Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 12-02-2020 Exécuté par Valerie (administrateur) sur ASUS-VALERIE (ASUSTeK COMPUTER INC. X555LA) (12-02-2020 20:26:17) Exécuté depuis C:\Users\Valerie\Downloads Profils chargés: Valerie (Profils disponibles: Valerie) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: Chrome Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (ASUS Cloud Corporation) [Fichier non signé] C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe (ASUSTeK Computer Inc. -> AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe (AVG Netherlands B.V. -> TODO: ) C:\ProgramData\Avg\Antivirus\tempInstaller438957.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe (F.lux Software LLC -> f.lux Software LLC) C:\Users\Valerie\AppData\Local\FluxSoftware\Flux\flux.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.100\Installer\setup.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.100\Installer\setup.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Intel(R) Software -> Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19537_none_fa5691419b168859\TiWorker.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel(R) Software -> Intel Corporation) HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [316336 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [1080992 2014-05-15] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) [Fichier non signé] HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\ASUSWSLoader.exe [63296 2014-02-25] (ASUS Cloud Corporation -> ) HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\Run: [Lingoversity] => "C:\Users\Valerie\AppData\Local\Lingoversity\Lingoversity.exe" -minimize HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-29] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\Run: [MySQL Notifier] => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe [754176 2016-07-29] (Oracle Corporation) [Fichier non signé] HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\Run: [Upwork] => C:\Program Files (x86)\Upwork\upwork.exe HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\Run: [f.lux] => C:\Users\Valerie\AppData\Local\FluxSoftware\Flux\flux.exe [1385480 2019-08-30] (F.lux Software LLC -> f.lux Software LLC) HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\RunOnce: [Uninstall C:\Users\Valerie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Valerie\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {41b68ff5-2486-11e7-82a6-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {573d03e3-81db-11e6-82a2-382c4a0c4e4c} - "F:\autorun.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {573d03fd-81db-11e6-82a2-382c4a0c4e4c} - "F:\autorun.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {573d0416-81db-11e6-82a2-382c4a0c4e4c} - "F:\autorun.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {647889c3-ee8f-11e7-82ac-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {6857a423-ecc1-11e9-82bf-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {7121dc73-294b-11ea-82c3-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {7121dc76-294b-11ea-82c3-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {b98aebe7-f6fc-11e5-8295-382c4a0c4e4c} - "F:\autorun.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {b98aec01-f6fc-11e5-8295-382c4a0c4e4c} - "F:\autorun.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {e5d0d4fd-8d36-11e9-82b7-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {f30f1b5c-2cb0-11e9-82b1-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\...\MountPoints2: {f30f1b9d-2cb0-11e9-82b1-382c4a0c4e4c} - "F:\HiSuiteDownLoader.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.100\Installer\chrmstp.exe [2020-02-12] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {167216D1-0EF2-4677-A4CB-3DE11E1A53C1} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 2014-04-15] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {21996713-0EEE-4B78-9F29-B60887E92807} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {31EA9F15-2FD8-4DBB-A158-B14AF043A571} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc -> Google Inc.) Task: {333AED77-3650-477D-BDEB-393E40C43D9A} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 2014-04-10] (Realtek Semiconductor Corp -> Realtek Semiconductor) Task: {5EB3D8EE-E5E6-4B3A-AAB5-919DB8D2874E} - System32\Tasks\{844FB097-D7F6-4537-B920-6DB1FE76D98A} => C:\Windows\system32\pcalua.exe -a C:\Users\Valerie\Downloads\post-it-notes_post-it_notes_4.4.32_demo_francais_10437.exe -d C:\Users\Valerie\Downloads Task: {67D97F9D-644C-4E20-94DB-D0D670CDDEEE} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [Argument = -check] Task: {7315C239-0D91-4A31-984C-8EA745988D7B} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [109880 2014-01-14] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {7C74503D-C311-41A3-9ACE-515E388A1808} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [58440 2014-04-02] (ASUSTeK Computer Inc. -> ASUS) Task: {84C63EAD-885E-4B78-8364-4AAF6E8D7832} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.) Task: {93AE307D-9EB9-4497-8674-4DC53D564882} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-14] (Piriform Software Ltd -> Piriform Ltd) Task: {95BC3625-2053-4F49-B795-930072E57C04} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {A1E252A7-395B-4BC5-B019-947B2C7B36B6} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [18232 2014-03-31] (ASUSTeK Computer Inc. -> AsusTek) Task: {A212047E-0B00-4181-ACC9-0FCE7AE7AE60} - System32\Tasks\MySQL\Installer\ManifestUpdate => C:\Program Files (x86)\MySQL\MySQL Installer for Windows\MySQLInstallerConsole.exe [53800 2016-07-30] (Oracle America, Inc. -> Oracle Corporation) Task: {ADE9ECBC-4208-4F06-8350-A87FD5F1D2A7} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [19723888 2014-03-27] (ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) Task: {BCE66F52-7608-47CB-8F90-7E54918C89DF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-14] (Piriform Software Ltd -> Piriform Software Ltd) Task: {C91E1896-FBD1-460A-902A-3371B323598D} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [3981232 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {D989BFF9-47DF-41A8-B98B-891DE62851FF} - System32\Tasks\MySQLNotifierTask => C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySQLNotifier.exe [754176 2016-07-29] (Oracle Corporation) [Fichier non signé] Task: {E82B3DFE-4465-4821-BE6E-2CBB5852EED5} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\avg\overseer\overseer.exe [1905072 2019-09-18] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) Task: {EA1380AC-FE0C-4D6C-A9DC-BD28269FB816} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) Task: {FA530016-582D-4C89-9690-C523E947D7D6} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [Argument = -critical] (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0B85475C-198C-465C-9D07-614A2E93B0F3}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0D160A5E-69F7-41EA-8ABF-554BDE3E8421}: [DhcpNameServer] 172.20.1.1 Tcpip\..\Interfaces\{BA45F520-6639-4650-AA9B-E2048056370A}: [DhcpNameServer] 192.168.42.129 Internet Explorer: ================== HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={3FA65991-0D42-405F-8462-8B0E75B728FF}&mid=557d8a8a164a47cda1c9e9650ce8a7bf-1a4e7bd2aa54dccc756eaa3e968ee4346e1fcadb&lang=eu&ds=AVG&coid=avgtbavg&cmpid=ipm190214&pr=fr&d=2016-06-09 12:03:22&v=4.3.9.626&pid=wtu&sg=&sap=hp HKU\S-1-5-21-4050757951-1678246129-3257593133-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3FA65991-0D42-405F-8462-8B0E75B728FF}&mid=557d8a8a164a47cda1c9e9650ce8a7bf-1a4e7bd2aa54dccc756eaa3e968ee4346e1fcadb&lang=eu&ds=AVG&coid=avgtbavg&cmpid=ipm190214&pr=fr&d=2016-06-09 12:03:22&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3FA65991-0D42-405F-8462-8B0E75B728FF}&mid=557d8a8a164a47cda1c9e9650ce8a7bf-1a4e7bd2aa54dccc756eaa3e968ee4346e1fcadb&lang=eu&ds=AVG&coid=avgtbavg&cmpid=ipm190214&pr=fr&d=2016-06-09 12:03:22&v=4.3.9.626&pid=wtu&sg=&sap=dsp&q={searchTerms} BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-06-26] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-09-25] (Oracle America, Inc. -> Oracle Corporation) BHO: Pas de nom -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Pas de fichier BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-08-18] (Microsoft Corporation -> Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-25] (Oracle America, Inc. -> Oracle Corporation) IE Session Restore: HKU\S-1-5-21-4050757951-1678246129-3257593133-1001 -> est activé. Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation) FireFox: ======== FF DefaultProfile: untsrtg5.default FF ProfilePath: C:\Users\Valerie\AppData\Roaming\Mozilla\Firefox\Profiles\untsrtg5.default [2020-02-11] FF Extension: (Firefox Hotfix) - C:\Users\Valerie\AppData\Roaming\Mozilla\Firefox\Profiles\untsrtg5.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-05] [] FF Extension: (Youtube Unblocker Remediation) - C:\Users\Valerie\AppData\Roaming\Mozilla\Firefox\Profiles\untsrtg5.default\features\{4c89d079-6ba9-4346-9605-42c62f345d6d}\malware-remediation@mozilla.org.xpi [2016-10-05] [] FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [] FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-25] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-25] (Oracle America, Inc. -> Oracle Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-07] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2014-12-27] (WildTangent Inc -> ) FF Plugin HKU\S-1-5-21-4050757951-1678246129-3257593133-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Valerie\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-22] (Citrix Online -> Citrix Online) FF Plugin HKU\S-1-5-21-4050757951-1678246129-3257593133-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2014-07-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default [2020-02-12] CHR Notifications: Default -> hxxps://calendar.google.com; hxxps://twitter.com; hxxps://www.freelancer.com; hxxps://www.upwork.com CHR StartupUrls: Default -> "hxxp://www.google.com/","hxxp://search.imesh.net","hxxp://search.conduit.com/?ctid=CT3285358&SearchSource=48&CUI=UN38270934623456317&UM=2" CHR NewTab: Default -> Not-active:"chrome-extension://eedlgdlajadkbbjoobobefphmfkcchfk/newtab.html", Active:"chrome-extension://dpjamkmjmigaoobjbekmfgabipmfilij/empty_ntp.html" CHR Session Restore: Default -> est activé. CHR Extension: (Docs) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-19] CHR Extension: (Google Drive) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-10-23] CHR Extension: (OneTab) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2019-11-03] CHR Extension: (Recherche Google) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Empty New Tab Page) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2019-05-14] CHR Extension: (Ecosia Search) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\eedlgdlajadkbbjoobobefphmfkcchfk [2019-10-10] CHR Extension: (Google Docs hors connexion) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-01-10] CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-01-15] CHR Extension: (Bouton Google Scholar) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldipcbpaocekfooobnbcddclnhejkcpn [2017-10-07] CHR Extension: (SelectorGadget) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjhnkcfbdhnjickkkdbjoemdmbfginb [2016-02-22] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05] CHR Extension: (Evernote Web Clipper) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2020-01-30] CHR Extension: (Gmail) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-11] CHR Extension: (Chrome Media Router) - C:\Users\Valerie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-02-09] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.2.301\AsusWSWinService.exe [71680 2014-02-25] (ASUS Cloud Corporation) [Fichier non signé] R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [996928 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\aswidsagent.exe [6307248 2019-12-19] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation) R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel(R) Software -> Intel Corporation) R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel(R) Software -> Intel Corporation) S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2014-12-27] (WildTangent Inc -> WildTangent) S2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2019-07-03] (Huawei Technologies Co., Ltd. -> ) [Fichier non signé] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282072 2014-03-18] (Intel Corporation - pGFX -> Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Fichier non signé] R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39896576 2016-08-25] () [Fichier non signé] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S2 postgresql-9.4; "C:\Program Files (x86)\PostgreSQL\9.4\bin\pg_ctl.exe" runservice -N "postgresql-9.4" -D "C:\Program Files (x86)\PostgreSQL\9.4\data" -w ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AgereSoftModem; C:\Windows\system32\DRIVERS\agrsm64.sys [1146880 2013-06-18] (Microsoft Windows -> LSI Corp) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3892224 2014-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.) R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [71952 2014-03-31] (ASUSTeK Computer Inc. -> ASUS Corporation) R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [37880 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [205600 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [275232 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [210328 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [65376 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [43512 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [171784 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [111096 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [84560 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [848688 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [461216 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [236288 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [317304 2019-10-02] (AVG Technologies USA, Inc. -> AVG Technologies CZ, s.r.o.) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel(R) Software -> Intel Corporation) R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel(R) Software -> Intel Corporation) R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel(R) Software -> Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel(R) Software -> Intel Corporation) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2019-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.) R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] (ASUSTeK Computer Inc. -> ) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [116224 2019-02-07] (Microsoft Windows -> Microsoft Corporation) [Fichier non signé] S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) U0 msahci; system32\drivers\msahci.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-02-12 20:12 - 2020-02-12 20:23 - 000025893 _____ C:\Users\Valerie\Downloads\Addition.txt 2020-02-12 20:11 - 2020-02-12 20:26 - 000032153 _____ C:\Users\Valerie\Downloads\FRST.txt 2020-02-12 20:10 - 2020-02-12 20:26 - 000000000 ____D C:\FRST 2020-02-12 20:08 - 2020-02-12 20:09 - 002279424 _____ (Farbar) C:\Users\Valerie\Downloads\FRST64.exe 2020-01-28 18:59 - 2013-03-24 05:00 - 000391168 _____ (CANON INC.) C:\Windows\system32\CNMLMBR.DLL 2020-01-26 00:57 - 2019-03-28 10:11 - 000029232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll 2020-01-26 00:57 - 2019-03-28 10:11 - 000017968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll 2020-01-26 00:57 - 2019-03-28 10:09 - 000032816 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll 2020-01-26 00:57 - 2019-03-28 10:09 - 000017968 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll 2020-01-26 00:57 - 2019-02-21 03:53 - 000772176 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase_clr0400.dll 2020-01-26 00:57 - 2019-02-21 03:53 - 000702400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase_clr0400.dll 2020-01-26 00:57 - 2019-02-21 03:53 - 000622832 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140_clr0400.dll 2020-01-26 00:57 - 2019-02-21 03:53 - 000433448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140_clr0400.dll 2020-01-26 00:57 - 2019-02-21 03:53 - 000087296 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140_clr0400.dll 2020-01-26 00:57 - 2019-02-21 03:53 - 000083768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140_clr0400.dll 2020-01-15 19:56 - 2020-01-03 08:39 - 001541144 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2020-01-15 19:56 - 2020-01-03 08:39 - 000642488 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.appcore.dll 2020-01-15 19:56 - 2020-01-03 07:55 - 000493944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.appcore.dll 2020-01-15 19:56 - 2020-01-03 05:02 - 000362496 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2020-01-15 19:56 - 2020-01-03 04:52 - 001377280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2020-01-15 19:56 - 2019-12-17 03:39 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2020-01-15 19:56 - 2019-12-17 02:04 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2020-01-15 19:56 - 2019-12-17 01:53 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2020-01-15 19:56 - 2019-12-17 01:52 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2020-01-15 19:56 - 2019-12-17 01:52 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2020-01-15 19:56 - 2019-12-17 01:37 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2020-01-15 19:56 - 2019-12-17 01:27 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2020-01-15 19:56 - 2019-12-17 01:24 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2020-01-15 19:56 - 2019-12-17 01:16 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2020-01-15 19:56 - 2019-12-17 01:14 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2020-01-15 19:56 - 2019-12-17 01:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2020-01-15 19:56 - 2019-12-17 01:04 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2020-01-15 19:56 - 2019-12-17 01:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2020-01-15 19:56 - 2019-12-17 01:01 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2020-01-15 19:56 - 2019-12-17 00:56 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2020-01-15 19:56 - 2019-12-17 00:52 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2020-01-15 19:56 - 2019-12-17 00:43 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2020-01-15 19:56 - 2019-12-17 00:41 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2020-01-15 19:56 - 2019-12-17 00:39 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2020-01-15 19:56 - 2019-12-17 00:38 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2020-01-15 19:56 - 2019-12-13 22:32 - 000121856 _____ (Microsoft Corporation) C:\Windows\system32\cryptcatsvc.dll 2020-01-15 19:56 - 2019-12-13 19:35 - 001317376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll 2020-01-15 19:56 - 2019-12-13 19:28 - 000289792 _____ (Microsoft Corporation) C:\Windows\system32\PlayToDevice.dll 2020-01-15 19:56 - 2019-12-13 18:49 - 001103360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll 2020-01-15 19:56 - 2019-12-13 18:45 - 000215552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PlayToDevice.dll 2020-01-15 19:56 - 2019-12-12 08:10 - 001756672 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2020-01-15 19:56 - 2019-12-12 07:49 - 001492992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2020-01-15 19:56 - 2019-12-09 21:46 - 000376568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys 2020-01-15 19:56 - 2019-12-07 19:00 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2020-01-15 19:56 - 2019-12-07 02:09 - 000427824 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll 2020-01-15 19:56 - 2019-12-07 00:39 - 000367936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll 2020-01-15 19:56 - 2019-12-06 22:19 - 006218240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2020-01-15 19:56 - 2019-12-06 22:15 - 007037440 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2020-01-15 19:56 - 2019-12-05 15:55 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\wiaaut.dll 2020-01-15 19:56 - 2019-12-05 15:55 - 000671232 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll 2020-01-15 19:56 - 2019-12-05 15:55 - 000322560 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll 2020-01-15 19:56 - 2019-12-05 15:55 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\sti_ci.dll 2020-01-15 19:56 - 2019-12-05 15:55 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\wiadss.dll 2020-01-15 19:56 - 2019-12-05 15:55 - 000068608 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll 2020-01-15 19:56 - 2019-12-05 15:53 - 000580096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiaaut.dll 2020-01-15 19:56 - 2019-12-05 15:53 - 000236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll 2020-01-15 19:56 - 2019-12-05 15:53 - 000117248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wiadss.dll 2020-01-15 19:56 - 2019-12-01 08:10 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2020-01-15 19:56 - 2019-12-01 08:08 - 000468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2020-01-15 19:56 - 2019-12-01 08:07 - 000248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2020-01-15 19:56 - 2019-12-01 07:59 - 000774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2020-01-15 19:56 - 2019-12-01 07:46 - 003631616 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2020-01-15 19:56 - 2019-12-01 07:40 - 000391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2020-01-15 19:56 - 2019-12-01 07:40 - 000272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2020-01-15 19:56 - 2019-12-01 07:37 - 002750464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2020-01-15 19:56 - 2019-12-01 07:35 - 000699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2020-01-15 19:56 - 2019-12-01 07:32 - 000750080 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll 2020-01-15 19:56 - 2019-12-01 07:21 - 000904192 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2020-01-15 19:56 - 2019-12-01 07:19 - 002551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2020-01-15 19:56 - 2019-12-01 07:15 - 000504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll 2020-01-15 19:56 - 2019-12-01 07:08 - 001920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2020-01-15 19:56 - 2019-12-01 07:08 - 000710656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2020-01-15 19:56 - 2019-11-28 11:26 - 001368072 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2020-01-15 19:56 - 2019-11-28 06:20 - 000432128 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2020-01-15 19:56 - 2019-11-28 05:03 - 001085440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2020-01-15 19:56 - 2019-11-13 06:54 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll 2020-01-15 19:56 - 2019-11-13 06:54 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2020-01-15 19:56 - 2019-11-13 06:52 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll 2020-01-15 19:56 - 2019-11-13 06:52 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2020-01-15 19:56 - 2019-11-11 21:15 - 000046080 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll 2020-01-15 19:56 - 2019-11-11 20:37 - 000881152 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe 2020-01-15 19:56 - 2019-11-09 09:49 - 000409728 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2020-01-15 19:56 - 2019-11-09 02:12 - 003551232 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2020-01-15 19:56 - 2019-11-05 05:21 - 000162392 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2020-01-15 19:56 - 2019-11-05 01:06 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2020-01-15 19:56 - 2019-11-05 01:03 - 000611432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2020-01-15 19:56 - 2019-10-27 00:17 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2020-01-13 19:03 - 2020-01-13 19:03 - 000000000 ____D C:\Users\Valerie\AppData\Roaming\java 2020-01-13 18:53 - 2020-01-13 18:53 - 000000000 ____D C:\Users\Valerie\IdeaProjects 2020-01-13 18:51 - 2020-01-13 18:51 - 000000000 ____D C:\Users\Valerie\.IdeaIC2019.3 ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-02-12 19:21 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp 2020-02-12 19:16 - 2014-09-07 01:43 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4050757951-1678246129-3257593133-1001 2020-02-12 19:11 - 2014-09-07 03:23 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2020-02-12 19:11 - 2014-09-07 03:23 - 000002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2020-02-12 19:11 - 2014-09-07 03:23 - 000002203 _____ C:\ProgramData\Desktop\Google Chrome.lnk 2020-02-12 19:04 - 2014-09-07 01:43 - 000003960 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{BE31F800-1996-45DE-BBD8-F4B919807E3E} 2020-02-12 19:04 - 2014-09-07 01:40 - 000000093 _____ C:\Users\Valerie\AppData\Roaming\sp_data.sys 2020-02-12 19:00 - 2015-09-06 02:05 - 000000000 __RDO C:\Users\Valerie\OneDrive 2020-02-11 23:13 - 2014-09-07 01:37 - 000000000 ____D C:\Users\Valerie 2020-02-11 19:14 - 2016-06-09 11:03 - 000000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2020-02-10 19:04 - 2018-04-28 20:53 - 000003186 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4050757951-1678246129-3257593133-1001 2020-02-10 19:04 - 2016-04-27 06:01 - 000002392 _____ C:\Users\Valerie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive Entreprise.lnk 2020-02-09 22:32 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF 2020-02-08 22:41 - 2019-05-17 15:58 - 000000000 ____D C:\Users\Valerie\Documents\Administration 2020-02-07 18:55 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf 2020-02-06 22:45 - 2020-01-12 22:15 - 000000000 ____D C:\Users\Valerie\Documents\JAVA 2020-02-05 19:15 - 2020-01-05 18:59 - 000003580 _____ C:\Windows\system32\Tasks\HPCustParticipation HP DeskJet 3700 series 2020-02-05 19:15 - 2019-06-09 17:25 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software 2020-02-05 19:15 - 2016-09-29 22:04 - 000003676 _____ C:\Windows\system32\Tasks\MySQLNotifierTask 2020-02-05 19:15 - 2016-03-10 22:20 - 000003236 _____ C:\Windows\system32\Tasks\{844FB097-D7F6-4537-B920-6DB1FE76D98A} 2020-02-05 19:15 - 2015-07-01 20:14 - 000002802 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC 2020-02-05 19:15 - 2014-09-07 03:23 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA 2020-02-05 19:15 - 2014-09-07 03:23 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore 2020-02-05 19:14 - 2019-10-20 15:14 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update 2020-02-05 19:14 - 2017-09-28 11:15 - 000004174 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update 2020-02-05 19:14 - 2014-09-06 15:35 - 000002986 _____ C:\Windows\system32\Tasks\ASUS Splendid ACMON 2020-02-05 19:14 - 2014-09-06 15:34 - 000003400 _____ C:\Windows\system32\Tasks\ASUS Live Update1 2020-02-05 19:14 - 2014-09-06 15:34 - 000003390 _____ C:\Windows\system32\Tasks\ASUS Live Update2 2020-02-05 19:14 - 2014-09-06 15:31 - 000003562 _____ C:\Windows\system32\Tasks\ATK Package 36D18D69AFC3 2020-02-05 19:14 - 2014-09-06 15:27 - 000003538 _____ C:\Windows\system32\Tasks\ASUS Smart Gesture Launcher 2020-01-29 23:49 - 2015-07-15 20:00 - 000000000 ____D C:\Users\Valerie\Documents\BOOKS 2020-01-29 20:35 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache 2020-01-27 02:56 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-01-27 02:55 - 2013-08-22 14:25 - 000524288 ___SH C:\Windows\system32\config\BBI 2020-01-26 08:48 - 2018-04-28 20:27 - 000397808 _____ C:\Windows\system32\FNTCACHE.DAT 2020-01-26 00:57 - 2015-01-08 22:48 - 000000000 ____D C:\Windows\system32\MRT 2020-01-26 00:52 - 2015-01-08 22:48 - 120202352 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2020-01-22 19:13 - 2013-08-22 16:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2020-01-22 19:12 - 2015-01-06 18:21 - 000000000 ____D C:\Program Files\Microsoft Office 15 2020-01-13 18:54 - 2020-01-12 19:34 - 000000000 ____D C:\Users\Valerie\AppData\Roaming\JetBrains ==================== Fichiers à la racine de certains dossiers ======== 2015-11-29 09:27 - 2015-11-29 09:27 - 021374182 _____ () C:\Users\Valerie\postgis_2_1_pg94.exe 2015-11-29 08:50 - 2015-11-29 08:50 - 025456941 _____ () C:\Users\Valerie\postgis_2_2_pg95.exe 2014-09-07 01:40 - 2020-02-12 19:04 - 000000093 _____ () C:\Users\Valerie\AppData\Roaming\sp_data.sys 2016-09-11 21:37 - 2016-09-11 21:37 - 000000758 _____ () C:\Users\Valerie\AppData\Local\recently-used.xbel 2017-01-29 13:56 - 2018-12-18 10:26 - 000021504 _____ () C:\Users\Valerie\AppData\Local\WebpageIcons.db ==================== SigCheckExt ========================= 2016-06-03 19:32 - 2016-05-31 13:02 - 006703935 _____ (Phil Harvey) C:\Windows\exiftool.exe 2014-09-06 15:15 - 2013-08-21 08:16 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2013-09-02 13:03 - 2013-09-02 13:03 - 000001536 _____ C:\Windows\SysWOW64\IusEventLog.dll 2014-05-15 16:58 - 2009-07-22 11:04 - 000024576 _____ C:\ProgramData\SetStretch.exe 2015-11-29 09:27 - 2015-11-29 09:27 - 021374182 _____ C:\Users\Valerie\postgis_2_1_pg94.exe 2015-11-29 08:50 - 2015-11-29 08:50 - 025456941 _____ C:\Users\Valerie\postgis_2_2_pg95.exe 2020-02-12 20:08 - 2020-02-12 20:09 - 002279424 _____ (Farbar) C:\Users\Valerie\Downloads\FRST64.exe 2016-09-09 19:23 - 2014-02-06 17:09 - 006931456 _____ C:\Users\Valerie\Documents\chromedriver.exe ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2020-02-09 08:41 ==================== Fin de FRST.txt ========================