Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 27.01.2018
Exécuté par olivier (administrateur) sur PCPORTABLE (07-02-2018 14:18:52)
Exécuté depuis C:\Users\olivier\Downloads
Profils chargés: olivier & (Profils disponibles: olivier & olivi_000)
Platform: Windows 10 Home Version 1709 16299.192 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processus (Avec liste blanche) =================

(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\BCA\pabeSvc64.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39101.16720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17112.13411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1712.3351.0_x64__8wekyb3d8bbwe\Calculator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Users\olivier\AppData\Roaming\ZHP\ZHPDiag3.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Ptedit50\Ptedit50.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8827.21855.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registre (Avec liste blanche) ===========================

(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296008 2013-10-22] (TOSHIBA Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Realtek Camera Manager] => C:\WINDOWS\system32\RunLegacyCPLElevated.exe shell32.dll,Control_RunDLL "C:\WINDOWS\system32\Realtek Camera Manager.cpl"
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-01-30] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2540 Series"
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\Run: [ECigStats] => C:\Users\olivier\AppData\Roaming\ECigStats\ECigStats\ECigStats.exe [378896 2016-08-05] (Illusory Studios LLC)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\Run: [uTorrent] => C:\Users\olivier\AppData\Roaming\uTorrent\uTorrent.exe [1999544 2017-12-19] (BitTorrent Inc.)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\Run: [Amazon Music] => C:\Users\olivier\AppData\Local\Amazon Music\Amazon Music Helper.exe [3700200 2017-08-11] (Amazon Services LLC)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\...\MountPoints2: {17f0d3cd-9ea0-11e3-8251-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27011712 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIIUE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2540 Series"
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\Run: [ECigStats] => C:\Users\olivier\AppData\Roaming\ECigStats\ECigStats\ECigStats.exe [378896 2016-08-05] (Illusory Studios LLC)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\Run: [uTorrent] => C:\Users\olivier\AppData\Roaming\uTorrent\uTorrent.exe [1999544 2017-12-19] (BitTorrent Inc.)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\Run: [Amazon Music] => C:\Users\olivier\AppData\Local\Amazon Music\Amazon Music Helper.exe [3700200 2017-08-11] (Amazon Services LLC)
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\...\MountPoints2: {17f0d3cd-9ea0-11e3-8251-806e6f6e6963} - "D:\Setup.exe"
HKU\S-1-5-21-4007865293-2291960566-1256609526-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100403396\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2017-11-25]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series (réseau).lnk [2016-01-17]
ShortcutTarget: Alertes de surveillance de l'encre - HP Deskjet 3050A J611 series (réseau).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Alertes de surveillance de l'encre - hp imprimante maison sans fils.lnk [2017-05-13]
ShortcutTarget: Alertes de surveillance de l'encre - hp imprimante maison sans fils.lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)

Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2cdb94f4-5efb-4b84-bd02-75f8a1db4829}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{36c65425-19d4-4ff7-861c-3339e827401a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7150cc43-e9d7-42a4-b12a-8a10226a9a14}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{7150cc43-e9d7-42a4-b12a-8a10226a9a14}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e43b7860-7fad-4cf6-a603-6244f82fb68c}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{e43b7860-7fad-4cf6-a603-6244f82fb68c}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://toshiba.eu/symbaloo_c
HKU\S-1-5-21-4007865293-2291960566-1256609526-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100403396\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131285657495158419&GUID=3185D8CE-7D86-4859-ABDA-1F6CB01AD2CC
HKU\S-1-5-21-4007865293-2291960566-1256609526-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100403396\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TEJB
SearchScopes: HKLM -> DefaultScope {71015CB9-CB78-4152-9F5C-177F397ECD7B} URL =
SearchScopes: HKLM -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxps://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-7a4b809f&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {71015CB9-CB78-4152-9F5C-177F397ECD7B} URL =
SearchScopes: HKLM-x32 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4007865293-2291960566-1256609526-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4007865293-2291960566-1256609526-1001 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4007865293-2291960566-1256609526-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133 -> {26080cad-4adc-49ac-8c63-eda16e595cbd} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2016-12-06] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2016-12-06] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2016-07-15] (Intel Security)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\olivier\AppData\Roaming\Mozilla\Firefox\Profiles\0MVns2ca.default [2018-02-07]
FF Homepage: Mozilla\Firefox\Profiles\0MVns2ca.default -> hxxps://www.malwarebytes.org/restorebrowser/34e12b30524eee85a1¶m1=ArFaIWVoNqArQGMVInobADAevXFbMnMqQGMVAmRoNqAdBHFaISoeATVoNqAqAXFaIWQBvmE4ICILNopcGWUIvmE9Jmk3NVE9JCoUvFRdJmk4wVVdIWYWwVJdImIXwVQ3vCILNVJdESk8NUM9JmIWvFE9ISILNFdbDSk8wVU9ImIXvmo9ImoUwVA4ISoWwV5cGWUWvmFbEGUINF89JCIXwVA9JCITvFI9GqUNNFxcJqUDNF5bDGUNNEU3wGQGvFM3vCIXwVQ4JqYUNVFdJ6ISwVJdImIYvmo9I6IXNVJdIWYYwVw4JmoUwVQ9ISISvFI4ICoVwVU9JCIXNVRdJaYTvFJdJCoUNoU9GqUMNFBcJqQzNEBcGqQANFdcFCk8NoM3vmk4vFI9JaYUvmpdIGYVwVw9IWYUwVVdImISvFFdJ6k4vFI9IaYYNVBdJCoVwVxdJaYXwVU3vGYTvmk9JmoVvFNdJmk4wVNbFCILNVVdGSk8vFFoNqAqxrFaIWp5MGp6LWV4MbFbMnVoN9I4ATsux81cM819ME06BnAuxT0dznUbCaV7CaJ4C6MaAaZbQGR7y6MuwnEbQGMVNGZfNXFbMn0aQGMVE7ofAT06xbFbJqVdQGQXHT0gAJ%3D%3D¶m2=Nqt7MqV4MaJ6
FF NewTab: Mozilla\Firefox\Profiles\0MVns2ca.default -> about:newtab
FF Extension: (Avira Browser Safety) - C:\Users\olivier\AppData\Roaming\Mozilla\Firefox\Profiles\0MVns2ca.default\Extensions\abs@avira.com [2018-02-07]
FF Extension: (Protection Web Avira) - C:\Users\olivier\AppData\Roaming\Mozilla\Firefox\Profiles\0MVns2ca.default\Extensions\abs@avira.com.xpi [2018-01-02]
FF Extension: (Avira SafeSearch Plus) - C:\Users\olivier\AppData\Roaming\Mozilla\Firefox\Profiles\0MVns2ca.default\Extensions\safesearchplus2@avira.com.xpi [2018-01-02]
FF Extension: (Adblock Plus) - C:\Users\olivier\AppData\Roaming\Mozilla\Firefox\Profiles\0MVns2ca.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-10] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-10] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2016-12-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2016-12-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4007865293-2291960566-1256609526-1001: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.)
FF Plugin HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133: @verimatrix.com/ViewRightWeb -> C:\Program Files (x86)\Verimatrix\ViewRight Web\\npViewRight.dll [2014-06-10] (Verimatrix, Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.fr/
CHR StartupUrls: Default -> "hxxps://www.google.fr/","hxxps://www.google.com/"
CHR Profile: C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default [2018-02-07]
CHR Extension: (Slides) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-02]
CHR Extension: (Weather Avenue) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\baampgkagbmhnlhleemfbpecfjpakffj [2016-01-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-01-02]
CHR Extension: (YouTube) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-02]
CHR Extension: (Adblock Plus) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-02-06]
CHR Extension: (PagesJaunes) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfiebajnnakcjkedcfamhdfgckcbnhke [2016-01-02]
CHR Extension: (Sheets) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Horloge) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2016-01-02]
CHR Extension: (Google Docs hors connexion) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-20]
CHR Extension: (AllCast Receiver) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjbljnpdahefgnopeohlaeohgkiidnoe [2016-09-16]
CHR Extension: (Chrome to Mobile) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2016-01-02]
CHR Extension: (Avira SafeSearch Plus) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipmkfpcnmccejididiaagpgchgjfajgp [2017-12-13]
CHR Extension: (Adresse IP) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2016-09-02]
CHR Extension: (Google Play) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2016-01-02]
CHR Extension: (Skype) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-04]
CHR Extension: (Vérificateur de messages Google) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2016-01-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Mon thème Chrome) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2016-01-02]
CHR Extension: (Phone to Chrome) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojoecolejmnhkgafjnieigpjhgmpllnn [2018-01-08]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2016-01-02]
CHR Extension: (Ducena Tivane) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\phdccomfkenfcfmelmbpgbcpaodjogoi [2017-11-02]
CHR Extension: (Gmail) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-02]
CHR Extension: (Chrome Media Router) - C:\Users\olivier\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-26]
CHR HKLM\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4007865293-2291960566-1256609526-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4007865293-2291960566-1256609526-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-02072018100401133\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ehlceeijggpdgfcefmipcmdelickjgfg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Avec liste blanche) ====================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2018-01-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [492560 2018-01-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [492560 2018-01-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2018-01-30] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-10-01] (Windows (R) Win 7 DDK provider) [Fichier non signé]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [445112 2018-01-30] (Avira Operations GmbH & Co. KG)
R2 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe [71512 2017-11-02] (Google Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-11-06] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-08-31] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [Fichier non signé]
R2 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel(R) Corporation)
R2 IntelBCAsvc; C:\Program Files\Intel\BCA\pabeSvc64.exe [3026584 2016-05-06] (Intel(R) Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Fichier non signé]
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-11] (@ByELDI) [Fichier non signé]
S2 StockExpUpdater; C:\Program Files (x86)\Klick\Stock Express\StockExpUpdater.exe [465304 2015-10-11] (Klick) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2017-08-16] (TeamViewer GmbH)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe GmbH)
R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [908256 2016-07-22] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [15736 2016-07-22] (McAfee, Inc.)
R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [86864 2016-07-22] (McAfee, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-19] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-19] (Microsoft Corporation)

===================== Pilotes (Avec liste blanche) ======================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)

R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2018-01-30] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [178840 2018-01-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [169864 2018-01-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2018-01-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2018-01-30] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2018-01-30] (Avira Operations GmbH & Co. KG)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [33448 2016-12-07] ()
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30320 2017-11-23] (Windows (R) Codename Longhorn DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] () [Fichier non signé]
S3 ksapi64; C:\WINDOWS\system32\drivers\ksapi64.sys [56680 2016-11-16] (Kingsoft Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-02-06] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-02-06] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-02-06] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-02-06] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-02-07] (Malwarebytes)
R1 MpKsl124d9be2; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{248690EB-F17A-4D61-B1DC-BE80081ED100}\MpKsl124d9be2.sys [58120 2018-02-06] (Microsoft Corporation)
R3 netr28ux; C:\WINDOWS\System32\drivers\netr28ux.sys [2224128 2017-09-29] (MediaTek Inc.)
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [433912 2016-07-13] (Realsil Semiconductor Corporation)
S3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [9129176 2014-08-26] (Realtek Semiconductor Corp.)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-01-19] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-01-19] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-19] (Microsoft Corporation)

==================== NetSvcs (Avec liste blanche) ===================

(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)


==================== Un mois - Créés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-02-07 14:18 - 2018-02-07 14:20 - 000036456 _____ C:\Users\olivier\Downloads\FRST.txt
2018-02-07 14:17 - 2018-02-07 14:17 - 000001084 _____ C:\Users\olivier\Desktop\FRST64 - Raccourci.lnk
2018-02-07 14:10 - 2018-02-07 14:11 - 000061753 _____ C:\Users\olivier\Downloads\Addition.txt
2018-02-07 14:07 - 2018-02-07 14:18 - 000000000 ____D C:\FRST
2018-02-07 14:07 - 2018-02-07 14:11 - 000062380 _____ C:\Users\olivier\Desktop\FRST.txt
2018-02-07 14:03 - 2018-02-07 14:03 - 002393088 _____ (Farbar) C:\Users\olivier\Downloads\FRST64.exe
2018-02-07 12:47 - 2018-02-07 12:47 - 000103728 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (21).pdf
2018-02-07 10:31 - 2018-02-07 10:31 - 003064832 _____ (Nicolas Coolman) C:\Users\olivier\Downloads\zhpfix_2017.11-21.2 (2).exe
2018-02-07 10:26 - 2018-02-07 10:26 - 000196359 _____ C:\Users\olivier\Desktop\ZHPDiag.txt
2018-02-07 09:48 - 2018-02-07 09:48 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2018-02-07 09:48 - 2018-02-07 09:48 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-02-07 09:48 - 2018-01-30 06:51 - 000178840 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2018-02-07 09:48 - 2018-01-30 06:51 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2018-02-07 09:48 - 2018-01-30 06:51 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2018-02-07 09:48 - 2018-01-30 06:51 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2018-02-07 09:48 - 2018-01-30 06:51 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2018-02-07 09:48 - 2018-01-30 06:51 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2018-02-07 09:43 - 2018-02-07 09:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-02-07 09:43 - 2018-02-07 09:43 - 000001282 _____ C:\Users\Public\Desktop\Avira.lnk
2018-02-07 09:41 - 2018-02-07 09:42 - 005357088 _____ (Avira Operations GmbH & Co. KG) C:\Users\olivier\Downloads\avira_fr_av_5a7abbaadefbc__ws.exe
2018-02-07 09:19 - 2018-02-07 09:19 - 003064832 _____ (Nicolas Coolman) C:\Users\olivier\Downloads\zhpfix_2017.11-21.2 (1).exe
2018-02-07 09:17 - 2018-02-07 09:17 - 000000000 ____D C:\Users\olivier\Downloads\Quarantine
2018-02-07 09:16 - 2018-02-07 09:16 - 003064832 _____ (Nicolas Coolman) C:\Users\olivier\Downloads\zhpfix_2017.11-21.2.exe
2018-02-07 01:16 - 2018-02-07 01:16 - 000000000 ____H C:\Users\olivier\Documents\Default.rdp
2018-02-07 00:20 - 2018-02-07 00:20 - 000189806 _____ C:\Users\olivier\Desktop\ZHPDiag rapport.txt
2018-02-06 23:39 - 2018-02-07 02:01 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-02-06 23:16 - 2018-02-06 23:16 - 000000919 _____ C:\Users\olivier\Desktop\ZHPDiag.lnk
2018-02-06 23:15 - 2018-02-07 10:22 - 000000000 ____D C:\Users\olivier\AppData\Roaming\ZHP
2018-02-06 23:15 - 2018-02-06 23:15 - 000000000 ____D C:\Users\olivier\AppData\Local\ZHP
2018-02-06 23:14 - 2018-02-06 23:15 - 002987904 _____ C:\Users\olivier\Downloads\ZHPDiag3.exe
2018-02-06 23:07 - 2018-02-06 23:07 - 000022125 _____ C:\Users\olivier\Desktop\compte rendu.txt
2018-02-06 22:45 - 2018-02-06 22:45 - 000000000 ____D C:\ProgramData\SystemAcCrux
2018-02-06 22:44 - 2018-02-06 22:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.8
2018-02-06 22:44 - 2017-12-06 12:47 - 004094608 _____ C:\WINDOWS\system32\BootMan.exe
2018-02-06 22:44 - 2017-12-06 12:47 - 003076240 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2018-02-06 22:44 - 2017-12-01 16:32 - 000131728 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2018-02-06 22:44 - 2017-11-23 11:47 - 000030320 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\EPMVolFlt.sys
2018-02-06 22:44 - 2017-11-23 11:47 - 000030320 _____ (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\system32\Drivers\EPMVolFlt.sys
2018-02-06 22:44 - 2016-12-07 13:26 - 000033448 _____ C:\WINDOWS\system32\epmntdrv.sys
2018-02-06 22:44 - 2016-07-11 10:01 - 000010848 _____ C:\WINDOWS\system32\EuGdiDrv.sys
2018-02-06 22:44 - 2014-11-18 14:46 - 000021088 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2018-02-06 22:44 - 2014-11-18 14:46 - 000017504 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2018-02-06 22:43 - 2018-02-06 22:43 - 000000000 ____D C:\Program Files (x86)\EaseUS
2018-02-06 22:38 - 2018-02-06 22:39 - 039607616 _____ (EaseUS ) C:\Users\olivier\Downloads\epm_trial.exe
2018-02-06 22:37 - 2018-02-06 22:37 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-02-06 22:35 - 2018-02-07 14:10 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-02-06 22:35 - 2018-02-06 23:40 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-02-06 22:35 - 2018-02-06 23:40 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-02-06 22:34 - 2018-02-06 22:34 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-02-06 22:34 - 2018-02-06 22:34 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-06 22:34 - 2018-02-06 22:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-06 22:34 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-02-06 22:33 - 2018-02-06 22:33 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-06 22:32 - 2018-02-06 22:33 - 077802520 _____ (Malwarebytes ) C:\Users\olivier\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3881 (1).exe
2018-02-06 22:31 - 2018-02-06 22:32 - 077802520 _____ (Malwarebytes ) C:\Users\olivier\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3881.exe
2018-02-06 15:33 - 2018-02-06 15:33 - 005139504 _____ (Facebook Inc.) C:\Users\olivier\Downloads\ESET_T1557940987588885T_.exe
2018-02-06 11:32 - 2018-02-06 11:32 - 000087975 _____ C:\Users\olivier\Downloads\vosTimbres (26).pdf
2018-02-05 14:51 - 2018-02-05 14:51 - 000002131 _____ C:\Users\Public\Desktop\P-touch Address Book 1.1.lnk
2018-02-05 14:49 - 2018-02-05 14:49 - 000002113 _____ C:\Users\Public\Desktop\29x60.lnk
2018-02-05 14:07 - 2011-08-01 14:46 - 000068608 _____ (Brother Industries, Ltd.) C:\WINDOWS\system32\BSQ70L.DLL
2018-02-05 14:07 - 2011-07-12 21:26 - 000376832 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BSQ70M.EXE
2018-02-05 14:07 - 2011-06-30 11:55 - 000012288 _____ (Brother Industries, Ltd.) C:\WINDOWS\SysWOW64\BSQ70M.DLL
2018-02-05 14:07 - 2011-06-17 18:59 - 000001465 _____ C:\WINDOWS\system32\BSQ70L.INI
2018-02-05 14:07 - 2011-06-16 12:00 - 000016198 _____ C:\WINDOWS\SysWOW64\BSQ70M.CHM
2018-02-05 14:06 - 2011-06-10 14:58 - 000067584 _____ C:\WINDOWS\SysWOW64\BSQ70F.DLL
2018-02-05 14:03 - 2018-02-05 14:03 - 000002611 _____ C:\Users\Public\Desktop\P-touch Update Software.lnk
2018-02-04 20:00 - 2018-02-04 20:00 - 000104225 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (20).pdf
2018-02-04 17:16 - 2018-02-04 17:16 - 000288053 _____ C:\Users\olivier\Downloads\vosTimbres (25).pdf
2018-02-03 16:17 - 2018-02-03 16:20 - 000000000 ____D C:\Users\olivier\Desktop\garanti radiateur lidl
2018-02-02 16:22 - 2018-02-02 16:22 - 000103443 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (19).pdf
2018-02-02 16:21 - 2018-02-02 16:21 - 000103443 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (18).pdf
2018-02-02 12:51 - 2018-02-02 12:51 - 000103680 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (17).pdf
2018-02-01 14:45 - 2018-02-01 14:45 - 000102678 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (16).pdf
2018-02-01 10:27 - 2018-02-01 10:27 - 000003576 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-pcportable-olivier
2018-02-01 10:22 - 2018-02-01 10:22 - 000000000 ____D C:\Users\olivier\AppData\LocalLow\uTorrent
2018-02-01 03:38 - 2018-02-01 03:38 - 000111091 _____ C:\Users\olivier\AppData\Local\5698C253AC1D44d7BC8ACFF993689150.etiquette diy gungnir.lbx
2018-01-31 23:02 - 2018-01-31 23:02 - 000447642 _____ C:\Users\olivier\Downloads\facture-F-2018-100118.pdf
2018-01-31 13:07 - 2018-01-31 13:09 - 738816024 ____R C:\Users\olivier\Desktop\Dunkirk.2017.FRENCH.BDRip.XviD.ACOOL.avi
2018-01-31 13:07 - 2018-01-31 13:07 - 000031328 _____ C:\Users\olivier\Downloads\dunkerque-french-dvdrip-2017.torrent
2018-01-31 12:03 - 2018-01-31 12:03 - 000102699 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (15).pdf
2018-01-29 16:22 - 2018-01-29 16:22 - 000293213 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (14).pdf
2018-01-29 09:45 - 2018-01-29 09:45 - 000111221 _____ C:\Users\olivier\AppData\Local\6B339EDF49974c08A35D3BD95F46FD5E.etiquette client 29x62.lbx
2018-01-28 13:26 - 2018-01-28 13:26 - 000087838 _____ C:\Users\olivier\Downloads\vosTimbres (24).pdf
2018-01-28 12:53 - 2018-01-28 12:53 - 000016977 _____ C:\Users\olivier\Downloads\mes-doubles-ma-femme-et-moi-french-dvdrip-1996.torrent
2018-01-27 23:03 - 2018-01-27 23:03 - 000110103 _____ C:\Users\olivier\AppData\Local\16B3E0481C904af387900450E63AE397.etiquette client 29x62.lbx
2018-01-27 19:12 - 2018-01-27 19:12 - 000088322 _____ C:\Users\olivier\Downloads\vosTimbres (23).pdf
2018-01-27 16:20 - 2018-01-27 16:20 - 005139504 _____ (Facebook Inc.) C:\Users\olivier\Downloads\ESET_T1548785928504391T_.exe
2018-01-27 13:14 - 2018-01-27 13:14 - 000019213 _____ C:\Users\olivier\Downloads\vikings-s05e10-french-hdtv.torrent
2018-01-27 13:14 - 2018-01-27 13:14 - 000019213 _____ C:\Users\olivier\Downloads\vikings-s05e10-french-hdtv (1).torrent
2018-01-27 13:13 - 2018-01-27 13:13 - 000018628 _____ C:\Users\olivier\Downloads\vikings-s05e09-french-hdtv.torrent
2018-01-25 15:32 - 2018-01-25 15:32 - 000054948 _____ C:\Users\olivier\Downloads\vosTimbres (22).pdf
2018-01-25 15:19 - 2018-01-25 15:19 - 000101753 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (13).pdf
2018-01-25 14:49 - 2018-01-25 14:49 - 000087380 _____ C:\Users\olivier\Downloads\vosTimbres (21).pdf
2018-01-25 14:36 - 2018-01-25 14:36 - 000087754 _____ C:\Users\olivier\Downloads\vosTimbres (20).pdf
2018-01-23 22:47 - 2018-01-23 22:47 - 000104944 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (12).pdf
2018-01-22 12:48 - 2018-01-22 12:48 - 005139504 _____ (Facebook Inc.) C:\Users\olivier\Downloads\ESET_T1543720639010920T_ (1).exe
2018-01-22 12:47 - 2018-01-22 12:47 - 005139504 _____ (Facebook Inc.) C:\Users\olivier\Downloads\ESET_T1543720639010920T_.exe
2018-01-22 11:45 - 2018-01-22 11:45 - 000087740 _____ C:\Users\olivier\Downloads\vosTimbres (19).pdf
2018-01-22 11:37 - 2018-01-22 11:37 - 000095956 _____ C:\Users\olivier\Downloads\vosTimbres (18).pdf
2018-01-20 01:08 - 2018-01-20 01:08 - 000076603 _____ C:\Users\olivier\AppData\Local\A18E4EF85F3F446d9C8FB6AA416B0F31.etiquette diy alexis.lbx
2018-01-19 21:49 - 2018-01-19 21:49 - 000086717 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (11).pdf
2018-01-19 14:53 - 2018-01-19 14:53 - 000103313 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (10).pdf
2018-01-19 13:03 - 2018-01-19 13:03 - 000102699 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (9).pdf
2018-01-18 23:54 - 2018-01-18 23:54 - 000007605 _____ C:\Users\olivier\Downloads\viking_elder_runes (1).zip
2018-01-18 19:47 - 2018-01-18 19:47 - 000387333 _____ C:\Users\olivier\Downloads\Principaux tarifs au départ de France Métropolitaine à compter du 1er janvier 2018.pdf
2018-01-18 11:13 - 2018-01-18 11:13 - 000105184 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (8).pdf
2018-01-17 17:05 - 2018-01-17 17:05 - 000087827 _____ C:\Users\olivier\Downloads\vosTimbres (17).pdf
2018-01-17 16:46 - 2018-01-17 16:46 - 000000000 ____D C:\ProgramData\TrueKey
2018-01-17 16:42 - 2018-01-17 16:42 - 000001937 _____ C:\Users\olivier\AppData\Local\0FD7488330C140cdA5DE1CA3C0F01AA1.etiquette diy alexis.lbx
2018-01-15 14:41 - 2018-01-15 14:41 - 000232461 _____ C:\Users\olivier\Downloads\vosTimbres (16).pdf
2018-01-15 01:46 - 2018-01-15 01:50 - 000000000 ____D C:\Users\olivier\Desktop\bureau 0118
2018-01-15 01:36 - 2018-01-15 01:36 - 000007605 _____ C:\Users\olivier\Downloads\viking_elder_runes.zip
2018-01-15 01:30 - 2018-01-15 01:30 - 001923504 _____ (Adobe Systems Incorporated) C:\Users\olivier\Downloads\Lightroom_Set-Up.exe
2018-01-13 19:54 - 2018-01-13 19:54 - 000017156 _____ C:\Users\olivier\Downloads\vikings-s05e04-french-hdtv.torrent
2018-01-13 17:32 - 2018-01-13 17:32 - 000349624 _____ C:\Users\olivier\AppData\Local\A13CC9DD2076433eA58C141C0FDE50D5.étiquettes clients.lbx
2018-01-13 17:32 - 2018-01-13 17:32 - 000111674 _____ C:\Users\olivier\AppData\Local\FC8C2A016276481591EA9AA7556591C4.etiquette diy ivarr.lbx
2018-01-13 17:11 - 2018-01-13 17:11 - 000182123 _____ C:\Users\olivier\Downloads\ca-it-french-bluray-720p-2017.torrent
2018-01-13 17:10 - 2018-01-13 17:10 - 000058670 _____ C:\Users\olivier\Downloads\wonder-woman-french-dvdrip-2017.torrent
2018-01-13 17:09 - 2018-01-13 17:09 - 000017143 _____ C:\Users\olivier\Downloads\vikings-s05e08-french-hdtv.torrent
2018-01-13 17:08 - 2018-01-13 17:08 - 000017181 _____ C:\Users\olivier\Downloads\vikings-s05e07-french-hdtv.torrent
2018-01-13 17:08 - 2018-01-13 17:08 - 000016964 _____ C:\Users\olivier\Downloads\vikings-s05e06-french-hdtv.torrent
2018-01-13 17:07 - 2018-01-13 17:07 - 000019248 _____ C:\Users\olivier\Downloads\vikings-s05e05-french-hdtv.torrent
2018-01-13 17:06 - 2018-01-13 17:06 - 000017153 _____ C:\Users\olivier\Downloads\vikings-s05e04-vostfr-hdtv.torrent
2018-01-13 17:06 - 2018-01-13 17:06 - 000017137 _____ C:\Users\olivier\Downloads\vikings-s05e03-french-hdtv.torrent
2018-01-13 17:05 - 2018-01-13 17:05 - 000016984 _____ C:\Users\olivier\Downloads\vikings-s05e02-french-hdtv.torrent
2018-01-13 17:04 - 2018-01-13 17:04 - 000016984 _____ C:\Users\olivier\Downloads\vikings-s05e01-french-hdtv (1).torrent
2018-01-13 17:03 - 2018-02-03 16:54 - 000000000 ____D C:\Users\olivier\Desktop\Vikings s05
2018-01-13 17:02 - 2018-01-13 17:02 - 000016984 _____ C:\Users\olivier\Downloads\vikings-s05e01-french-hdtv.torrent
2018-01-13 02:17 - 2018-01-13 02:17 - 000084490 _____ C:\Users\olivier\Downloads\vosTimbres (15).pdf
2018-01-13 02:16 - 2018-01-13 02:16 - 000084490 _____ C:\Users\olivier\Downloads\vosTimbres (14).pdf
2018-01-12 13:51 - 2018-01-12 13:51 - 000102349 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (7).pdf
2018-01-12 12:46 - 2018-01-12 12:46 - 000079754 _____ C:\Users\olivier\Downloads\vosTimbres (13).pdf
2018-01-12 12:19 - 2018-01-12 12:19 - 000083807 _____ C:\Users\olivier\Downloads\vosTimbres (12).pdf
2018-01-12 11:35 - 2018-01-12 11:35 - 000103666 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (6).pdf
2018-01-10 14:40 - 2018-01-10 14:40 - 000077705 _____ C:\Users\olivier\Downloads\vosTimbres (11).pdf
2018-01-09 11:48 - 2018-01-09 11:48 - 000103376 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (5).pdf
2018-01-08 13:22 - 2018-01-08 13:22 - 000102718 _____ C:\Users\olivier\Downloads\Bordereaux-affranchissement (4).pdf
2018-01-08 12:37 - 2018-01-08 12:37 - 000076634 _____ C:\Users\olivier\AppData\Local\2FE2F7F707954c3eBE7BA0E4D3113DA8.etiquette diy aprinetto 2.lbx
2018-01-08 12:37 - 2018-01-08 12:37 - 000002080 _____ C:\Users\olivier\AppData\Local\06CB402923B64bb69A29531C3AB7CCFE.étiquettes clients.lbx
2018-01-08 12:19 - 2018-01-08 12:19 - 000086093 _____ C:\Users\olivier\Downloads\vosTimbres (10).pdf

==================== Un mois - Modifiés - fichiers et dossiers ========

(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)

2018-02-07 14:00 - 2017-12-11 15:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-02-07 11:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-02-07 09:58 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-07 09:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-02-07 09:47 - 2016-01-03 19:46 - 000000000 ____D C:\ProgramData\Avira
2018-02-07 09:47 - 2016-01-03 19:46 - 000000000 ____D C:\Program Files (x86)\Avira
2018-02-07 09:42 - 2014-02-26 06:05 - 000000000 ____D C:\ProgramData\Package Cache
2018-02-07 09:10 - 2017-12-11 16:35 - 002078062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-07 09:10 - 2017-09-30 15:40 - 000947032 _____ C:\WINDOWS\system32\perfh00C.dat
2018-02-07 09:10 - 2017-09-30 15:40 - 000191314 _____ C:\WINDOWS\system32\perfc00C.dat
2018-02-07 09:07 - 2017-12-11 16:42 - 000004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C807240B-1550-41D1-B4FD-C134ECF58599}
2018-02-07 03:41 - 2017-04-03 18:43 - 000000000 ____D C:\Users\olivier\Desktop\Bureau Skollvaping
2018-02-07 03:08 - 2016-03-10 11:04 - 000000000 ____D C:\ProgramData\EPSON
2018-02-07 03:03 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-02-07 02:51 - 2016-01-02 23:48 - 000000000 ____D C:\Users\olivier\AppData\Roaming\uTorrent
2018-02-07 02:24 - 2016-11-18 14:30 - 000000000 ____D C:\Users\olivier\AppData\LocalLow\Mozilla
2018-02-07 01:32 - 2016-01-27 23:15 - 000000000 ____D C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Applications Chrome
2018-02-06 23:41 - 2016-01-15 01:53 - 000000000 __SHD C:\Users\olivier\IntelGraphicsProfiles
2018-02-06 23:40 - 2017-12-11 15:54 - 000478256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-06 23:39 - 2017-12-11 16:42 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-06 23:38 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-02-06 23:32 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-02-06 22:33 - 2016-01-04 15:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-05 15:15 - 2017-04-26 13:09 - 000000000 ____D C:\Users\olivier\Documents\Mes étiquettes
2018-02-05 14:53 - 2017-04-26 12:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother P-touch
2018-02-05 14:53 - 2017-04-26 12:51 - 000000000 ____D C:\Program Files (x86)\Brother
2018-02-05 14:38 - 2016-01-03 00:33 - 000000000 ____D C:\Users\olivier\AppData\Local\ElevatedDiagnostics
2018-02-05 14:16 - 2017-04-26 12:59 - 000000000 ____D C:\Users\olivier\AppData\Roaming\Brother
2018-02-01 00:22 - 2017-12-11 16:42 - 000003372 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4007865293-2291960566-1256609526-1001
2018-02-01 00:22 - 2016-01-15 02:00 - 000002469 _____ C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-01 00:22 - 2016-01-15 02:00 - 000000000 ___RD C:\Users\olivier\OneDrive
2018-01-25 00:59 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-24 19:53 - 2016-01-03 23:21 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-01-24 19:48 - 2016-04-12 17:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-01-18 23:41 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-01-17 17:48 - 2017-12-11 16:05 - 000000000 ____D C:\Users\olivier\AppData\Local\Packages
2018-01-17 16:45 - 2017-09-28 23:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-01-17 16:45 - 2016-01-04 21:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-17 16:41 - 2016-01-04 21:13 - 000001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2018-01-17 16:24 - 2017-11-25 13:16 - 000000000 ____D C:\Users\olivier\AppData\Roaming\TP-LINK
2018-01-16 17:28 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-15 01:46 - 2017-04-13 19:18 - 000000000 ____D C:\Users\olivier\Desktop\bureau
2018-01-15 01:43 - 2016-01-03 16:56 - 000000000 ____D C:\Users\olivier\AppData\Local\Adobe
2018-01-15 01:37 - 2016-01-03 16:58 - 000000000 ____D C:\ProgramData\Adobe
2018-01-15 01:34 - 2016-01-03 16:59 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-01-13 17:33 - 2016-01-04 14:30 - 000000000 ____D C:\Users\olivier\AppData\Roaming\vlc
2018-01-13 17:20 - 2016-01-03 00:12 - 000001297 _____ C:\Users\olivier\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2018-01-13 17:05 - 2017-12-22 20:44 - 000000000 ____D C:\Users\olivier\Downloads\Ca.2017.FRENCH.HDRip.XviD-GZR.WwW.Torrent9.pe
2018-01-13 17:05 - 2017-12-11 17:27 - 000000000 ____D C:\Users\olivier\Downloads\The.Walking.Dead.S08E08.SUBFRENCH.HDTV.XviD-ZT.WwW.Torrent9.tv
2018-01-12 12:59 - 2016-01-15 01:53 - 000000000 ____D C:\Users\olivier\AppData\Local\Comms
2018-01-10 14:47 - 2016-01-04 17:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-10 14:37 - 2017-10-12 10:53 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-10 14:37 - 2016-01-04 17:39 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-10 14:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-01-10 14:30 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-01-09 11:17 - 2016-01-02 23:00 - 000002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 11:17 - 2016-01-02 23:00 - 000002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Fichiers à la racine de certains dossiers =======

2016-04-21 08:48 - 2016-04-25 21:53 - 000000098 _____ () C:\Users\olivier\AppData\Roaming\nuvotonISP.lua
2016-12-08 01:22 - 2016-12-08 01:22 - 002770453 _____ () C:\Users\olivier\AppData\Roaming\sb953.dat
2016-01-03 04:13 - 2017-11-24 10:15 - 000000341 _____ () C:\Users\olivier\AppData\Roaming\WB.CFG
2018-01-08 12:37 - 2018-01-08 12:37 - 000002080 _____ () C:\Users\olivier\AppData\Local\06CB402923B64bb69A29531C3AB7CCFE.étiquettes clients.lbx
2018-01-17 16:42 - 2018-01-17 16:42 - 000001937 _____ () C:\Users\olivier\AppData\Local\0FD7488330C140cdA5DE1CA3C0F01AA1.etiquette diy alexis.lbx
2018-01-27 23:03 - 2018-01-27 23:03 - 000110103 _____ () C:\Users\olivier\AppData\Local\16B3E0481C904af387900450E63AE397.etiquette client 29x62.lbx
2018-01-08 12:37 - 2018-01-08 12:37 - 000076634 _____ () C:\Users\olivier\AppData\Local\2FE2F7F707954c3eBE7BA0E4D3113DA8.etiquette diy aprinetto 2.lbx
2018-02-01 03:38 - 2018-02-01 03:38 - 000111091 _____ () C:\Users\olivier\AppData\Local\5698C253AC1D44d7BC8ACFF993689150.etiquette diy gungnir.lbx
2017-11-23 22:06 - 2017-11-23 22:06 - 000110630 _____ () C:\Users\olivier\AppData\Local\59A19A96110E44c4A4E0723013F04748.etiquette client 29x62.lbx
2018-01-29 09:45 - 2018-01-29 09:45 - 000111221 _____ () C:\Users\olivier\AppData\Local\6B339EDF49974c08A35D3BD95F46FD5E.etiquette client 29x62.lbx
2017-11-26 23:37 - 2017-11-26 23:37 - 000111171 _____ () C:\Users\olivier\AppData\Local\6F38685CFAF44d8d881C52C870CAB9D4.etiquette client 29x62.lbx
2017-12-25 11:13 - 2017-12-25 11:13 - 000001989 _____ () C:\Users\olivier\AppData\Local\8B9C274D77C44debB154F82CA384CCBF.Mise en page2.lbx
2018-01-13 17:32 - 2018-01-13 17:32 - 000349624 _____ () C:\Users\olivier\AppData\Local\A13CC9DD2076433eA58C141C0FDE50D5.étiquettes clients.lbx
2018-01-20 01:08 - 2018-01-20 01:08 - 000076603 _____ () C:\Users\olivier\AppData\Local\A18E4EF85F3F446d9C8FB6AA416B0F31.etiquette diy alexis.lbx
2017-11-26 23:37 - 2017-11-26 23:37 - 000029099 _____ () C:\Users\olivier\AppData\Local\B9D7E9B3CC9B483b88C40F09A97543AE.sample skollnetto.lbx
2018-01-05 23:05 - 2018-01-05 23:05 - 000110556 _____ () C:\Users\olivier\AppData\Local\DBF42BF0F55242e3B5F12849D3555B89.etiquette diy alexis.lbx
2017-12-10 02:41 - 2017-12-10 02:41 - 000110631 _____ () C:\Users\olivier\AppData\Local\E1C546DA48C24174946EC92661A5EB33.etiquette client 29x62.lbx
2017-12-11 23:59 - 2017-12-11 23:59 - 000349573 _____ () C:\Users\olivier\AppData\Local\E664F983C285487bB6CFE6462D1E0104.etiquette client.lbx
2017-12-28 11:39 - 2017-12-28 11:39 - 000001995 _____ () C:\Users\olivier\AppData\Local\EA1C3AAAD6914a12B66674631AB3BE8D.etiquette client 29x62.lbx
2018-01-13 17:32 - 2018-01-13 17:32 - 000111674 _____ () C:\Users\olivier\AppData\Local\FC8C2A016276481591EA9AA7556591C4.etiquette diy ivarr.lbx
2017-12-13 13:21 - 2017-12-13 13:21 - 000000068 _____ () C:\Users\olivier\AppData\Local\LDvtrpnljh
2017-04-10 14:56 - 2017-04-10 14:56 - 000001030 _____ () C:\Users\olivier\AppData\Local\recently-used.xbel

Fichiers à déplacer ou supprimer:
====================
C:\Windows\Tasks\{7B67F4F6-C61D-01C9-7762-2CBAEB54874C}.job


==================== Bamital & volsnap ======================

(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)

C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement

LastRegBack: 2018-02-07 02:01

==================== Fin de FRST.txt ============================