Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 10-08-2019
Exécuté par Gabriel (administrateur) sur PCGABY (TOSHIBA SATELLITE L70-A) (11-08-2019 13:35:44)
Exécuté depuis C:\Users\Gabriel\Desktop
Profils chargés: UpdatusUser & Gabriel (Profils disponibles: UpdatusUser & Gabriel)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Navigateur par défaut: FF
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(ABBYY SOLUTIONS LIMITED -> ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(ArcSoft, Inc. -> ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ArcSoft, Inc. -> ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Bitdefender SRL -> Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(france telecom -> ) [Fichier non signé] C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
(france telecom -> Orange) [Fichier non signé] C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe
(france telecom -> Orange) [Fichier non signé] C:\Program Files (x86)\Orange\Assistance Livebox\dist\ST2.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) [Fichier non signé] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\Teco\TecoResident.exe
(TOSHIBA CORPORATION -> Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3249384 2015-05-19] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-12] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [Fichier non signé]
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2717176 2013-01-04] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-29] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1549392 2013-03-05] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-15] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207360 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3040496944-553007298-815628414-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3040496944-553007298-815628414-1002\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] (france telecom -> ) [Fichier non signé]
HKU\S-1-5-21-3040496944-553007298-815628414-1002\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1199576 2013-06-07] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3040496944-553007298-815628414-1002\...\Run: [WebSynchro] => C:\Program Files (x86)\FNAC\FnacSynchro\WebSynchro.exe [454656 2013-02-20] (Oodrive) [Fichier non signé]
HKU\S-1-5-21-3040496944-553007298-815628414-1002\...\Run: [Fnac Cloud] => C:\Users\Gabriel\AppData\Local\Pack Fnac\Fnac Cloud\bin\FnacCloud.exe [2060936 2015-07-27] (Oodrive -> Oodrive)
HKU\S-1-5-21-3040496944-553007298-815628414-1002\...\Run: [SocialSafe.Helper] => C:\Program Files (x86)\SocialSafe\SocialSafe files\native-helpers\SocialSafe.Helper.exe [439616 2014-07-08] (Social Safe Limited -> )
HKU\S-1-5-21-3040496944-553007298-815628414-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3040496944-553007298-815628414-1002\...\MountPoints2: {59884238-57a2-11e4-bea1-48d224067074} - "E:\LaunchU3.exe" -a
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-12-23] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs: , C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-12-23] (NVIDIA CORPORATION -> NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [156256 2013-12-23] (NVIDIA CORPORATION -> NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2013-12-06]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe () [Fichier non signé]

==================== Tâches planifiées (Avec liste blanche) =============

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

Task: {0821CE94-D9E3-4137-8024-FA42E3247DB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_Plugin.exe [1457208 2019-07-09] (Adobe Inc. -> Adobe)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {26BE9BB0-E322-42EE-9651-50F5CD42D04B} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [471056 2013-01-04] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {2B2A7F0B-73AF-489F-AD79-2ECECB74DD95} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {3218849B-FBDF-4238-8245-636FC593D3E6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [654440 2013-03-19] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {49328E39-E42A-4310-A8D9-F36AF62A89D2} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [491832 2019-06-13] (Bitdefender SRL -> Bitdefender)
Task: {5294F58C-6096-4CCC-AE0F-FCDDFEAD106A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {56AA4D6C-D387-429E-B7BC-0552E36EA61C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {8C79A7EF-0507-4FCF-A55C-A863660B1DBA} - System32\Tasks\AssistanceLivebox => C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [146832 2012-11-15] (france telecom -> Orange) [Fichier non signé]
Task: {8CA6F904-7A4E-498E-9639-259D4920B005} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9BE5028E-AF07-4D76-9B9E-A581F52F265B} - System32\Tasks\{6FB63751-B069-4CE5-B844-88D8184D3D26} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://www.skype.com/go/downloading?source=lightinstaller&ver=7.39.0.102&LastError=12057
Task: {BFEF6A31-8B78-4FFD-9DEE-D0874A3A8298} - System32\Tasks\{73D7DF22-95E3-4EC5-BC90-5EABA9838163} => C:\WINDOWS\system32\pcalua.exe -a D:\.\Autorun.exe -d D:\
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {C6469FBD-00FB-4237-8494-F32E88B178D0} - System32\Tasks\Microsoft\Windows\orangeinside => C:\Users\Gabriel\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
Task: {CEF8799B-FA50-4599-A0FC-F6706F7CA159} - System32\Tasks\{B5DFC236-BA19-4E32-8E9F-BC00581B4433} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\Gabriel\Desktop\packfnac.exe -d C:\Users\Gabriel\Desktop
Task: {DA1FC374-628A-47FF-84ED-EF2CF4BFD0B2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E6EB8D74-28EB-4F6D-AE9D-873BA02F3247} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
Task: {ED8CE979-BCB4-48E7-98AD-A6312B6123D0} - System32\Tasks\Microsoft\Windows\orangeinstaller => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320 2012-11-27] (france telecom -> ) [Fichier non signé]

(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)


==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

ProxyServer: [S-1-5-21-3040496944-553007298-815628414-1002] => 127.0.0.1:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{5C87C9A1-2852-444B-B269-3A2CD9683F3B}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{CCDA73EC-D2D5-4320-8BCF-71ED7D07B4F1}: [DhcpNameServer] 192.168.1.1 192.168.1.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.1.1,1]

Internet Explorer:
==================
HKU\S-1-5-21-3040496944-553007298-815628414-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3040496944-553007298-815628414-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3040496944-553007298-815628414-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
Toolbar: HKU\S-1-5-21-3040496944-553007298-815628414-1002 -> Pas de nom - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - Pas de fichier

FireFox:
========
FF DefaultProfile: ib9vbeub.default-1421967070407-1565284810696
FF ProfilePath: C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\ib9vbeub.default-1421967070407-1565284810696 [2019-08-11]
FF Homepage: Mozilla\Firefox\Profiles\ib9vbeub.default-1421967070407-1565284810696 -> hxxps://www.google.fr/
FF NetworkProxy: Mozilla\Firefox\Profiles\ib9vbeub.default-1421967070407-1565284810696 -> type", 0
FF Extension: (ETP Search Volume Study) - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\ib9vbeub.default-1421967070407-1565284810696\Extensions\etp-search-volume-study@shield.mozilla.org.xpi [2019-08-09]
FF Extension: (Yahoo Mail Hide Ad Panel) - C:\Users\Gabriel\AppData\Roaming\Mozilla\Firefox\Profiles\ib9vbeub.default-1421967070407-1565284810696\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2019-08-08]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_223.dll [2019-07-09] (Adobe Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY SOLUTIONS LIMITED -> ABBYY)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft, Inc. -> ArcSoft Inc.)
R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc. -> ArcSoft, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-04-24] (DTS, Inc. -> )
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-05-19] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Fichier non signé]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1294448 2019-05-14] (Bitdefender SRL -> Bitdefender)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116240 2013-01-04] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 DevMgmtService; "C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe" [X]

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [33344 2015-05-19] (Microsoft Windows Hardware Compatibility Publisher -> ELAN Microelectronic Corp.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-08-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-08-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-08-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-08-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116112 2019-08-09] (Malwarebytes Corporation -> Malwarebytes)
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc. -> CACE Technologies, Inc.)
R3 QIOMem; C:\WINDOWS\System32\drivers\QIOMem.sys [14000 2013-08-22] (WDKTestCert 1,130202426583431586 -> TOSHIBA)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [32624 2013-08-19] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-08-11 13:35 - 2019-08-11 13:35 - 000000000 ____D C:\Users\Gabriel\Desktop\FRST-OlderVersion
2019-08-10 00:01 - 2019-08-10 00:01 - 000001511 _____ C:\Users\Gabriel\Desktop\RAPPORT MBAM.txt
2019-08-09 23:55 - 2019-08-09 23:55 - 000001633 _____ C:\Users\Gabriel\Desktop\Rapport MBAM après quarantaine.txt
2019-08-09 23:46 - 2019-08-09 23:46 - 000000000 ____D C:\Users\Gabriel\AppData\Local\mbam
2019-08-09 23:45 - 2019-08-09 23:45 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-08-09 23:45 - 2019-08-09 23:45 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-08-09 23:45 - 2019-08-09 23:45 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-08-09 23:45 - 2019-08-09 23:45 - 000116112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-08-09 23:45 - 2019-08-09 23:45 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-08-09 23:45 - 2019-08-09 23:45 - 000001854 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-08-09 23:45 - 2019-08-09 23:45 - 000000000 ____D C:\Users\Gabriel\AppData\Local\mbamtray
2019-08-09 23:45 - 2019-08-09 23:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-08-09 23:45 - 2019-08-09 23:45 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-08-09 23:45 - 2019-08-09 23:45 - 000000000 ____D C:\Program Files\Malwarebytes
2019-08-09 23:45 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-08-09 23:43 - 2019-08-09 23:44 - 064947248 _____ (Malwarebytes ) C:\Users\Gabriel\Desktop\mb3-setup-consumer-3.8.3.2965-1.0.613-1.0.11932.exe
2019-08-09 23:41 - 2019-08-09 23:41 - 000003015 _____ C:\Users\Gabriel\Desktop\ZHPCleaner.txt
2019-08-09 23:38 - 2019-08-09 23:38 - 000003012 _____ C:\Users\Gabriel\Desktop\ZHPCleaner (R).txt
2019-08-09 23:34 - 2019-08-09 23:34 - 000002775 _____ C:\Users\Gabriel\Desktop\ZHPCleaner (S).txt
2019-08-09 23:27 - 2019-08-09 23:38 - 000000000 ____D C:\Users\Gabriel\AppData\Roaming\ZHP
2019-08-09 23:27 - 2019-08-09 23:27 - 000000888 _____ C:\Users\Gabriel\Desktop\ZHPCleaner.lnk
2019-08-09 23:27 - 2019-08-09 23:27 - 000000000 ____D C:\Users\Gabriel\AppData\Local\ZHP
2019-08-09 23:26 - 2019-08-09 23:26 - 003118464 _____ (Nicolas Coolman) C:\Users\Gabriel\Desktop\ZHPCleaner.exe
2019-08-09 23:18 - 2019-08-09 23:18 - 000003744 _____ C:\Users\Gabriel\Desktop\AdwCleaner[C00].txt
2019-08-09 23:07 - 2019-08-09 23:07 - 007623880 _____ (Malwarebytes) C:\Users\Gabriel\Desktop\adwcleaner_7.4.exe
2019-08-09 23:04 - 2019-08-09 23:04 - 000403188 _____ C:\ProgramData\cl.uninstall.1565384162.bdinstall.v2.bin
2019-08-09 22:58 - 2019-08-09 22:58 - 000034757 _____ C:\ProgramData\dm.uninstall.1565384214.bdinstall.bin
2019-08-09 22:42 - 2019-08-09 22:42 - 000001021 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2019-08-09 22:42 - 2019-08-09 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2019-08-09 22:42 - 2019-08-09 22:42 - 000000000 ____D C:\Program Files\VS Revo Group
2019-08-09 22:38 - 2019-08-09 22:39 - 007411912 _____ (VS Revo Group ) C:\Users\Gabriel\Desktop\revosetup.exe
2019-08-09 13:48 - 2019-08-09 13:51 - 000039490 _____ C:\Users\Gabriel\Desktop\Addition.txt
2019-08-09 13:44 - 2019-08-11 13:36 - 000024013 _____ C:\Users\Gabriel\Desktop\FRST.txt
2019-08-09 13:43 - 2019-08-11 13:35 - 000000000 ____D C:\FRST
2019-08-09 13:39 - 2019-08-11 13:35 - 002097664 _____ (Farbar) C:\Users\Gabriel\Desktop\FRST64-2.1.exe
2019-08-08 18:34 - 2019-08-08 18:34 - 000072693 _____ C:\Users\Gabriel\Desktop\bookmarks-2019-08-08.json
2019-08-08 14:53 - 2019-08-08 15:12 - 000015872 _____ C:\Users\Gabriel\Desktop\Gestionnaire de taches 2019 08 08.xls
2019-08-06 18:30 - 2019-08-06 18:32 - 094729958 _____ C:\Users\Gabriel\Desktop\GrosFichiers - HERVY Isabelle.zip
2019-08-05 18:27 - 2019-08-05 18:27 - 000103016 _____ C:\Users\Gabriel\Desktop\2019 période quize contre rendu copie.pdf
2019-08-02 17:21 - 2019-08-02 17:31 - 000185388 _____ C:\Users\Gabriel\Desktop\TraSuiTra complété.pdf
2019-08-02 17:05 - 2019-08-02 17:05 - 000173103 _____ C:\Users\Gabriel\Desktop\TraSuiTra.pdf
2019-07-30 16:50 - 2019-07-30 16:50 - 001579533 _____ C:\Users\Gabriel\Desktop\BULLETIN CEGECAL 07.19.pdf
2019-07-30 14:41 - 2019-07-30 14:42 - 000000000 ____D C:\Users\Gabriel\Desktop\2019 07 28
2019-07-30 14:41 - 2019-07-30 14:42 - 000000000 ____D C:\Users\Gabriel\Desktop\2019 07 27
2019-07-30 14:40 - 2019-07-30 14:45 - 000000000 ____D C:\Users\Gabriel\Desktop\2019 07 26
2019-07-25 17:55 - 2019-07-25 17:58 - 000000000 ____D C:\Users\Gabriel\Desktop\Musine 2 compressé
2019-07-25 17:44 - 2019-07-30 14:49 - 000000000 ____D C:\Users\Gabriel\Desktop\2019 07 23
2019-07-25 17:44 - 2019-07-25 17:46 - 000000000 ____D C:\Users\Gabriel\Desktop\2019 07 24
2019-07-25 17:44 - 2019-07-25 17:45 - 000000000 ____D C:\Users\Gabriel\Desktop\2019 07 21
2019-07-24 17:32 - 2019-07-24 17:32 - 000103932 _____ C:\Users\Gabriel\Desktop\Caen_Paris_201907291451_UZNUWP.pdf
2019-07-20 11:18 - 2019-08-09 23:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-07-17 20:25 - 2019-07-19 23:09 - 000000000 ____D C:\Users\Gabriel\Desktop\Envoi de Sergio du 17 07 2019
2019-07-14 14:19 - 2019-07-14 14:20 - 000000000 ____D C:\Users\Gabriel\Desktop\Musine compressé
2019-07-14 14:17 - 2019-07-14 14:17 - 000000000 ____D C:\Users\Gabriel\Desktop\Musine 2019 07 14

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-08-11 13:33 - 2016-11-17 10:40 - 000000000 ____D C:\Users\Gabriel\AppData\LocalLow\Mozilla
2019-08-11 09:08 - 2014-03-12 14:14 - 000003936 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BDFB1A2D-2092-4DDA-9B8B-BB9E8A7305A6}
2019-08-11 09:07 - 2018-08-12 14:11 - 000003648 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2019-08-11 09:06 - 2013-12-12 15:26 - 000003020 _____ C:\WINDOWS\System32\Tasks\AssistanceLivebox
2019-08-10 12:04 - 2019-04-24 14:19 - 000573440 _____ C:\Users\Gabriel\Desktop\Suivi Keno2.xls
2019-08-10 12:04 - 2017-07-23 12:48 - 000000000 ____D C:\Users\Gabriel\Desktop\EDF
2019-08-10 00:20 - 2013-12-05 04:38 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3040496944-553007298-815628414-1002
2019-08-09 23:57 - 2013-12-06 18:39 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-08-09 23:55 - 2015-06-24 07:26 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-08-09 23:40 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-09 23:39 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2019-08-09 23:13 - 2013-12-06 23:44 - 000000000 ____D C:\Program Files\Bitdefender
2019-08-09 23:13 - 2013-12-05 19:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-08-09 23:13 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\ELAMBKUP
2019-08-09 23:09 - 2014-09-22 14:36 - 000000000 ____D C:\AdwCleaner
2019-08-09 23:03 - 2018-08-12 14:22 - 000000000 ____D C:\ProgramData\Bitdefender
2019-08-09 23:03 - 2013-12-06 22:37 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2019-08-09 22:59 - 2013-12-09 17:12 - 000098695 _____ C:\bdlog.txt
2019-08-09 22:44 - 2013-12-28 14:16 - 005326848 ___SH C:\Users\Gabriel\Desktop\Thumbs.db
2019-08-09 19:18 - 2013-12-05 19:58 - 000000000 ____D C:\Users\Gabriel\Desktop\Fichiers HEREDIS
2019-08-09 19:02 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2019-08-09 16:44 - 2019-02-02 11:45 - 000384512 _____ C:\Users\Gabriel\Desktop\2019 BNP.xls
2019-08-09 10:11 - 2019-07-10 20:24 - 000004128 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-08-08 20:32 - 2013-12-05 04:57 - 000000000 ____D C:\Users\Gabriel\Desktop\PHOTOS
2019-08-08 19:20 - 2014-09-21 21:29 - 000000000 ____D C:\Users\Gabriel\Desktop\Anciennes données de Firefox
2019-08-08 18:14 - 2013-12-05 04:25 - 000000000 ____D C:\Users\Gabriel\AppData\Local\Packages
2019-08-08 18:14 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-08 18:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-08 14:05 - 2013-11-14 09:32 - 001817064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-08 14:05 - 2013-11-14 09:13 - 000806842 _____ C:\WINDOWS\system32\perfh00C.dat
2019-08-08 14:05 - 2013-11-14 09:13 - 000156662 _____ C:\WINDOWS\system32\perfc00C.dat
2019-08-05 19:43 - 2013-12-28 22:35 - 000000000 ____D C:\Users\Gabriel\AppData\Local\ElevatedDiagnostics
2019-08-02 22:42 - 2013-12-28 22:31 - 000000000 ____D C:\Users\Gabriel\AppData\Local\Canon Easy-PhotoPrint EX
2019-08-02 22:38 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2019-08-02 20:15 - 2017-07-23 12:53 - 000000000 ____D C:\Users\Gabriel\Desktop\Suivi ING
2019-07-29 20:37 - 2017-12-31 20:18 - 000001333 _____ C:\Users\Public\Desktop\Skype.lnk
2019-07-29 20:37 - 2017-12-31 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-21 10:06 - 2013-12-05 19:42 - 000001170 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-13 11:52 - 2013-12-05 04:27 - 000000000 ____D C:\Users\Gabriel\AppData\Local\Toshiba

==================== Fichiers à la racine de certains dossiers ================

2013-10-27 16:58 - 2013-10-27 16:58 - 000069632 _____ ( ) C:\Users\Gabriel\auxsetup.exe
2013-10-27 16:58 - 2013-10-27 16:58 - 000069632 _____ ( ) C:\Users\Gabriel\vdicmdrv.dll
2013-10-27 16:58 - 2013-10-27 16:58 - 000003584 _____ () C:\Users\Gabriel\vdlaunch.exe
2013-10-27 16:58 - 2013-10-27 16:58 - 000073728 _____ ( ) C:\Users\Gabriel\vdremote.dll
2013-10-27 16:58 - 2013-10-27 16:58 - 000065536 _____ ( ) C:\Users\Gabriel\vdsvrlnk.dll
2013-10-27 16:58 - 2013-10-27 16:58 - 000008704 _____ ( ) C:\Users\Gabriel\vdub.exe
2013-10-27 16:59 - 2013-10-27 16:59 - 003152384 _____ () C:\Users\Gabriel\VirtualDub.exe
2019-06-27 19:47 - 2019-07-06 19:40 - 000007606 _____ () C:\Users\Gabriel\AppData\Local\resmon.resmoncfg
2014-08-25 18:20 - 2019-06-25 22:02 - 014558786 _____ () C:\Users\Gabriel\AppData\Local\SocialSafe-Helper.log
2016-06-20 17:58 - 2016-06-20 17:58 - 000000520 _____ () C:\Users\Gabriel\AppData\Local\TempPSTEMPFILEon0809013400_1.tmp

==================== SigCheck ===============================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)


LastRegBack: 2019-08-10 09:33
==================== Fin de FRST.txt ============================