Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14.01.2019 01 Exécuté par Utilisateur (administrateur) sur UTILISATEUR-PC (15-01-2019 22:44:56) Exécuté depuis C:\Users\Utilisateur\Downloads Profils chargés: Utilisateur (Profils disponibles: Utilisateur & Invité & DefaultAppPool) Platform: Windows 10 Home Version 1803 17134.523 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: FF) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe (Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe (Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe (Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (Bitdefender) C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe (Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe (Bitdefender) C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vulnerability.scan.exe () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18112.20010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe () C:\Users\Utilisateur\AppData\Roaming\ZHP\ZHPDiag3.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2726728 2010-03-25] (CANON INC.) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [393200 2017-10-20] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation) HKLM\...\Run: [BdVpnApp] => C:\Program Files\Bitdefender\Bitdefender VPN\BdVpnApp.exe [91384 2018-11-16] (Bitdefender) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [482024 2018-11-01] (Bitdefender) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation) HKU\S-1-5-21-2861662073-1316251690-2224708728-1000\...\Run: [Dropbox Update] => C:\Users\Utilisateur\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.) HKU\S-1-5-21-2861662073-1316251690-2224708728-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-2861662073-1316251690-2224708728-1000\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-2861662073-1316251690-2224708728-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [149504 2018-04-12] (Microsoft Corporation) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [175392 2012-10-26] (Logitech Inc.) HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( ) HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\system32\xvidvfw.dll [255488 2011-05-30] () HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [105984 2015-09-05] (Beepa P/L) HKLM\...\Drivers32: [MSVideo] => C:\Windows\system32\vfwwdm32.dll [67072 2018-04-12] (Microsoft Corporation) HKLM\...\Drivers32-x32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech Inc.) HKLM\...\Drivers32-x32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [240640 2011-05-30] () HKLM\...\Drivers32-x32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2010-01-17] (fccHandler) HKLM\...\Drivers32-x32: [msacm.lameacm] => C:\Windows\SysWOW64\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) HKLM\...\Drivers32-x32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [79360 2012-02-26] () HKLM\...\Drivers32-x32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) HKLM\...\Drivers32-x32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [94208 2015-09-05] (Beepa P/L) HKLM\...\Drivers32-x32: [vidc.dvsd] => C:\Windows\SysWOW64\mcdvd_32.dll [261632 2003-05-21] (MainConcept) HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\explorer.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] -> HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.) HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] -> ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{5e79ba97-8ada-4f31-a218-592c6dcc7c39}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{99029924-6afd-45aa-aaa8-667f57ff9d7a}: [DhcpNameServer] 8.8.8.8 8.8.4.4 Internet Explorer: ================== HKU\S-1-5-21-2861662073-1316251690-2224708728-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2861662073-1316251690-2224708728-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://sfr.fr/ SearchScopes: HKU\S-1-5-21-2861662073-1316251690-2224708728-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-2861662073-1316251690-2224708728-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE00 SearchScopes: HKU\S-1-5-21-2861662073-1316251690-2224708728-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKU\S-1-5-21-2861662073-1316251690-2224708728-1000 -> {96E4030D-33E3-4DEB-B29E-ACB7C8008C93} URL = hxxps://www.google.com/search?q={searchTerms} BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-09-22] (Bitdefender) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2018-09-22] (Bitdefender) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-09-22] (Bitdefender) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2018-09-22] (Bitdefender) Toolbar: HKU\S-1-5-21-2861662073-1316251690-2224708728-1000 -> Pas de nom - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Pas de fichier Toolbar: HKU\S-1-5-21-2861662073-1316251690-2224708728-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKU\S-1-5-21-2861662073-1316251690-2224708728-1000 -> Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2018-09-22] (Bitdefender) DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Pas de fichier Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2012-11-22] (Skype Technologies S.A.) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-11-22] (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Pas de fichier FireFox: ======== FF DefaultProfile: 9zcobqfy.default-1376388615907-1534961553751 FF ProfilePath: C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751 [2019-01-15] FF Homepage: Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751 -> hxxps://www.orange.fr/portail FF NewTabOverride: Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751 -> Disabled: {2ef58672-740c-46bd-a50d-b9880986b574} FF Extension: (Ant Video downloader) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751\Extensions\anttoolbar@ant.com.xpi [2019-01-15] FF Extension: (AdBlock) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-12-05] FF Extension: (Universe Start) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751\Extensions\{2ef58672-740c-46bd-a50d-b9880986b574}.xpi [2019-01-12] FF Extension: (AdBlock pour YouTube™) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751\Extensions\{80e9f0be-bd1e-4b69-b079-5f44b2962921}.xpi [2018-11-03] FF Extension: (GoMusic) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751\Extensions\{8387ccbe-b9ac-438d-b049-c86b30a6dacb}.xpi [2019-01-12] FF Extension: (ImTranslator: Traducteur, Dictionnaire, Voix) - C:\Users\Utilisateur\AppData\Roaming\Mozilla\Firefox\Profiles\9zcobqfy.default-1376388615907-1534961553751\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2019-01-08] FF HKLM\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdwteff.xpi FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\bdwteff.xpi [2018-09-22] FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [Legacy] [non signé] FF HKLM-x32\...\Firefox\Extensions: [bdwtwe@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdwteff.xpi FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext FF HKU\S-1-5-21-2861662073-1316251690-2224708728-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi => non trouvé(e) FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-08] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-08] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [Pas de fichier] FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.) FF Plugin-x32: @unisys.com/npornap -> C:\Program Files (x86)\Orange\CAP Nap Plugin ActiveX [2014-08-01] () FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2861662073-1316251690-2224708728-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Utilisateur\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default [2019-01-15] CHR Extension: (Slides) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-11-16] CHR Extension: (Docs) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-11-16] CHR Extension: (Google Drive) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-07] CHR Extension: (YouTube) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-07] CHR Extension: (Sheets) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-11-16] CHR Extension: (Protection Web Avira) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2019-01-05] CHR Extension: (Bitdefender Wallet) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\gannpgaobkkhmpomoijebaigcapoeebl [2018-12-05] CHR Extension: (Google Docs hors connexion) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-16] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-11-16] CHR Extension: (Gmail) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-07] CHR Extension: (Chrome Media Router) - C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-05] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AfVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\vpnservice.exe [322432 2018-10-25] (AnchorFree Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2015-12-10] () R2 BDAuxSrv; C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe [779152 2018-11-01] (Bitdefender) R2 BDProtSrv; C:\Program Files\Bitdefender\Bitdefender 2017\bdservicehost.exe [779152 2018-11-01] (Bitdefender) R2 bdredline; C:\Program Files\Common Files\Bitdefender\SetupInformation\Bitdefender RedLine\bdredline.exe [2195320 2018-09-22] (Bitdefender) R2 BdVpnService; C:\Program Files\Bitdefender\Bitdefender VPN\bdvpnservice.exe [96568 2018-11-16] (Bitdefender) R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123392 2018-01-12] (Dassault Systèmes) [Fichier non signé] R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Fichier non signé] R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation) R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé] S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-10-16] (Intel Corporation) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) S2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1293936 2018-11-15] (Bitdefender) S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] () R2 SZDrvSvc; C:\Program Files (x86)\Clarus\Samsung Drive Manager\SZDrvSvc.exe [18432 2013-12-18] (Clarus, Inc.) [Fichier non signé] R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [112144 2018-11-01] (Bitdefender) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [804144 2018-11-01] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation) R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation) ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-06-15] (The OpenVPN Project) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-12-10] () R1 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [1292296 2018-10-17] (BitDefender S.R.L. Bucharest, ROMANIA) R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1723552 2018-05-22] (BitDefender) R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-07-10] (AVG Technologies) R2 BdDci; C:\WINDOWS\System32\DRIVERS\bddci.sys [156912 2018-11-01] (Bitdefender) S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23032 2018-05-22] (Bitdefender) R2 bdprivmon; C:\WINDOWS\System32\DRIVERS\bdprivmon.sys [45728 2018-10-17] (© Bitdefender SRL) R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [96448 2018-05-22] (BitDefender) R0 gfibto; C:\WINDOWS\System32\drivers\gfibto.sys [14456 2012-12-12] (GFI Software) R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [193184 2018-09-22] (BitDefender LLC) R0 ignis; C:\WINDOWS\System32\DRIVERS\ignis.sys [191592 2018-05-22] (Bitdefender) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [23680 2013-01-25] (ASUSTeK Computer Inc.) S3 LVPr2M64; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] () S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30304 2010-05-07] () S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-06] (Malwarebytes) R3 mdf16; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mdf16.sys [20400 2012-06-21] () R3 mvd23; C:\Program Files (x86)\Clarus\Samsung Drive Manager\mvd23.sys [99248 2012-06-21] () R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-11-01] (Realtek ) S3 STTub30; C:\WINDOWS\System32\Drivers\STTub30.sys [44184 2012-07-09] (STMicroelectronics) R3 taphss6; C:\WINDOWS\System32\drivers\taphss6.sys [42064 2017-06-02] (Anchorfree Inc.) R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [609576 2018-08-02] (Bitdefender) S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation) S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation) R3 WUDFWpdComp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [264192 2018-04-12] (Microsoft Corporation) S3 avfwim; \SystemRoot\system32\DRIVERS\avfwim.sys [X] U3 idsvc; pas de ImagePath ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (Créés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-01-15 22:44 - 2019-01-15 22:46 - 000027307 _____ C:\Users\Utilisateur\Downloads\FRST.txt 2019-01-15 22:44 - 2019-01-15 22:44 - 000000000 ____D C:\FRST 2019-01-15 22:43 - 2019-01-15 22:44 - 002427904 _____ (Farbar) C:\Users\Utilisateur\Downloads\FRST64.exe 2019-01-15 22:39 - 2019-01-15 22:39 - 000000923 _____ C:\Users\Utilisateur\Desktop\ZHPDiag.lnk 2019-01-15 22:39 - 2019-01-15 22:39 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\ZHP 2019-01-15 22:38 - 2019-01-15 22:38 - 003191680 _____ C:\Users\Utilisateur\Downloads\ZHPDiag3.exe 2019-01-15 08:38 - 2019-01-15 08:38 - 005937968 _____ (EnigmaSoft Limited) C:\Users\Utilisateur\Downloads\sh-remover.exe 2019-01-12 18:47 - 2018-09-20 05:12 - 001483576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2019-01-09 05:55 - 2019-01-09 05:55 - 000008534 _____ C:\Users\Utilisateur\Documents\cc_20190109_055509.reg 2019-01-09 05:16 - 2019-01-01 14:46 - 012710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2019-01-09 05:16 - 2019-01-01 14:43 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll 2019-01-09 05:16 - 2019-01-01 14:20 - 011902976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2019-01-09 05:16 - 2019-01-01 08:14 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe 2019-01-09 05:16 - 2019-01-01 08:14 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe 2019-01-09 05:16 - 2019-01-01 08:13 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2019-01-09 05:16 - 2019-01-01 08:12 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2019-01-09 05:16 - 2019-01-01 08:12 - 007520104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2019-01-09 05:16 - 2019-01-01 08:12 - 002765344 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2019-01-09 05:16 - 2019-01-01 08:12 - 002465792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2019-01-09 05:16 - 2019-01-01 08:12 - 002421288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2019-01-09 05:16 - 2019-01-01 07:55 - 025856512 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2019-01-09 05:16 - 2019-01-01 07:50 - 022715392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2019-01-09 05:16 - 2019-01-01 07:50 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll 2019-01-09 05:16 - 2019-01-01 07:47 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll 2019-01-09 05:16 - 2019-01-01 07:45 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2019-01-09 05:16 - 2019-01-01 07:45 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll 2019-01-09 05:16 - 2019-01-01 07:44 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2019-01-09 05:16 - 2019-01-01 07:44 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll 2019-01-09 05:16 - 2019-01-01 07:43 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2019-01-09 05:16 - 2019-01-01 07:42 - 004939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2019-01-09 05:16 - 2019-01-01 07:42 - 002247680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2019-01-09 05:16 - 2019-01-01 07:42 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll 2019-01-09 05:16 - 2019-01-01 07:41 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2019-01-09 05:16 - 2019-01-01 07:37 - 006571584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2019-01-09 05:16 - 2019-01-01 07:37 - 002478664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2019-01-09 05:16 - 2019-01-01 07:37 - 002253696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2019-01-09 05:16 - 2019-01-01 07:37 - 001989040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2019-01-09 05:16 - 2019-01-01 07:29 - 022016512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2019-01-09 05:16 - 2019-01-01 07:22 - 019405312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2019-01-09 05:16 - 2019-01-01 07:16 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2019-01-09 05:16 - 2019-01-01 07:15 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2019-01-09 05:16 - 2019-01-01 07:14 - 004514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2019-01-09 05:16 - 2019-01-01 07:13 - 001628160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2019-01-09 05:16 - 2018-12-19 05:49 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2019-01-09 05:15 - 2019-01-01 14:50 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll 2019-01-09 05:15 - 2019-01-01 14:47 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowslivelogin.dll 2019-01-09 05:15 - 2019-01-01 14:45 - 000714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2019-01-09 05:15 - 2019-01-01 14:45 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll 2019-01-09 05:15 - 2019-01-01 14:20 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowslivelogin.dll 2019-01-09 05:15 - 2019-01-01 14:18 - 000500736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2019-01-09 05:15 - 2019-01-01 14:17 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll 2019-01-09 05:15 - 2019-01-01 08:14 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2019-01-09 05:15 - 2019-01-01 08:14 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe 2019-01-09 05:15 - 2019-01-01 08:14 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll 2019-01-09 05:15 - 2019-01-01 08:14 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys 2019-01-09 05:15 - 2019-01-01 08:13 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2019-01-09 05:15 - 2019-01-01 08:13 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2019-01-09 05:15 - 2019-01-01 08:13 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2019-01-09 05:15 - 2019-01-01 08:13 - 000170808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2019-01-09 05:15 - 2019-01-01 08:12 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll 2019-01-09 05:15 - 2019-01-01 08:12 - 000268304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2019-01-09 05:15 - 2019-01-01 08:12 - 000128824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys 2019-01-09 05:15 - 2019-01-01 08:12 - 000043536 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe 2019-01-09 05:15 - 2019-01-01 07:48 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe 2019-01-09 05:15 - 2019-01-01 07:48 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys 2019-01-09 05:15 - 2019-01-01 07:48 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Print.Workflow.Source.dll 2019-01-09 05:15 - 2019-01-01 07:47 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2019-01-09 05:15 - 2019-01-01 07:46 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2019-01-09 05:15 - 2019-01-01 07:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2019-01-09 05:15 - 2019-01-01 07:46 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2019-01-09 05:15 - 2019-01-01 07:45 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2019-01-09 05:15 - 2019-01-01 07:44 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll 2019-01-09 05:15 - 2019-01-01 07:44 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2019-01-09 05:15 - 2019-01-01 07:44 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll 2019-01-09 05:15 - 2019-01-01 07:42 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll 2019-01-09 05:15 - 2019-01-01 07:41 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2019-01-09 05:15 - 2019-01-01 07:41 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2019-01-09 05:15 - 2019-01-01 07:41 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll 2019-01-09 05:15 - 2019-01-01 07:37 - 000880048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2019-01-09 05:15 - 2019-01-01 07:37 - 000581808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll 2019-01-09 05:15 - 2019-01-01 07:37 - 000381240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2019-01-09 05:15 - 2019-01-01 07:17 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll 2019-01-09 05:15 - 2019-01-01 07:16 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll 2019-01-09 05:15 - 2019-01-01 07:16 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll 2019-01-09 05:15 - 2019-01-01 07:15 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll 2019-01-09 05:15 - 2019-01-01 07:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll 2019-01-09 05:15 - 2019-01-01 07:15 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2019-01-09 05:15 - 2019-01-01 07:14 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll 2019-01-09 05:15 - 2019-01-01 07:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll 2019-01-09 05:15 - 2019-01-01 07:13 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll 2019-01-09 05:15 - 2019-01-01 07:13 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll 2019-01-09 05:15 - 2019-01-01 07:12 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll 2019-01-09 05:15 - 2019-01-01 07:12 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2019-01-09 05:15 - 2019-01-01 07:12 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2019-01-09 05:15 - 2019-01-01 07:12 - 000516608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll 2019-01-09 05:15 - 2019-01-01 06:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim 2019-01-08 21:32 - 2019-01-08 21:32 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2019-01-08 19:30 - 2019-01-08 19:30 - 000000000 ____D C:\ProgramData\dbg 2019-01-08 19:22 - 2019-01-08 19:37 - 000000000 ____D C:\WINDOWS\Minidump 2019-01-08 05:38 - 2019-01-08 05:38 - 000076636 _____ C:\ProgramData\agent.update.1546922255.bdinstall.v2.bin 2018-12-29 05:51 - 2018-12-29 05:51 - 000272205 _____ C:\Users\Utilisateur\Downloads\Facture.pdf 2018-12-29 05:51 - 2018-12-29 05:51 - 000272205 _____ C:\Users\Utilisateur\Downloads\Facture(2).pdf 2018-12-29 05:51 - 2018-12-29 05:51 - 000272205 _____ C:\Users\Utilisateur\Downloads\Facture(1).pdf 2018-12-28 18:23 - 2018-12-28 18:23 - 000029587 _____ C:\Users\Utilisateur\Downloads\RIB(1).pdf 2018-12-26 08:41 - 2018-12-26 08:41 - 019299120 _____ (Piriform Software Ltd) C:\Users\Utilisateur\Desktop\ccsetup551.exe 2018-12-23 09:29 - 2018-12-23 09:29 - 000464746 _____ C:\Users\Utilisateur\Downloads\halima impôts fonciers.pdf 2018-12-20 06:22 - 2018-12-14 08:29 - 001130760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2018-12-20 06:22 - 2018-12-14 08:25 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe 2018-12-20 06:22 - 2018-12-14 08:21 - 001457240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2018-12-20 06:22 - 2018-12-14 08:21 - 001257672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2018-12-20 06:22 - 2018-12-14 08:21 - 001140480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2018-12-20 06:22 - 2018-12-14 08:21 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2018-12-20 06:22 - 2018-12-14 08:21 - 000982912 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2018-12-20 06:22 - 2018-12-14 08:10 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll 2018-12-20 06:22 - 2018-12-14 08:07 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2018-12-20 06:22 - 2018-12-14 07:55 - 003396608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2018-12-20 06:22 - 2018-12-14 07:55 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll 2018-12-20 06:22 - 2018-12-14 07:54 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2018-12-20 06:22 - 2018-12-14 07:54 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll 2018-12-20 06:22 - 2018-12-14 07:52 - 002173440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2018-12-20 06:22 - 2018-12-14 07:52 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll 2018-12-20 06:22 - 2018-12-14 07:51 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2018-12-20 06:22 - 2018-12-14 07:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2018-12-16 06:36 - 2018-12-16 06:36 - 000034749 _____ C:\ProgramData\dm.uninstall.1544938569.bdinstall.bin ==================== Un mois (Modifiés) ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2019-01-15 22:45 - 2016-11-18 08:34 - 000000000 ____D C:\Users\Utilisateur\AppData\LocalLow\Mozilla 2019-01-15 22:43 - 2014-08-27 10:14 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\ZHP 2019-01-15 22:34 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2019-01-15 22:30 - 2016-03-11 10:12 - 000002067 _____ C:\Users\Utilisateur\Desktop\Invite de commandes.lnk 2019-01-15 21:41 - 2018-05-20 14:07 - 000000000 ____D C:\WINDOWS\system32\SleepStudy 2019-01-15 11:26 - 2018-05-20 14:10 - 002052560 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2019-01-15 11:26 - 2018-04-12 17:18 - 000898558 _____ C:\WINDOWS\system32\perfh00C.dat 2019-01-15 11:26 - 2018-04-12 17:18 - 000192800 _____ C:\WINDOWS\system32\perfc00C.dat 2019-01-15 11:26 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF 2019-01-15 11:23 - 2017-07-18 06:34 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2019-01-15 11:23 - 2014-09-29 06:21 - 000000000 __SHD C:\Users\Utilisateur\IntelGraphicsProfiles 2019-01-15 11:22 - 2018-05-20 14:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2019-01-15 11:21 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI 2019-01-15 11:21 - 2016-04-02 06:38 - 000248609 _____ C:\bdlog.txt 2019-01-15 11:11 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness 2019-01-15 10:57 - 2018-04-11 22:04 - 000065536 _____ C:\WINDOWS\system32\config\ELAM 2019-01-14 20:40 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps 2019-01-12 18:49 - 2018-03-21 14:11 - 000000000 ____D C:\Program Files\Mozilla Firefox 2019-01-12 18:49 - 2012-05-10 08:35 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-01-12 18:47 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp 2019-01-11 17:57 - 2011-02-18 21:21 - 000000000 ____D C:\Users\Utilisateur\Documents\ostéo 2019-01-11 11:38 - 2018-03-21 14:11 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2019-01-10 11:15 - 2015-03-05 19:55 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\vlc 2019-01-09 06:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput 2019-01-09 06:02 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr 2019-01-09 05:54 - 2011-02-19 08:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Media Player Classic 2019-01-09 05:49 - 2018-05-16 07:59 - 000000000 ___DC C:\WINDOWS\Panther 2019-01-09 05:49 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports 2019-01-09 05:34 - 2013-08-14 21:34 - 000000000 ____D C:\WINDOWS\system32\MRT 2019-01-09 05:27 - 2011-02-17 16:10 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2019-01-08 23:10 - 2018-05-20 14:15 - 000000000 ____D C:\Users\Utilisateur 2019-01-08 21:33 - 2015-03-24 09:48 - 000000000 ____D C:\Users\Utilisateur\AppData\Roaming\Dropbox 2019-01-08 12:46 - 2018-05-20 14:43 - 000004770 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier 2019-01-08 12:45 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2019-01-08 12:45 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed 2019-01-08 05:38 - 2017-03-03 07:19 - 000000000 ____D C:\Program Files\Bitdefender Agent 2019-01-04 07:17 - 2016-11-22 13:40 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2019-01-02 20:41 - 2018-07-12 19:10 - 000835480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2019-01-02 20:41 - 2018-07-12 19:10 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2018-12-30 18:20 - 2014-09-02 08:30 - 000001289 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2018-12-25 15:38 - 2018-06-16 14:46 - 000000000 ____D C:\Users\Utilisateur\AppData\Local\D3DSCache 2018-12-20 11:49 - 2018-05-20 14:43 - 000003388 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2861662073-1316251690-2224708728-1000 2018-12-20 11:49 - 2018-05-20 14:15 - 000002475 _____ C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2018-12-20 11:49 - 2015-01-19 13:52 - 000000000 ___RD C:\Users\Utilisateur\OneDrive 2018-12-19 21:05 - 2018-05-20 14:43 - 000003588 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2018-12-19 21:05 - 2018-05-20 14:43 - 000003464 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2018-12-18 07:06 - 2017-03-03 07:26 - 000000000 ____D C:\Program Files\Bitdefender ==================== Fichiers à la racine de certains dossiers ======= 2013-06-08 18:09 - 2013-06-08 18:09 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.5096.dll 2016-05-03 16:26 - 2016-05-03 19:31 - 009703566 _____ () C:\Users\Utilisateur\companion-windows-2.1.8.exe 2016-10-07 20:46 - 2016-10-07 20:46 - 009715641 _____ () C:\Users\Utilisateur\companion-windows-2.1.9.exe 2017-03-07 18:47 - 2017-03-07 18:47 - 011110055 _____ () C:\Users\Utilisateur\companion-windows-2.2.0N363.exe 2017-03-19 18:13 - 2017-03-19 18:13 - 011145961 _____ () C:\Users\Utilisateur\companion-windows-2.2.0N365.exe 2017-03-24 09:17 - 2017-03-24 09:17 - 011165594 _____ () C:\Users\Utilisateur\companion-windows-2.2.0N366.exe 2017-04-11 06:20 - 2017-04-11 06:20 - 012305890 _____ () C:\Users\Utilisateur\companion-windows-2.2.0N368.exe 2017-04-14 17:27 - 2017-04-14 17:27 - 012343090 _____ () C:\Users\Utilisateur\companion-windows-2.2.0N369.exe 2017-11-26 14:19 - 2017-11-26 14:20 - 012340013 _____ () C:\Users\Utilisateur\companion-windows-2.2.0N372.exe 2018-01-18 17:12 - 2018-01-18 17:13 - 013470082 _____ () C:\Users\Utilisateur\companion-windows-2.2.1.exe 2018-09-16 09:28 - 2018-09-16 09:29 - 013821699 _____ () C:\Users\Utilisateur\companion-windows-2.2.2.exe 2016-01-03 17:45 - 2016-01-03 17:45 - 009605340 _____ () C:\Users\Utilisateur\companionInstall_2.0.18.exe 2016-01-29 09:39 - 2016-02-18 11:08 - 009604062 _____ () C:\Users\Utilisateur\companionInstall_2.0.19.exe 2016-11-06 11:26 - 2016-11-06 11:26 - 002437120 _____ () C:\Users\Utilisateur\ZHPDiag3.exe 2013-06-11 17:51 - 2013-07-10 07:44 - 000003718 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2015-02-12 16:12 - 2015-03-09 10:34 - 000000096 _____ () C:\Users\Utilisateur\AppData\Roaming\Camdata.ini 2015-02-12 16:12 - 2015-03-09 10:34 - 000000408 _____ () C:\Users\Utilisateur\AppData\Roaming\CamLayout.ini 2015-02-12 16:12 - 2015-03-09 10:34 - 000000408 _____ () C:\Users\Utilisateur\AppData\Roaming\CamShapes.ini 2015-02-12 16:12 - 2015-03-09 10:34 - 000004509 _____ () C:\Users\Utilisateur\AppData\Roaming\CamStudio.cfg 2011-02-18 20:47 - 2011-09-25 08:56 - 000000120 _____ () C:\Users\Utilisateur\AppData\Roaming\default.pls 2016-11-06 15:50 - 2016-11-06 15:50 - 000000546 _____ () C:\Users\Utilisateur\AppData\Roaming\disque1 (C) - Raccourci.lnk 2013-03-18 09:27 - 2018-08-31 17:21 - 000000894 _____ () C:\Users\Utilisateur\AppData\Roaming\DriveCalculator Preferences 2013-05-12 10:01 - 2017-04-16 18:53 - 000000219 _____ () C:\Users\Utilisateur\AppData\Roaming\PropCalc Preferences 2013-07-27 13:11 - 2013-07-27 13:11 - 000000056 _____ () C:\Users\Utilisateur\AppData\Roaming\WB.CFG 2013-07-27 13:11 - 2013-07-27 13:11 - 000000005 _____ () C:\Users\Utilisateur\AppData\Roaming\WBPU-TTL.DAT 2012-12-10 10:09 - 2012-12-10 10:09 - 000017472 ____T (Un4seen Developments) C:\Users\Utilisateur\AppData\Roaming\Microsoft\1eaadjc.dll 2012-12-10 10:09 - 2012-12-10 10:09 - 000018724 ____T () C:\Users\Utilisateur\AppData\Roaming\Microsoft\bass.dll 2012-12-10 10:09 - 2012-12-10 10:09 - 001758720 ____T () C:\Users\Utilisateur\AppData\Roaming\Microsoft\engine_vx.dll 2012-12-10 10:09 - 2012-12-10 10:09 - 000016448 ____T (Un4seen Developments) C:\Users\Utilisateur\AppData\Roaming\Microsoft\kfgresk.dll 2012-12-10 10:09 - 2012-12-10 10:09 - 000012352 ____T (Un4seen Developments) C:\Users\Utilisateur\AppData\Roaming\Microsoft\peaadje.dll 2012-12-10 10:09 - 2012-12-10 10:09 - 000029784 ____T ((: JOBnik! :) [Arthur Aminov, ISRAEL]) C:\Users\Utilisateur\AppData\Roaming\Microsoft\qwadjb.dll 2012-12-10 10:09 - 2012-12-10 10:09 - 000017472 ____T (Un4seen Developments) C:\Users\Utilisateur\AppData\Roaming\Microsoft\rsaadjd.dll 2011-02-18 23:02 - 2014-07-26 13:52 - 000122880 _____ () C:\Users\Utilisateur\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-06-01 08:48 - 2014-06-02 11:21 - 000004096 ____H () C:\Users\Utilisateur\AppData\Local\keyfile3.drm 2014-08-29 15:19 - 2014-08-29 15:19 - 000007406 _____ () C:\Users\Utilisateur\AppData\Local\SquareClock.Production_ConforamaIcon.ico Certains fichiers dans TEMP: ==================== 2015-08-11 11:52 - 2015-08-11 11:52 - 000000000 ____D () C:\Users\mirei\AppData\Local\Temp\avgnt.exe 2015-08-28 14:56 - 2015-08-28 14:56 - 000000000 ____D () C:\Users\mirei.UTILISATEUR-PC.002\AppData\Local\Temp\avgnt.exe 2014-09-05 12:35 - 2014-09-05 12:35 - 000000000 ____D () C:\Users\moi\AppData\Local\Temp\avgnt.exe 2016-02-18 11:31 - 2016-02-18 11:31 - 000000000 ____D () C:\Users\TEMP.UTILISATEUR-PC\AppData\Local\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement C:\WINDOWS\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2018-05-20 14:07 ==================== Fin de FRST.txt ============================