Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2020
Exécuté par stephane (administrateur) sur STEPHANE-PC (Acer Aspire 5738) (30-06-2020 08:04:41)
Exécuté depuis C:\Users\stephane\Downloads
Profils chargés: stephane
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] [Fichier en cours d'utilisation] C:\Windows\PLFSetI.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated -> Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Acer) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApMsgFwd.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\ApntEx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Apoint.exe
(Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Program Files\Apoint2K\Hidfind.exe
(Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Sony Mobile Communications AB -> Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
(Sony) [Fichier non signé] [Fichier en cours d'utilisation] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8060960 2009-08-06] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint2K\Apoint.exe [295936 2009-05-22] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] () [Fichier non signé] [Fichier en cours d'utilisation]
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated -> Acer Incorporated)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc. -> Dritek System Inc.)
HKU\S-1-5-21-4105540990-92902301-2975626565-1000\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2135904 2018-08-28] (Sony Mobile Communications AB -> Sony)
HKU\S-1-5-21-4105540990-92902301-2975626565-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-4105540990-92902301-2975626565-1000\...\MountPoints2: {14c05240-d04c-11e8-b778-001f16cab3c3} - E:\startme.exe
HKU\S-1-5-21-4105540990-92902301-2975626565-1000\...\MountPoints2: {84e745b5-04ef-11e8-8932-001f16cab3c3} - E:\startme.exe
HKLM\...\Print\Monitors\HP C211 Status Monitor: C:\Windows\system32\hpinkstsC211LM.dll [333496 2013-02-10] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Deskjet 2540 series): C:\Windows\system32\HPDiscoPMC211.dll [755744 2013-02-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.108\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0838A4EA-50B8-4353-8984-04C4FDEF139D} - System32\Tasks\{CD6842EA-928B-4ED6-A935-75C7C8453A9E} => C:\Program Files (x86)\VideoLAN\VLC\vlc.exe [962760 2019-08-14] (VideoLAN -> VideoLAN)
Task: {0970715B-CFE1-4522-AEE6-587FD22AEFCC} - System32\Tasks\{092334BE-116E-49B0-B09C-18754BA6C927} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{F193FC0E-9E18-40FC-A974-509A1BDD240A}\setup.exe" -c -runfromtemp -l0x040c -removeonly
Task: {0D5F84F0-AE52-4C3F-ABDD-809E0D581B68} - System32\Tasks\{6B4EAC07-395B-433B-94CF-2682CF59A2F5} => C:\Windows\system32\pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Task: {0E619638-109D-49AD-B9FA-D85C1B5A7D3E} - System32\Tasks\{68E0129B-7C7C-4C99-9ABA-7478290E65B1} => C:\Windows\system32\pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe
Task: {34F1804C-06C0-4F39-80B7-DD12EA95A8A0} - System32\Tasks\{76E871E4-B0AE-4301-ACC2-1E7FB7E24DC3} => C:\Windows\system32\pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {4DFA418D-A81C-4DB6-9EF0-12F0094D0C7E} - System32\Tasks\{1EFE52F5-CC90-4451-BF76-340C2FEF0835} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Alwil Software\Avast5\aswRunDll.exe" -c "C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll" RunSetup
Task: {55140491-6AB0-4B13-8FB3-5E6441CF5E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
Task: {5A50F6CD-9EAC-44EF-A9D6-3691F1524FA7} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_387_Plugin.exe [1459256 2020-06-10] (Adobe Inc. -> Adobe)
Task: {67A527CA-D1D9-43A4-9DAB-23A8FA47BA26} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [675840 2009-07-09] (Acer) [Fichier non signé] [Fichier en cours d'utilisation]
Task: {7251A587-E51A-46B2-9445-0895D0796309} - System32\Tasks\{7F73ED03-EBA0-4B97-A059-0E461CF88F15} => C:\Users\stephane\Desktop\outils\setup_av_free_fre.exe
Task: {7E7317BA-6AC4-4110-9408-32828EDF191B} - System32\Tasks\{09419F94-8F56-47B5-9B47-E209E8C09FF0} => C:\Windows\system32\pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
Task: {9298C310-2E8F-4AA2-B34D-66B6007EE98F} - System32\Tasks\{1C133801-8AA1-06DE-982C-1E5D892F3820}\gupalefo => C:\Users\stephane\AppData\Roaming\1c1338018aa106de982c1e5d892f3820\gupalefo.exe [0 2013-04-15] ()
Task: {96BDD51A-F96B-4C64-B6A7-695C321E7E95} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {973A7384-6E42-48DA-A1CC-496EA3390C2C} - System32\Tasks\{10EF1ADD-3469-4C85-AB05-8C41FB1DEAE2} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {A66A0633-81D2-49B2-95E7-0C5D764E0BD8} - System32\Tasks\{B6BD1303-BB3A-48B2-A43C-E91218CA36B9} => C:\Windows\system32\pcalua.exe -a "C:\Users\stephane\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OA8P3ZT3\Installation_Messenger2011[1].exe" -d C:\Users\stephane\Desktop
Task: {AC016042-E577-435C-9C86-79D6299409AB} - System32\Tasks\{F8E757EF-1E58-40FD-9C5F-5D758138CF8E} => C:\Program Files (x86)\YesMessenger\YesMessenger.exe
Task: {BA3B970C-44FB-4774-8D0F-C2DBBEDDF5E7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {BB158101-D3CF-4A99-B8E6-5CD27301F1C5} - System32\Tasks\Programme de mise à jour en ligne de Egis technology => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
Task: {BEE74384-E166-44C4-91D5-8EAE5C56A80E} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {BF69E26B-4DCD-4C44-A186-62CE80C5C10A} - System32\Tasks\{4E7ABFD1-D5E9-48A6-AC75-F93F8EF39225} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5731C0A8-B266-451A-8D3F-8066AA21836F}\setup.exe" -c -runfromtemp -l0x040c -removeonly
Task: {DAB8E03F-F0C9-460B-BEA2-F8C0F385340A} - System32\Tasks\Programme de mise à jour en ligne de Adobe => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {E8630F9A-DE8B-4C6B-BCBC-5CD372CCBB24} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2017-07-24] (Apple Inc. -> Apple Inc.)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{6CDD17F2-9C9F-42A4-8AB5-D5D1109C7828}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B71149D2-C3C7-4816-AE8A-E924E0EC8FA5}: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{F5F04939-B628-493D-A81F-95B645F380F0}: [DhcpNameServer] 172.20.10.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_rfhuixn_20_10_ssg03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutD0CyCtDyByCyD0F0EtByC0BtDyCzyzztN0D0Tzu0StBzyzzyEtN1L2XzuyEtFyCtCtFtDtFtCtBtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEzytC0CzzyCyCtGtA0FyB0BtG0F0D0FtDtGtCtBtDyEtGyDyE0B0AtCtAzy0EtCtA0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0B0FzzyBtAyDtDtG0Ezz0C0AtGyEzy0DzytG0BtB0D0FtGyCyE0Bzy0B0E0Fzyzz0FtB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzztAtBtAtCtAtCyC%26cr%3D771013889%26a%3Dwsg_rfhuixn_20_10_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-4105540990-92902301-2975626565-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_rfhuixn_20_10_ssg03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutD0CyCtDyByCyD0F0EtByC0BtDyCzyzztN0D0Tzu0StBzyzzyEtN1L2XzuyEtFyCtCtFtDtFtCtBtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEzytC0CzzyCyCtGtA0FyB0BtG0F0D0FtDtGtCtBtDyEtGyDyE0B0AtCtAzy0EtCtA0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0B0FzzyBtAyDtDtG0Ezz0C0AtGyEzy0DzytG0BtB0D0FtGyCyE0Bzy0B0E0Fzyzz0FtB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzztAtBtAtCtAtCyC%26cr%3D771013889%26a%3Dwsg_rfhuixn_20_10_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium
HKU\S-1-5-21-4105540990-92902301-2975626565-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://fr.msn.com/?ocid=iehp
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> DefaultScope {60EC783B-4C87-4E2D-B4F8-1CD7986C3144} URL = hxxp://www.qo-pro.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_rfhuixn_20_10_ssg03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutD0CyCtDyByCyD0F0EtByC0BtDyCzyzztN0D0Tzu0StBzyzzyEtN1L2XzuyEtFyCtCtFtDtFtCtBtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEzytC0CzzyCyCtGtA0FyB0BtG0F0D0FtDtGtCtBtDyEtGyDyE0B0AtCtAzy0EtCtA0AyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0B0FzzyBtAyDtDtG0Ezz0C0AtGyEzy0DzytG0BtB0D0FtGyCyE0Bzy0B0E0Fzyzz0FtB0E2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzztAtBtAtCtAtCyC%26cr%3D771013889%26a%3Dwsg_rfhuixn_20_10_ssg03%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> {60EC783B-4C87-4E2D-B4F8-1CD7986C3144} URL = hxxp://www.qo-pro.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> {91866B0D-DD84-49C1-A7C7-E2872A063EC4} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_frFR393
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier
Toolbar: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> Pas de nom - {54B2F79C-27A2-45FB-9150-A31A28FDECE9} - Pas de fichier
Toolbar: HKU\S-1-5-21-4105540990-92902301-2975626565-1000 -> Pas de nom - {E483A649-EFC1-4CEB-BFF6-8BE71582056D} - Pas de fichier
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF DefaultProfile: bzcell0x.default
FF ProfilePath: C:\Users\stephane\AppData\Roaming\Mozilla\Firefox\Profiles\bzcell0x.default [2020-06-30]
FF Homepage: Mozilla\Firefox\Profiles\bzcell0x.default -> hxxps://www.google.fr
FF Notifications: Mozilla\Firefox\Profiles\bzcell0x.default -> hxxps://emailing.jsmediaperf.fr; hxxps://maaf-by.accengage.net; hxxps://fr.zaful.com; hxxps://www.santemagazine.fr
FF Extension: (Disconnect) - C:\Users\stephane\AppData\Roaming\Mozilla\Firefox\Profiles\bzcell0x.default\Extensions\2.0@disconnect.me.xpi [2020-01-17]
FF Extension: (AdGuard AdBlocker) - C:\Users\stephane\AppData\Roaming\Mozilla\Firefox\Profiles\bzcell0x.default\Extensions\adguardadblocker@adguard.com.xpi [2020-06-03]
FF Extension: (Search Manager) - C:\Users\stephane\AppData\Roaming\Mozilla\Firefox\Profiles\bzcell0x.default\Extensions\{24436206-088d-4a1a-8d0e-cf93ca7a2d23}.xpi [2020-03-03] [UpdateUrl:hxxps://qupotomu.com/update?x=restype=ffjson]
FF Extension: (Vee Enhanced) - C:\Users\stephane\AppData\Roaming\Mozilla\Firefox\Profiles\bzcell0x.default\Extensions\{c4d07931-ac2b-40ff-b139-fe6fba79142c}.xpi [2020-03-03]
FF HKLM-x32\...\Firefox\Extensions: [widestream6@spointer.com] - C:\Program Files (x86)\Widestream6\spointer\extensions\widestream6@spointer.com => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_387.dll [2020-06-10] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [pioliciekajfgilkenamlbghbpgpipdm] - C:\Program Files (x86)\Widestream6\spointer\extensions\chrome\widestream6_air_chrome.crx <non trouvé(e)>

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-06-10] (Adobe Inc. -> Adobe)
R2 AgereModemAudio; C:\Program Files\LSI SoftModem\agr64svc.exe [16896 2009-03-28] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc. -> Apple Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2292096 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2198016 2018-08-28] (Sony) [Fichier non signé] [Fichier en cours d'utilisation]
S2 Greg_Service; C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [X]
S2 Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 aftap0901; C:\Windows\System32\DRIVERS\aftap0901.sys [48624 2018-01-23] (AnchorFree Inc -> The OpenVPN Project)
R3 AgereSoftModem; C:\Windows\System32\DRIVERS\agrsm64.sys [1208320 2009-04-07] (Microsoft Windows Hardware Compatibility Publisher -> LSI Corporation)
R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1484800 2009-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [32384 2018-03-14] (Sony Mobile Communications AB -> Sony Mobile Communications)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x64.sys [54272 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2008-11-04] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2008-11-04] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [152616 2008-11-04] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [132648 2008-11-04] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2008-11-04] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2008-11-04] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [145960 2008-11-04] (Sony Ericsson Mobile Communications AB -> MCCI Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [Fichier non signé] [Fichier en cours d'utilisation]
S3 cpuz132; \??\C:\Users\stephane\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X] <==== ATTENTION
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 SWDUMon; system32\DRIVERS\SWDUMon.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ===================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-06-30 08:04 - 2020-06-30 08:06 - 000026302 _____ C:\Users\stephane\Downloads\FRST.txt
2020-06-30 08:03 - 2020-06-30 08:05 - 000000000 ____D C:\FRST
2020-06-30 08:02 - 2020-06-30 08:02 - 000001505 _____ C:\Users\stephane\Desktop\FRST64.exe - Raccourci.lnk
2020-06-30 08:00 - 2020-06-30 08:00 - 002291712 _____ (Farbar) C:\Users\stephane\Downloads\FRST64.exe
2020-06-29 22:30 - 2020-06-29 22:30 - 015084224 _____ (Microsoft Corporation) C:\Users\stephane\Downloads\MSEInstall(4).exe
2020-06-29 22:26 - 2020-06-29 22:26 - 015084224 _____ (Microsoft Corporation) C:\Users\stephane\Downloads\MSEInstall(3).exe
2020-06-29 11:37 - 2020-06-29 11:37 - 000001187 _____ C:\Users\stephane\Desktop\mpam-fe.exe - Raccourci.lnk
2020-06-29 11:17 - 2020-06-29 11:18 - 107060664 _____ (Microsoft Corporation) C:\Users\stephane\Downloads\mpam-fe.exe
2020-06-19 10:50 - 2020-06-19 10:51 - 000000000 ____D C:\Users\stephane\AppData\Local\{A03775B8-0962-48AE-A2BC-44A564449D4C}
2020-06-18 20:37 - 2020-06-18 20:37 - 000000000 ____D C:\Users\stephane\AppData\Local\{DF295CA1-B9CA-40F4-9184-8AEDCCF66BBA}
2020-06-18 20:12 - 2020-06-18 20:12 - 000000000 ____D C:\Users\stephane\AppData\Local\{82C14D0A-DE27-43F4-A4EC-3BFE0AD0DD1C}
2020-06-18 20:11 - 2020-06-18 20:11 - 000000000 ____D C:\Users\stephane\AppData\Local\{10EE0FC8-DEE1-4B56-9B28-558C44359990}
2020-06-14 18:54 - 2020-06-14 18:54 - 000277248 _____ C:\Windows\Minidump\061420-20170-01.dmp
2020-06-10 12:44 - 2020-06-10 12:44 - 000012371 _____ C:\Users\stephane\Downloads\IndemnitesJournalieres29042020(1).pdf
2020-06-08 21:18 - 2020-06-08 21:33 - 000000000 ____D C:\Program Files\Mozilla Firefox

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-06-30 08:02 - 2017-12-29 11:24 - 000000000 ____D C:\Users\stephane\AppData\LocalLow\Mozilla
2020-06-30 08:01 - 2009-07-14 06:45 - 000017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-06-30 08:01 - 2009-07-14 06:45 - 000017600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-06-30 07:52 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-06-29 22:31 - 2018-03-29 15:14 - 000002152 _____ C:\Windows\epplauncher.mif
2020-06-29 21:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2020-06-29 21:05 - 2010-11-21 19:53 - 000000000 ____D C:\Users\stephane\AppData\Local\Windows Live
2020-06-29 19:01 - 2011-02-10 18:40 - 000000000 ____D C:\Users\stephane\AppData\Local\ElevatedDiagnostics
2020-06-28 08:12 - 2009-08-22 07:23 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-06-19 10:41 - 2020-03-01 22:46 - 000068608 ___SH C:\Users\stephane\Downloads\Thumbs.db
2020-06-19 10:37 - 2009-07-14 07:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2020-06-14 18:54 - 2011-02-05 20:52 - 481962964 _____ C:\Windows\MEMORY.DMP
2020-06-14 18:54 - 2011-02-05 20:52 - 000000000 ____D C:\Windows\Minidump
2020-06-10 14:55 - 2018-03-14 13:55 - 000004646 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-06-10 14:55 - 2012-04-18 19:02 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-06-10 14:55 - 2012-04-18 19:02 - 000004484 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-06-10 14:55 - 2012-03-04 16:35 - 000000000 ____D C:\Windows\system32\Macromed
2020-06-10 14:55 - 2012-02-16 23:45 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-09 08:33 - 2017-12-29 11:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2020-06-02 20:52 - 2019-05-08 17:32 - 000000000 ____D C:\Users\stephane\IMPOTSTEF

==================== Fichiers à la racine de certains dossiers ========

2015-01-27 21:25 - 2015-01-27 21:25 - 006000640 _____ () C:\Program Files (x86)\GUTF113.tmp
2009-08-22 10:43 - 2009-02-10 21:23 - 000192484 _____ () C:\Program Files (x86)\Common Files\Acer GameZone online.ico
2015-01-27 22:48 - 2015-12-01 14:04 - 000000208 _____ () C:\Users\stephane\AppData\Roaming\WB.CFG
2013-01-03 21:55 - 2017-12-29 19:04 - 000000086 _____ () C:\Users\stephane\AppData\Roaming\wklnhst.dat
2015-02-04 02:21 - 2015-02-04 02:21 - 000234679 _____ () C:\Users\stephane\AppData\Local\dsi1.dat
2015-02-04 02:21 - 2015-02-04 02:21 - 000161916 _____ () C:\Users\stephane\AppData\Local\dsi2.dat
2017-12-27 22:16 - 2017-12-27 22:19 - 000001828 _____ () C:\Users\stephane\AppData\Local\MyWinLockerInstaller.txt-20171227.log
2017-12-29 10:45 - 2017-12-29 10:48 - 000006287 _____ () C:\Users\stephane\AppData\Local\MyWinLockerInstaller.txt-20171229.log
2018-01-29 16:40 - 2018-10-15 13:30 - 050380640 _____ (Sony) C:\Users\stephane\AppData\Local\pcc.exe
2017-12-29 10:35 - 2020-01-17 10:23 - 000007621 _____ () C:\Users\stephane\AppData\Local\Resmon.ResmonCfg
2011-06-28 18:05 - 2011-06-28 18:05 - 000000000 _____ () C:\Users\stephane\AppData\Local\{6D081706-4874-47B9-BB7F-732C724F4970}
2011-06-28 18:04 - 2011-06-28 18:04 - 000000000 _____ () C:\Users\stephane\AppData\Local\{6F0461CD-56C2-4897-AC3E-C92E6987167C}
2011-05-30 18:54 - 2011-05-30 19:00 - 000000000 _____ () C:\Users\stephane\AppData\Local\{787C56D6-C01E-4771-93F0-03516F3AA5C2}
2011-06-04 18:24 - 2011-06-04 18:25 - 000000000 _____ () C:\Users\stephane\AppData\Local\{C3B3B0AB-9767-4412-B8D5-2CCEE4A55821}
2011-05-27 13:16 - 2011-05-27 13:22 - 000000000 _____ () C:\Users\stephane\AppData\Local\{F2B4A0E1-9EC1-45AF-85EE-72BC93CF2B37}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2020-06-26 10:05
==================== Fin de FRST.txt ========================