Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Exécuté par ju (administrateur) sur JU (28-08-2017 16:21:12)
Exécuté depuis C:\Users\ju\Desktop
Profils chargés: ju (Profils disponibles: ju)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\Everness\Application\chrome.exe" -- "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Acresso Software Inc.) C:\Cracked License Manager 10\lmgrd.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8471.45091.0_x64__8wekyb3d8bbwe\sway.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Cracked License Manager 10\ARCGIS.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-10] (AVAST Software)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [140394280 2017-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\Run: [background_fault] => C:\Users\ju\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-04] (AVAST Software) <==== ATTENTION
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\RunOnce: [Uninstall 17.3.6917.0607\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ju\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\RunOnce: [Uninstall 17.3.6917.0607] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ju\AppData\Local\Microsoft\OneDrive\17.3.6917.0607"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.orangeiloveyou.com/?data=zDlkMj81MdVQNkYxFdw3MWqyMkZWNYNLNdU1NdM8OUZXNkF1Mq== /q <==== ATTENTION
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {29f3a0dd-b939-11e6-8287-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {29f3a0f2-b939-11e6-8287-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {af621f07-e19c-11e6-8291-54271ea3223e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {b6e82824-3307-11e6-8270-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {c3da67af-3a68-11e7-82a9-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {e50cdde1-1fc4-11e7-829b-54271ea3223e} - "H:\ESRI.exe"
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
Startup: C:\Users\ju\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk [2017-04-14]
ShortcutTarget: ArcGIS License Manager 10 CRACKED.lnk -> C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs ()
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4bcb7e05-1500-4883-ab34-59bc63102bd7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9da01550-8cd4-42bc-aed2-49ca7ffa9181}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131468690512262822&GUID=C2B01A7C-ABDD-4402-851B-AF779577BB3E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131468690512454596&GUID=C2B01A7C-ABDD-4402-851B-AF779577BB3E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-3418498205-250011256-4183487016-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3418498205-250011256-4183487016-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-25] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3418498205-250011256-4183487016-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
FireFox:
========
FF DefaultProfile: zcquhyf2.default
FF DefaultProfile: gbt3zr6x.default
FF ProfilePath: C:\Users\ju\AppData\Roaming\Zotero\Zotero\Profiles\zcquhyf2.default [2017-03-15]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2017-03-15] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2017-03-15] [non signé]
FF ProfilePath: C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default [2017-06-05] <==== ATTENTION
FF Extension: (SimilarWeb) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-05-31] [non signé]
FF Extension: (HSearch) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\@E97YHOMI-FU8L-IM23-VUT9-RVDZT7M8XL8H.xpi [2017-05-04] [non signé]
FF Extension: (FF Adr) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-05-03] [non signé]
FF Extension: (Français Language Pack) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-05-03] [non signé]
FF SearchPlugin: C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\searchplugins\startsearch.xml [2017-05-03]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default [2017-05-03]
CHR Extension: (Google Slides) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-01]
CHR Extension: (Google Docs) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-01]
CHR Extension: (Google Drive) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Recherche Google) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Zotero Connector) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2017-03-15]
CHR Extension: (Google Sheets) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Avast Online Security) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-13]
CHR Extension: (Search Manager) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-04-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-27]
CHR Profile: C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default [2017-08-28]
CHR Extension: (Google Slides) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-16]
CHR Extension: (Google Docs) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-16]
CHR Extension: (Google Drive) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-16]
CHR Extension: (YouTube) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-16]
CHR Extension: (Avast SafePrice) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-28]
CHR Extension: (Google Sheets) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-16]
CHR Extension: (AdBlock) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-28]
CHR Extension: (Avast Online Security) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-28]
CHR Extension: (Search Manager) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-07-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Gmail) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3418498205-250011256-4183487016-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.ourluckysites.com/?type=sc&ts=1494525803&z=54830904fe7e7d671091182gezetfz3wbodw1mat8t&from=che0812&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AppleCloudSvc; C:\ProgramData\Apple\Common\Cloud\WinHelper.dll [108544 2017-04-26] () [Fichier non signé] <==== ATTENTION
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [71168 2014-12-04] (ASUS Cloud Corporation) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-10] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-12] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-19] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Fichier non signé]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [Fichier non signé]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-02] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [Fichier non signé]
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S2 wiasvc; C:\ProgramData\Microsoft\Windows\Image\capCADF.tmp [84 2017-06-01] () [Fichier non signé] <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUS Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-07-25] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-07-25] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-07-25] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-07-25] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [83312 2016-09-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-07-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-07-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-07-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-07-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-07-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-07-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-07-10] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
U1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2017-07-10] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S1 wuepltjz; C:\WINDOWS\system32\drivers\wuepltjz.sys [55168 2017-08-10] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 16:21 - 2017-08-28 16:23 - 000030545 _____ C:\Users\ju\Desktop\FRST.txt
2017-08-28 16:20 - 2017-08-28 16:21 - 000000000 ____D C:\FRST
2017-08-28 16:20 - 2017-08-28 16:20 - 002395648 _____ (Farbar) C:\Users\ju\Desktop\FRST64.exe
2017-08-28 11:07 - 2017-08-28 11:07 - 001792512 _____ (Farbar) C:\Users\ju\Downloads\FRST.exe
2017-08-28 10:53 - 2017-08-28 10:54 - 065942208 _____ (Malwarebytes ) C:\Users\ju\Downloads\mb3-setup-35891.35891-3.2.2.2018.exe
2017-08-22 19:34 - 2017-08-28 11:04 - 000002072 _____ C:\Users\ju\Desktop\Rkill.txt
2017-08-22 19:34 - 2017-08-22 20:05 - 000000000 ____D C:\Users\ju\Desktop\rkill
2017-08-22 19:34 - 2017-08-22 19:34 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\ju\Downloads\rkill.exe
2017-08-22 19:30 - 2017-08-22 19:31 - 064025992 _____ (Malwarebytes ) C:\Users\ju\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060.exe
2017-08-10 22:04 - 2017-08-10 22:04 - 000055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wuepltjz.sys
2017-08-10 22:04 - 2017-08-10 22:04 - 000001281 _____ C:\Users\ju\Desktop\Google Chrome.lnk
2017-07-29 10:40 - 2017-07-29 10:40 - 001038490 _____ C:\Users\ju\Downloads\GrilleV2.xlsx
2017-07-29 10:30 - 2017-07-29 10:30 - 000098100 _____ C:\Users\ju\Downloads\prix_sigfra_standards (1).xlsx
2017-07-29 10:16 - 2017-07-29 10:16 - 000098100 _____ C:\Users\ju\Downloads\prix_sigfra_standards.xlsx
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 16:19 - 2017-04-28 09:50 - 000009488 _____ C:\Users\Public\Documents\temp.dat
2017-08-28 16:18 - 2015-12-01 12:56 - 000000093 _____ C:\Users\ju\AppData\Roaming\sp_data.sys
2017-08-28 16:17 - 2016-09-15 20:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-28 11:20 - 2016-10-19 10:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-08-27 13:11 - 2015-04-11 06:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-27 13:04 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-25 21:08 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-23 16:24 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-18 17:28 - 2017-03-20 19:37 - 000003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-08-18 17:28 - 2016-09-15 20:37 - 000003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-08-16 18:20 - 2016-09-15 20:37 - 000004022 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1464437168
2017-08-16 18:20 - 2016-05-28 14:06 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-15 16:53 - 2017-04-13 19:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-10 22:04 - 2017-05-03 16:09 - 000000000 ____D C:\Program Files (x86)\Firefox
2017-08-10 22:00 - 2015-12-02 18:35 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-10 22:00 - 2015-12-02 18:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 18:46 - 2016-09-15 20:37 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-09 18:25 - 2015-12-01 13:18 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-09 18:25 - 2015-12-01 13:18 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-04 13:08 - 2015-04-11 06:37 - 000000000 ____D C:\ProgramData\Skype
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 10:40 - 2015-12-01 12:51 - 000000000 ____D C:\Users\ju\AppData\Local\Packages
==================== Fichiers à la racine de certains dossiers =======
2015-12-01 12:56 - 2017-08-28 16:18 - 000000093 _____ () C:\Users\ju\AppData\Roaming\sp_data.sys
2016-09-15 20:17 - 2016-09-15 20:17 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-11 06:36 - 2012-09-07 13:37 - 000000103 _____ () C:\ProgramData\SetStretch.VBS
Fichiers à déplacer ou supprimer:
====================
C:\Users\ju\AppData\Local\background_fault\aswRD.exe
C:\Windows\Tasks\{66AD2C0B-18EF-D516-D709-7E8C7599C462}.job
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-26 09:26
==================== Fin de FRST.txt ============================
Exécuté par ju (administrateur) sur JU (28-08-2017 16:21:12)
Exécuté depuis C:\Users\ju\Desktop
Profils chargés: ju (Profils disponibles: ju)
Platform: Windows 10 Home Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\Everness\Application\chrome.exe" -- "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Filseclab Corporation Limited) C:\Program Files (x86)\ScreenShot\SSSvc.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Acresso Software Inc.) C:\Cracked License Manager 10\lmgrd.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Office.Sway_17.8471.45091.0_x64__8wekyb3d8bbwe\sway.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Cracked License Manager 10\ARCGIS.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-07-10] (AVAST Software)
HKLM\...\Run: [MRT] => C:\WINDOWS\system32\MRT.exe [140394280 2017-08-10] (Microsoft Corporation)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] ()
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\Run: [background_fault] => C:\Users\ju\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-04] (AVAST Software) <==== ATTENTION
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\RunOnce: [Uninstall 17.3.6917.0607\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ju\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\RunOnce: [Uninstall 17.3.6917.0607] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\ju\AppData\Local\Microsoft\OneDrive\17.3.6917.0607"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.orangeiloveyou.com/?data=zDlkMj81MdVQNkYxFdw3MWqyMkZWNYNLNdU1NdM8OUZXNkF1Mq== /q <==== ATTENTION
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {29f3a0dd-b939-11e6-8287-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {29f3a0f2-b939-11e6-8287-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {af621f07-e19c-11e6-8291-54271ea3223e} - "G:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {b6e82824-3307-11e6-8270-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {c3da67af-3a68-11e7-82a9-54271ea3223e} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\...\MountPoints2: {e50cdde1-1fc4-11e7-829b-54271ea3223e} - "H:\ESRI.exe"
IFEO\GoogleUpdate.exe: [Debugger] 324095823984.exe
IFEO\GoogleUpdaterService.exe: [Debugger] 8736459873644.exe
Startup: C:\Users\ju\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArcGIS License Manager 10 CRACKED.lnk [2017-04-14]
ShortcutTarget: ArcGIS License Manager 10 CRACKED.lnk -> C:\Cracked License Manager 10\start_lic_mgr_invisible.vbs ()
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{4bcb7e05-1500-4883-ab34-59bc63102bd7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9da01550-8cd4-42bc-aed2-49ca7ffa9181}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131468690512262822&GUID=C2B01A7C-ABDD-4402-851B-AF779577BB3E
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131468690512454596&GUID=C2B01A7C-ABDD-4402-851B-AF779577BB3E
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
HKU\S-1-5-21-3418498205-250011256-4183487016-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-3418498205-250011256-4183487016-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3418498205-250011256-4183487016-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-08-25] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-08-25] (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-01-29] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-08-25] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-3418498205-250011256-4183487016-1001 -> hxxp://www.ourluckysites.com/?type=hp&ts=1493793283&z=a7cd4d0ff529c66bd1740d2g0z0tbcfmdtecbo7mdg&from=ypid&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
FireFox:
========
FF DefaultProfile: zcquhyf2.default
FF DefaultProfile: gbt3zr6x.default
FF ProfilePath: C:\Users\ju\AppData\Roaming\Zotero\Zotero\Profiles\zcquhyf2.default [2017-03-15]
FF Extension: (Zotero LibreOffice Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroOpenOfficeIntegration@zotero.org [2017-03-15] [non signé]
FF Extension: (Zotero Word for Windows Integration) - C:\Program Files (x86)\Zotero Standalone\extensions\zoteroWinWordIntegration@zotero.org [2017-03-15] [non signé]
FF ProfilePath: C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default [2017-06-05] <==== ATTENTION
FF Extension: (SimilarWeb) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-05-31] [non signé]
FF Extension: (HSearch) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\@E97YHOMI-FU8L-IM23-VUT9-RVDZT7M8XL8H.xpi [2017-05-04] [non signé]
FF Extension: (FF Adr) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-05-03] [non signé]
FF Extension: (Français Language Pack) - C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-05-03] [non signé]
FF SearchPlugin: C:\Users\ju\AppData\Roaming\Firefox\Firefox\Profiles\gbt3zr6x.default\searchplugins\startsearch.xml [2017-05-03]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-08-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default [2017-05-03]
CHR Extension: (Google Slides) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-01]
CHR Extension: (Google Docs) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-01]
CHR Extension: (Google Drive) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-01]
CHR Extension: (YouTube) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-01]
CHR Extension: (Recherche Google) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-01]
CHR Extension: (Zotero Connector) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ekhagklcjbdpajgpjgmbionohlpdbjgc [2017-03-15]
CHR Extension: (Google Sheets) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-01]
CHR Extension: (Google Docs hors connexion) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (AdBlock) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-04-13]
CHR Extension: (Avast Online Security) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-04-13]
CHR Extension: (Search Manager) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-04-03]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-10]
CHR Extension: (Gmail) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-01]
CHR Extension: (Chrome Media Router) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Backup Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-27]
CHR Profile: C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default [2017-08-28]
CHR Extension: (Google Slides) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-16]
CHR Extension: (Google Docs) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-16]
CHR Extension: (Google Drive) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-16]
CHR Extension: (YouTube) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-16]
CHR Extension: (Avast SafePrice) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-08-28]
CHR Extension: (Google Sheets) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-16]
CHR Extension: (Google Docs hors connexion) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-16]
CHR Extension: (AdBlock) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-28]
CHR Extension: (Avast Online Security) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-28]
CHR Extension: (Search Manager) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\nahhmpbckpgdidfnmfkfgiflpjijilce [2017-07-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-28]
CHR Extension: (Gmail) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-16]
CHR Extension: (Chrome Media Router) - C:\Users\ju\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-16]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3418498205-250011256-4183487016-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe hxxp://www.ourluckysites.com/?type=sc&ts=1494525803&z=54830904fe7e7d671091182gezetfz3wbodw1mat8t&from=che0812&uid=TOSHIBAXMQ01ABD075_64LGC24OTXX64LGC24OT
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AppleCloudSvc; C:\ProgramData\Apple\Common\Cloud\WinHelper.dll [108544 2017-04-26] () [Fichier non signé] <==== ATTENTION
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [71168 2014-12-04] (ASUS Cloud Corporation) [Fichier non signé]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-07-10] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-07-10] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424392 2017-08-12] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-19] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-19] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [148160 2013-10-18] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [126952 2013-10-18] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [347200 2015-02-09] (WildTangent)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2016-08-26] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Fichier non signé]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2012-07-31] (Hewlett-Packard) [Fichier non signé]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-02] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2012-07-31] (Hewlett-Packard) [Fichier non signé]
R2 SSSvc; C:\Program Files (x86)\ScreenShot\SSSvc.exe [139744 2016-11-02] (Filseclab Corporation Limited)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S2 wiasvc; C:\ProgramData\Microsoft\Windows\Image\capCADF.tmp [84 2017-06-01] () [Fichier non signé] <==== ATTENTION
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2014-02-25] (Atheros) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 AsusTP; C:\WINDOWS\System32\drivers\AsusTP.sys [124928 2017-03-09] (ASUS Corporation)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320008 2017-07-25] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-07-25] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343288 2017-07-25] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57728 2017-07-25] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [83312 2016-09-19] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [46984 2017-07-10] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41800 2017-07-10] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [146704 2017-08-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110352 2017-07-10] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84392 2017-07-10] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1015880 2017-08-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [585608 2017-07-10] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [198768 2017-07-10] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361336 2017-07-10] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 DptfDevDram; C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2016-05-25] (Huawei Technologies Co., Ltd.)
R3 kbfiltr; C:\WINDOWS\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
U1 lpsport; C:\Windows\System32\Drivers\lpsport.sys [61304 2017-07-10] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-10-23] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [14136 2014-02-11] (Windows (R) Win 7 DDK provider)
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S1 wuepltjz; C:\WINDOWS\system32\drivers\wuepltjz.sys [55168 2017-08-10] (Microsoft Corporation)
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 16:21 - 2017-08-28 16:23 - 000030545 _____ C:\Users\ju\Desktop\FRST.txt
2017-08-28 16:20 - 2017-08-28 16:21 - 000000000 ____D C:\FRST
2017-08-28 16:20 - 2017-08-28 16:20 - 002395648 _____ (Farbar) C:\Users\ju\Desktop\FRST64.exe
2017-08-28 11:07 - 2017-08-28 11:07 - 001792512 _____ (Farbar) C:\Users\ju\Downloads\FRST.exe
2017-08-28 10:53 - 2017-08-28 10:54 - 065942208 _____ (Malwarebytes ) C:\Users\ju\Downloads\mb3-setup-35891.35891-3.2.2.2018.exe
2017-08-22 19:34 - 2017-08-28 11:04 - 000002072 _____ C:\Users\ju\Desktop\Rkill.txt
2017-08-22 19:34 - 2017-08-22 20:05 - 000000000 ____D C:\Users\ju\Desktop\rkill
2017-08-22 19:34 - 2017-08-22 19:34 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\ju\Downloads\rkill.exe
2017-08-22 19:30 - 2017-08-22 19:31 - 064025992 _____ (Malwarebytes ) C:\Users\ju\Downloads\mb3-setup-35891.35891-3.1.2.1733-1.0.139-1.0.2060.exe
2017-08-10 22:04 - 2017-08-10 22:04 - 000055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wuepltjz.sys
2017-08-10 22:04 - 2017-08-10 22:04 - 000001281 _____ C:\Users\ju\Desktop\Google Chrome.lnk
2017-07-29 10:40 - 2017-07-29 10:40 - 001038490 _____ C:\Users\ju\Downloads\GrilleV2.xlsx
2017-07-29 10:30 - 2017-07-29 10:30 - 000098100 _____ C:\Users\ju\Downloads\prix_sigfra_standards (1).xlsx
2017-07-29 10:16 - 2017-07-29 10:16 - 000098100 _____ C:\Users\ju\Downloads\prix_sigfra_standards.xlsx
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-28 16:19 - 2017-04-28 09:50 - 000009488 _____ C:\Users\Public\Documents\temp.dat
2017-08-28 16:18 - 2015-12-01 12:56 - 000000093 _____ C:\Users\ju\AppData\Roaming\sp_data.sys
2017-08-28 16:17 - 2016-09-15 20:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-28 11:20 - 2016-10-19 10:02 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-08-27 13:11 - 2015-04-11 06:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-08-27 13:04 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-25 21:08 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-23 16:24 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-18 17:28 - 2017-03-20 19:37 - 000003544 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-08-18 17:28 - 2016-09-15 20:37 - 000003534 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-08-16 18:20 - 2016-09-15 20:37 - 000004022 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1464437168
2017-08-16 18:20 - 2016-05-28 14:06 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-08-15 16:53 - 2017-04-13 19:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-10 22:04 - 2017-05-03 16:09 - 000000000 ____D C:\Program Files (x86)\Firefox
2017-08-10 22:00 - 2015-12-02 18:35 - 140394280 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-08-10 22:00 - 2015-12-02 18:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-09 18:46 - 2016-09-15 20:37 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-08-09 18:25 - 2015-12-01 13:18 - 001015880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2017-08-09 18:25 - 2015-12-01 13:18 - 000146704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2017-08-04 13:08 - 2015-04-11 06:37 - 000000000 ____D C:\ProgramData\Skype
2017-07-31 17:14 - 2016-07-16 13:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-31 17:14 - 2016-07-16 13:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-07-29 10:40 - 2015-12-01 12:51 - 000000000 ____D C:\Users\ju\AppData\Local\Packages
==================== Fichiers à la racine de certains dossiers =======
2015-12-01 12:56 - 2017-08-28 16:18 - 000000093 _____ () C:\Users\ju\AppData\Roaming\sp_data.sys
2016-09-15 20:17 - 2016-09-15 20:17 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2015-04-11 06:36 - 2012-09-07 13:37 - 000000103 _____ () C:\ProgramData\SetStretch.VBS
Fichiers à déplacer ou supprimer:
====================
C:\Users\ju\AppData\Local\background_fault\aswRD.exe
C:\Windows\Tasks\{66AD2C0B-18EF-D516-D709-7E8C7599C462}.job
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-26 09:26
==================== Fin de FRST.txt ============================