Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Exécuté par USER1 (administrateur) sur USER (06-04-2019 12:20:05)
Exécuté depuis C:\Users\USER1\Desktop
Profils chargés: USER1 (Profils disponibles: USER1)
Platform: Windows 8 (X64) Langue: Français (France)
Navigateur par défaut: Chrome
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\wlanext.exe
() [Fichier non signé] C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\windows\System32\TODDSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\msiexec.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Ivaylo Beltchev -> IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION -> ) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(SRS Labs, Inc. -> SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Canon Inc. -> CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\windows\System32\igfxtray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\windows\System32\igfxpers.exe
(Nota Inc. -> Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\windows\System32\PrintIsolationHost.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2611112 2012-09-05] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-08-20] (SRS Labs, Inc. -> SRS Labs, Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2779024 2011-03-14] (Canon Inc. -> CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2018-07-15] (Ivaylo Beltchev -> IvoSoft)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18382304 2018-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-02] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation) [Fichier non signé]
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-01-20] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [455392 2015-04-10] (Sony Mobile Communications -> Sony) [Fichier non signé]
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2364808 2018-10-18] (Nota Inc. -> Nota Inc.)
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22458328 2019-02-27] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [vidc.VP60] => C:\windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-27] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{603F476B-7AE4-44C1-A625-2EA7F46C331D}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F35BE4DB-F922-4C39-9CA9-82D348AD80A5}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131894758039531336&GUID=A1F4FEE0-7494-4AB4-88A4-C44CC37E7F32
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-529793163-1823889777-3392212690-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope la valeur est absente
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-529793163-1823889777-3392212690-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll [2018-12-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-12-17] (Oracle America, Inc. -> Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2010-11-08] (Canon Inc. -> CANON INC.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2010-11-08] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2018-07-15] (Ivaylo Beltchev -> IvoSoft)

FireFox:
========
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => non trouvé(e)
FF Plugin: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-12-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-12-17] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-12-18] (Apple Inc. -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-04-20] (CANON INC.) [Fichier non signé]
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-31] (Nero AG -> Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-30] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-30] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN) [Fichier non signé]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] (WildTangent Inc -> )
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-529793163-1823889777-3392212690-1001: facebook.com/fbDesktopPlugin -> C:\Users\USER1\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc. -> Facebook, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://google.fr/
CHR StartupUrls: Default -> "hxxp://www.google.fr/"
CHR Profile: C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default [2019-04-06]
CHR Extension: (BetterTTV) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-12-18]
CHR Extension: (WOT: Web of Trust, Évaluation de la réputation de sites Web) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2018-12-18]
CHR Extension: (Pop up blocker for Chrome™ - Poper Blocker) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche [2019-02-20]
CHR Extension: (Signets iCloud) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2018-12-18]
CHR Extension: (AdBlock) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-03-24]
CHR Extension: (Ghostery – Bloqueur de publicité protégeant la vie privée) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2019-02-04]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\USER1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-27]

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-14] () [Fichier non signé]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [138192 2011-02-07] (Canon Inc. -> )
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324576 2018-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Sony Mobile Communications -> Avanquest Software) [Fichier non signé]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-09-25] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Windows -> Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 igfx; C:\windows\system32\DRIVERS\igdkmd64.sys [5358016 2013-03-06] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 IntcDAud; C:\windows\system32\DRIVERS\IntcDAud.sys [342528 2012-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Intel(R) Corporation)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-06] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\windows\System32\DRIVERS\farflt.sys [127136 2019-04-06] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [73912 2019-04-06] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-06] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [114040 2019-04-06] (Malwarebytes Corporation -> Malwarebytes)
R1 MpKslb3a4e6cf; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{366D040F-46A7-4D09-A6B9-3C95733C7885}\MpKslb3a4e6cf.sys [58120 2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
S3 Netaapl; C:\windows\system32\DRIVERS\netaapl64.sys [23040 2013-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-12] (PEGATRON CORPORATION -> PEGATRON)
S3 RimUsb; C:\windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited)
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Semiconductor Corp -> Realtek Microelectronics)
S3 RTL8192Ce; C:\windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 RTWlanE; C:\windows\system32\DRIVERS\rtwlane.sys [1498256 2012-08-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (TOSHIBA CORPORATION -> Windows (R) Win 7 DDK provider)
S3 USBAAPL64; C:\windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois (créés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-04-06 12:20 - 2019-04-06 12:21 - 000023169 _____ C:\Users\USER1\Desktop\FRST.txt
2019-04-06 12:19 - 2019-04-06 12:20 - 000000000 ____D C:\FRST
2019-04-06 12:19 - 2019-04-06 12:19 - 002434048 _____ (Farbar) C:\Users\USER1\Desktop\FRST64.exe
2019-04-06 02:41 - 2019-04-06 02:41 - 000073912 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2019-04-06 02:40 - 2019-04-06 02:40 - 000274416 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2019-04-06 02:40 - 2019-04-06 02:40 - 000198512 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2019-04-06 02:40 - 2019-04-06 02:40 - 000127136 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2019-04-06 02:40 - 2019-04-06 02:40 - 000114040 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2019-04-06 02:40 - 2019-04-06 02:40 - 000001878 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-06 02:40 - 2019-04-06 02:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-06 02:40 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2019-04-06 02:20 - 2019-04-06 02:23 - 062643232 _____ (Malwarebytes ) C:\Users\USER1\Desktop\mb3-setup-consumer-3.7.1.2839-1.0.563-1.0.10014.exe
2019-04-06 02:17 - 2019-04-06 02:39 - 933855940 _____ C:\Users\USER1\Desktop\Un.Amour.Impossible.2018.FRENCH.BDRip.x264.mkv
2019-04-06 01:30 - 2019-04-06 01:30 - 007025360 _____ (Malwarebytes) C:\Users\USER1\Desktop\adwcleaner_7.3.exe
2019-03-31 02:45 - 2019-03-31 02:49 - 1467176790 _____ C:\Users\USER1\Desktop\Les.Petits.Mouchoirs.2010.FRENCH.BRRip.x264.AC3-FUNKY.www.telecharger-film.org.mkv
2019-03-31 02:45 - 2019-03-31 02:45 - 056442587 _____ C:\Users\USER1\Desktop\Les.Petits.Mouchoirs.mkv.crdownload
2019-03-31 02:44 - 2019-03-31 02:44 - 068894427 _____ C:\Users\USER1\Desktop\Les.Petits.Mouchoirs.2010.mkv.crdownload
2019-03-26 13:48 - 2019-04-06 01:56 - 000001908 _____ C:\Users\USER1\Desktop\ZHPCleaner (R).txt
2019-03-26 13:48 - 2019-04-06 01:53 - 000001903 _____ C:\Users\USER1\Desktop\ZHPCleaner (S).txt
2019-03-26 13:33 - 2019-03-26 13:34 - 000000000 ____D C:\AdwCleaner
2019-03-26 13:33 - 2019-03-26 13:33 - 003122560 _____ C:\Users\USER1\Desktop\ZHPCleaner 2.exe
2019-03-26 13:31 - 2019-03-26 13:31 - 007316688 _____ (Malwarebytes) C:\Users\USER1\Desktop\adwcleaner_7.2.7.0.exe
2019-03-25 19:53 - 2019-03-25 20:14 - 832689005 _____ C:\Users\USER1\Desktop\Film_complet_Gratuit_DVDRiP_XviD_YIFY-1080p.zip
2019-03-25 19:39 - 2019-03-25 19:41 - 694624649 _____ C:\Users\USER1\Desktop\LA MULE.mkv
2019-03-09 11:16 - 2019-03-09 12:53 - 3809289992 _____ C:\Users\USER1\Desktop\ben is back.mkv

==================== Un mois (modifiés) ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2019-04-06 03:25 - 2018-12-17 04:12 - 000000000 ____D C:\Users\USER1\AppData\Local\ClassicShell
2019-04-06 03:13 - 2013-03-08 19:02 - 000000938 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-529793163-1823889777-3392212690-1001UA.job
2019-04-06 02:40 - 2018-12-17 02:15 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-06 01:56 - 2018-12-17 02:49 - 000000000 ____D C:\Users\USER1\AppData\Roaming\ZHP
2019-04-06 01:37 - 2012-08-02 03:11 - 000800978 _____ C:\windows\system32\perfh00C.dat
2019-04-06 01:37 - 2012-08-02 03:11 - 000155650 _____ C:\windows\system32\perfc00C.dat
2019-04-06 01:37 - 2012-07-26 09:28 - 001793362 _____ C:\windows\system32\PerfStringBackup.INI
2019-04-06 01:37 - 2012-07-26 07:37 - 000000000 ____D C:\windows\Inf
2019-04-06 01:35 - 2018-12-16 18:50 - 000000000 ____D C:\Users\USER1\AppData\Local\CrashDumps
2019-04-06 01:32 - 2012-07-26 09:22 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-04-04 03:02 - 2013-03-06 21:35 - 000000000 ____D C:\Users\USER1
2019-04-03 23:48 - 2013-03-06 17:48 - 007051264 ___SH C:\Users\USER1\Desktop\Thumbs.db
2019-04-02 23:18 - 2012-07-26 10:12 - 000000000 ____D C:\windows\AUInstallAgent
2019-04-02 23:17 - 2012-07-26 10:12 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-01 18:13 - 2013-03-08 19:02 - 000000916 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-529793163-1823889777-3392212690-1001Core.job
2019-03-31 23:37 - 2018-12-16 17:40 - 000001091 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Navigateur Opera.lnk
2019-03-31 23:37 - 2015-04-12 17:25 - 000003864 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1428852290
2019-03-31 23:37 - 2015-04-12 17:22 - 000000000 ____D C:\Program Files (x86)\Opera
2019-03-30 05:07 - 2013-03-07 18:37 - 000003500 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-30 05:07 - 2013-03-07 18:37 - 000003372 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 13:05 - 2014-07-12 16:52 - 000000000 ____D C:\Users\USER1\AppData\Roaming\vlc
2019-03-13 01:03 - 2013-08-14 15:24 - 000000000 ____D C:\windows\system32\MRT
2019-03-13 00:56 - 2013-03-07 22:18 - 127411920 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-03-11 19:44 - 2018-12-18 01:16 - 000000000 ____D C:\windows\LastGood
2019-03-09 07:29 - 2018-12-16 17:59 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update

==================== Fichiers à la racine de certains dossiers =======

2018-12-29 06:01 - 2018-12-29 06:01 - 003187584 _____ () C:\Users\USER1\ZHPDiag3.exe
2014-04-15 19:18 - 2018-12-16 17:04 - 000000353 _____ () C:\Users\USER1\AppData\Roaming\WB.CFG

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\windows\system32\wininit.exe => Le fichier est signé numériquement
C:\windows\explorer.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\windows\system32\svchost.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\windows\system32\services.exe => Le fichier est signé numériquement
C:\windows\system32\User32.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\windows\system32\userinit.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\windows\system32\dllhost.exe => Le fichier est signé numériquement
C:\windows\SysWOW64\dllhost.exe => Le fichier est signé numériquement
C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2019-04-06 03:00

==================== Fin de FRST.txt ============================