Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10.02.2018 02 Exécuté par Raymond (administrateur) sur ADMIN (10-02-2018 20:22:12) Exécuté depuis C:\Users\Raymond\Downloads Profils chargés: Raymond (Profils disponibles: Raymond) Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (AMD) C:\Windows\System32\atiesrxx.exe (ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\MsMpEng.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe () C:\Program Files (x86)\No-IP\ducservice.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Orange) C:\Users\Raymond\AppData\Roaming\Orange\OrangeInside\OrangeInside.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe () C:\Windows\SysWOW64\UMonit64.exe () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.15711.0_x64__8wekyb3d8bbwe\Video.UI.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxCalendarAppImm.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\WinStore.App.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Farbar) C:\Users\Raymond\Downloads\FRST64 (2).exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor) HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [689488 2008-03-11] (CANON INC.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [497784 2016-07-06] () HKLM\...\Run: [UMonit] => C:\WINDOWS\SysWOW64\UMonit64.exe [53832 2015-09-21] () HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-11-10] (Acronis International GmbH) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [6843208 2016-07-06] () HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2131856 2016-07-14] (AimerSoft) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation) HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [EssentialPIM] => C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [17853296 2015-11-18] (Astonsoft) HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [Snip] => C:\Users\Raymond\AppData\Local\Snip\Snip.exe [1713312 2015-10-19] (Microsoft Corporation) HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [Google Photos Backup] => C:\Users\Raymond\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe [3790936 2016-04-08] (Google, Inc) HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-20] (Piriform Ltd) HKU\S-1-5-21-976551006-3039632739-1132508307-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-976551006-3039632739-1132508307-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [805888 2017-09-29] (Microsoft Corporation) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3359f939-300f-4bae-9790-cb9823ff011f}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{7a129503-e1ca-4a61-b417-8047e61c128e}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{872aebc9-1a58-41ac-a780-76db36b7032c}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{c267a06e-dcc6-4b4d-a070-dd21cb0e3009}: [DhcpNameServer] 80.10.46.232 80.10.46.232 Tcpip\..\Interfaces\{cbdddf11-c55f-464a-b09a-6b2b85b134e3}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{D806A566-61F1-4BBB-92C3-18A9DC0D8D38}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKU\S-1-5-21-976551006-3039632739-1132508307-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://r.orange.fr/r/Oodc_oi_promoUpdate?ref=O_OI_defaultPage_IEe64_w10e64_promoUpdate BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle Corporation) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab Edge: ====== Edge Session Restore: HKU\S-1-5-21-976551006-3039632739-1132508307-1001 -> est activé. FireFox: ======== FF DefaultProfile: arzsw02y.default-1506669055859 FF ProfilePath: C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859 [2018-02-10] FF Homepage: Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859 -> hxxps://r.orange.fr/r/Oodc_oi_promoUpdate?ref=O_OI_defaultPage_FFe64_w10e64_promoUpdate FF Extension: (Video DownloadHelper) - C:\Users\Raymond\AppData\Roaming\Mozilla\Firefox\Profiles\arzsw02y.default-1506669055859\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-01-23] FF Extension: (Qwant for Firefox) - C:\Program Files\Mozilla Firefox\distribution\extensions\qwantcomforfirefox@jetpack.xpi [2016-07-01] [Legacy] FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-07] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-07] () FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @Nero.com/KM -> C:\Program Files (x86)\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-04-10] (Nero AG) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Raymond\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-10-07] (Citrix Online) FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-976551006-3039632739-1132508307-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Raymond\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [Pas de fichier] Chrome: ======= CHR DefaultProfile: Default CHR Session Restore: Default -> est activé. CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default [2018-02-10] CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-12-28] CHR Extension: (AdBlock) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-02-02] CHR Extension: (Video DownloadHelper) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjnegcaeklhafolokijcfjliaokphfk [2016-12-21] CHR Extension: (Page Captures d'écran Web - Fireshot) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-17] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Chrome Media Router) - C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-25] CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-01-27] CHR Profile: C:\Users\Raymond\AppData\Local\Google\Chrome\User Data\System Profile [2018-01-27] Opera: ======= OPR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\eeokceolphhfjdfcibaiiopmekmcbedp [2017-06-14] OPR Extension: (Traduire) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\ibnombjmjocaccigcefonnipcnlaeaed [2015-11-18] OPR Extension: (Adblock Plus) - C:\Users\Raymond\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-01-31] ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY) R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1135568 2016-07-06] () R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-21] (Advanced Micro Devices, Inc.) [Fichier non signé] S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Fichier non signé] S2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [Fichier non signé] S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Fichier non signé] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2016-11-15] (Ellora Assets Corp.) [Fichier non signé] R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] () R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2945312 2016-01-15] (IObit) R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes) R2 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis) R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Fichier non signé] S2 Orange Update Core Service; C:\Program Files (x86)\Orange Update\OUService.exe [224528 2017-11-17] (Orange) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH) R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation) R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 61883; C:\WINDOWS\System32\drivers\61883.sys [62976 2017-09-29] (Microsoft Corporation) S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 ampa; C:\WINDOWS\system32\ampa.sys [38320 2016-12-25] () S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [38320 2016-12-25] () R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R1 AppleCharger; C:\WINDOWS\System32\DRIVERS\AppleCharger.sys [22240 2013-10-28] () R2 APXACC; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [225504 2014-03-28] (AppEx Networks Corporation) R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2016-04-17] (Advanced Micro Devices) R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-12-10] () R0 file_tracker; C:\WINDOWS\System32\DRIVERS\file_tracker.sys [339808 2016-09-06] (Acronis International GmbH) R3 GeneStor; C:\WINDOWS\system32\DRIVERS\GeneStor.sys [117224 2015-09-21] (GenesysLogic) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-04-17] (REALiX(tm)) R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2017-12-10] (Malwarebytes) R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-02-10] (Malwarebytes) R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-02-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-10] (Malwarebytes) R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-02-10] (Malwarebytes) R3 NPF; C:\WINDOWS\System32\drivers\NPF.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-04-17] (Realtek ) R0 tib; C:\WINDOWS\System32\DRIVERS\tib.sys [1049432 2016-09-06] (Acronis International GmbH) R2 tib_mounter; C:\WINDOWS\system32\DRIVERS\tib_mounter.sys [202592 2016-09-06] (Acronis International GmbH) S3 tnd; C:\WINDOWS\system32\DRIVERS\tnd.sys [581464 2016-09-06] (Acronis International GmbH) S1 UsbCharger; C:\WINDOWS\System32\DRIVERS\UsbCharger.sys [22240 2013-10-24] () R2 virtual_file; C:\WINDOWS\System32\DRIVERS\virtual_file.sys [301408 2016-09-06] (Acronis International GmbH) U5 vwifimp; C:\Windows\System32\Drivers\vwifimp.sys [41472 2017-11-26] (Microsoft Corporation) S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-10 20:22 - 2018-02-10 20:22 - 000021532 _____ C:\Users\Raymond\Downloads\FRST.txt 2018-02-10 20:21 - 2018-02-10 20:21 - 000000000 ____D C:\Users\Raymond\Downloads\FRST-OlderVersion 2018-02-10 20:12 - 2018-02-10 20:16 - 000005774 _____ C:\Users\Raymond\Desktop\ZHPCleaner.txt 2018-02-10 19:55 - 2018-02-10 19:55 - 000226663 _____ C:\Users\Raymond\Desktop\ZHPDiag.txt 2018-02-10 19:47 - 2018-02-10 19:47 - 002989952 _____ C:\Users\Raymond\Downloads\ZHPDiag3 (1).exe 2018-02-10 19:32 - 2018-02-10 19:42 - 000000910 _____ C:\Users\Raymond\Desktop\ZHPDiag.lnk 2018-02-10 19:30 - 2018-02-10 19:31 - 002989952 _____ C:\Users\Raymond\Downloads\ZHPDiag3.exe 2018-02-10 19:26 - 2018-02-10 19:26 - 000002339 _____ C:\Users\Raymond\Desktop\AdwCleaner[S8].txt 2018-02-10 12:57 - 2018-02-10 12:57 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd 2018-02-09 21:51 - 2018-02-09 21:52 - 000000000 ____D C:\KVRT_Data 2018-02-09 21:48 - 2018-02-09 21:51 - 141857576 _____ (Kaspersky Lab ZAO) C:\Users\Raymond\Desktop\KVRT.exe 2018-02-09 19:14 - 2018-02-10 08:33 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys 2018-02-09 19:12 - 2018-02-10 08:32 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk 2018-02-09 19:12 - 2018-02-10 08:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller 2018-02-09 19:12 - 2018-02-10 08:32 - 000000000 ____D C:\Program Files\RogueKiller 2018-02-09 19:12 - 2018-02-09 20:11 - 000000000 ____D C:\ProgramData\RogueKiller 2018-02-09 19:11 - 2018-02-09 19:11 - 036408336 _____ (Adlice Software ) C:\Users\Raymond\Downloads\RogueKiller_setup-12.12.3.exe 2018-02-09 19:01 - 2018-02-09 19:01 - 008222496 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.8.0.exe 2018-02-09 18:32 - 2018-02-10 20:00 - 000000920 _____ C:\Users\Raymond\Desktop\ZHPCleaner.lnk 2018-02-09 18:32 - 2018-02-09 18:32 - 003058048 _____ C:\Users\Raymond\Downloads\ZHPCleaner.exe 2018-02-09 12:36 - 2018-02-09 12:38 - 000026806 _____ C:\Users\Raymond\Downloads\Fixlog.txt 2018-02-09 12:31 - 2018-02-10 20:21 - 002404864 _____ (Farbar) C:\Users\Raymond\Downloads\FRST64 (2).exe 2018-02-08 22:25 - 2018-02-08 22:25 - 000648174 _____ C:\Users\Raymond\Downloads\Shortcut.txt 2018-02-08 20:37 - 2018-02-08 20:37 - 000000811 _____ C:\WinChk.txt 2018-02-08 20:36 - 2018-02-08 20:37 - 000315000 _____ C:\Users\Raymond\Downloads\winchk_2.0.exe 2018-02-08 20:34 - 2018-02-08 20:34 - 000468480 _____ () C:\Users\Raymond\Downloads\CKScanner (2).exe 2018-02-08 20:34 - 2018-02-08 20:34 - 000000640 _____ C:\Users\Raymond\Downloads\ckfiles.txt 2018-02-08 20:32 - 2018-02-08 20:32 - 000468480 _____ () C:\Users\Raymond\Downloads\CKScanner (1).exe 2018-02-08 20:29 - 2018-02-08 22:25 - 000070113 _____ C:\Users\Raymond\Downloads\Addition.txt 2018-02-08 20:28 - 2018-02-10 20:22 - 000000000 ____D C:\FRST 2018-02-08 17:54 - 2018-02-08 17:54 - 008206624 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.7.0.exe 2018-02-08 17:54 - 2018-02-08 17:54 - 008206624 _____ (Malwarebytes) C:\Users\Raymond\Downloads\adwcleaner_7.0.7.0 (1).exe 2018-02-07 12:03 - 2018-02-07 12:03 - 000167187 _____ C:\Users\Raymond\Documents\FireShot Capture 98 - La Cour des comptes pointe les limites_ - http___www.lefigaro.fr_societes_20.pdf 2018-02-07 12:03 - 2018-02-07 12:03 - 000000000 ____D C:\Users\Raymond\Downloads\FireShot 2018-02-04 22:46 - 2018-02-04 22:46 - 000295490 _____ C:\Users\Raymond\Downloads\téléchargement 2018-02-03 09:20 - 2018-02-03 09:20 - 002120518 _____ C:\Users\Raymond\Downloads\fiche-geostop-vecto.pdf 2018-02-03 09:20 - 2018-02-03 09:20 - 002120518 _____ C:\Users\Raymond\Downloads\fiche-geostop-vecto (1).pdf 2018-02-02 08:44 - 2018-02-08 22:53 - 000000911 _____ C:\Users\Raymond\Desktop\Start Tor Browser.lnk 2018-02-02 08:44 - 2018-02-02 08:44 - 000000959 _____ C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2018-02-02 08:44 - 2018-02-02 08:44 - 000000000 ____D C:\Users\Raymond\Desktop\Tor Browser 2018-02-02 08:42 - 2018-02-02 08:42 - 053924768 _____ C:\Users\Raymond\Downloads\torbrowser-install-7.5_fr.exe 2018-02-01 07:17 - 2018-02-01 07:17 - 000003614 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-raymond.moraux@hotmail.fr 2018-01-31 18:22 - 2018-01-31 18:22 - 001923808 _____ (Adobe Systems Incorporated) C:\Users\Raymond\Downloads\Lightroom_Set-Up.exe 2018-01-28 19:38 - 2018-01-28 19:38 - 009267801 _____ C:\Users\Raymond\Downloads\malongo.flv 2018-01-28 08:12 - 2018-02-06 11:55 - 000001368 _____ C:\Users\Raymond\Desktop\Edge.lnk 2018-01-28 08:12 - 2018-01-28 08:12 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\Orange 2018-01-26 14:23 - 2018-01-26 15:02 - 006824448 _____ C:\Users\Raymond\Desktop\auto.ppt.pps 2018-01-26 14:20 - 2018-01-26 14:20 - 003542016 _____ C:\Users\Raymond\Desktop\Ancien_temps11.pps 2018-01-26 08:59 - 2018-01-26 08:59 - 000418304 _____ C:\Users\Raymond\Downloads\Calculateur_budget.xls 2018-01-13 22:52 - 2018-01-13 22:52 - 000094650 _____ C:\Users\Raymond\Downloads\morauxr_morauxr_classic_asc_bouquet_pauline__1515880326.pdf 2018-01-12 22:41 - 2018-01-12 22:41 - 003044224 _____ C:\Users\Raymond\ZHPCleaner.exe 2018-01-12 18:21 - 2018-01-12 18:21 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk 2018-01-12 18:21 - 2018-01-12 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2018-01-12 18:21 - 2018-01-12 18:21 - 000000000 ____D C:\Program Files\Speccy 2018-01-12 13:00 - 2018-01-12 13:00 - 000000000 ____D C:\Program Files\net.downloadhelper.coapp 2018-01-11 20:28 - 2018-01-11 20:28 - 019987259 _____ C:\Users\Raymond\Downloads\Robert Lamoureux retour de vacances.mp4 2018-01-11 20:21 - 2018-01-11 20:22 - 025444203 _____ C:\Users\Raymond\Downloads\Françis Blanche et Pierre Dac ( La Voyante Madame Arnica ) 1.mp4 ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-10 20:15 - 2015-08-20 07:21 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\ZHP 2018-02-10 19:22 - 2017-06-19 07:12 - 000000000 ____D C:\AdwCleaner 2018-02-10 19:19 - 2017-05-30 06:33 - 000000000 ____D C:\Users\Raymond\AppData\LocalLow\Mozilla 2018-02-10 18:44 - 2017-11-30 18:18 - 000004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2CB4F11D-77CD-40CC-8B73-1394F574E37C} 2018-02-10 13:03 - 2017-11-30 18:17 - 003591738 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-02-10 13:03 - 2017-09-30 15:40 - 001747160 _____ C:\WINDOWS\system32\perfh00C.dat 2018-02-10 13:03 - 2017-09-30 15:40 - 000433054 _____ C:\WINDOWS\system32\perfc00C.dat 2018-02-10 12:57 - 2017-12-10 13:45 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys 2018-02-10 12:57 - 2017-12-10 13:45 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys 2018-02-10 12:57 - 2017-12-10 13:45 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2018-02-10 12:57 - 2017-11-30 18:18 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-02-10 12:57 - 2017-11-30 17:27 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys 2018-02-10 12:56 - 2017-09-29 09:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI 2018-02-10 12:56 - 2017-09-19 17:57 - 000000234 _____ C:\Users\Raymond\Desktop\captvty.ini 2018-02-10 12:56 - 2015-06-12 15:41 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin 2018-02-10 12:45 - 2017-11-30 17:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2018-02-10 11:51 - 2015-06-20 19:11 - 000193466 _____ C:\Users\Raymond\Documents\Raymond.bp 2018-02-10 11:51 - 2015-06-17 17:58 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\BankPerfect 2018-02-10 09:30 - 2016-12-26 09:25 - 000002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-02-10 09:30 - 2016-12-26 09:25 - 000002439 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-02-10 09:30 - 2016-07-04 13:16 - 000001280 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2018-02-10 09:30 - 2015-06-16 09:16 - 000001292 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2018-02-10 08:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization 2018-02-09 20:03 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy 2018-02-09 12:27 - 2016-05-08 21:55 - 000000000 ____D C:\ProgramData\Apple Computer 2018-02-09 09:43 - 2015-06-30 07:00 - 000000000 ____D C:\ProgramData\boost_interprocess 2018-02-09 08:46 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps 2018-02-09 08:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-02-08 18:16 - 2017-06-19 07:41 - 000000000 ____D C:\Users\Raymond\AppData\Local\ZHP 2018-02-08 17:14 - 2015-10-24 09:05 - 000022016 _____ C:\Users\Raymond\Documents\evenements.xls 2018-02-08 17:07 - 2017-11-30 17:59 - 000000000 ____D C:\Users\Raymond 2018-02-07 17:32 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-02-07 08:54 - 2017-11-30 18:18 - 000004708 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-02-07 08:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2018-02-07 08:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed 2018-02-06 03:49 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-02-06 03:49 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-02-05 13:13 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2018-02-05 08:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp 2018-02-04 21:23 - 2016-04-17 07:58 - 000000000 ____D C:\ProgramData\ProductData 2018-02-03 13:49 - 2015-06-23 18:59 - 000000000 ___RD C:\Users\Raymond\OneDrive 2018-02-03 08:48 - 2017-05-11 08:29 - 000001024 ____H C:\AMTAG.BIN 2018-02-01 08:51 - 2017-10-02 07:48 - 000001160 _____ C:\Users\Raymond\Desktop\blender.lnk 2018-02-01 08:51 - 2015-06-28 13:51 - 000001183 _____ C:\Users\Raymond\Desktop\Lauyan TOWeb V6.lnk 2018-01-31 07:59 - 2017-11-30 18:18 - 000003360 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-976551006-3039632739-1132508307-1001 2018-01-31 07:59 - 2015-11-22 12:01 - 000002456 _____ C:\Users\Raymond\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-01-30 22:56 - 2016-02-11 10:46 - 000000000 ____D C:\Users\Raymond\La Gazette 2018-01-29 08:49 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF 2018-01-28 19:40 - 2015-08-12 12:01 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\vlc 2018-01-28 08:12 - 2017-06-30 21:48 - 000001339 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk 2018-01-28 08:12 - 2015-06-22 14:53 - 000001342 _____ C:\Users\Public\Desktop\Navigateur Opera.lnk 2018-01-28 08:08 - 2017-11-30 17:56 - 000712488 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-01-28 08:08 - 2017-07-01 21:04 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2018-01-28 08:08 - 2015-06-16 09:16 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-01-27 22:53 - 2015-07-12 20:05 - 000000000 ____D C:\Users\Raymond\AppData\Roaming\MPC-HC 2018-01-24 19:21 - 2017-11-30 18:18 - 000003976 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1434981236 2018-01-24 19:21 - 2015-06-22 14:48 - 000000000 ____D C:\Program Files (x86)\Opera 2018-01-24 10:42 - 2015-06-16 08:57 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2018-01-23 14:05 - 2015-06-19 08:18 - 000000000 ____D C:\Users\Raymond\Documents\TOWeb Sites 2018-01-22 19:45 - 2016-02-27 13:59 - 000000000 ____D C:\Users\Raymond\genealogie 2018-01-20 22:40 - 2016-03-07 15:31 - 000000000 ____D C:\Users\Raymond\Thiers 2018-01-19 19:39 - 2017-12-02 20:48 - 000000000 ____D C:\ProgramData\Généatique2018 2018-01-19 19:39 - 2017-12-02 20:46 - 000000000 ____D C:\Program Files (x86)\Geneatique2018 2018-01-18 09:00 - 2016-10-17 14:58 - 000000000 ____D C:\ProgramData\Oracle 2018-01-18 08:42 - 2016-10-17 14:58 - 000000000 ____D C:\Program Files (x86)\Java 2018-01-18 08:41 - 2016-10-17 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2018-01-18 08:39 - 2016-10-17 14:58 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2018-01-16 13:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache 2018-01-16 12:36 - 2015-12-10 08:24 - 000006656 _____ C:\Users\Raymond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2018-01-12 22:54 - 2015-06-17 12:11 - 000000000 ____D C:\Users\Raymond\AppData\Local\Google 2018-01-12 12:42 - 2017-06-03 16:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2018-01-11 09:34 - 2017-03-17 09:31 - 000000000 ____D C:\YouTube ==================== Fichiers à la racine de certains dossiers ======= 2018-01-12 22:41 - 2018-01-12 22:41 - 003044224 _____ () C:\Users\Raymond\ZHPCleaner.exe 2017-02-22 12:38 - 2017-02-22 12:38 - 000000003 _____ () C:\Users\Raymond\AppData\Roaming\.ptbt0 2016-10-26 20:58 - 2017-10-20 21:57 - 000001372 _____ () C:\Users\Raymond\AppData\Roaming\mplex-log.log 2017-03-17 09:31 - 2016-10-04 09:54 - 000000701 _____ () C:\Users\Raymond\AppData\Roaming\soundyg.dll 2015-12-10 08:24 - 2018-01-16 12:36 - 000006656 _____ () C:\Users\Raymond\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-06-25 07:43 - 2015-06-25 07:43 - 000000218 _____ () C:\Users\Raymond\AppData\Local\recently-used.xbel 2016-04-03 09:06 - 2016-11-03 08:41 - 000007635 _____ () C:\Users\Raymond\AppData\Local\resmon.resmoncfg Certains fichiers dans TEMP: ==================== 2018-02-09 19:12 - 2018-01-01 13:48 - 001954048 _____ (Microsoft Corporation) C:\Users\Raymond\AppData\Local\Temp\dllnt_dump.dll ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2018-02-09 23:43 ==================== Fin de FRST.txt ============================