Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.02.2018 Exécuté par Christiane (administrateur) sur CHRISTIANE-PC (21-02-2018 09:30:01) Exécuté depuis C:\Users\Mon compte\Desktop Profils chargés: Christiane & Mon compte (Profils disponibles: Christiane & Mon compte & Grand-père & Invité) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NTI, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Byte Technologies LLC) C:\Program Files\ByteFence\ByteFence.exe () C:\Program Files\ByteFence\rsLggr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation) HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [75776 2016-11-16] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\...\MountPoints2: {596ee1df-5e27-11e1-98ed-9439e5812b0e} - E:\AutoRunCardDetector.exe HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation) HKU\S-1-5-21-1667121263-4263940445-3353855160-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-21] (Microsoft Corporation) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{3B075B62-2CB4-48F9-B7AC-EA0CBBFDFCEB}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{D57AEAB8-8228-4652-8A6B-F4E611C45B4B}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com HKU\S-1-5-21-1667121263-4263940445-3353855160-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://pcland.easyforumpro.com/ HKU\S-1-5-21-1667121263-4263940445-3353855160-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/ SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-1667121263-4263940445-3353855160-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-1667121263-4263940445-3353855160-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms} SearchScopes: HKU\S-1-5-21-1667121263-4263940445-3353855160-1000 -> {F873102C-E21F-4419-B277-43C01A418AC4} URL = hxxp://www.google.com/search?q={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\xp7y20ia.default [2018-02-20] FF Homepage: Mozilla\Firefox\Profiles\xp7y20ia.default -> hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsfrmtfctr_18_08¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Ezzzy0Azz0F0Fzz0A0AyDtDyB0D0FtDtN0D0Tzu0StBtByEtBtN1L2XzuyEtFtBtCtFtDtFtCtCyCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StDtBzztByD0BtA0FtGtByDyEtBtG0E0E0DyEtGyCyDzz0AtGyDyD0AyBtA0DtC0EyE0CyEzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyB1QtB1OtCtAtAtGyDtD1PtDtGyE1R1QtAtGzy1SzyzztGyC1StBtC1SyByBtBzzzzyEtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCzytCyDyBzztDyB%26cr%3D1795900282%26a%3Dwbf_fsfrmtfctr_18_08%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium FF SearchPlugin: C:\Users\Christiane\AppData\Roaming\Mozilla\Firefox\Profiles\xp7y20ia.default\searchplugins\yahoo! powered.xml [2018-02-20] FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-10-10] (Tracker Software Products (Canada) Ltd.) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2012-10-10] (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-10-10] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-10-10] (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-02-09] (VideoLAN) FF Plugin HKU\S-1-5-21-1667121263-4263940445-3353855160-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2012-10-10] (Tracker Software Products (Canada) Ltd.) StartMenuInternet: FIREFOX.EXE - firefox.exe ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [150936 2018-01-08] (Byte Technologies LLC) R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [822304 2010-06-15] (Acer Incorporated) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation) R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144640 2010-04-17] (NTI, Inc.) R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2011-03-15] () [Fichier non signé] R2 rtop; C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [302920 2018-02-20] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [116864 2009-06-15] (Huawei Technologies Co., Ltd.) [Fichier non signé] S3 hwusbfake; C:\Windows\System32\DRIVERS\ewusbfake.sys [116224 2009-06-15] (Huawei Technologies Co., Ltd.) [Fichier non signé] R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation) S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-21 09:30 - 2018-02-21 09:31 - 000017292 _____ C:\Users\Mon compte\Desktop\FRST.txt 2018-02-21 09:29 - 2018-02-21 09:30 - 000000000 ____D C:\FRST 2018-02-21 09:05 - 2018-02-21 09:21 - 002403328 _____ (Farbar) C:\Users\Mon compte\Desktop\FRST64.exe 2018-02-21 09:00 - 2018-02-21 09:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ByteFence Anti-Malware 2018-02-21 08:59 - 2018-02-21 08:59 - 000003356 _____ C:\Windows\System32\Tasks\ByteFence 2018-02-20 21:32 - 2018-02-20 21:32 - 000001075 _____ C:\Users\Christiane\Desktop\Picosmos Tools.lnk 2018-02-20 21:32 - 2018-02-20 21:32 - 000001075 _____ C:\Users\Christiane\Desktop\Picosmos Shows.lnk 2018-02-20 21:32 - 2018-02-20 21:32 - 000000000 ____D C:\Users\Christiane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicosmosTools 2018-02-20 21:32 - 2018-02-20 21:32 - 000000000 ____D C:\Program Files (x86)\PicosmosTools 2018-02-20 21:28 - 2018-02-20 21:28 - 000000000 ____D C:\ProgramData\ByteFence 2018-02-20 21:19 - 2018-02-20 21:19 - 000002295 _____ C:\Users\Christiane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2018-02-20 21:19 - 2018-02-20 21:19 - 000002287 _____ C:\Users\Christiane\Desktop\Chromium.lnk 2018-02-20 21:19 - 2018-02-20 21:19 - 000000000 ____D C:\Users\Mon compte\AppData\Local\chromium 2018-02-20 21:19 - 2018-02-20 21:19 - 000000000 ____D C:\Users\Christiane\AppData\Local\Chromium 2018-02-20 21:18 - 2018-02-20 21:18 - 000000000 ____D C:\Windows\System32\Tasks\updtask 2018-02-20 21:18 - 2018-02-20 21:18 - 000000000 ____D C:\Users\Christiane\AppData\Local\fontconfig 2018-02-20 21:17 - 2018-02-20 22:17 - 000000508 _____ C:\Windows\Tasks\Yahoo! Powered datar.job 2018-02-20 21:17 - 2018-02-20 21:19 - 000000000 ____D C:\Users\Mon compte\AppData\Local\{235A1506-07F2-79BE-6A6A-5C564E02A0CE} 2018-02-20 21:17 - 2018-02-20 21:17 - 000003548 _____ C:\Windows\System32\Tasks\Yahoo! Powered datar 2018-02-20 21:17 - 2018-02-20 21:17 - 000001537 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk 2018-02-20 21:17 - 2018-02-20 21:17 - 000000000 ____D C:\ProgramData\{4A188F7B-C05A-05BD-469C-9BFFDCDE1031} 2018-02-20 21:16 - 2018-02-21 09:28 - 000000000 ____D C:\Program Files\ByteFence 2018-02-20 21:16 - 2018-02-20 21:37 - 000000000 ____D C:\Program Files (x86)\FormatFactory 2018-02-20 21:16 - 2018-02-20 21:16 - 000000000 ____D C:\FFOutput 2018-02-20 21:12 - 2018-02-20 21:14 - 054080744 _____ (Free Time Co., Ltd) C:\Users\Mon compte\Desktop\FFSetup4.2.0.0.exe 2018-02-17 21:26 - 2018-02-19 10:43 - 000000000 ____D C:\Users\Mon compte\AppData\Roaming\vlc 2018-02-17 21:24 - 2018-02-17 21:24 - 000001074 _____ C:\Users\Public\Desktop\VLC media player.lnk 2018-02-15 17:28 - 2018-02-15 17:29 - 000000000 ____D C:\Users\Mon compte\Documents\Musique 2018-02-06 23:19 - 2018-02-06 23:19 - 000004666 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-02-06 23:18 - 2018-02-06 23:19 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-02-06 23:18 - 2018-02-06 23:19 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-02-03 19:52 - 2018-01-07 16:47 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2018-02-03 19:52 - 2018-01-07 16:45 - 005581544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2018-02-03 19:52 - 2018-01-07 16:45 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2018-02-03 19:52 - 2018-01-07 16:45 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll 2018-02-03 19:52 - 2018-01-07 16:45 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2018-02-03 19:52 - 2018-01-07 16:45 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2018-02-03 19:52 - 2018-01-07 16:42 - 001460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:42 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:34 - 001665384 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2018-02-03 19:52 - 2018-01-07 16:27 - 004013800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2018-02-03 19:52 - 2018-01-07 16:27 - 003959016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2018-02-03 19:52 - 2018-01-07 16:25 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 16:12 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2018-02-03 19:52 - 2018-01-07 16:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2018-02-03 19:52 - 2018-01-07 16:12 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2018-02-03 19:52 - 2018-01-07 16:11 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2018-02-03 19:52 - 2018-01-07 16:08 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2018-02-03 19:52 - 2018-01-07 16:07 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2018-02-03 19:52 - 2018-01-07 16:04 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2018-02-03 19:52 - 2018-01-07 16:03 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2018-02-03 19:52 - 2018-01-07 16:03 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2018-02-03 19:52 - 2018-01-07 16:03 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2018-02-03 19:52 - 2018-01-07 16:03 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2018-02-03 19:52 - 2018-01-07 16:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2018-02-03 19:52 - 2018-01-07 15:59 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2018-02-03 19:52 - 2018-01-07 15:59 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2018-02-03 19:52 - 2018-01-07 15:59 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2018-02-03 19:52 - 2018-01-07 15:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2018-02-03 19:52 - 2018-01-07 15:58 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2018-02-03 19:52 - 2018-01-07 15:58 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 15:58 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 15:58 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2018-02-03 19:52 - 2018-01-07 15:58 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2018-02-03 19:52 - 2017-12-05 18:36 - 001484288 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2018-02-03 19:52 - 2017-12-05 18:36 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2018-02-03 19:52 - 2017-12-05 18:36 - 000218112 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll 2018-02-03 19:52 - 2017-12-05 18:36 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2018-02-03 19:52 - 2017-12-05 18:36 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2018-02-03 19:52 - 2017-12-05 18:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll 2018-02-03 19:52 - 2017-12-05 18:08 - 001176576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2018-02-03 19:52 - 2017-12-05 18:08 - 000179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2018-02-03 19:52 - 2017-12-05 18:08 - 000145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2018-02-03 19:52 - 2017-12-05 18:08 - 000135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll 2018-02-03 19:52 - 2017-12-05 18:08 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2018-02-03 19:52 - 2017-12-05 17:04 - 000404992 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe 2018-02-01 17:32 - 2018-02-01 17:32 - 000000000 ____D C:\Users\Mon compte\AppData\Local\{7789C7A1-A33D-48CF-B52F-D0E191AAEE87} 2018-01-29 13:44 - 2018-01-29 15:20 - 000000000 ____D C:\ESD 2018-01-29 13:43 - 2018-01-29 13:43 - 000000000 ___HD C:\$Windows.~WS 2018-01-29 13:43 - 2018-01-29 13:43 - 000000000 ____D C:\$WINDOWS.~BT 2018-01-29 13:42 - 2018-01-29 13:43 - 018617536 _____ (Microsoft Corporation) C:\Users\Grand-père\Desktop\MediaCreationTool.exe 2018-01-29 09:12 - 2018-01-29 09:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-02-21 09:29 - 2016-11-17 22:02 - 000000000 ____D C:\Users\Mon compte\AppData\LocalLow\Mozilla 2018-02-21 09:25 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-02-21 09:25 - 2009-07-14 05:45 - 000024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-02-21 09:21 - 2011-10-22 07:12 - 000747910 _____ C:\Windows\system32\perfh00C.dat 2018-02-21 09:21 - 2011-10-22 07:12 - 000150402 _____ C:\Windows\system32\perfc00C.dat 2018-02-21 09:21 - 2009-07-14 06:13 - 001669656 _____ C:\Windows\system32\PerfStringBackup.INI 2018-02-21 09:21 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf 2018-02-21 09:17 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-02-21 09:11 - 2012-05-07 22:12 - 000000000 ____D C:\Users\Mon compte\Documents\CAPTURES ÉCRAN 2018-02-20 21:17 - 2016-12-27 21:54 - 000000000 ____D C:\Users\Christiane\AppData\LocalLow\Mozilla 2018-02-17 21:25 - 2013-11-24 17:39 - 000000000 ____D C:\Users\Christiane\AppData\Roaming\Mozilla 2018-02-15 19:23 - 2016-11-21 20:13 - 000000000 ____D C:\Users\Grand-père\AppData\LocalLow\Mozilla 2018-02-10 21:26 - 2014-11-03 22:44 - 000000000 ____D C:\Users\Mon compte\Documents\Documents Didier 2018-02-09 09:48 - 2017-06-15 00:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-02-09 09:48 - 2017-04-21 22:15 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-02-08 22:13 - 2013-10-03 15:14 - 000004456 _____ C:\Windows\wininit.ini 2018-02-06 23:20 - 2014-09-13 22:38 - 000000000 ____D C:\Users\Christiane\AppData\Local\Adobe 2018-02-06 23:19 - 2012-04-13 22:10 - 000000000 ____D C:\Windows\system32\Macromed 2018-02-06 23:19 - 2011-04-13 13:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-02-03 20:46 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache 2018-02-03 19:59 - 2014-07-24 08:54 - 001644724 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2018-01-29 13:43 - 2007-07-12 02:49 - 000000000 ____D C:\Windows\Panther 2018-01-29 09:14 - 2015-03-12 21:26 - 000000000 ____D C:\Users\Grand-père\AppData\Local\Windows Live 2018-01-23 19:58 - 2010-11-21 04:27 - 000548000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe ==================== Fichiers à la racine de certains dossiers ======= 2015-08-02 07:52 - 2015-08-02 07:52 - 001854464 _____ () C:\Users\Christiane\ZHPDiag3.exe Certains fichiers dans TEMP: ==================== 2017-03-08 21:58 - 2017-03-08 21:59 - 019002008 _____ (Ellora Assets Corporation ) C:\Users\Christiane\AppData\Local\Temp\FreemakeAudioConverterFull.exe 2016-11-06 19:33 - 2016-11-06 19:34 - 030533688 _____ () C:\Users\Mon compte\AppData\Local\Temp\vlc-2.2.4-win32.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2018-02-17 13:46 ==================== Fin de FRST.txt ============================