Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21.11.2018
Exécuté par rih73 (administrateur) sur DESKTOP-C3LKSD9 (23-11-2018 10:51:01)
Exécuté depuis C:\Users\rih73\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads
Profils chargés: rih73 & riri (Profils disponibles: rih73 & riri)
Platform: Windows 10 Home Version 1803 17134.285 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Spotify Ltd) C:\Users\rih73\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIREE.EXE
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Michel Krämer) C:\Program Files (x86)\Spamihilator\spamihilator.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Cloud Solutions) C:\Program Files (x86)\Cloud Solutions\Wimi Drive\WimiDisk.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Spotify Ltd) C:\Users\rih73\AppData\Roaming\Spotify\Spotify.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Spotify Ltd) C:\Users\rih73\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\rih73\AppData\Roaming\Spotify\Spotify.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSPanel.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Farbar) C:\Users\rih73\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads\FRST64 (3).exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-11-21] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\ASUSWSLoader.exe [63272 2015-12-24] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\...\Run: [Spotify] => C:\Users\rih73\AppData\Roaming\Spotify\Spotify.exe [25323240 2018-11-16] (Spotify Ltd)
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [68408 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-01-10] (Apple Inc.)
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIREE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [570368 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2729967702-1330283227-560769821-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2016-05-05]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
Startup: C:\Users\rih73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk [2018-03-27]
ShortcutTarget: Spamihilator.lnk -> C:\Program Files (x86)\Spamihilator\spamihilator.exe (Michel Krämer)
Startup: C:\Users\rih73\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wimi Drive.lnk [2018-11-22]
ShortcutTarget: Wimi Drive.lnk -> C:\Program Files (x86)\Cloud Solutions\Wimi Drive\WimiDisk.exe (Cloud Solutions)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{05298b4e-42b8-48c4-8c9f-ec5ce5de2179}: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{14b02b79-ea20-4db5-8df0-0a9befe49090}: [DhcpNameServer] 40.52.1.13

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_07_ssg08¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0CyD0Czz0E0D0C0EtC0E0FyC0F0D0DtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0D0DtAtCzy0AzytGyB0C0E0BtGzzyD0FzztGtAyEtB0CtGyDtD0AzytB0F0CtD0FzyyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztDtA0DtDzzzy0BtG0BtA0E0DtGyEtA0BtBtG0AyCtB0FtGyCtDyCyEyD0DtC0E0EtDyDtB2QtN0A0LzuyE%26cr%3D238687618%26a%3Dwbf_popjar_17_07_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.accueil-nav.com/
HKU\S-1-5-21-2729967702-1330283227-560769821-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2729967702-1330283227-560769821-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-2729967702-1330283227-560769821-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_07_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0CyD0Czz0E0D0C0EtC0E0FyC0F0D0DtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0D0DtAtCzy0AzytGyB0C0E0BtGzzyD0FzztGtAyEtB0CtGyDtD0AzytB0F0CtD0FzyyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztDtA0DtDzzzy0BtG0BtA0E0DtGyEtA0BtBtG0AyCtB0FtGyCtDyCyEyD0DtC0E0EtDyDtB2QtN0A0LzuyE%26cr%3D238687618%26a%3Dwbf_popjar_17_07_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_07_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0CyD0Czz0E0D0C0EtC0E0FyC0F0D0DtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0D0DtAtCzy0AzytGyB0C0E0BtGzzyD0FzztGtAyEtB0CtGyDtD0AzytB0F0CtD0FzyyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztDtA0DtDzzzy0BtG0BtA0E0DtGyEtA0BtBtG0AyCtB0FtGyCtDyCyEyD0DtC0E0EtDyDtB2QtN0A0LzuyE%26cr%3D238687618%26a%3Dwbf_popjar_17_07_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_07_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0CyD0Czz0E0D0C0EtC0E0FyC0F0D0DtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0D0DtAtCzy0AzytGyB0C0E0BtGzzyD0FzztGtAyEtB0CtGyDtD0AzytB0F0CtD0FzyyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztDtA0DtDzzzy0BtG0BtA0E0DtGyEtA0BtBtG0AyCtB0FtGyCtDyCyEyD0DtC0E0EtDyDtB2QtN0A0LzuyE%26cr%3D238687618%26a%3Dwbf_popjar_17_07_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_popjar_17_07_ssg08¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0CyD0Czz0E0D0C0EtC0E0FyC0F0D0DtN0D0Tzu0StCzzyByEtN1L2XzutAtFtByBtFtCtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StC0D0DtAtCzy0AzytGyB0C0E0BtGzzyD0FzztGtAyEtB0CtGyDtD0AzytB0F0CtD0FzyyE0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzztDtA0DtDzzzy0BtG0BtA0E0DtGyEtA0BtBtG0AyCtB0FtGyCtDyCyEyD0DtC0E0EtDyDtB2QtN0A0LzuyE%26cr%3D238687618%26a%3Dwbf_popjar_17_07_ssg08%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2729967702-1330283227-560769821-1001 -> DefaultScope {651E80A6-E89C-4FE5-BDA3-79A7377362CE} URL = hxxp://www.accueil-nav.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2729967702-1330283227-560769821-1001 -> {651E80A6-E89C-4FE5-BDA3-79A7377362CE} URL = hxxp://www.accueil-nav.com/search?q={searchTerms}
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-11-06] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-11-06] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-2729967702-1330283227-560769821-1001 -> hxxp://www.bing/

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-07-10] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] ()

Chrome:
=======
CHR HomePage: Default -> hxxp://www.accueil-nav.com/
CHR StartupUrls: Default -> "hxxp://www.accueil-nav.com/"
CHR DefaultSearchURL: Default -> hxxp://www.accueil-nav.com/search?q={searchTerms}
CHR DefaultSearchKeyword: Default -> recherche
CHR Profile: C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default [2018-11-22]
CHR Extension: (Slides) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-02]
CHR Extension: (Docs) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-02]
CHR Extension: (Google Drive) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-15]
CHR Extension: (YouTube) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-15]
CHR Extension: (Avast SafePrice | Comparison, deals, coupons) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-09-17]
CHR Extension: (Sheets) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-17]
CHR Extension: (Avast Online Security) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-05-02]
CHR Extension: (Search Manager) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2018-09-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-02]
CHR Extension: (Gmail) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-15]
CHR Extension: (Chrome Media Router) - C:\Users\rih73\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-17]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2729967702-1330283227-560769821-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.2.6.547\AsusWSWinService.exe [75264 2015-12-24] (ASUS Cloud Corporation) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-11-21] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [323152 2015-07-29] (Windows (R) Win 7 DDK provider) [Fichier non signé]
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [324000 2018-11-21] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-11] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-11-21] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9667872 2018-10-24] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2016-01-13] (Seiko Epson Corporation)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1385640 2015-08-17] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155376 2015-10-03] (NVIDIA Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Fichier non signé]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Fichier non signé]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdatesvr.exe [133480 2016-03-24] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-10-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568816 2015-10-03] (NVIDIA Corporation)
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-06-24] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-17] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S2 Wimi Disk Updater; C:\Program Files (x86)\Cloud Solutions\Wimi Drive\Updater\WimiDiskUpdater.exe [1062912 2018-02-20] (Cloud Solutions) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [106904 2018-08-03] (Microsoft Corporation)
S2 0193201535293203mcinstcleanup; C:\Users\rih73\AppData\Local\Temp\019320~1.EXE -cleanup -nolog [X] <==== ATTENTION

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [141304 2015-12-18] (ASUS Corporation)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201240 2018-11-21] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230344 2018-11-21] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201768 2018-11-21] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346592 2018-11-21] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59496 2018-11-21] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-25] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239608 2018-11-21] (AVAST Software)
R3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46384 2018-11-21] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2018-11-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163208 2018-11-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111800 2018-11-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87432 2018-11-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028680 2018-11-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469272 2018-11-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208472 2018-11-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380464 2018-11-21] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55816 2015-08-17] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [53752 2015-08-17] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [261624 2015-08-17] (Intel Corporation)
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-07] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-10-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50472 2015-08-09] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-11-23 10:48 - 2018-11-23 10:51 - 000000000 ____D C:\FRST
2018-11-21 17:21 - 2018-11-21 17:21 - 001697867 _____ C:\Users\rih73\Documents\JAQUETTE BATO.odt
2018-11-21 13:15 - 2018-11-21 13:15 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-11-15 13:35 - 2018-11-15 13:57 - 1926889637 _____ C:\Users\rih73\Desktop\wetransfer-f6e7c9.zip
2018-11-15 12:47 - 2018-11-15 13:16 - 2001433475 _____ C:\Users\rih73\Desktop\wetransfer-e5ce55.zip
2018-11-15 12:41 - 2018-11-15 12:46 - 471347154 _____ C:\Users\rih73\Desktop\video batojazz.mp4
2018-11-15 12:40 - 2018-11-15 12:40 - 008725704 _____ C:\Users\rih73\Downloads\20181111_133413.mp4.0ql0y9q.partial
2018-11-11 10:44 - 2018-11-11 10:44 - 000011847 _____ C:\Users\rih73\Desktop\Sans nom 1.odt
2018-11-11 10:37 - 2018-11-11 10:37 - 000001587 _____ C:\Users\rih73\Desktop\relevé de gestion.txt
2018-11-11 10:31 - 2018-11-11 10:31 - 000230280 _____ C:\Users\rih73\Desktop\relevé de gestion.pdf
2018-11-11 10:30 - 2018-11-11 10:30 - 000230280 _____ C:\Users\rih73\Downloads\201810250260000000001010P.pdf
2018-11-11 10:30 - 2018-11-11 10:30 - 000230280 _____ C:\Users\rih73\Downloads\201810250260000000001010P (1).pdf
2018-10-27 09:50 - 2018-10-27 09:50 - 000089291 _____ C:\Users\rih73\Desktop\facture templier ticket.pdf
2018-10-25 11:04 - 2018-10-25 11:04 - 000241558 _____ C:\Users\rih73\Desktop\img20181025_12044588.pdf
2018-10-25 11:01 - 2018-10-25 11:01 - 000263252 _____ C:\Users\rih73\Desktop\img20181025_12013599.pdf
2018-10-24 16:49 - 2018-10-24 17:36 - 000000000 ____D C:\Users\rih73\Desktop\Nouveau dossier

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-11-23 10:48 - 2018-06-13 16:07 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-11-23 10:41 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-23 10:15 - 2017-10-06 12:55 - 000000000 ____D C:\Users\rih73\AppData\Roaming\Spotify
2018-11-23 09:36 - 2018-06-13 14:00 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-11-23 08:55 - 2018-06-25 08:26 - 000000000 ____D C:\Users\rih73\AppData\Local\CrashDumps
2018-11-23 08:18 - 2018-04-11 18:41 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-23 08:18 - 2018-04-11 18:41 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-11-22 20:31 - 2017-10-06 12:55 - 000000000 ____D C:\Users\rih73\AppData\Local\Spotify
2018-11-22 20:31 - 2017-01-21 19:40 - 000000162 _____ C:\Users\rih73\Desktop\leshautesterres.url
2018-11-22 20:30 - 2018-04-12 20:03 - 000000000 ___RD C:\Users\rih73\iCloudDrive
2018-11-22 20:30 - 2017-01-21 19:39 - 000000000 __RSD C:\Users\rih73\Wimi Drive leshautesterres
2018-11-22 20:29 - 2018-03-27 09:05 - 000000000 ____D C:\Users\rih73\AppData\Roaming\Spamihilator
2018-11-22 20:27 - 2016-06-24 19:30 - 000000000 __SHD C:\Users\rih73\IntelGraphicsProfiles
2018-11-22 20:26 - 2018-06-13 16:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-22 20:25 - 2018-06-13 15:41 - 000000000 ____D C:\Users\rih73
2018-11-22 20:25 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-11-22 18:34 - 2018-06-13 16:07 - 000004178 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{53306D5A-098E-4EAB-A6C6-196978A8F9EC}
2018-11-21 15:59 - 2018-08-26 09:12 - 000000000 ____D C:\Users\rih73\Desktop\batojazz 2018
2018-11-21 13:26 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-21 13:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-11-21 13:17 - 2018-01-09 05:38 - 000239608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-11-21 13:16 - 2018-06-13 16:07 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-11-21 13:15 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-11-21 13:15 - 2017-11-19 21:32 - 000201240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-11-21 13:15 - 2016-06-25 11:57 - 000469272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-11-21 13:15 - 2016-06-25 11:57 - 000380464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-11-21 13:15 - 2016-06-25 11:57 - 000208472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-11-21 13:15 - 2016-06-25 11:57 - 000163208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-11-21 13:15 - 2016-06-25 11:57 - 000111800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-11-21 13:15 - 2016-06-25 11:57 - 000087432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-11-21 13:15 - 2016-06-25 11:57 - 000046384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-11-21 13:13 - 2018-10-13 09:30 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-11-21 13:13 - 2016-06-25 11:57 - 001028680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-11-21 13:12 - 2017-03-14 13:15 - 000346592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-11-21 13:12 - 2017-03-14 13:15 - 000230344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-11-21 13:12 - 2017-03-14 13:15 - 000201768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-11-21 13:12 - 2017-03-14 13:15 - 000059496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-11-21 11:26 - 2016-05-05 21:47 - 000000000 ____D C:\eSupport
2018-11-21 11:23 - 2016-06-25 11:57 - 000001981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Antivirus Gratuit.lnk
2018-11-21 11:23 - 2016-06-25 11:57 - 000001969 _____ C:\Users\Public\Desktop\Avast Antivirus Gratuit.lnk
2018-11-16 20:58 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-16 19:36 - 2016-08-14 16:43 - 000000000 ____D C:\Users\rih73\AppData\Roaming\vlc
2018-11-16 15:55 - 2018-10-21 17:37 - 000000000 ____D C:\Users\rih73\AppData\Roaming\dvdcss
2018-11-14 19:27 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-14 18:34 - 2018-06-13 15:41 - 000000000 ____D C:\Users\riri
2018-11-14 07:53 - 2016-09-15 14:11 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-14 07:53 - 2016-09-15 14:11 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-11 11:00 - 2016-06-25 09:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-11 10:52 - 2016-06-25 09:50 - 136745976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-07 11:13 - 2018-07-11 15:34 - 000000000 ____D C:\ProgramData\Packages
2018-11-07 11:10 - 2018-01-26 11:49 - 000000000 ____D C:\Users\rih73\AppData\Local\Packages
2018-11-07 11:06 - 2016-06-24 19:31 - 000000000 ____D C:\Users\rih73\AppData\Local\Publishers
2018-11-06 13:07 - 2018-06-13 15:55 - 001766590 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-06 13:07 - 2018-04-12 17:18 - 000792464 _____ C:\WINDOWS\system32\perfh00C.dat
2018-11-06 13:07 - 2018-04-12 17:18 - 000149944 _____ C:\WINDOWS\system32\perfc00C.dat
2018-11-06 13:07 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-11-06 10:21 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-11-06 10:19 - 2016-05-05 14:48 - 000000000 ____D C:\Program Files\Microsoft Office
2018-10-29 19:05 - 2016-06-25 11:01 - 000001488 _____ C:\Users\rih73\Desktop\Netflix.lnk
2018-10-25 10:53 - 2018-07-25 08:22 - 000033441 _____ C:\Users\rih73\Desktop\facture sfr.pdf

==================== Fichiers à la racine de certains dossiers =======

2016-06-24 19:25 - 2018-06-13 12:11 - 001388432 _____ () C:\Users\Public\VOIP.dat
2016-06-24 19:30 - 2018-09-17 16:14 - 000000165 _____ () C:\Users\rih73\AppData\Roaming\sp_data.sys
2017-11-28 15:08 - 2017-11-29 10:13 - 000005120 _____ () C:\Users\rih73\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-06-13 14:00

==================== Fin de FRST.txt ============================