 2017-10-10 16:06 - 000249232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys 2017-11-14 14:23 - 2017-10-10 16:06 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys 2017-11-14 14:23 - 2017-10-10 16:06 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys 2017-11-14 14:23 - 2017-10-10 16:06 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys 2017-11-14 13:43 - 2017-10-02 16:43 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\Adobe 2017-11-14 11:39 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\AppReadiness 2017-11-13 11:51 - 2017-10-10 17:06 - 000000000 ____D C:\ProgramData\BlueStacksSetup 2017-11-10 17:04 - 2017-10-05 09:07 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\Wildfire 2017-11-10 15:24 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\NDF 2017-11-09 10:27 - 2017-09-27 15:30 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\LocalLow\Mozilla 2017-11-08 14:58 - 2017-09-27 14:47 - 000002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-11-08 14:58 - 2017-09-27 14:47 - 000002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-11-08 14:50 - 2017-10-12 21:12 - 000401048 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2017-11-08 14:48 - 2017-10-12 21:17 - 000000000 ____D C:\Users\secrétariat SDDRH 2017-11-08 10:59 - 2017-03-18 19:23 - 000000000 ___HD C:\Program Files\WindowsApps 2017-11-07 13:03 - 2017-09-27 14:58 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\ElevatedDiagnostics 2017-11-07 10:50 - 2017-10-10 15:17 - 000000925 _____ C:\Users\Public\Desktop\AVG.lnk 2017-11-07 10:50 - 2017-10-10 15:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2017-11-06 10:37 - 2017-03-18 19:21 - 000000000 ____D C:\WINDOWS\INF 2017-11-03 10:55 - 2017-09-29 11:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2017-11-03 10:55 - 2017-09-29 11:24 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-11-03 10:55 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\system32\Macromed 2017-11-01 10:16 - 2017-09-29 13:44 - 000000000 ____D C:\ProgramData\Package Cache 2017-10-31 13:22 - 2009-07-14 03:04 - 000000478 _____ C:\WINDOWS\win.ini 2017-10-31 13:21 - 2017-03-18 19:23 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-10-27 12:25 - 2009-07-14 10:01 - 000000000 ____D C:\WINDOWS\ShellNew 2017-10-27 12:24 - 2017-03-18 19:23 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-10-27 12:22 - 2017-10-02 16:10 - 000000000 ____D C:\Program Files\Microsoft Office 2017-10-27 12:20 - 2017-03-18 19:23 - 000000000 ____D C:\Program Files\Common Files\System 2017-10-27 11:45 - 2017-10-12 21:07 - 000000000 ____D C:\Program Files\MSBuild 2017-10-26 10:16 - 2017-10-12 21:16 - 002447512 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2017-10-26 10:16 - 2017-03-19 09:20 - 001105878 _____ C:\WINDOWS\system32\perfh00C.dat 2017-10-26 10:16 - 2017-03-19 09:20 - 000247562 _____ C:\WINDOWS\system32\perfc00C.dat 2017-10-25 13:05 - 2017-09-29 11:23 - 000000000 ____D C:\ProgramData\Adobe 2017-10-23 13:44 - 2017-09-28 09:28 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\LocalLow\Temp 2017-10-20 17:24 - 2017-10-12 17:34 - 000000000 ___RD C:\Users\secrétariat SDDRH\OneDrive 2017-10-20 14:02 - 2017-10-12 19:48 - 000000000 ___DC C:\WINDOWS\Panther 2017-10-20 14:02 - 2017-10-02 16:10 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\Microsoft Help 2017-10-20 14:02 - 2017-03-18 07:02 - 000000000 ____D C:\WINDOWS\system32\Sysprep 2017-10-20 11:19 - 2017-10-13 10:15 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\Packages 2017-10-20 11:18 - 2017-09-28 12:10 - 000000000 ____D C:\ProgramData\Systweak 2017-10-18 11:32 - 2017-03-18 19:14 - 000000000 ____D C:\WINDOWS\CbsTemp 2017-10-18 11:09 - 2017-09-28 10:09 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Local\Avg 2017-10-18 11:08 - 2017-10-10 15:07 - 000000000 ____D C:\Program Files\AVG 2017-10-18 11:08 - 2017-09-28 10:09 - 000000000 ____D C:\ProgramData\Avg 2017-10-17 17:02 - 2017-09-28 10:26 - 000000000 ____D C:\Users\secrétariat SDDRH\AppData\Roaming\WinRAR 2017-10-17 16:40 - 2017-09-27 15:29 - 000001159 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-10-17 12:09 - 2017-03-18 19:23 - 000000000 ____D C:\WINDOWS\rescache 2017-10-17 10:30 - 2017-10-13 10:15 - 000000000 __RHD C:\Users\Public\AccountPictures ==================== Fichiers à la racine de certains dossiers ======= 2017-10-17 16:41 - 2017-10-10 17:04 - 001736704 ___SH () C:\Users\secrétariat SDDRH\AppData\Roaming\tmp546.dat 2017-10-17 17:16 - 2017-10-17 17:16 - 000011568 _____ () C:\Users\secrétariat SDDRH\AppData\Local\InstallationConfiguration.xml 2017-10-17 17:16 - 2017-10-17 17:16 - 000140800 _____ () C:\Users\secrétariat SDDRH\AppData\Local\installer.dat Certains fichiers dans TEMP: ==================== 2017-11-14 13:42 - 2017-11-14 13:42 - 001055936 _____ (Adobe) C:\Users\secrétariat SDDRH\AppData\Local\Temp\flashplayer_setup.exe 2017-11-01 10:15 - 2017-07-11 01:53 - 000624368 _____ (Microsoft Corporation) C:\Users\secrétariat SDDRH\AppData\Local\Temp\kernel32.dll 2017-11-01 10:54 - 2017-11-01 10:55 - 013483360 _____ (Nero AG ) C:\Users\secrétariat SDDRH\AppData\Local\Temp\Nero TuneItUp_2.6.0.134.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2017-11-16 11:00 ==================== Fin de FRST.txt ============================