Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
Exécuté par guy (administrateur) sur PCGUY (08-10-2018 19:00:27)
Exécuté depuis C:\Users\guy\Desktop
Profils chargés: guy & Administrateur (Profils disponibles: guy & Administrateur)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: IE)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6839952 2012-08-22] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3053808 2017-03-21] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-30] (AVAST Software)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [371976 2012-09-19] (IVT Corporation)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491632 2012-09-10] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2113795384-3983313327-170881632-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung)
HKU\S-1-5-21-2113795384-3983313327-170881632-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung)
HKU\S-1-5-21-2113795384-3983313327-170881632-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-07] (Piriform Ltd)
HKU\S-1-5-21-2113795384-3983313327-170881632-500\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1707632 2012-09-10] (CyberLink Corp.)
HKU\S-1-5-21-2113795384-3983313327-170881632-500\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-2113795384-3983313327-170881632-500\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-07] (Piriform Ltd)
HKU\S-1-5-21-2113795384-3983313327-170881632-500\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-2113795384-3983313327-170881632-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C897503C-0A95-4736-AE2C-EDB5A21B63FA}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FD33D755-0C46-41A1-81FB-13FDE1188660}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/CQNOT13/3
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT13/3
HKU\S-1-5-21-2113795384-3983313327-170881632-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.fr/
HKU\S-1-5-21-2113795384-3983313327-170881632-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT13/3
HKU\S-1-5-21-2113795384-3983313327-170881632-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/CQNOT13/3
SearchScopes: HKLM -> {28546ED0-664C-4278-AB6C-812ED99B279A} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {28546ED0-664C-4278-AB6C-812ED99B279A} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-1002 -> DefaultScope {C14F5FDA-74C9-4507-A678-A340078AC0F5} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7AVNF_frFR778
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-1002 -> {28546ED0-664C-4278-AB6C-812ED99B279A} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-1002 -> {C14F5FDA-74C9-4507-A678-A340078AC0F5} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7AVNF_frFR778
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-500 -> DefaultScope {C14F5FDA-74C9-4507-A678-A340078AC0F5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-500 -> {28546ED0-664C-4278-AB6C-812ED99B279A} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-500 -> {C14F5FDA-74C9-4507-A678-A340078AC0F5} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2113795384-3983313327-170881632-500 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-29563-11896-9/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-03-09] (Google Inc.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-03-09] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-03-09] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-03-09] (Google Inc.)
Toolbar: HKU\S-1-5-21-2113795384-3983313327-170881632-1002 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-2113795384-3983313327-170881632-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-03-09] (Google Inc.)
Toolbar: HKU\S-1-5-21-2113795384-3983313327-170881632-500 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier

FireFox:
========
FF DefaultProfile: alqjlhx8.default
FF ProfilePath: C:\Users\guy\AppData\Roaming\Mozilla\Firefox\Profiles\alqjlhx8.default [2018-10-08]
FF Extension: (Emoji Cheatsheet for GitHub, Basecamp etc.) - C:\Users\guy\AppData\Roaming\Mozilla\Firefox\Profiles\alqjlhx8.default\Extensions\jid1-Xo5SuA6qc1DFpw@jetpack.xpi [2017-09-18]
FF Extension: (LanguageTool - Grammar and Style Checker) - C:\Users\guy\AppData\Roaming\Mozilla\Firefox\Profiles\alqjlhx8.default\Extensions\languagetool-webextension@languagetool.org.xpi [2018-08-14]
FF Extension: (Avast SafePrice) - C:\Users\guy\AppData\Roaming\Mozilla\Firefox\Profiles\alqjlhx8.default\Extensions\sp@avast.com.xpi [2018-06-27]
FF Extension: (Avast Online Security) - C:\Users\guy\AppData\Roaming\Mozilla\Firefox\Profiles\alqjlhx8.default\Extensions\wrc@avast.com.xpi [2018-05-26]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-11] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1228198.dll [2017-02-27] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-07] (CANON INC.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://ovc2-ustokyyneikyfasnm.stackpathdns.com/assets/images/favicon.png
CHR Profile: C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default [2018-10-08]
CHR Extension: (Convertisseur Video Gratuit - OnlineV...) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\admhkpjeagdomnbgipmfnfcifchdiebl [2018-08-04]
CHR Extension: (YouTube) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\adnlfjpnmidfimlkaohpidplnoimahfh [2018-07-06]
CHR Extension: (Docs) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Prendre RDV avec le Docteur Bouin Oli...) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejbcibdfgndcjkdbfklhbjffijenefo [2018-04-22]
CHR Extension: (YouTube) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-01]
CHR Extension: (Facebook) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2018-05-29]
CHR Extension: (SCRABBLE Mattel sur Facebook) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmjkdgonodkhjhaddccjjcimoaiomiai [2018-07-26]
CHR Extension: (SYLAB | Laboratoire de biologie médicale) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\egffjppccnbhbgdnjehdnpefejnmfdnf [2018-04-21]
CHR Extension: (Avast SafePrice | Comparaison, offres, coupons) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-04]
CHR Extension: (Avast Online Security) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-25]
CHR Extension: (1000 gtr - 800 VN - R1100 RT & AUTRES) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\idcbghipbcfgnghjjmdhniaagmbglklk [2018-04-12]
CHR Extension: (Mécanique moto, entretien, depannage,...) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\idojgmbfhcemlacabeoojnhjbpephopd [2018-04-21]
CHR Extension: (QR CODE) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfcgiamjbhdpdbajhocegfeemimbppkm [2018-04-29]
CHR Extension: (Google Maps) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-05-01]
CHR Extension: (Instagram) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\maonlnecdeecdljpahhnnlmhbmalehlm [2018-08-13]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-02]
CHR Extension: (Programme TV : le programme tnt tele ...) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\oimjeppbhcpdpmbeilfbfaainfenobee [2018-03-16]
CHR Extension: (DOCTEUR BOUIN) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\piaggacccliaolgdpchbganncfahhkjp [2018-04-22]
CHR Extension: (Gmail) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-01]
CHR Extension: (Chrome Media Router) - C:\Users\guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-13]
CHR Profile: C:\Users\guy\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-09-29]
CHR Profile: C:\Users\guy\AppData\Local\Google\Chrome\User Data\System Profile [2018-09-29]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-30] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-30] (AVAST Software)
S2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1612552 2012-09-26] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [146184 2012-09-19] (IVT Corporation)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1194512 2018-06-06] (Garmin Ltd. or its subsidiaries)
S2 HPConnectedRemote; C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-30] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-30] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-30] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-30] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-30] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-30] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163392 2018-09-11] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-30] (AVAST Software)
R0 AswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87904 2018-08-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467320 2018-09-04] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215920 2018-09-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-30] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [91648 2012-08-22] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\WINDOWS\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthHFSrv; C:\WINDOWS\System32\svchost.exe [38792 2014-11-21] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
U4 BthHFSrv; C:\WINDOWS\SysWOW64\svchost.exe [33088 2014-11-21] (Microsoft Corporation)
S3 BthL2caScoIfSrv; C:\WINDOWS\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 btUrbFilterDrv; C:\WINDOWS\System32\Drivers\IvtUrbBtFlt.sys [48608 2012-10-02] (Ralink Corporation)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-09-11] (Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [200232 2018-10-07] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [118584 2018-10-07] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [58400 2018-10-07] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [260384 2018-10-07] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [110424 2018-10-08] (Malwarebytes)
S3 qcfilter; C:\WINDOWS\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbnet; C:\WINDOWS\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [277648 2012-09-19] (Realtek Semiconductor Corp.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-25] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-25] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-10-08 19:00 - 2018-10-08 19:01 - 000024784 _____ C:\Users\guy\Desktop\FRST.txt
2018-10-08 19:00 - 2018-10-08 19:00 - 000000000 ____D C:\FRST
2018-10-08 18:58 - 2018-10-08 18:59 - 002414592 _____ (Farbar) C:\Users\guy\Desktop\FRST64.exe
2018-10-07 18:49 - 2018-10-07 18:49 - 000058400 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-10-07 18:48 - 2018-10-08 18:00 - 000110424 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-10-07 18:48 - 2018-10-07 18:48 - 000260384 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-10-07 18:48 - 2018-10-07 18:48 - 000200232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-10-07 18:48 - 2018-10-07 18:48 - 000118584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-10-07 18:48 - 2018-10-07 18:48 - 000000000 ____D C:\Users\guy\AppData\Local\mbamtray
2018-10-07 18:47 - 2018-10-07 18:47 - 000001883 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-07 18:47 - 2018-10-07 18:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-10-07 18:47 - 2018-09-11 13:18 - 000152688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-09-29 10:56 - 2018-09-29 10:56 - 000000000 ____D C:\Users\guy\AppData\Local\mbam
2018-09-29 09:57 - 2018-09-29 09:57 - 000001906 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-09-21 18:13 - 2018-09-21 18:14 - 000000000 ____D C:\Users\guy\Documents\machine a coudre
2018-09-15 17:20 - 2018-09-15 17:20 - 000457999 _____ C:\Users\guy\Documents\notice ecran ordi bureau.pdf
2018-09-13 20:34 - 2018-03-27 01:24 - 000029352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2018-09-13 20:34 - 2018-03-27 01:24 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2018-09-13 20:34 - 2018-03-27 01:17 - 000030888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2018-09-13 20:34 - 2018-03-27 01:17 - 000019088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2018-09-13 20:30 - 2018-08-28 07:39 - 001491032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2018-09-13 20:30 - 2018-08-28 05:46 - 001764408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2018-09-13 20:30 - 2018-08-28 03:36 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2018-09-13 20:30 - 2018-08-28 03:36 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-09-13 20:30 - 2018-08-24 01:05 - 025736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-09-13 20:30 - 2018-08-24 00:54 - 000289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-09-13 20:30 - 2018-08-24 00:34 - 005779456 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-09-13 20:30 - 2018-08-23 23:40 - 001555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-09-13 20:30 - 2018-08-23 23:27 - 020279296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-09-13 20:30 - 2018-08-23 22:51 - 004494848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-09-13 20:30 - 2018-08-23 22:27 - 001329664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-09-13 20:30 - 2018-08-14 03:22 - 022374608 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-09-13 20:30 - 2018-08-14 03:19 - 019790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-09-13 20:30 - 2018-08-13 22:06 - 002530384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-09-13 20:30 - 2018-08-13 22:03 - 001903744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-09-13 20:30 - 2018-08-13 21:32 - 001368680 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2018-09-13 20:30 - 2018-08-13 15:40 - 001754112 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-09-13 20:30 - 2018-08-13 15:39 - 001491968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-09-13 20:30 - 2018-08-13 15:33 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2018-09-13 20:30 - 2018-08-12 21:23 - 007373544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-09-13 20:30 - 2018-08-12 21:06 - 001676056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-09-13 20:30 - 2018-08-12 21:06 - 001536120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-09-13 20:30 - 2018-08-12 21:06 - 001500432 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-09-13 20:30 - 2018-08-12 21:06 - 001371352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-09-13 20:30 - 2018-08-12 21:04 - 002451808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-09-13 20:30 - 2018-08-12 18:31 - 002347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-09-13 20:30 - 2018-08-12 18:06 - 001556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-09-13 20:30 - 2018-08-09 18:41 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-09-13 20:30 - 2018-07-29 15:44 - 001265664 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-09-13 20:30 - 2018-07-24 19:50 - 006522344 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-09-13 20:30 - 2018-07-24 19:50 - 001488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-09-13 20:30 - 2018-07-24 19:50 - 000261408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2018-09-13 20:30 - 2018-07-24 15:45 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-09-13 20:30 - 2018-07-06 19:14 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2018-09-13 20:30 - 2018-07-06 18:22 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SessEnv.dll
2018-09-13 20:30 - 2018-07-06 01:17 - 001115648 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-09-13 20:30 - 2018-06-26 17:25 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2018-09-13 20:30 - 2018-06-26 17:14 - 000367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2018-09-13 20:30 - 2018-06-21 15:31 - 001200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-09-13 20:30 - 2018-06-21 15:30 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-09-13 20:29 - 2018-08-24 00:43 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-09-13 20:29 - 2018-08-24 00:33 - 000794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-09-13 20:29 - 2018-08-24 00:08 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2018-09-13 20:29 - 2018-08-24 00:01 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-09-13 20:29 - 2018-08-24 00:00 - 015283712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-09-13 20:29 - 2018-08-23 23:52 - 004510720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-09-13 20:29 - 2018-08-23 23:28 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-09-13 20:29 - 2018-08-23 23:15 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-09-13 20:29 - 2018-08-23 23:06 - 000662016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-09-13 20:29 - 2018-08-23 22:49 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2018-09-13 20:29 - 2018-08-23 22:48 - 013679616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-09-13 20:29 - 2018-08-23 22:44 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-09-13 20:29 - 2018-08-23 22:30 - 004037632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-09-13 20:29 - 2018-08-23 22:24 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-09-13 20:29 - 2018-08-13 15:30 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2018-09-13 20:29 - 2018-08-13 15:29 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2018-09-13 20:29 - 2018-08-09 19:40 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2018-09-13 20:29 - 2018-08-09 19:39 - 000113664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2018-09-13 20:29 - 2018-08-09 18:59 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-09-13 20:29 - 2018-08-09 18:41 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-09-13 20:29 - 2018-08-09 18:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-09-13 20:29 - 2018-07-18 15:34 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2018-09-13 20:29 - 2018-06-21 15:24 - 000513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-09-13 20:29 - 2018-06-21 15:24 - 000513456 _____ C:\WINDOWS\system32\locale.nls

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-10-08 18:52 - 2013-02-06 02:38 - 000003620 _____ C:\WINDOWS\SysWOW64\LOCALSERVICE.INI
2018-10-08 18:52 - 2012-09-26 10:53 - 000000950 _____ C:\WINDOWS\SysWOW64\bscs.ini
2018-10-08 18:35 - 2013-05-13 13:40 - 000000000 ___RD C:\Users\guy\IMAGES
2018-10-08 17:58 - 2018-07-17 21:28 - 000000000 ____D C:\Users\guy\AppData\Local\CrashDumps
2018-10-08 15:58 - 2017-03-17 13:04 - 000003916 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{38B1563C-9204-4074-9EC8-F8C7E9C0CAD5}
2018-10-08 11:53 - 2018-08-10 10:27 - 000003146 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForguy
2018-10-08 11:53 - 2018-08-10 10:27 - 000000336 _____ C:\WINDOWS\Tasks\HPCeeScheduleForguy.job
2018-10-08 11:17 - 2017-03-09 19:34 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2113795384-3983313327-170881632-1002
2018-10-08 08:29 - 2018-04-12 09:16 - 000000000 ____D C:\Users\guy\AppData\Local\AVAST Software
2018-10-07 14:55 - 2014-11-21 00:46 - 002018128 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-10-07 14:55 - 2014-11-21 00:03 - 000880712 _____ C:\WINDOWS\system32\perfh00C.dat
2018-10-07 14:55 - 2014-11-21 00:03 - 000189160 _____ C:\WINDOWS\system32\perfc00C.dat
2018-10-07 14:55 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-10-05 22:32 - 2017-03-09 19:51 - 000000000 ____D C:\ProgramData\AVAST Software
2018-10-05 21:22 - 2017-03-21 11:24 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForPCGUY$.job
2018-10-05 21:22 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-10-05 21:20 - 2013-02-06 02:38 - 000000043 _____ C:\WINDOWS\SysWOW64\LOCALDEVICE.INI
2018-10-05 17:29 - 2013-06-11 15:40 - 000000000 ____D C:\Users\guy\AppData\LocalLow\Adobe
2018-10-05 14:01 - 2017-03-09 19:59 - 000004168 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-10-05 08:20 - 2018-09-07 23:01 - 000003870 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-10-05 08:20 - 2017-04-11 09:23 - 000003916 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C7DC91E2-9BCF-4F33-8F95-A9F059CABE5C}
2018-10-05 08:20 - 2017-03-21 11:24 - 000003174 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForPCGUY$
2018-10-05 08:20 - 2017-03-12 08:52 - 000004460 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-10-05 08:20 - 2017-03-10 12:11 - 000002780 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-10-05 08:20 - 2017-03-10 10:30 - 000003556 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2018-10-05 08:20 - 2017-03-09 20:09 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-05 08:20 - 2017-03-09 20:09 - 000003374 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-05 08:19 - 2018-03-13 19:20 - 000004624 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-05 08:19 - 2017-03-17 09:11 - 000004636 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-05 08:19 - 2017-03-10 09:00 - 000004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-10-05 08:15 - 2017-03-09 19:59 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-10-04 17:42 - 2017-04-11 21:21 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-09-29 17:14 - 2016-11-18 00:52 - 000000000 ____D C:\Users\guy\AppData\LocalLow\Mozilla
2018-09-29 16:59 - 2017-03-10 10:31 - 000000000 ____D C:\Users\guy\AppData\Roaming\Garmin
2018-09-29 15:58 - 2017-03-10 10:31 - 000000000 ____D C:\ProgramData\Garmin
2018-09-29 11:54 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-09-29 09:58 - 2017-03-10 10:30 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-09-29 09:58 - 2017-03-10 09:13 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-29 09:57 - 2017-03-10 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-09-28 08:01 - 2017-03-09 20:32 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-28 08:01 - 2017-03-09 20:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-09-21 08:59 - 2017-03-09 20:32 - 000001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-18 17:47 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-18 10:34 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-18 08:39 - 2017-03-09 20:15 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-15 16:19 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2018-09-15 16:01 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-15 15:27 - 2013-09-09 14:37 - 000000549 _____ C:\DelFix.txt
2018-09-14 18:37 - 2017-03-10 13:22 - 000000000 ____D C:\Users\guy\AppData\Roaming\ZHP
2018-09-14 18:03 - 2017-06-07 08:29 - 000000000 ____D C:\Users\guy\AppData\Local\ZHP
2018-09-14 16:59 - 2013-08-22 16:44 - 000411632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-09-13 23:03 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2018-09-13 21:00 - 2017-03-10 12:10 - 000000000 ____D C:\Program Files\CCleaner
2018-09-13 20:29 - 2017-03-12 17:47 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-09-13 19:59 - 2017-03-12 17:46 - 139184408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-09-12 22:42 - 2018-04-11 15:26 - 001737592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-09-12 22:10 - 2017-03-09 19:59 - 000215920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-09-11 20:52 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-09-11 20:52 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-09-11 18:23 - 2017-03-09 19:59 - 000163392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys

==================== Fichiers à la racine de certains dossiers =======

2017-03-10 19:41 - 2017-06-08 19:08 - 002741760 _____ () C:\Users\guy\ZHPDiag3.exe
2017-04-01 11:43 - 2017-04-01 11:43 - 000017274 _____ () C:\Users\guy\AppData\Roaming\Soridik

Certains fichiers dans TEMP:
====================
2018-09-29 09:49 - 2018-09-29 09:49 - 083792120 _____ (Garmin Ltd or its subsidiaries) C:\Users\guy\AppData\Local\Temp\GarminExpressInstaller.exe

==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-10-08 16:38

==================== Fin de FRST.txt ============================