Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2020 01
Exécuté par Ets Boughiden (administrateur) sur ETSBOUGHIDEN-PC (Hewlett-Packard HP 255 G5 Notebook PC) (18-05-2020 10:21:54)
Exécuté depuis C:\Users\Ets Boughiden\Desktop
Profils chargés: Ets Boughiden
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: FF)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o. -> Avast Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Hewlett-Packard -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Huawei Technologies Co.,Ltd. -> ) C:\Program Files (x86)\MobileBrServ\mbbService.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [Fichier non signé] C:\Program Files (x86)\Microsoft SQL Server\MSSQL$LEADERSOFT1\Binn\sqlservr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe <2>
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registre (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [Format Factory] => Cmd.exe /c start WScript.exe /e:VBScript.Encode C:\Users\Ets Boughiden\AppData\Roaming\Video.3gp <==== ATTENTION
HKU\S-1-5-21-2041171959-2600756452-3168439582-1000\...\Run: [Format Factory] => Cmd.exe /c start WScript.exe /e:VBScript.Encode C:\Users\Ets Boughiden\AppData\Roaming\Video.3gp <==== ATTENTION
HKU\S-1-5-21-2041171959-2600756452-3168439582-1000\...\MountPoints2: {88561e2a-f7e6-11e8-aca2-6807153a08da} - G:\AutoRun.exe
HKU\S-1-5-21-2041171959-2600756452-3168439582-1000\...\MountPoints2: {ca618f5b-5144-11e9-a61b-6807153a08da} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2041171959-2600756452-3168439582-1000\...\MountPoints2: {f8491a7f-47b1-11e8-8e8d-6807153a08da} - G:\HiSuiteDownLoader.exe
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Tâches planifiées (Avec liste blanche) ============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0EF8A5DA-FEB7-4BE0-8FAB-82ABDDE89C46} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F4C3A42-A23C-4054-AD4C-CBD89B52E405} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {1BBD3859-E50E-4A8C-9A67-3E91A03F0126} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1660520 2020-04-16] (Avast Software s.r.o. -> Avast Software)
Task: {2B3AFB9F-B0F9-433E-8AB1-E847CE585810} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {32D1637E-37AA-4889-AEB5-193594337B19} - System32\Tasks\{A6086474-B890-49B4-A22E-F7B49B9F9FAB} => C:\EBP\Gestion5\Gestion5.exe [4159488 1998-09-04] (EBP-Informatique) [Fichier non signé]
Task: {38A116AE-0461-4614-B100-456A7EB8A2AD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {49F637D9-A8C1-40BD-A52A-9FF65F82F875} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136056 2019-01-02] (HP Inc. -> HP Inc.)
Task: {4BFEB1BA-CD54-4722-B001-DF354B5999F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6072640 2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {50BB5F2F-5332-47EB-8650-5D5362EC7404} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {5F0FB452-EC13-466D-97DE-A9A337E5D1B0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-05-12] (Adobe Inc. -> Adobe)
Task: {7CBEE7E4-B22D-4E5E-9080-BE76ED48524F} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [155472 2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF0C1270-CDC9-4655-A0ED-C471E0C9B6B3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C51384DE-36B4-47F1-A501-011329EC3897} - System32\Tasks\Driver Booster SkipUAC (Ets Boughiden) => C:\Program Files (x86)\IObit\Driver Booster\5.2.0\DriverBooster.exe
Task: {CB3B0EFC-1117-446A-B52C-DF67B9F673B5} - System32\Tasks\{DB40D51B-F742-45A4-9C0C-7B2C209C5E48} => C:\Program Files (x86)\Klick\Stock Standard\Stock.exe [348744 2019-01-12] (Hichem Kedjour -> Klick)
Task: {D227EDF9-C830-4BC9-8D4B-D677EA3B68BC} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Ets Boughiden => C:\BmSoftLGProd\SOFT\WinCal.exe
Task: {E2471B12-BA77-4C67-8EE1-32F5BAAB62E9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2107800 2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {E28B71BD-77BD-4E2F-BF93-0524D1F6EA1C} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [1692296 2020-04-15] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {E9CDCDEE-737F-4C85-B7FF-E7475C30ADA8} - System32\Tasks\Mise à jours Stock Standard => C:\Program Files (x86)\Klick\Stock Standard\StockUpdater.exe [464968 2019-01-12] (Hichem Kedjour -> Klick)
Task: {ED546488-1743-4362-B713-0E1E198530BC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <==== ATTENTION (Restriction - ProxySettings)
ProxyServer: [HKLM] => http=127.0.0.1:8080;https=127.0.0.1:8080
ProxyServer: [HKLM-x32] => http=127.0.0.1:8080;https=127.0.0.1:8080
AutoConfigURL: [S-1-5-21-2041171959-2600756452-3168439582-1000] => hxxp://access-unstop.net/wpad.dat?7c3f64f069a49a2de96ce15fb7c24ed938270484
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{82EA10E6-CF40-49E9-A8AF-513B0DDE5238}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{BA99239E-CC0B-4555-88F1-59B464617E56}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\S-1-5-21-2041171959-2600756452-3168439582-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/
SearchScopes: HKU\S-1-5-21-2041171959-2600756452-3168439582-1000 -> DefaultScope {CC165C32-2513-4985-BCF0-F431A003F762} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2041171959-2600756452-3168439582-1000 -> {CC165C32-2513-4985-BCF0-F431A003F762} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-10.0.2\bin\ssv.dll => Pas de fichier
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO: Pas de nom -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Pas de fichier
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-10.0.2\bin\jp2ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Pas de nom -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> Pas de fichier
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Pas de nom -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> Pas de fichier
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Pas de fichier
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)

FireFox:
========
FF DefaultProfile: ppyvjojm.default
FF ProfilePath: C:\Users\Ets Boughiden\AppData\Roaming\Mozilla\Firefox\Profiles\ppyvjojm.default [2019-05-30]
FF ProfilePath: C:\Users\Ets Boughiden\AppData\Roaming\Mozilla\Firefox\Profiles\1g1zh341.default-release-1559213807864 [2020-05-18]
FF Homepage: Mozilla\Firefox\Profiles\1g1zh341.default-release-1559213807864 -> www.google.fr
FF Extension: (Expert security install) - C:\Users\Ets Boughiden\AppData\Roaming\Mozilla\Firefox\Profiles\1g1zh341.default-release-1559213807864\Extensions\{8c678444-051c-499d-d5b9-0fa4f69b064a}.xpi [2019-06-05]
FF Plugin: @java.com/DTPlugin,version=13.0.2 -> C:\Program Files\Java\jre-10.0.2\bin\dtplugin\npDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=13.0.2.0 -> C:\Program Files\Java\jre-10.0.2\bin\plugin2\npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Pas de fichier]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-04] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn]

==================== Services (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [472456 2018-03-05] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-12-02] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1319208 2017-07-05] (HP Inc. -> HP Inc.)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [684624 2015-06-22] (Hewlett-Packard -> Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-04-18] (Hewlett-Packard Company -> HP Inc.)
R2 ibtsiva; C:\Windows\system32\ibtsiva.exe [542320 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 Mobile Broadband HL Service; C:\Program Files (x86)\MobileBrServ\mbbservice.exe [242264 2016-03-24] (Huawei Technologies Co.,Ltd. -> )
R2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [62382256 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
R2 MSSQL$LEADERSOFT1; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$LEADERSOFT1\Binn\sqlservr.exe [7520337 2002-12-17] (Microsoft Corporation) [Fichier non signé]
S3 MSSQLServerADHelper; C:\Program Files (x86)\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe [66112 2002-12-17] (Microsoft Corporation) [Fichier non signé]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2018-03-05] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [442536 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 SQLAgent$LEADERSOFT1; C:\Program Files (x86)\Microsoft SQL Server\MSSQL$LEADERSOFT1\Binn\sqlagent.EXE [311872 2002-12-17] (Microsoft Corporation) [Fichier non signé]
S3 StockStdUpdater; C:\Program Files (x86)\Klick\Stock Standard\StockUpdater.exe [464968 2019-01-12] (Hichem Kedjour -> Klick)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [269912 2017-08-24] (Synaptics Incorporated -> Synaptics Incorporated)
S2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [54808 2016-04-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S2 OpenVPNAutomatic; "C:\Users\Ets Boughiden\AppData\Local\URBrowser\Application\openvpnserv.exe" [X]

===================== Pilotes (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [117608 2018-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
S3 amdkmcsp; C:\Windows\System32\DRIVERS\amdkmcsp.sys [95480 2016-04-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [41693064 2018-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DRIVERS\atikmpag.sys [536968 2018-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [65248 2016-04-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [136080 2018-03-05] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [237416 2018-03-05] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [85704 2016-04-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [43720 2016-04-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2018-03-05] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1546216 2018-03-05] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 HpqKbFiltr; C:\Windows\System32\DRIVERS\HpqKbFiltr.sys [26936 2013-11-19] (Hewlett-Packard Company -> Hewlett-Packard Company)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-05] (Martin Malik - REALiX -> REALiX(tm))
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [126912 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw04.sys [3468784 2018-03-21] (Intel Corporation -> Intel Corporation)
S4 RsFx0153; C:\Windows\System32\DRIVERS\RsFx0153.sys [322736 2015-03-30] (Microsoft Corporation -> Microsoft Corporation)
S3 RTSUER; C:\Windows\System32\Drivers\RtsUer.sys [413912 2016-02-25] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver_AMDASF.sys [47704 2018-03-05] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 H2OFFT; system32\DRIVERS\H2OFFT64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ===================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-05-18 10:21 - 2020-05-18 10:25 - 000024782 _____ C:\Users\Ets Boughiden\Desktop\FRST.txt
2020-05-18 10:17 - 2020-05-18 10:23 - 000000000 ____D C:\FRST
2020-05-18 10:16 - 2020-05-18 10:16 - 002286080 _____ (Farbar) C:\Users\Ets Boughiden\Desktop\FRST64.exe
2020-05-16 07:26 - 2020-05-16 07:26 - 000003352 ____N C:\bootsqm.dat
2020-04-23 20:06 - 2020-04-23 20:06 - 000121024 _____ C:\Users\Ets Boughiden\AppData\Local\GDIPFONTCACHEV1.DAT
2020-04-23 18:59 - 2020-04-23 18:59 - 000480808 _____ C:\Windows\system32\FNTCACHE.DAT
2020-04-20 09:50 - 2020-04-20 09:50 - 000000000 ____D C:\Users\Ets Boughiden\AppData\Local\EpicGamesLauncher
2020-04-18 19:27 - 2015-10-12 09:09 - 000121030 ___SH C:\Users\Ets Boughiden\AppData\Roaming\Video.3gp

==================== Un mois (modifiés) ==================

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2020-05-18 10:24 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-05-18 10:24 - 2009-07-14 05:45 - 000026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-05-18 10:21 - 2019-01-16 16:57 - 000000000 ____D C:\Users\Ets Boughiden\AppData\LocalLow\Mozilla
2020-05-18 10:21 - 2018-02-18 23:13 - 000002059 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-18 10:13 - 2020-04-15 17:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-05-18 10:05 - 2018-02-13 06:45 - 021206942 _____ C:\Windows\SysWOW64\rootpa.e2e
2020-05-18 10:05 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-05-18 10:04 - 2018-03-05 16:24 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2020-05-18 09:48 - 2019-05-15 13:16 - 000000020 _____ C:\Windows\SysWOW64\chemin_mag.txt
2020-05-16 07:31 - 2010-11-21 07:19 - 000911120 _____ C:\Windows\system32\perfh00C.dat
2020-05-16 07:31 - 2010-11-21 07:19 - 000212256 _____ C:\Windows\system32\perfc00C.dat
2020-05-16 07:31 - 2009-07-14 06:13 - 002113616 _____ C:\Windows\system32\PerfStringBackup.INI
2020-05-16 07:31 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2020-05-12 13:37 - 2019-04-17 18:08 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2020-05-12 13:37 - 2019-04-17 18:08 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2020-05-12 13:37 - 2019-04-17 18:08 - 000004454 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-05-12 13:36 - 2018-12-17 11:34 - 000000000 ____D C:\Windows\system32\Macromed
2020-05-12 13:36 - 2018-12-17 11:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2020-04-21 21:19 - 2018-12-31 22:50 - 000000000 ____D C:\Users\Ets Boughiden\AppData\Local\PrivaZer
2020-04-18 19:24 - 2019-05-30 11:55 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Fichiers à la racine de certains dossiers ========

2019-11-26 12:15 - 2020-02-18 08:20 - 001310720 _____ () C:\Users\Ets Boughiden\AppData\Roaming\Non connecté_0.stockdb
2019-11-26 12:15 - 2019-11-26 12:15 - 001310720 _____ () C:\Users\Ets Boughiden\AppData\Roaming\Non connecté_0.stockdb.stockdb
2020-04-18 19:27 - 2015-10-12 09:09 - 000121030 ___SH () C:\Users\Ets Boughiden\AppData\Roaming\Video.3gp
2018-12-15 12:25 - 2018-12-15 12:25 - 000000038 ___SH () C:\Users\Ets Boughiden\AppData\Local\2faf2b2a546b6603993273.11498445
2018-03-19 15:35 - 2018-03-19 15:35 - 000000017 _____ () C:\Users\Ets Boughiden\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2018-02-13 00:43
==================== Fin de FRST.txt ========================