Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Exécuté par USER1 (administrateur) sur USER (16-12-2018 22:42:03)
Exécuté depuis C:\Users\USER1\Desktop
Profils chargés: USER1 (Profils disponibles: USER1)
Platform: Windows 8 (X64) Langue: Français (France)
Internet Explorer Version 10 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\windows\System32\wlanext.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Link Wiz) C:\Program Files (x86)\LinkWiz_1.10.0.13\Service\lwsvc.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TOSHIBA Corporation) C:\windows\System32\TODDSrv.exe
() C:\Program Files (x86)\Hold Page\updateHoldPage.exe
() C:\Program Files (x86)\Hold Page\bin\utilHoldPage.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(Intel Corporation) C:\windows\System32\igfxtray.exe
(Intel Corporation) C:\windows\System32\hkcmd.exe
(Microsoft Corporation) C:\windows\System32\WWAHost.exe
(Intel Corporation) C:\windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\windows\splwow64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe\LiveComm.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\windows\System32\WWAHost.exe
(Microsoft Corporation) C:\windows\System32\WWAHost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\windows\System32\CredentialUIBroker.exe
(Microsoft Corporation) C:\windows\System32\msiexec.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-04] ()
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-01] (Intel Corporation)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2049896 2013-12-20] (YTDownloader)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [Boxore Client] => C:\Program Files (x86)\Boxore\Boxore Client\boxore.exe [1527808 2015-05-07] (Boxore OU)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony)
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20918432 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [cacaoweb] => C:\Users\USER1\AppData\Roaming\cacaoweb\cacaoweb.exe [515888 2015-03-25] ()
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [EA Core] => C:\Program Files (x86)\Electronic Arts\EADM\Core.exe [3325952 2009-03-28] (Electronic Arts)
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19589208 2018-12-10] (Piriform Software Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2018-12-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.895\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{5165E61A-1EE3-489C-8970-BECED44997E7}: [DhcpNameServer] 172.20.2.39 172.20.2.10
Tcpip\..\Interfaces\{5E32DBF6-77A1-4ECA-BE64-6ABA7D5E5AAF}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{603F476B-7AE4-44C1-A625-2EA7F46C331D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele_14_17_ch&cd=2XzuyEtN2Y1L1QzuyBtDyDyE0DtBzy0ByB0F0BzyyD0CzztCtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EyDtA0EtD0BtGzyyD0BtDtGyEtC0A0AtGtByD0F0CtGyD0CtCtDyCyBzyzyzy0DtC0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzztBtByD0AtB0BtG0EzytC0CtG0FyCtDzztGyByEyCtAtGtA0AtA0C0F0A0FtBtDtDyDtA2Q&cr=267928879&ir=
SearchScopes: HKLM -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://my-bing.com/search.aspx?s=E11lupb0bu10_0_0_0_0,daf8b41a-3177-4f91-856e-5651bd7b13db,&q={searchTerms}
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxp://my-bing.com/search.aspx?s=E11lupb0bu10_0_0_0_0,daf8b41a-3177-4f91-856e-5651bd7b13db,&q={searchTerms}
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_40_drg_dwndlm_15_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtBzy0ByB0F0BzyyD0CzztCtN0D0Tzu0StCyByEtBtN1L2XzutAtFtByEtFtCtBtFyDtBtN1L1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StBzy0E0AtD0F0B0AtGyDzz0EtBtG0EyD0DtAtGtCyDtDyCtGtA0AyB0CyD0BtB0FzyzzyBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AzytC0A0E0FzzyCtGyC0AzytDtGyEtBtA0FtGzytCzzzytGyC0DyEzztBtB0E0FyDyD0B0A2QtN0A0LzutB%26cr%3D86113930%26a%3Dhdr_s_16_40_drg_dwndlm_15_15%26os_ver%3D6.2%26os%3DWindows%2B8&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKLM-x32 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_40_drg_dwndlm_15_15¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dhodor%26cd%3D2XzuyEtN2Y1L1QzuyBtDyDyE0DtBzy0ByB0F0BzyyD0CzztCtN0D0Tzu0StCyByEtBtN1L2XzutAtFtByEtFtCtBtFyDtBtN1L1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StBzy0E0AtD0F0B0AtGyDzz0EtBtG0EyD0DtAtGtCyDtDyCtGtA0AyB0CyD0BtB0FzyzzyBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AzytC0A0E0FzzyCtGyC0AzytDtGyEtBtA0FtGzytCzzzytGyC0DyEzztBtB0E0FyDyD0B0A2QtN0A0LzutB%26cr%3D86113930%26a%3Dhdr_s_16_40_drg_dwndlm_15_15%26os_ver%3D6.2%26os%3DWindows%2B8&p={searchTerms}
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {27CE9472-361B-4510-8223-82F6E6F0B516} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3327911&searchsource=56&UM=2&&q={searchTerms}
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {545A7CF9-4203-4F1E-9ACF-BC4C59E3500A} URL = hxxp://q.search-simple.com/?affID=na&q={searchTerms}&r=192
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tele_14_17_ch&cd=2XzuyEtN2Y1L1QzuyBtDyDyE0DtBzy0ByB0F0BzyyD0CzztCtN0D0Tzu0SzzyEyEtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1OtN1L1G1B1V1N2Y1L1Qzu2SyD0A0EyDtA0EtD0BtGzyyD0BtDtGyEtC0A0AtGtByD0F0CtGyD0CtCtDyCyBzyzyzy0DtC0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzztBtByD0AtB0BtG0EzytC0CtG0FyCtDzztGyByEyCtAtGtA0AtA0C0F0A0FtBtDtDyDtA2Q&cr=267928879&ir=
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ir_14_50_ch&cd=2XzuyEtN2Y1L1QzuyBtDyDyE0DtBzy0ByB0F0BzyyD0CzztCtN0D0Tzu0StCtDyBtAtN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBzytDtByEyE0A0FtGtAtA0EtAtGzy0EyC0BtGyEyE0CtBtGtB0B0FyD0FyE0CyDtDtDyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0AzytC0A0E0FzzyCtGyC0AzytDtGyEtBtA0FtGzytCzzzytGyC0DyEzztBtB0E0FyDyD0B0A2Q&cr=2078766936&ir=
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxp://my-bing.com/search.aspx?s=E11lupb0bu10_0_0_0_0,daf8b41a-3177-4f91-856e-5651bd7b13db,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://my-bing.com/search.aspx?s=E11lupb0bu10_0_0_0_0,daf8b41a-3177-4f91-856e-5651bd7b13db,&q={searchTerms}
BHO-x32: Pas de nom -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> Pas de fichier
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (CANON INC.)
BHO-x32: mysearchdial Helper Object -> {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} -> C:\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll [2014-04-23] (MySearchDial)
BHO-x32: Boxore Client -> {EFA7A511-B491-4312-BB35-4586B99E45ED} -> C:\Program Files (x86)\Boxore\Boxore Client\IE\AdRotate32.dll [2015-03-20] (Boxore)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (CANON INC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll [2014-04-23] (MySearchDial)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Firefox\Extensions: [{76aa785e-0ace-46d5-ba82-ee5f1b429703}] - C:\Program Files (x86)\LyricsWoofer\133.xpi => non trouvé(e)
FF HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Firefox\Extensions: [{828c786a-e911-4821-aabd-a58eff0dcf02}] - C:\Program Files (x86)\BlockAndSurf Corp\158.xpi => non trouvé(e)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-31] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-12] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-12] (Google Inc.)
FF Plugin-x32: @tools.Software.com/Software Update;version=3 -> C:\Program Files (x86)\Software\Update\1.3.25.0\npSoftwareUpdate3.dll [2014-06-10] (The Software Group)
FF Plugin-x32: @tools.Software.com/Software Update;version=9 -> C:\Program Files (x86)\Software\Update\1.3.25.0\npSoftwareUpdate3.dll [2014-06-10] (The Software Group)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-529793163-1823889777-3392212690-1001: facebook.com/fbDesktopPlugin -> C:\Users\USER1\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR RestoreOnStartup: Default -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10IF6__alt__ddc_dsssyc_bd_com"
CHR StartupUrls: Default -> "hxxp://fr.search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10IF6__alt__ddc_dsssyc_bd_com"
CHR Profile: C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default [2018-12-16]
CHR Extension: (Boxore) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\engaigpbgdjjmanonjcjkcmomgibneba [2016-11-11] [UpdateUrl: hxxp://dlmanager.net/chromium/updates.xml] <==== ATTENTION
CHR Extension: (MySearchDial) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2016-11-11]
CHR Extension: (dregol New Tab) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihokndmjeombjojnfkmapfnjeghjohim [2016-11-11]
CHR Extension: (Hold Page) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljbbmbgagpjnafekbkklmfbjccbnjmnh [2016-10-08] [UpdateUrl: hxxp://wwwholdingmypage-a.akamaihd.net/update/chrome] <==== ATTENTION
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-16]
CHR Extension: (Chrome Media Router) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]
CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\USER1\AppData\Local\speedial.crx [2014-04-23]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-529793163-1823889777-3392212690-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\USER1\AppData\Local\speedial.crx [2014-04-23]
CHR HKU\S-1-5-21-529793163-1823889777-3392212690-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-529793163-1823889777-3392212690-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\USER1\AppData\Local\speedial.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\default_apps\search.crx [2015-03-30]

Opera:
=======
OPR Extension: (Hold Page) - C:\Users\USER1\AppData\Roaming\Opera Software\Opera Stable\Extensions\ljbbmbgagpjnafekbkklmfbjccbnjmnh [2016-10-08]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [Fichier non signé]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 lwsvc_1.10.0.13; C:\Program Files (x86)\LinkWiz_1.10.0.13\Service\lwsvc.exe [278592 2015-04-02] (Link Wiz)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.895\McCHSvc.exe [405392 2018-12-11] (McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
S3 Software_update_m; C:\Program Files (x86)\Software\Update\SoftwareUpdate.exe [119408 2014-06-10] (The Software Group)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [Fichier non signé]
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [75584 2013-09-29] (IObit)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH)
R2 Update Hold Page; C:\Program Files (x86)\Hold Page\updateHoldPage.exe [657408 2018-12-16] () [Fichier non signé]
R2 Util Hold Page; C:\Program Files (x86)\Hold Page\bin\utilHoldPage.exe [657408 2018-12-16] () [Fichier non signé]
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

U5 AppMgmt; C:\windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S1 hbaftodj; C:\windows\system32\drivers\hbaftodj.sys [72816 2018-12-16] (Microsoft Corporation)
R1 lwnfd_1_10_0_13; C:\windows\System32\drivers\lwnfd_1_10_0_13.sys [58224 2015-04-02] (Link Wiz)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RimUsb; C:\windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
S3 RTL8192Ce; C:\windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 Thotkey; C:\windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X] <==== ATTENTION
S2 SPDRIVER_1.35.1.155; \??\C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.sys [X]

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-12-16 22:42 - 2018-12-16 22:42 - 000025383 _____ C:\Users\USER1\Desktop\FRST.txt
2018-12-16 22:41 - 2018-12-16 22:42 - 000000000 ____D C:\FRST
2018-12-16 22:40 - 2018-12-16 22:40 - 002417152 _____ (Farbar) C:\Users\USER1\Desktop\FRST64.exe
2018-12-16 19:42 - 2018-12-16 19:42 - 000072816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hbaftodj.sys
2018-12-16 17:50 - 2018-12-16 17:50 - 000000000 ____D C:\Users\USER1\AppData\Local\CrashDumps
2018-12-16 17:11 - 2018-12-16 17:11 - 000000000 ____D C:\windows\System32\Tasks\Avast Software
2018-12-16 17:11 - 2018-12-16 17:11 - 000000000 ____D C:\Users\USER1\AppData\Local\ZHP
2018-12-16 17:10 - 2018-12-16 17:10 - 003099520 _____ C:\Users\USER1\Downloads\ZHPCleaner.exe
2018-12-16 17:08 - 2018-12-16 17:08 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-12-16 17:00 - 2018-12-16 17:00 - 000000000 ____D C:\Program Files\AVAST Software
2018-12-16 16:59 - 2018-12-16 22:33 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-12-16 16:59 - 2018-12-16 17:08 - 000000000 ____D C:\ProgramData\AVAST Software
2018-12-16 16:55 - 2018-12-16 16:56 - 019299120 _____ (Piriform Software Ltd) C:\Users\USER1\Downloads\ccsetup551.exe
2018-12-16 16:40 - 2018-12-16 16:40 - 000001062 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2018-12-16 16:38 - 2018-12-16 21:17 - 000001223 _____ C:\Users\USER1\Desktop\Google Chrome.lnk
2018-12-16 16:38 - 2018-12-16 21:17 - 000001053 _____ C:\Users\USER1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2018-12-16 16:21 - 2018-12-16 16:21 - 000000000 ____H C:\Users\USER1\Documents\Default.rdp
2018-12-16 16:07 - 2018-12-16 16:07 - 000001975 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2018-12-16 16:07 - 2018-12-16 16:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2018-12-16 16:06 - 2018-12-16 16:09 - 000000000 ____D C:\ProgramData\McAfee Security Scan

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-12-16 22:39 - 2014-04-23 17:26 - 000000000 ____D C:\Users\USER1\AppData\Roaming\Skype
2018-12-16 22:37 - 2015-04-12 16:21 - 000000302 _____ C:\windows\Tasks\Run_dregol.job
2018-12-16 22:35 - 2013-03-07 17:37 - 000001086 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2018-12-16 22:34 - 2012-07-26 09:12 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-16 22:34 - 2012-07-26 09:12 - 000000000 ____D C:\windows\AUInstallAgent
2018-12-16 21:46 - 2014-06-10 20:41 - 000000926 _____ C:\windows\Tasks\SoftwareUpdateTaskMachineUA.job
2018-12-16 21:46 - 2014-06-10 20:41 - 000000922 _____ C:\windows\Tasks\SoftwareUpdateTaskMachineCore.job
2018-12-16 21:17 - 2014-12-09 21:52 - 000000000 ____D C:\Program Files (x86)\Hold Page
2018-12-16 21:13 - 2013-03-08 18:02 - 000000938 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-529793163-1823889777-3392212690-1001UA.job
2018-12-16 20:55 - 2012-07-26 09:12 - 000000000 ____D C:\windows\rescache
2018-12-16 20:53 - 2014-07-12 15:52 - 000000000 ____D C:\Users\USER1\AppData\Roaming\vlc
2018-12-16 20:32 - 2012-07-26 08:59 - 000000000 ____D C:\windows\CbsTemp
2018-12-16 18:56 - 2013-03-07 17:37 - 000001082 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2018-12-16 18:56 - 2013-03-06 20:46 - 000000000 _____ C:\Users\USER1\AppData\LocalLow\ChangeTaskbarRect
2018-12-16 18:55 - 2012-07-26 08:22 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-12-16 18:32 - 2015-01-04 22:55 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-12-16 18:25 - 2013-03-08 18:02 - 000000916 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-529793163-1823889777-3392212690-1001Core.job
2018-12-16 17:49 - 2012-08-02 02:11 - 000800978 _____ C:\windows\system32\perfh00C.dat
2018-12-16 17:49 - 2012-08-02 02:11 - 000155650 _____ C:\windows\system32\perfc00C.dat
2018-12-16 17:49 - 2012-07-26 08:28 - 001793362 _____ C:\windows\system32\PerfStringBackup.INI
2018-12-16 17:49 - 2012-07-26 06:37 - 000000000 ____D C:\windows\Inf
2018-12-16 17:41 - 2013-08-14 14:24 - 000000000 ____D C:\windows\system32\MRT
2018-12-16 17:32 - 2013-03-07 21:18 - 137260640 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-12-16 16:59 - 2014-04-20 14:58 - 000000833 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-12-16 16:59 - 2014-04-20 14:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-16 16:59 - 2014-04-20 14:58 - 000000000 ____D C:\Program Files\CCleaner
2018-12-16 16:47 - 2012-07-26 06:26 - 000524288 ___SH C:\windows\system32\config\BBI
2018-12-16 16:40 - 2015-04-12 16:25 - 000003864 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1428852290
2018-12-16 16:40 - 2015-04-12 16:22 - 000000000 ____D C:\Program Files (x86)\Opera
2018-12-16 16:25 - 2015-04-12 16:37 - 000000000 ____D C:\Program Files (x86)\Accelerer PC
2018-12-16 16:22 - 2015-04-12 16:21 - 000000000 ____D C:\Users\USER1\AppData\Roaming\uTorrent
2018-12-16 16:07 - 2014-06-01 14:45 - 000000000 ____D C:\Program Files\McAfee Security Scan
2018-12-16 16:07 - 2013-12-21 10:31 - 000000000 ____D C:\ProgramData\McAfee
2018-12-16 16:04 - 2014-04-15 18:18 - 000000353 _____ C:\Users\USER1\AppData\Roaming\WB.CFG
2018-12-16 16:01 - 2012-07-26 06:26 - 000000226 _____ C:\windows\win.ini
2018-12-10 23:04 - 2013-03-07 21:07 - 000592616 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== Fichiers à la racine de certains dossiers =======

2013-04-04 16:40 - 2014-06-10 20:44 - 000003818 _____ () C:\Users\USER1\AppData\Roaming\Bubble Dock.boostrap.log
2013-04-04 16:41 - 2014-06-10 20:44 - 000044344 _____ () C:\Users\USER1\AppData\Roaming\Bubble Dock.installation.log
2014-04-15 18:18 - 2018-12-16 16:04 - 000000353 _____ () C:\Users\USER1\AppData\Roaming\WB.CFG
2014-04-23 17:23 - 2014-04-23 17:23 - 000358193 _____ () C:\Users\USER1\AppData\Local\speedial.crx

Certains fichiers dans TEMP:
====================
2015-01-04 22:49 - 2015-01-04 22:50 - 003346432 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD23EB.exe
2015-01-06 09:07 - 2015-01-06 09:07 - 000284672 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD2C4C.exe
2015-02-26 07:48 - 2015-02-26 07:48 - 001912832 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD44D9.exe
2016-11-14 18:02 - 2016-11-14 18:04 - 047796216 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD474B.exe
2015-03-25 09:18 - 2015-03-25 09:19 - 047796216 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD763F.exe
2015-01-05 15:09 - 2015-01-05 15:09 - 000045056 _____ () C:\Users\USER1\AppData\Local\temp\EAD7A0F.exe
2015-02-18 09:21 - 2015-02-18 09:21 - 000339968 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD7EB6.exe
2014-12-21 18:29 - 2014-12-21 18:29 - 010233856 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD7FF5.exe
2014-12-22 21:06 - 2014-12-22 21:06 - 001153024 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EAD913.exe
2015-06-22 16:46 - 2015-06-22 16:46 - 000407552 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADA8F8.exe
2016-11-12 13:33 - 2016-11-12 13:33 - 001751040 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADB5AE.exe
2018-12-16 17:51 - 2018-12-16 17:51 - 047796216 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADC4BA.exe
2015-03-20 09:35 - 2015-03-20 09:39 - 014264320 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADC8E4.exe
2016-11-11 09:21 - 2016-11-11 09:21 - 016556032 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADD76A.exe
2015-04-12 16:09 - 2015-04-12 16:11 - 032208896 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADD94F.exe
2016-11-13 18:57 - 2016-11-13 18:58 - 042704896 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADDBCE.exe
2014-12-22 21:44 - 2014-12-22 21:44 - 003719168 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADECE0.exe
2014-12-22 13:21 - 2014-12-22 13:21 - 002445312 _____ (Electronic Arts, Inc.) C:\Users\USER1\AppData\Local\temp\EADED2E.exe
2015-04-12 16:21 - 2015-04-12 16:21 - 000712952 _____ (Opera Software) C:\Users\USER1\AppData\Local\temp\op1.exe
2018-12-16 22:40 - 2018-12-16 22:40 - 000000000 _____ () C:\Users\USER1\AppData\Local\temp\{15967F14-AC96-48EC-85D3-0F2A87379D72}-GoogleUpdateSetup.exe
2016-10-08 13:06 - 2016-10-08 16:17 - 000000000 _____ () C:\Users\USER1\AppData\Local\temp\{16332DFE-DDF6-4BD6-B712-CE8398E67260}-GoogleUpdateSetup.exe
2018-12-16 16:38 - 2018-12-16 16:43 - 000000000 _____ () C:\Users\USER1\AppData\Local\temp\{586A23B7-2A8D-46CC-A593-7B7C9763C16A}-GoogleUpdateSetup.exe
2016-11-11 09:26 - 2016-11-11 09:44 - 000000000 _____ () C:\Users\USER1\AppData\Local\temp\{B7830EB7-0C65-4F3E-AAFC-26EF243D1B20}-GoogleUpdateSetup.exe
2015-06-22 16:51 - 2015-06-27 16:30 - 000000000 _____ () C:\Users\USER1\AppData\Local\temp\{D0B7E99F-F036-4355-9E1F-EC5BFFBB5DCA}-GoogleUpdateSetup.exe
2016-11-11 17:11 - 2016-11-11 17:11 - 000000000 _____ () C:\Users\USER1\AppData\Local\temp\{FAF42D96-B71A-4E2F-B045-384C1B505EEA}-GoogleUpdateSetup.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\windows\system32\wininit.exe => Le fichier est signé numériquement
C:\windows\explorer.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\windows\system32\svchost.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\windows\system32\services.exe => Le fichier est signé numériquement
C:\windows\system32\User32.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\windows\system32\userinit.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-12-13 20:08

==================== Fin de FRST.txt ============================