Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2020
Exécuté par Thomas (administrateur) sur THOMAS-PC (ASUSTek Computer Inc. G60JX) (08-04-2020 04:48:16)
Exécuté depuis C:\Users\Thomas\Downloads
Profils chargés: Thomas (Profils disponibles: Thomas & Mcx1-THOMAS-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

() [Fichier non signé] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
() [Fichier non signé] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() [Fichier non signé] C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUSTeK Computer Inc. -> ) C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc. -> ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK Computer Inc. -> ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
(ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUSTeK Computer Inc. -> ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) [Fichier non signé] C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
(ASUSTeK) [Fichier non signé] C:\Windows\SysWOW64\ACEngSvr.exe
(ATK) [Fichier non signé] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Bluestack Systems, Inc. -> BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CACAOWEB Ltd -> ) C:\Users\Thomas\AppData\Roaming\cacaoweb\cacaoweb.exe
(CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAB9SWK.EXE
(CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2LAK.EXE
(CANON INC. -> CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP2RPK.EXE
(Creative Technology Ltd) [Fichier non signé] C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe
(DivX, LLC -> ) C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(DivX, LLC -> DivX, LLC) C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7610 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7610 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) [Fichier non signé] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [EeeStorageBackup] => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe [1732608 2009-11-26] () [Fichier non signé]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1813288 2009-08-17] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [CNAP2 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP2LAK.EXE [406944 2007-09-06] (CANON INC. -> CANON INC.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6937216 2009-10-09] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUSTeK Computer Inc. -> ASUS)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB Audigy\Volume Panel\VolPanlu.exe [237693 2008-12-30] (Creative Technology Ltd) [Fichier non signé]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [Fichier non signé]
HKLM-x32\...\Run: [DivX Download Manager] => C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe [63360 2010-12-08] (DivX, LLC -> DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-03-21] (DivX, LLC -> )
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [896632 2015-07-22] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [238512 2020-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\Run: [Google Update] => C:\Users\Thomas\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2676584 2011-06-08] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\Run: [cacaoweb] => C:\Users\Thomas\AppData\Roaming\cacaoweb\cacaoweb.exe [568624 2017-04-06] (CACAOWEB Ltd -> )
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\Run: [HP Officejet 7610 series (NET)] => C:\Program Files\HP\HP Officejet 7610 series\Bin\ScanToPCActivationApp.exe [2631784 2012-10-21] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\MountPoints2: {87c636b8-6ecd-11e3-8684-0025d3ad1bae} - F:\Startme.exe
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\MountPoints2: {9e2dd82b-d37b-11e4-b095-0025d3ad1bae} - F:\Startme.exe
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\MountPoints2: {f3bb88ec-830c-11e5-8fc0-e0cb4e903795} - F:\AutoRun.exe
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\...\MountPoints2: {f6dfb4a1-1e42-11e1-8489-0025d3ad1bae} - G:\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A11B02 PID_0083
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\...\Authentication\Credential Providers: [{06FE45A8-6D92-44ba-A0F1-9A9BCDC8F5A7}] -> C:\Program Files (x86)\ASUS\SmartLogon\system\FaceCredentialProvider64.dll [2009-05-01] (ASUS) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Providers: [{2AD920F6-D745-4d8b-9526-619171C2CC4D}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Providers: [{455BD3EC-20A5-44c3-8D77-396909825B5E}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [Fichier non signé]
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2009-07-02] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\...\Authentication\Credential Provider Filters: [{120495C2-9E38-48a2-A08B-C302F7487628}] -> C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ShlExt\x64\AdsmCredentialProvider.dll [2009-04-02] (ASUSTek Computer Inc.) [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-02-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation -> Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk [2010-02-04]
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{60D6618B-153F-4353-8185-908E676E5888}\_DCE9A4DB2A5F2786140FA3.exe () [Fichier non signé]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide de Microsoft Office OneNote 2003.lnk [2010-09-06]
ShortcutTarget: Lancement rapide de Microsoft Office OneNote 2003.lnk -> C:\Program Files (x86)\Microsoft Office\OFFICE11\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0FB826EF-772B-4AA7-BE56-9F02CF37BC15} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768 2007-11-30] (ASUSTeK Computer Inc. -> )
Task: {1620AD44-6A4C-4184-B77E-129C1FEB5BFA} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [269952 2009-08-29] (ASUSTeK Computer Inc. -> ATK)
Task: {25BBC055-EBE9-4211-A3F4-F2CE6B9BF89A} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2760824 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {46A8A3BF-6F87-4890-BCB9-3AA7870BD1EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095845657-3592813580-146310495-1000UA => C:\Users\Thomas\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {5C486E95-65A8-4EF5-9E1D-000452247BB5} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [4238184 2011-06-08] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {6F7C2F77-0F15-4379-8D8B-6FF2F593A7CA} - System32\Tasks\{C94B95E3-14A6-4866-8706-B8318730F477} => C:\Windows\system32\pcalua.exe -a "C:\Users\Thomas\Desktop\bureau\SAS V9 For Windows\Setup Disk\setup.exe" -d "C:\Users\Thomas\Desktop\bureau\SAS V9 For Windows\Setup Disk"
Task: {797DFB7F-A984-4DA0-9C72-D0BF5BB63AAE} - System32\Tasks\{4BC52090-19BF-4678-B5F2-16CB20C5DCB1} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" -c /uninstall PROHYBRIDR /dll OSETUP.DLL
Task: {83701E16-9C70-4748-8705-5AD8FE5AE291} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [684544 2009-07-23] (ATK) [Fichier non signé]
Task: {872CE4E0-51C4-4F46-AF11-3CF8ACD489F7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {893898BB-8FB2-4E5A-AD53-18404A377C82} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-THOMAS-PC => C:\Windows\ehome\McxTask.exe [37376 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
Task: {962BEC92-6B00-45A3-BC5F-A334E98DE7AF} - System32\Tasks\{C73C6DEA-5302-4966-B02D-2A64F5763379} => C:\Windows\system32\pcalua.exe -a "D:\autocad 2010 y parait\setup.exe" -d "D:\autocad 2010 y parait"
Task: {9EC4E9C9-D74C-4255-8BF0-7026D8992842} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720 2009-05-19] (ASUSTeK Computer Inc. -> ASUS)
Task: {A9E41AC3-8810-4E38-BDD1-112B0C8011C9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {AA3C6A09-A08D-4C4B-A9AB-76A370FEBCD7} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [53888 2009-09-24] (ASUSTeK Computer Inc. -> )
Task: {AEC1246D-FF75-4288-9E32-3E45C4D55B7A} - System32\Tasks\{313B3BEF-6E4E-4532-A518-8AEAD272C87A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Autodesk\Autodesk Design Review\Setup\Setup.exe" -c /P {55D9E026-DCB0-46FF-B60A-68B972228CF6} /M ADR
Task: {D09E2CC4-62DE-44F4-81CD-71EAE694AA04} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440 2009-11-12] () [Fichier non signé]
Task: {D57FB32C-84D7-49D1-897B-36C0E3A9C270} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095845657-3592813580-146310495-1000Core => C:\Users\Thomas\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {DD1DFE07-304E-4730-9F89-1E44D79A4A44} - \Secured Yahoo Powered focac -> Pas de fichier <==== ATTENTION
Task: {E221F2C6-B8FE-46A4-A6C9-56622581F05E} - System32\Tasks\{B072B94D-9CC2-4222-B5A7-2EDFC771EEDB} => "c:\users\thomas\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.1.73.129.457/fr/abandoninstall?page=tsWLM
Task: {EBACE1EE-1842-46A7-8FCE-7FB0229E048D} - System32\Tasks\{683B1E23-33AC-19CC-CD07-49E4EB69545E} => C:\PROGRA~2\COMMON~1\683B1E~1\SYNCVE~1.EXE
Task: {F1304883-AEB8-46B5-9DDA-D9E30A07A14E} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [58496 2009-08-12] (ASUSTeK Computer Inc. -> TODO: <Company name>)
Task: {F45D4020-07C8-492B-B08A-AFA87C6DE1B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc -> Google Inc.)
Task: {F89318AB-9EB5-43B6-8C11-2865EBDE4E89} - System32\Tasks\{BBD33EDD-EBA2-4D63-B6CA-B1817DEBF4F3} => C:\Windows\system32\pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)

Task: C:\Windows\Tasks\Secured Yahoo Powered focac.job => Wscript.exe C:\ProgramData\{6A8EAFED-E0CC-252B-660A-BB69FC4830A7}\mosi.txt <==== ATTENTION
Task: C:\Windows\Tasks\{683B1E23-33AC-19CC-CD07-49E4EB69545E}.job => C:\PROGRA~2\COMMON~1\683B1E~1\SYNCVE~1.EXE

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Winsock: Catalog5 06 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 212.27.40.240 212.27.40.241
Tcpip\..\Interfaces\{A9630731-78DD-4A6F-9EE3-992FC4345185}: [DhcpNameServer] 212.27.40.241 212.27.40.240
Tcpip\..\Interfaces\{D4290AD8-2557-4335-9060-C37A30B799BD}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FA8CF44C-A6A6-46A7-8505-8586581F43D4}: [DhcpNameServer] 212.27.40.240 212.27.40.241

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-3095845657-3592813580-146310495-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3095845657-3592813580-146310495-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3095845657-3592813580-146310495-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3095845657-3592813580-146310495-1000 -> {79C5EDA2-2F1C-4A5C-BE9B-0490DF9DDDE8} URL = hxxp://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=302398&p={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC -> DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC -> DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL Pas de fichier
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL Pas de fichier

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: (<video> HTML5 DivX Plus Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010-12-12] [] [non signé]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: (DivX HiQ) - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010-12-12] [] [non signé]
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, Inc. -> DivX, LLC.)
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [Pas de fichier]
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC -> DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-05-06] (DivX, Inc. -> DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google Inc -> Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-15] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corporation -> Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Thomas\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-08-09] (RocketLife -> RocketLife, LLP)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3095845657-3592813580-146310495-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2013-02-25] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default [2020-04-08]
CHR Notifications: Default -> hxxps://plus.ultimate-guitar.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://www.google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Extension: (Protection Web Avira) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-03-17]
CHR Extension: (DivX HiQ) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2013-01-11]
CHR Extension: (Bouton Enregistrer Pinterest) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2020-03-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08]
StartMenuInternet: Google Chrome - C:\Users\Thomas\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 ADSMService; C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280 2008-03-31] (ASUSTek Computer Inc.) [Fichier non signé]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1209008 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [484768 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [484768 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [573760 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [Fichier non signé]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [631944 2020-02-26] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433784 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413304 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [831096 2015-07-21] (Bluestack Systems, Inc. -> BlueStack Systems, Inc.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2010-02-04] (Creative Labs) [Fichier non signé]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2010-02-04] (Creative Labs) [Fichier non signé]
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-10-01] (Intel Corporation) [Fichier non signé]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-10-01] (Intel Corporation) [Fichier non signé]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] (ASUSTeK Computer Inc. -> )
S3 athr; C:\Windows\System32\DRIVERS\athrx.sys [1394688 2009-06-20] (Microsoft Windows -> Atheros Communications, Inc.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [68152 2019-06-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [223744 2020-04-01] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [175808 2019-09-24] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-03-12] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-30] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145528 2015-06-16] (Bluestack Systems, Inc. -> BlueStack Systems)
S3 ghsmdm; C:\Windows\System32\DRIVERS\ghsmdm.sys [129304 2011-03-28] (ZTE CORPORATION -> ZTE Incorporated)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] (ASUSTeK Computer Inc. -> )
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [57344 2009-06-10] (Microsoft Windows -> Atheros Communications, Inc.)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [18456 2011-07-07] (ZTE CORPORATION -> HandSet Incorporated)
R2 rimspci; C:\Windows\System32\DRIVERS\rimspe64.sys [60416 2009-07-02] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R2 rixdpcie; C:\Windows\System32\DRIVERS\rixdpe64.sys [55808 2009-07-05] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 SiSGbeLH; C:\Windows\System32\DRIVERS\SiSG664.sys [56832 2009-06-10] (Microsoft Windows -> Silicon Integrated Systems Corp.)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] (SONIX TECHNOLOGY CO. , LTD -> )
S3 SNTUSB64; C:\Windows\System32\DRIVERS\SNTUSB64.SYS [58792 2009-09-17] (SafeNet, Inc. -> SafeNet, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64.sys [14464 2015-01-27] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
U3 tmlwf; pas de ImagePath
U3 tmwfp; pas de ImagePath

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ===================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-04-08 04:48 - 2020-04-08 04:50 - 000034576 _____ C:\Users\Thomas\Downloads\FRST.txt
2020-04-08 04:47 - 2020-04-08 04:49 - 000000000 ____D C:\FRST
2020-04-08 04:47 - 2020-04-08 04:47 - 002281472 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2020-04-07 11:44 - 2020-04-07 11:44 - 000127296 _____ C:\Users\Thomas\Downloads\Facture_0000356_ROCAMAT_20200407_114420.pdf
2020-04-07 11:42 - 2020-04-07 11:42 - 000127621 _____ C:\Users\Thomas\Downloads\Facture_0000353_SGB_Dermici_20200407_114207.pdf
2020-04-06 10:59 - 2020-04-06 10:59 - 000127773 _____ C:\Users\Thomas\Downloads\Facture_0000363_CREAPIERRE_20200406_105928.pdf
2020-04-06 10:58 - 2020-04-06 10:58 - 000143028 _____ C:\Users\Thomas\Downloads\Facture_0000360_CREAPIERRE_20200406_105827.pdf
2020-04-06 10:42 - 2020-04-06 10:42 - 000142981 _____ C:\Users\Thomas\Downloads\Facture_0000360_CREAPIERRE_20200406_104207.pdf
2020-04-06 10:22 - 2020-04-06 10:23 - 001334829 _____ C:\Users\Thomas\Downloads\GUIDE-DE-PRECONISATIONS-COVID-19-OPPBTP.pdf
2020-04-01 11:17 - 2020-04-01 11:17 - 000026677 _____ C:\Users\Thomas\Downloads\Accusé de réception.pdf
2020-03-31 17:24 - 2020-03-31 17:24 - 000318327 _____ C:\Users\Thomas\Downloads\Photos.zip
2020-03-21 10:07 - 2020-03-21 10:07 - 000319856 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Installer (3).exe
2020-03-21 10:05 - 2020-03-21 10:05 - 000319856 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Installer (2).exe
2020-03-21 10:05 - 2020-03-21 10:05 - 000319856 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Installer (1).exe
2020-03-20 09:47 - 2020-03-20 09:47 - 000127717 _____ C:\Users\Thomas\Downloads\Facture_0000363_CREAPIERRE_20200320_084716.pdf
2020-03-17 08:31 - 2020-03-17 08:31 - 000319856 _____ (Mozilla) C:\Users\Thomas\Downloads\Firefox Installer.exe
2020-03-16 12:41 - 2020-03-16 12:41 - 000241179 _____ C:\Users\Thomas\Documents\Scan0173.pdf
2020-03-16 12:40 - 2020-03-16 12:40 - 000446013 _____ C:\Users\Thomas\Documents\Scan0172.pdf
2020-03-13 08:11 - 2020-03-13 08:11 - 000874771 _____ C:\Users\Thomas\Documents\Scan0171.pdf
2020-03-13 07:39 - 2020-03-13 07:39 - 000231047 _____ C:\Users\Thomas\Documents\Scan0170.pdf
2020-03-13 07:22 - 2020-03-13 07:22 - 000246470 _____ C:\Users\Thomas\Documents\Scan0169.pdf
2020-03-11 08:40 - 2020-03-11 08:40 - 000365779 _____ C:\Users\Thomas\Documents\Scan0168.pdf
2020-03-11 08:37 - 2020-03-11 08:37 - 000188674 _____ C:\Users\Thomas\Documents\Scan0167.pdf
2020-03-10 12:41 - 2020-03-10 12:41 - 000248478 _____ C:\Users\Thomas\Documents\Scan0166.pdf
2020-03-10 08:06 - 2020-03-10 08:06 - 000261648 _____ C:\Users\Thomas\Documents\Scan0165.pdf

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-04-08 04:50 - 2017-04-08 20:50 - 000000992 _____ C:\Windows\Tasks\Secured Yahoo Powered focac.job
2020-04-08 04:50 - 2017-04-08 20:50 - 000000256 _____ C:\Windows\Tasks\{683B1E23-33AC-19CC-CD07-49E4EB69545E}.job
2020-04-08 04:43 - 2010-03-21 13:17 - 000003944 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{029FA47A-B2A6-4661-A681-882B74032751}
2020-04-08 04:39 - 2019-11-21 10:21 - 000003174 _____ C:\Windows\system32\Tasks\P4GIntlCtrl
2020-04-08 04:39 - 2013-10-22 18:41 - 000000000 ____D C:\Users\Thomas\AppData\LocalLow\boost_interprocess
2020-04-08 04:38 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-07 14:30 - 2015-10-27 14:42 - 000271360 _____ C:\Users\Thomas\Documents\backup.pst
2020-04-07 14:13 - 2009-07-14 06:45 - 000019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-07 14:13 - 2009-07-14 06:45 - 000019056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-07 14:07 - 2010-03-29 20:21 - 000045056 _____ C:\Windows\system32\acovcnt.exe
2020-04-03 09:26 - 2010-03-21 14:02 - 000002425 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-02 06:24 - 2010-03-21 13:24 - 000000000 ___RD C:\Users\Thomas\Desktop\bureau
2020-04-02 06:03 - 2012-04-25 15:42 - 000000290 __RSH C:\ProgramData\ntuser.pol
2020-04-01 10:29 - 2017-10-19 07:39 - 000003316 _____ C:\Windows\system32\Tasks\Avira_Antivirus_Systray
2020-04-01 10:29 - 2015-04-02 06:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2020-04-01 10:27 - 2013-04-01 19:56 - 000223744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2020-03-31 17:02 - 2009-08-04 12:03 - 001907914 _____ C:\Windows\system32\perfh00C.dat
2020-03-31 17:02 - 2009-08-04 12:03 - 000546046 _____ C:\Windows\system32\perfc00C.dat
2020-03-31 17:02 - 2009-07-14 07:13 - 000006508 _____ C:\Windows\system32\PerfStringBackup.INI
2020-03-21 09:52 - 2010-03-21 14:02 - 000003682 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095845657-3592813580-146310495-1000UA
2020-03-21 09:52 - 2010-03-21 14:02 - 000003410 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3095845657-3592813580-146310495-1000Core
2020-03-21 09:47 - 2010-11-24 11:33 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-21 09:47 - 2010-11-24 11:33 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-20 09:34 - 2014-12-24 10:10 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-03-20 09:32 - 2017-04-14 07:37 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-03-16 12:41 - 2013-05-13 09:16 - 006988288 ___SH C:\Users\Thomas\Documents\Thumbs.db
2020-03-16 06:49 - 2014-08-22 07:14 - 000000000 ____D C:\ProgramData\Package Cache

==================== Fichiers à la racine de certains dossiers ========

2014-02-17 14:19 - 2014-02-17 14:19 - 049940480 _____ () C:\Program Files (x86)\GUT25EE.tmp
2010-03-23 22:27 - 2010-03-23 22:27 - 000000119 _____ () C:\Program Files (x86)\satsukidecodersettings.ini
2012-01-13 00:04 - 2012-01-13 00:04 - 000000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt
2017-04-09 10:17 - 2017-04-09 10:17 - 000000044 _____ () C:\Users\Thomas\AppData\Roaming\WB.CFG
2012-09-03 12:27 - 2016-11-21 10:56 - 000135045 _____ () C:\Users\Thomas\AppData\Local\ars.cache
2012-09-03 12:28 - 2016-11-21 10:56 - 000976551 _____ () C:\Users\Thomas\AppData\Local\census.cache
2010-03-14 19:43 - 2010-03-19 20:33 - 000004608 _____ () C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-12-13 10:50 - 2017-12-13 10:50 - 000000052 _____ () C:\Users\Thomas\AppData\Local\dtJTdtJTdt
2012-12-17 20:53 - 2012-12-17 20:53 - 000000094 _____ () C:\Users\Thomas\AppData\Local\fusioncache.dat
2011-01-07 10:37 - 2011-01-07 10:37 - 000000036 _____ () C:\Users\Thomas\AppData\Local\housecall.guid.cache
2011-12-21 10:37 - 2011-12-21 10:37 - 000004096 ____H () C:\Users\Thomas\AppData\Local\keyfile3.drm
2017-12-18 10:50 - 2017-12-18 10:50 - 000000068 _____ () C:\Users\Thomas\AppData\Local\v9kycq4ft7
2011-06-22 17:49 - 2011-06-22 17:49 - 000000000 _____ () C:\Users\Thomas\AppData\Local\{251EDF5D-255D-4FFC-BAAD-6F3C49EA745F}

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2019-06-12 12:10
==================== Fin de FRST.txt ========================