Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 04-09-2019
Exécuté par JLFormation (administrateur) sur DESKTOP-BITJV1M (HP HP Notebook) (04-09-2019 17:23:19)
Exécuté depuis C:\Users\JLFormation\Desktop\FRST-OlderVersion
Profils chargés: JLFormation (Profils disponibles: JLFormation & Sam Ath)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc -> ) C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\CUAssistant\culauncher.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.16299.15_none_2c4b8d3b386eed8e\TiWorker.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3349224 2015-08-20] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [654088 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5782336 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-21-3150895626-3185015728-116041242-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [23153344 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\...\Authentication\Credential Providers: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
HKLM\Software\...\Authentication\Credential Provider Filters: [{FA076B7A-C331-48e2-9EE9-7683A553739E}] -> C:\Program Files (x86)\CyberLink\YouCam6\CLCredProv\x64\CLCredProv.dll [2015-07-01] (CyberLink Corp. -> CyberLink)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {02F67DB9-AF7A-4ABA-B085-88E929B3D672} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {089B4553-2C08-475E-9DF3-5BAB5C2C9729} - System32\Tasks\MyDefrag v4.3.1 Monthly => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticMonthly.MyD [5626 2010-05-21] () [Fichier non signé]
Task: {0E9D6DDD-9CEA-4A85-9D55-DA7FFF20E5F5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {213BF168-343B-410C-86BC-F43489AEA65C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {24EB3B04-824E-4511-BA40-7B1232F7ED63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107368 2016-12-21] (HP Inc. -> HP Inc.)
Task: {2F9A858C-1C76-4866-A469-4F44A33B7248} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {34C7A27D-DBDE-455B-9170-FC041ACA418E} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [517480 2015-12-10] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3B09F35E-A0D5-499C-A252-075F8C7E11A4} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe
Task: {3EA7B4A9-77E3-4926-A0F3-BDD1CC83049F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [376496 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {41F0F9D4-499A-42B6-A74A-B0CB73736602} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1148448 2016-12-07] (HP Inc. -> HP Inc.)
Task: {508D1EA9-9C28-4BB5-955A-D1FD591FAD2F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [212856 2018-08-21] (HP Inc. -> HP Inc.)
Task: {58964299-2B33-4261-95C1-76F58C07E8CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1148448 2016-12-07] (HP Inc. -> HP Inc.)
Task: {7E6E7E0A-7D25-44EB-BC96-AC3DBC57823C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [1626328 2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {97B6C85B-A3EC-476F-9925-21F95E379A5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {9D5482D8-CEFD-487F-9854-48E62D1A0703} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1061752 2018-06-28] (HP Inc. -> HP Inc.)
Task: {A7A78595-F039-4581-869C-B4F54ECC6CF4} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [511344 2015-06-19] (Dropbox, Inc -> )
Task: {B074B312-D879-4BBC-A0FE-FCF34FE10843} - System32\Tasks\MyDefrag v4.3.1 Daily => C:\Program Files\MyDefrag v4.3.1\Scripts\AutomaticDaily.MyD [5663 2010-05-21] () [Fichier non signé]
Task: {B32F1CF6-92A4-4D4D-8827-56919167B307} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {D1CBA5B9-1C84-4B47-A457-CD659B37BF93} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [474472 2015-12-10] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {DF547DEA-1324-4B08-A212-DDDB1CFD5AF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1061752 2018-06-28] (HP Inc. -> HP Inc.)
Task: {E9C980C5-3431-40F2-8616-5BD3F2980DEE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-08] (Dropbox, Inc -> Dropbox, Inc.)
Task: {EE8630BB-248B-474B-A3B2-E7BE04902D48} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16835256 2019-07-11] (Piriform Software Ltd -> Piriform Software Ltd)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 203.189.128.2 124.248.161.60
Tcpip\..\Interfaces\{5698591a-15f9-4ebb-874c-1e48393a3c47}: [DhcpNameServer] 203.189.128.2 124.248.161.60

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3150895626-3185015728-116041242-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKU\S-1-5-21-3150895626-3185015728-116041242-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2018-06-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (EVERNOTE CORPORATION -> Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (Hewlett-Packard Company -> HP Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-10-11] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: qf20ha9l.default-1533137234588
FF DefaultProfile: saabqrh3.default
FF ProfilePath: C:\Users\JLFormation\AppData\Roaming\Mozilla\Firefox\Profiles\qf20ha9l.default-1533137234588 [2019-09-04]
FF Homepage: Mozilla\Firefox\Profiles\qf20ha9l.default-1533137234588 -> www.duckduckgo.com
FF NetworkProxy: Mozilla\Firefox\Profiles\qf20ha9l.default-1533137234588 -> type", 0
FF ProfilePath: C:\Users\JLFormation\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\saabqrh3.default [2019-09-04]
FF Extension: (Pale Moon Locale Switcher) - C:\Users\JLFormation\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\saabqrh3.default\Extensions\pm-localeswitch@palemoon.org.xpi [2017-05-03] [Legacy] [non signé]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.) [Fichier non signé]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-09-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-06-11] (VideoLAN -> VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-08] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-07-08] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-07-13] (Intel(R) Software -> Intel Corporation)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144616 2015-08-20] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent Inc -> WildTangent)
R2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [608520 2015-02-17] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-25] (Intel Corporation - pGFX -> Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-12-10] (Zhuhai Kingsoft Office Software Co.,Ltd -> Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2019-08-20] () [Fichier non signé]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176624 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 wust; C:\OSRSS\wust.exe [0 0000-00-00] (Accès refusé) <==== ATTENTION (Accès refusé)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41704 2013-10-29] (CyberLink Corp. -> CyberLink Corporation)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [47096 2015-07-13] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-07-13] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-07-13] (Intel(R) Software -> Intel Corporation)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31464 2015-08-20] (ELAN Microelectronics Corporation -> ELAN Microelectronic Corp.)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [5741816 2015-08-25] (Intel Corporation - pGFX -> Intel Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260480 2019-09-04] (Malwarebytes Corporation -> Malwarebytes)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-08-18] (Realtek Semiconductor Corp -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-06-18] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [6320640 2017-09-29] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (Hewlett-Packard Company -> HP Inc.)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-07-08] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-09-04 17:15 - 2019-09-04 17:15 - 000260480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-09-04 17:07 - 2019-09-04 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-09-04 16:59 - 2019-09-04 17:13 - 000000000 ____D C:\AVG_Remover
2019-09-04 16:53 - 2019-09-04 16:54 - 000011755 _____ C:\WINDOWS\SysWOW64\avgremover_msilog.txt
2019-09-04 16:53 - 2019-09-04 16:53 - 004146112 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgremoverx.exe
2019-09-04 16:50 - 2019-09-04 16:50 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-09-04 16:50 - 2019-09-04 16:50 - 000000000 ____D C:\Users\JLFormation\AppData\Local\mbamtray
2019-09-04 16:41 - 2019-09-04 16:41 - 007986864 _____ ( ) C:\Users\JLFormation\Desktop\AVG_Remover.exe
2019-09-04 16:40 - 2019-09-04 16:45 - 011855144 _____ (AVG Technologies CZ, s.r.o.) C:\Users\JLFormation\Desktop\AVG_Clear.exe
2019-09-04 13:20 - 2019-09-04 13:20 - 000000000 ____D C:\WINDOWS\PCHEALTH
2019-09-04 12:10 - 2019-09-04 17:23 - 000000000 ____D C:\Users\JLFormation\Desktop\FRST-OlderVersion
2019-09-04 12:10 - 2019-09-04 12:15 - 000010175 _____ C:\Users\JLFormation\Desktop\Fixlog.txt
2019-09-04 12:10 - 2019-09-04 12:10 - 000003587 _____ C:\Users\JLFormation\Desktop\eccvsgtcuzk.txt
2019-09-03 16:19 - 2019-09-03 16:25 - 000040134 _____ C:\Users\JLFormation\Desktop\Addition.txt
2019-09-03 16:07 - 2019-09-04 17:23 - 000000000 ____D C:\FRST
2019-09-03 16:07 - 2019-09-03 16:25 - 000031624 _____ C:\Users\JLFormation\Desktop\FRST.txt
2019-08-28 15:25 - 2019-08-28 15:25 - 000003390 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3150895626-3185015728-116041242-1001
2019-08-28 15:19 - 2019-08-28 15:19 - 000180705 _____ C:\Users\JLFormation\Desktop\Actualisation Août 2019.pdf
2019-08-28 15:17 - 2019-08-28 15:17 - 000000000 ___HT C:\WINDOWS\wusa.lock
2019-08-20 22:32 - 2019-08-20 22:42 - 000000000 ____D C:\Users\JLFormation\AppData\Roaming\vlc
2019-08-20 22:30 - 2019-08-20 22:30 - 000001146 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-08-20 22:26 - 2019-08-20 22:26 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DTS Audio Control Panel.lnk
2019-08-20 22:25 - 2019-08-20 22:25 - 000000000 ____D C:\Program Files\Realtek
2019-08-20 21:57 - 2019-09-01 07:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-08-20 21:52 - 2019-08-20 21:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriversCloud.com
2019-08-20 21:23 - 2019-08-20 21:27 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-20 20:46 - 2019-08-20 22:32 - 000000000 ____D C:\Program Files\CUAssistant
2019-08-20 20:29 - 2019-02-13 08:33 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-08-20 20:29 - 2018-06-29 10:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-20 20:29 - 2018-06-29 09:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-20 20:29 - 2018-06-13 23:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-08-20 20:29 - 2018-06-13 23:02 - 002786304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-20 20:29 - 2018-06-08 08:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-20 20:29 - 2018-06-08 08:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-08-20 20:29 - 2018-06-08 07:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-08-20 20:29 - 2018-05-11 23:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-20 20:29 - 2018-05-03 08:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-20 20:29 - 2018-03-30 05:44 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-08-20 20:29 - 2018-03-30 05:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2019-08-20 20:29 - 2018-03-30 05:36 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-20 20:29 - 2018-03-30 05:35 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-20 20:29 - 2018-03-30 05:35 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-20 20:29 - 2018-03-30 05:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2019-08-20 20:29 - 2018-03-30 05:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-08-20 20:29 - 2018-03-30 05:25 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-20 20:29 - 2018-03-13 07:25 - 001346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-08-20 20:29 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-20 20:29 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-20 20:29 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-20 20:29 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-20 20:29 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-20 20:29 - 2018-02-10 06:45 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-20 20:29 - 2018-02-10 06:42 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-20 20:27 - 2018-05-04 11:37 - 000278448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Notifier.exe
2019-08-20 19:02 - 2019-08-20 19:02 - 003120512 _____ (Nicolas Coolman) C:\Users\JLFormation\ZHPCleaner.exe
2019-08-13 13:49 - 2019-08-13 13:49 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-08-13 13:49 - 2019-08-13 13:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-08-13 13:49 - 2019-08-13 13:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-08-13 13:49 - 2019-08-13 13:49 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-09-04 17:18 - 2017-03-14 20:22 - 000000000 ____D C:\Users\JLFormation\AppData\LocalLow\Mozilla
2019-09-04 17:16 - 2017-02-14 00:42 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-09-04 17:16 - 2016-07-08 12:38 - 000000000 __SHD C:\Users\JLFormation\IntelGraphicsProfiles
2019-09-04 17:14 - 2018-09-07 21:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-04 17:14 - 2015-12-10 13:17 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-09-04 17:13 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2019-09-04 17:13 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-09-04 17:04 - 2016-07-10 14:33 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-09-04 17:02 - 2017-09-29 10:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-09-04 16:58 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-04 16:57 - 2016-07-10 14:49 - 000000000 ____D C:\Program Files (x86)\AVG
2019-09-04 16:26 - 2017-01-15 21:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-09-04 13:14 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-04 12:47 - 2018-09-07 20:36 - 000000000 ____D C:\Users\JLFormation\AppData\Local\Packages
2019-09-04 12:06 - 2018-09-07 21:09 - 000004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{75C1CA11-6850-4154-AFEB-7A9BF25EEC21}
2019-09-03 16:51 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2019-09-03 16:39 - 2018-08-01 17:44 - 000001341 _____ C:\Users\JLFormation\Desktop\adwcleaner_7.2.2..lnk
2019-09-03 16:23 - 2018-09-07 20:27 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-02 11:58 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\appcompat
2019-09-01 09:26 - 2018-09-07 20:33 - 000000000 ____D C:\Users\JLFormation
2019-09-01 09:22 - 2018-08-02 07:19 - 000000000 ____D C:\Program Files\rempl
2019-09-01 07:31 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-09-01 07:26 - 2015-12-10 12:29 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-09-01 07:23 - 2016-07-08 13:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-09-01 07:23 - 2016-07-08 13:18 - 000001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-09-01 07:23 - 2016-07-08 13:18 - 000001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-08-28 16:32 - 2018-09-07 21:09 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-28 15:47 - 2018-09-07 21:09 - 000004288 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-28 15:47 - 2018-09-07 21:09 - 000004056 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-08-28 15:38 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-28 15:25 - 2016-07-08 12:47 - 000002426 _____ C:\Users\JLFormation\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-28 15:25 - 2016-07-08 12:47 - 000000000 ___RD C:\Users\JLFormation\OneDrive
2019-08-20 22:28 - 2016-07-08 13:45 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2019-08-20 22:27 - 2017-03-14 13:05 - 000000000 ____D C:\Users\JLFormation\Downloads\Logiciels
2019-08-20 22:26 - 2017-02-14 00:43 - 000184860 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-08-20 22:25 - 2017-02-14 00:43 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-08-20 22:22 - 2016-07-08 13:27 - 000001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-08-20 22:13 - 2018-09-07 20:26 - 000417256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-20 22:07 - 2017-02-14 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
2019-08-20 22:03 - 2016-08-18 15:20 - 000000000 ____D C:\Users\JLFormation\Downloads\Pilotes
2019-08-20 21:52 - 2016-08-18 15:15 - 000001051 _____ C:\Users\Public\Desktop\DriversCloud.com - Démarrer la détection.lnk
2019-08-20 21:52 - 2016-08-18 15:15 - 000000000 ____D C:\ProgramData\DriversCloud.com
2019-08-20 21:52 - 2016-08-18 15:15 - 000000000 ____D C:\Program Files\DriversCloud.com
2019-08-20 21:32 - 2018-08-02 08:15 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-20 20:58 - 2016-07-08 19:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-20 20:46 - 2016-07-08 19:03 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-08-20 20:29 - 2018-08-02 17:00 - 000000000 ____D C:\Program Files\CCleaner
2019-08-20 19:42 - 2018-09-07 20:31 - 002134402 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-20 19:42 - 2017-09-30 16:40 - 000942910 _____ C:\WINDOWS\system32\perfh00C.dat
2019-08-20 19:42 - 2017-09-30 16:40 - 000201412 _____ C:\WINDOWS\system32\perfc00C.dat
2019-08-20 19:40 - 2018-09-07 21:20 - 000000000 ____D C:\Windows.old
2019-08-20 19:25 - 2018-08-01 17:06 - 000001339 _____ C:\Users\JLFormation\Desktop\Paramètres.lnk
2019-08-20 19:25 - 2016-07-10 13:25 - 000000000 ____D C:\Users\JLFormation\AppData\Roaming\ZHP
2019-08-20 19:19 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-20 19:03 - 2018-08-01 17:44 - 000000747 _____ C:\Users\JLFormation\Desktop\ZHPCleaner.lnk

==================== Fichiers à la racine de certains dossiers ================

2019-08-20 19:02 - 2019-08-20 19:02 - 003120512 _____ (Nicolas Coolman) C:\Users\JLFormation\ZHPCleaner.exe

==================== FLock ================

2018-09-07 16:09 C:\WINDOWS\iis_gather.log

==================== SigCheck ===============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

==================== Fin de FRST.txt ============================