Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 19.12.2018 01 Exécuté par jean (administrateur) sur JEANMI-HOME (20-12-2018 19:54:02) Exécuté depuis C:\Users\jeanmichel\Desktop Profils chargés: jean (Profils disponibles: jean & Administrateur) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe (Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe (Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe (Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe () C:\Windows\SysWOW64\OSDSrv\OSDSrv.exe () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe (SafeNet, Inc) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (SafeNet, Inc.) C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe (Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe (Avid Technology, Inc.) C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe (IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\RealTimeProtector.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe (Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Magic Control Corp.) C:\Program Files (x86)\MCT Corp\MagicLink\Driver\Utility\PreLaunMlx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe (Acer) C:\Windows\SysWOW64\OSDSrv\OSDApp.exe (ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe (Dashlane, Inc.) C:\Users\jeanmichel\AppData\Roaming\Dashlane\Dashlane.exe (Dashlane, Inc.) C:\Users\jeanmichel\AppData\Roaming\Dashlane\DashlanePlugin.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe (Farbar) C:\Users\jeanmichel\Desktop\FRST64(1).exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) "Path" (C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common) <==== Repaired successfully HKLM\...\Run: [PreLaunMl] => C:\Program Files (x86)\MCT Corp\MagicLink\Driver\Utility\PreLaunMlx.exe [312088 2013-12-10] (Magic Control Corp.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-02-24] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1379544 2014-03-05] (Realtek Semiconductor) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2670056 2018-09-10] (Adobe Systems, Incorporated) HKLM-x32\...\Run: [OSDAPP] => C:\Windows\SysWOW64\OSDSrv\OSDApp.exe [2054656 2013-05-16] (Acer) HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [170496 2009-02-06] (ArcSoft Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5606672 2018-12-06] (IObit) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [137184 2017-01-18] (Qualcomm) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Run: [HP ENVY 4520 series (NET)] => C:\Program Files\HP\HP ENVY 4520 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Run: [Amazon Photos] => C:\Users\jeanmichel\AppData\Local\Amazon Drive\AmazonPhotos.exe [8235688 2018-11-15] (Amazon.com Inc.) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Run: [Dashlane] => C:\Users\jeanmichel\AppData\Roaming\Dashlane\Dashlane.exe [391248 2018-11-27] (Dashlane, Inc.) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Run: [DashlanePlugin] => C:\Users\jeanmichel\AppData\Roaming\Dashlane\DashlanePlugin.exe [404560 2018-11-27] (Dashlane, Inc.) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Run: [Advanced SystemCare 12] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [3391760 2018-12-07] (IObit) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-11-06] (Piriform Ltd) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Run: [Mailbird] => C:\Program Files\Mailbird\Mailbird.exe [8578216 2018-12-19] (Mailbird) HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {07e69e76-bf33-11e7-8288-3010b3210c62} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {452adabf-1495-11e8-8301-3010b3210c62} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {4850deee-a6b9-11e7-8277-001a7dda7109} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {7a68396c-f31a-11e8-82ba-3010b3210c62} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {7e2e320a-6fb3-11e7-8262-001a7dda7109} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {7e2e352d-6fb3-11e7-8262-001a7dda7109} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {7e2e3555-6fb3-11e7-8262-001a7dda7109} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {a662a010-e826-11e8-82a8-3010b3210c62} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {b574ebd0-e2a6-11e7-82b2-3010b3210c62} - "G:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {b625a67b-8344-11e7-826d-001a7dda7109} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\MountPoints2: {bcdb5030-fb93-11e8-82c6-3010b3210c62} - "F:\HiSuiteDownLoader.exe" HKLM\...\Drivers32: [MSVideo8] => C:\Windows\System32\VfWWDM32.dll [69632 2014-11-21] (Microsoft Corporation) Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avid Background Services Manager.lnk [2018-11-18] ShortcutTarget: Avid Background Services Manager.lnk -> C:\Windows\Installer\{937B817E-7D72-4AD4-BBAD-8AB56AA08B24}\NewShortcut1_4CE83F107C544E87A6F35E0E551E78CA.exe (Flexera Software LLC) BootExecute: autocheck autochk * SmartDefragBootTime.exe ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{23661C33-EA0D-45F3-8CBB-6615AB9ACDCB}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{A7DBF4A8-7B79-4864-951B-5EEE72B7249B}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKU\S-1-5-21-3579458769-903418335-389481028-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {4C33A003-D79B-4D70-9A53-283CC20C360A} URL = SearchScopes: HKU\.DEFAULT -> {4C33A003-D79B-4D70-9A53-283CC20C360A} URL = SearchScopes: HKU\S-1-5-21-3579458769-903418335-389481028-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_inprft_18_34_20¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0FzztD0FyEtC0DyCtAtDzy0BtA0DyCyBtN0D0Tzu0StByEtBzytN1L2XzuyEtFtBzztFtDtFyCtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyC0FtAyByCyC0CzztGtCzztByDtGyEzy0B0AtGyB0D0E0DtG0AtAyCtDtBtD0E0AtAyE0EyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC1StA1OtC1R1QtAtG1R1Ozz1RtGyEyCtA1QtGzz1SyEtCtGtBtByEtA1T1RtBtC1TtAyCtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCzzzyzytBtN1Q2Z1B1P1RzutCyDtAyDtAtDtCyBtCzz%26cr%3D670950770%26a%3Dwbf_inprft_18_34_20%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKU\S-1-5-21-3579458769-903418335-389481028-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://fr.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2018-07-19] (IObit) BHO-x32: IObit Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2018-10-16] (IObit) BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\Surfing Protection\Adblock\Adblock.dll [2018-04-17] (IObit) Handler: dssrequest - Pas de valeur CLSID Handler: sacore - Pas de valeur CLSID StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: gwnwsms0.default FF DefaultProfile: jeanmichel.thuillet@free.fr FF ProfilePath: C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default [2018-12-20] FF user.js: detected! => C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\user.js [2018-10-20] FF Session Restore: Mozilla\Firefox\Profiles\gwnwsms0.default -> est activé. FF NewTabOverride: Mozilla\Firefox\Profiles\gwnwsms0.default -> Enabled: lilotab@lilo.org FF NewTabOverride: Mozilla\Firefox\Profiles\gwnwsms0.default -> Enabled: {3004c9c0-ac9c-4ae2-9ac8-c59948bdd021} FF Extension: (Amazon Assistant for Firefox) - C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\Extensions\abb@amazon.com.xpi [2018-11-19] FF Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\Extensions\ascsurfingprotectionnew@iobit.com.xpi [2018-10-17] FF Extension: (Alerte Bons Plans eBuyClub) - C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\Extensions\ebctb@plebicom.xul.xpi [2018-12-15] FF Extension: (Dashlane) - C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\Extensions\jetpack-extension@dashlane.com.xpi [2018-12-05] FF Extension: (Lilo - Moteur de recherche) - C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\Extensions\{3004c9c0-ac9c-4ae2-9ac8-c59948bdd021}.xpi [2018-07-29] FF Extension: (Poulpeo Cashback) - C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\Extensions\{a5df0009-71e3-4048-bb02-38e1ee2ed33f}.xpi [2018-12-15] FF Extension: (Adblock Plus) - C:\Users\jeanmichel\AppData\Roaming\Mozilla\Firefox\Profiles\gwnwsms0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-12-03] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi => non trouvé(e) FF HKU\S-1-5-21-3579458769-903418335-389481028-1001\...\Firefox\Extensions: [{442718d9-475e-452a-b3e1-fb1ee16b8e9f}] - C:\Users\jeanmichel\AppData\Roaming\Dashlane\6.1841.0.13779\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} => non trouvé(e) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-09-13] (Adobe Systems) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-09-13] (Adobe Systems) Chrome: ======= CHR HomePage: Default -> hxxp://google.fr/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSearchURL: Default -> hxxps://translate.google.fr/?rlz=1C1CHBF_frFR807FR807&um=1&ie=UTF-8&hl=fr&client=tw-ob#view=home&op=translate&sl=fr&tl=en&text=batterie CHR Session Restore: Default -> est activé. CHR Profile: C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default [2018-12-20] CHR Extension: (IObit Surfing Protection & Ads Removal) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2018-12-02] CHR Extension: (YouTube) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-02] CHR Extension: (uBlock Origin) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-12-02] CHR Extension: (Avast Passwords) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2018-12-16] CHR Extension: (Protection Web Avira) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-12-16] CHR Extension: (HP Smart Print) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmpaiomihcebnclahoknbodeiaiohcdi [2018-12-02] CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-12-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-16] CHR Extension: (Lilo.org) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejnkhmeilmiplpmenkegjaibnjbappo [2018-12-16] CHR Extension: (Amazon Assistant for Chrome) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-12-02] CHR Extension: (Chrome Media Router) - C:\Users\jeanmichel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16] CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx CHR HKLM\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - CHR HKU\S-1-5-21-3579458769-903418335-389481028-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - CHR HKLM-x32\...\Chrome\Extension: [pdpcpceofkopegffcdnffeenbfdldock] - ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818136 2018-09-13] (Adobe Inc.) R2 AdvancedSystemCareService12; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [1266960 2018-11-29] (IObit) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2704872 2018-09-10] (Adobe Systems, Incorporated) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325600 2017-01-18] (Windows (R) Win 7 DDK provider) S3 Avid DMF Service; C:\Program Files\Avid\Editor Transcode\Dynamic Media Files\DMFService.exe [668488 2018-11-18] (Avid Technology, Inc.) R2 Avid Editor Broker; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorMSE.exe [304456 2018-11-18] (Avid Technology, Inc.) R2 Avid Editor Db Engine; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorDbEngine.exe [303944 2018-11-18] (Avid Technology, Inc.) S3 Avid Editor Transcode Service; C:\Program Files\Avid\Editor Transcode\TranscodeService\AvidEditorTranscode.exe [669000 2018-11-18] (Avid Technology, Inc.) R2 Avid Editor Transcode Status; C:\Program Files\Avid\Editor Transcode\TranscodeService\rnc-central\AvidEditorTranscodeStatus.exe [304456 2018-11-18] (Avid Technology, Inc.) S3 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2278688 2017-09-26] (Acer Incorporated) S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-11-19] () [Fichier non signé] R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [282096 2014-03-11] (Intel Corporation) R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [2355984 2018-12-12] (IObit) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Fichier non signé] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-09] (Intel Corporation) S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [153360 2018-09-25] (IObit) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation) R2 OSDSrv; C:\Windows\SysWOW64\OSDSrv\OSDSrv.exe [220672 2013-05-08] () [Fichier non signé] R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [476904 2015-02-03] (Acer Incorporated) R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-10-08] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2012-06-22] () R2 SentinelKeysServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe [376832 2013-01-09] (SafeNet, Inc.) [Fichier non signé] R2 SentinelProtectionServer; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [1259872 2013-01-09] (SafeNet, Inc) R2 SentinelSecurityRuntime; C:\Program Files (x86)\Common Files\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe [293216 2013-01-09] (SafeNet, Inc.) S3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [242944 2015-01-07] (acer) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation) R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 AscFileFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscFileFilter.sys [25512 2018-09-20] (IObit) R3 AscRegistryFilter; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win7_amd64\AscRegistryFilter.sys [25000 2018-07-04] (IObit) R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [4307192 2018-07-29] (Qualcomm Atheros Communications, Inc.) R3 BTATH_LWFLT; C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys [77464 2017-01-18] (Qualcomm Atheros) R3 cpuz143; C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [48960 2018-12-20] (CPUID) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-11-19] (Huawei Technologies Co., Ltd.) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-07-29] (REALiX(tm)) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-11-19] (Huawei Technologies Co., Ltd.) [Fichier non signé] R1 IMFCameraProtect; C:\WINDOWS\system32\drivers\IMFCameraProtect.sys [26272 2018-03-20] (IObit.com) R3 IMFDownProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFDownProtect.sys [21360 2018-11-28] (IObit.com) R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22440 2018-03-20] (IObit) R3 IMFForceDelete; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFForceDelete.sys [16216 2018-03-20] (IObit.com) R1 IMFMBRProtect; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFMBRProtect.sys [23976 2018-11-28] (IObit.com) R1 IMFSafeBox; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\IMFSafeBox.sys [33240 2018-08-27] (IObit.com) R3 iobit_monitor_server; C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [14680 2018-07-04] (IObit) R3 IUProcessFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IUProcessFilter.sys [19312 2018-10-16] (IObit) R3 IURegistryFilter; C:\Program Files (x86)\IObit\IObit Uninstaller\drivers\win7_amd64\IURegistryFilter.sys [25488 2018-10-16] (IObit) R0 mlatvad; C:\WINDOWS\System32\drivers\mlatvad.sys [62744 2014-04-24] (Magic Control Technology Corporation) R3 mlbuspci; C:\WINDOWS\system32\drivers\mlbuspci.sys [34072 2013-12-03] (Magic Control Technology Corporation) R3 mlit2fltr; C:\WINDOWS\system32\drivers\mlit2fltr.sys [45336 2014-04-24] (Magic Control Technology Corporation) R0 mlitdrv; C:\WINDOWS\System32\drivers\mlitdrv.sys [66328 2014-04-24] (Magic Control Technology Corporation) S3 nmwcdnsux64; C:\WINDOWS\system32\drivers\nmwcdnsux64.sys [171008 2011-08-17] (Nokia) [Fichier non signé] R3 PQAWRwa; C:\Windows\SysWOW64\OSDSrv\PQAWDrv.sys [10464 2011-09-08] () [Fichier non signé] R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34752 2018-03-20] (IObit.com) R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [29912 2013-11-26] (Realtek semiconductor corp) R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-07-29] (Realsil Semiconductor Corporation) R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) R0 SmartDefragDriver; C:\WINDOWS\System32\Drivers\SmartDefragDriver.sys [30744 2017-03-09] (IObit) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 SWDUMon; C:\WINDOWS\system32\DRIVERS\SWDUMon.sys [25608 2018-09-24] (SlimWare Utilities, Inc.) R3 Trufos; C:\WINDOWS\System32\DRIVERS\TRUFOS.sys [464808 2018-04-23] (BitDefender S.R.L.) S3 USB28xxBGA; C:\WINDOWS\system32\DRIVERS\emBDA64.sys [730368 2011-10-25] (eMPIA Technology, Inc.) [Fichier non signé] S3 USB28xxOEM; C:\WINDOWS\system32\DRIVERS\emOEM64.sys [1162624 2011-10-25] (eMPIA Technology, Inc.) [Fichier non signé] S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation) S3 mfesapsn; \??\C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-12-20 19:54 - 2018-12-20 19:55 - 000031950 _____ C:\Users\jeanmichel\Desktop\FRST.txt 2018-12-20 19:51 - 2018-12-20 19:51 - 000000002 _____ C:\Users\jeanmichel\Desktop\edyepsnwdzzglqqge.txt 2018-12-20 19:49 - 2018-12-20 19:54 - 000000000 ____D C:\FRST 2018-12-20 19:47 - 2018-12-20 19:48 - 002419712 _____ (Farbar) C:\Users\jeanmichel\Desktop\FRST64(1).exe 2018-12-20 18:44 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-12-20 18:44 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-12-20 18:13 - 2018-12-20 18:13 - 000000000 ___RD C:\Users\jeanmichel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices 2018-12-20 18:08 - 2018-12-20 18:08 - 083664896 _____ C:\WINDOWS\system32\config\SOFTWARE 2018-12-20 18:07 - 2018-12-20 18:07 - 000335872 _____ C:\WINDOWS\system32\config\DEFAULT 2018-12-20 18:07 - 2018-12-20 18:07 - 000065536 _____ C:\WINDOWS\system32\config\SAM 2018-12-20 18:07 - 2018-12-20 18:07 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY 2018-12-20 18:07 - 2018-12-20 18:07 - 000000000 ____H C:\asc_rdflag 2018-12-19 16:24 - 2018-12-19 16:24 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\Mailbird 2018-12-19 15:58 - 2018-12-19 16:33 - 000002252 _____ C:\Users\Public\Desktop\Advanced SystemCare 12.lnk 2018-12-19 15:58 - 2018-12-19 15:58 - 000002822 _____ C:\WINDOWS\System32\Tasks\ASC12_SkipUac_jean 2018-12-17 17:23 - 2018-12-17 17:23 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk 2018-12-17 17:23 - 2018-12-17 17:23 - 000001333 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk 2018-12-14 21:02 - 2018-12-14 21:02 - 000182585 _____ C:\Users\jeanmichel\Downloads\Attestation.pdf 2018-12-12 16:08 - 2018-11-28 10:39 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2018-12-12 16:08 - 2018-11-28 09:08 - 015441408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2018-12-12 16:08 - 2018-11-28 09:04 - 013322240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2018-12-12 16:08 - 2018-11-15 04:00 - 025735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2018-12-12 16:08 - 2018-11-15 03:34 - 020281856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2018-12-12 16:08 - 2018-11-13 05:35 - 005778944 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2018-12-12 16:08 - 2018-11-13 04:51 - 015284736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2018-12-12 16:08 - 2018-11-13 04:38 - 013681152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2018-12-12 16:08 - 2018-11-10 19:54 - 001308456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2018-12-12 16:08 - 2018-11-10 17:34 - 001754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2018-12-12 16:08 - 2018-11-10 17:15 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2018-12-12 16:08 - 2018-11-03 19:28 - 002532344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2018-12-12 16:08 - 2018-11-03 18:41 - 001903456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2018-12-12 16:08 - 2018-11-03 16:25 - 002348032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2018-12-12 16:08 - 2018-11-03 16:11 - 001556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2018-12-12 16:08 - 2018-10-05 18:06 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2018-12-12 16:08 - 2018-10-05 17:20 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2018-12-12 16:07 - 2018-11-15 02:51 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2018-12-12 16:07 - 2018-11-15 02:50 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2018-12-12 16:07 - 2018-11-13 05:00 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2018-12-12 16:07 - 2018-11-13 04:52 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2018-12-12 16:07 - 2018-11-13 04:43 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2018-12-12 16:07 - 2018-11-13 04:42 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2018-12-12 16:07 - 2018-11-13 04:38 - 004859904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2018-12-12 16:07 - 2018-11-13 04:37 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2018-12-12 16:07 - 2018-11-13 04:27 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2018-12-12 16:07 - 2018-11-13 04:18 - 004386816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2018-12-12 16:07 - 2018-11-13 04:16 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2018-12-12 16:07 - 2018-11-13 04:15 - 001330176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2018-12-12 16:07 - 2018-11-13 04:14 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2018-12-12 16:07 - 2018-11-10 20:42 - 001368584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2018-12-12 16:07 - 2018-11-10 20:36 - 007371720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2018-12-12 16:07 - 2018-11-10 20:25 - 000121288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2018-12-12 16:07 - 2018-11-10 19:53 - 000356088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys 2018-12-12 16:07 - 2018-11-10 17:25 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2018-12-12 16:07 - 2018-11-10 17:22 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2018-12-12 16:07 - 2018-10-06 17:43 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll 2018-12-12 16:07 - 2018-10-06 17:13 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll 2018-12-12 16:07 - 2018-10-05 18:06 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2018-12-12 16:07 - 2018-10-05 17:20 - 000200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2018-12-12 16:07 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\SysWOW64\locale.nls 2018-12-12 16:07 - 2018-10-05 16:18 - 000513376 _____ C:\WINDOWS\system32\locale.nls 2018-12-09 16:05 - 2018-12-09 16:05 - 000000967 _____ C:\Users\Public\Desktop\HiSuite.lnk 2018-12-09 16:05 - 2018-12-09 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2018-12-09 16:05 - 2018-11-19 03:05 - 000287232 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbnet.sys 2018-12-09 16:05 - 2018-11-19 03:05 - 000226560 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_quusbmdm.sys 2018-12-09 16:05 - 2018-11-19 03:05 - 000127360 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_cdcacm.sys 2018-12-09 16:05 - 2018-11-19 03:05 - 000116864 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\hw_usbdev.sys 2018-12-09 16:05 - 2018-11-19 03:05 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2018-12-09 16:05 - 2018-11-19 03:05 - 000018944 _____ (Huawei Technologies Co., Ltd.) C:\WINDOWS\system32\Drivers\ew_usbccgpfilter.sys 2018-12-09 16:04 - 2018-12-09 16:05 - 000000000 ____D C:\Program Files (x86)\HiSuite 2018-12-06 18:14 - 2018-12-01 00:43 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2018-12-06 18:14 - 2018-12-01 00:43 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-12-06 17:52 - 2018-12-06 17:52 - 000001944 _____ C:\Users\jeanmichel\Desktop\Dashlane.lnk 2018-12-05 20:39 - 2018-12-05 21:05 - 283070464 _____ C:\Users\jeanmichel\Downloads\LibreOffice_6.1.3_Win_x64.msi 2018-12-05 20:31 - 2018-12-05 20:31 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\OpenOffice 2018-12-05 20:30 - 2018-12-05 20:31 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.6 2018-12-05 20:30 - 2018-12-05 20:30 - 000001092 _____ C:\Users\Public\Desktop\OpenOffice 4.1.6.lnk 2018-12-05 20:30 - 2018-12-05 20:30 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2018-12-05 20:28 - 2018-12-05 20:28 - 000000000 ____D C:\Users\jeanmichel\Desktop\OpenOffice 4.1.6 (fr) Installation Files 2018-12-05 20:23 - 2018-12-05 20:27 - 132955891 _____ C:\Users\jeanmichel\Downloads\Apache_OpenOffice_4.1.6_Win_x86_install_fr.exe 2018-12-02 12:52 - 2018-12-02 12:52 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\Google 2018-12-02 12:42 - 2018-12-06 19:58 - 000000000 ____D C:\Users\jeanmichel\AppData\Local\Win7UI 2018-12-01 11:06 - 2018-12-01 11:06 - 013164256 _____ (Microsoft Corporation) C:\Users\jeanmichel\Downloads\Silverlight_x64.exe 2018-11-30 20:18 - 2018-11-30 20:18 - 000000984 _____ C:\Users\jeanmichel\Desktop\SSC Service Utility.lnk 2018-11-30 20:18 - 2018-11-30 20:18 - 000000984 _____ C:\Users\Administrator\Desktop\SSC Service Utility.lnk 2018-11-30 20:18 - 2018-11-30 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSC Service Utility 2018-11-30 20:18 - 2018-11-30 20:18 - 000000000 ____D C:\Program Files (x86)\SSC Service Utility 2018-11-30 20:17 - 2018-11-30 20:17 - 000990876 _____ C:\Users\jeanmichel\Downloads\sscserve.exe 2018-11-30 19:03 - 2018-12-19 16:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mailbird 2018-11-30 19:03 - 2018-12-19 16:38 - 000000000 ____D C:\Program Files\Mailbird 2018-11-30 19:03 - 2018-11-30 19:33 - 000000000 ____D C:\Users\jeanmichel\AppData\Local\Mailbird 2018-11-30 18:59 - 2018-11-30 18:59 - 001942752 _____ (Mailbird) C:\Users\jeanmichel\Downloads\MailbirdInstaller.exe 2018-11-26 19:43 - 2018-11-26 19:43 - 000427493 _____ C:\Users\jeanmichel\Downloads\avis_echeance_46794467.pdf 2018-11-26 18:24 - 2018-11-26 18:24 - 000002276 _____ C:\Users\Public\Desktop\Driver Booster 6.lnk 2018-11-25 12:56 - 2018-11-25 12:56 - 000000000 ____D C:\Users\jeanmichel\Documents\Projets VideoPad 2018-11-25 11:03 - 2018-11-25 11:03 - 000882304 _____ (NCH Software) C:\Users\jeanmichel\Downloads\burnsetup.exe ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-12-20 19:54 - 2018-05-16 08:56 - 000000000 ____D C:\Users\jeanmichel\AppData\LocalLow\Mozilla 2018-12-20 19:30 - 2018-07-29 12:49 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3579458769-903418335-389481028-1001 2018-12-20 18:53 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2018-12-20 18:46 - 2013-08-22 16:20 - 000000000 ____D C:\WINDOWS\CbsTemp 2018-12-20 18:42 - 2013-08-22 14:36 - 000000000 ____D C:\WINDOWS\Inf 2018-12-20 18:33 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-12-20 18:31 - 2018-07-29 12:57 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-12-20 18:31 - 2018-07-29 12:57 - 000003374 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-12-20 18:12 - 2016-10-27 17:58 - 000000000 __RDO C:\Users\jeanmichel\OneDrive 2018-12-20 18:10 - 2015-12-03 17:02 - 000000000 ____D C:\ProgramData\NVIDIA 2018-12-20 18:10 - 2013-08-22 15:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2018-12-20 18:08 - 2018-08-13 13:40 - 083664896 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak 2018-12-20 18:07 - 2018-08-23 15:47 - 005963776 _____ C:\WINDOWS\system32\config\DRIVERS.iodefrag.bak 2018-12-20 18:07 - 2018-08-13 13:40 - 000335872 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak 2018-12-20 18:07 - 2018-08-13 13:40 - 000065536 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak 2018-12-20 18:07 - 2018-08-13 13:40 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak 2018-12-19 16:32 - 2018-07-29 12:43 - 000000000 ____D C:\Users\jeanmichel\AppData\Local\CrashDumps 2018-12-19 15:58 - 2018-11-15 20:27 - 000003018 _____ C:\WINDOWS\System32\Tasks\ASC12_PerformanceMonitor 2018-12-19 15:58 - 2018-09-16 12:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 2018-12-19 15:56 - 2015-12-04 01:22 - 000805600 _____ C:\WINDOWS\system32\perfh00C.dat 2018-12-19 15:56 - 2015-12-04 01:22 - 000156456 _____ C:\WINDOWS\system32\perfc00C.dat 2018-12-19 15:56 - 2014-11-21 09:44 - 001817064 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2018-12-18 19:37 - 2018-07-29 14:01 - 000000000 ____D C:\ProgramData\ProductData 2018-12-17 22:24 - 2013-08-22 14:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI 2018-12-17 17:23 - 2018-09-05 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller 2018-12-16 14:44 - 2018-07-29 14:46 - 000000000 ____D C:\Program Files\CCleaner 2018-12-16 14:44 - 2018-07-29 12:57 - 000000000 ____D C:\Program Files (x86)\Google 2018-12-16 14:16 - 2016-10-27 23:45 - 000000000 ____D C:\dolibarr 2018-12-16 14:15 - 2018-11-18 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid 2018-12-16 14:14 - 2018-09-03 22:06 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2018-12-16 14:14 - 2018-07-29 13:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2018-12-16 14:14 - 2015-05-04 12:20 - 000000000 ____D C:\Program Files (x86)\Acer 2018-12-16 14:14 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2018-12-16 13:02 - 2018-09-17 17:16 - 000002840 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (jean) 2018-12-16 12:59 - 2016-10-27 17:51 - 000000000 ____D C:\Users\jeanmichel\AppData\Local\Packages 2018-12-16 12:52 - 2018-11-18 10:58 - 000000000 ____D C:\ProgramData\NCH Software 2018-12-16 12:52 - 2018-11-18 10:58 - 000000000 ____D C:\Program Files (x86)\NCH Software 2018-12-16 12:22 - 2018-07-29 19:51 - 000000958 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2018-12-16 12:22 - 2018-07-29 19:51 - 000000000 ____D C:\Program Files\Mozilla Firefox 2018-12-14 16:36 - 2018-07-29 12:58 - 000002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2018-12-14 16:36 - 2018-07-29 12:58 - 000002165 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2018-12-13 19:11 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\rescache 2018-12-13 18:14 - 2018-10-14 15:57 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update 2018-12-13 18:05 - 2018-09-29 20:05 - 000513032 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2018-12-12 17:20 - 2018-08-01 21:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2018-12-12 17:15 - 2018-08-01 21:34 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2018-12-11 12:42 - 2018-07-29 13:59 - 000000000 ____D C:\ProgramData\IObit 2018-12-09 16:08 - 2017-06-19 10:39 - 000000000 ____D C:\Users\jeanmichel\Documents\HiSuite 2018-12-09 16:07 - 2018-08-22 11:27 - 000000000 ____D C:\Users\jeanmichel\AppData\Local\HiSuite 2018-12-06 17:52 - 2018-08-26 18:08 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\Dashlane 2018-12-03 18:33 - 2018-09-17 17:12 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\Atheros 2018-12-02 12:34 - 2018-05-16 08:52 - 000000000 ____D C:\Users\jeanmichel\Documents\Bluetooth Folder 2018-11-28 19:50 - 2018-11-18 10:59 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\NCH Software 2018-11-28 15:55 - 2018-11-18 10:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\NCH Software 2018-11-26 18:24 - 2018-09-17 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 6 2018-11-26 18:24 - 2018-09-16 14:17 - 000003092 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler 2018-11-23 19:44 - 2018-09-25 17:56 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\vlc 2018-11-21 22:06 - 2018-08-26 18:08 - 000000000 ____D C:\Users\jeanmichel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane ==================== Fichiers à la racine de certains dossiers ======= 2018-09-16 12:43 - 2014-04-16 23:08 - 000658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall2610526.exe 2017-12-31 20:50 - 2017-12-07 22:09 - 000089808 _____ (NirSoft) C:\Users\jeanmichel\ProduKey.exe 2018-11-18 16:45 - 2018-11-18 19:47 - 000540542 _____ () C:\Users\jeanmichel\AppData\Roaming\AvidApplicationManager_Install.log 2018-11-18 16:38 - 2018-11-18 19:47 - 000272756 _____ () C:\Users\jeanmichel\AppData\Roaming\AvidCloudClientServices_Install.log 2018-11-18 16:39 - 2018-11-18 19:47 - 000012024 _____ () C:\Users\jeanmichel\AppData\Roaming\Avid_CCS_Service_Stop.log 2018-11-18 17:15 - 2018-11-18 17:16 - 000004065 _____ () C:\Users\jeanmichel\AppData\Roaming\Avid_Editor_Transcode_Services_Stop.log 2018-09-05 18:42 - 2018-09-18 18:42 - 000000234 _____ () C:\Users\jeanmichel\AppData\Roaming\WB.CFG 2018-10-22 16:41 - 2018-10-22 16:41 - 000000410 _____ () C:\Users\jeanmichel\AppData\Local\oobelibMkey.log 2018-09-02 19:53 - 2018-09-02 19:53 - 000007596 _____ () C:\Users\jeanmichel\AppData\Local\Resmon.ResmonCfg Certains de taille zéro octet fichiers/dossiers: ========================== C:\Windows\System32\.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2018-12-14 16:36 ==================== Fin de FRST.txt ============================