Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 18-10-2017
Exécuté par Florian (administrateur) sur FLORIAN-PC (18-10-2017 17:58:06)
Exécuté depuis C:\Users\Florian\Downloads\FRST-OlderVersion
Profils chargés: Florian (Profils disponibles: Florian)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRGE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRGE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\Illustrator.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-23] (Intel Corporation)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-05-18] (MSI)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8547320 2016-01-20] (Binary Fortress Software)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{61509E93-BAAE-4582-9D07-20B4774D481C}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D455E9E6-A200-40C9-99C8-BC7C5FDC01F7}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL =
SearchScopes: HKU\S-1-5-21-2234173219-2657333421-1278088139-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2234173219-2657333421-1278088139-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKU\.DEFAULT -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKU\S-1-5-21-2234173219-2657333421-1278088139-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\NchIbO9R.default [2016-02-21]
FF Extension: (Avira Browser Safety) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\NchIbO9R.default\Extensions\abs@avira.com.xpi [2016-02-21]
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Greyfirst\Celtx\Profiles\kba6iioi.default [2016-03-06]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [non trouvé(e)]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
Chrome:
=======
CHR HomePage: Default -> hxxp://google/
CHR StartupUrls: Default -> "hxxp://www.google.fr/","hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl","hxxp://www.palikan.com/?f=7&a=plk_adwrldint_16_06&cd=2XzuyEtN2Y1L1Qzu0Dzz0E0BzyyBtCyD0Dzz0A0F0DtA0B0BtN0D0Tzu0StCyDtDtAtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyByEzzyE0B0D0DtAtGtC0FyB0DtGyCzyyCtBtGyCtC0CzztG0CyDyB0FtC0E0CyCtC0DzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czz0FtAtByDzyyDtGtAyDtC0BtGyE0FyByDtG0B0FtB0DtGtDtCzy0E0F0BzztD0ByD0FyE2QtN0A0LzuyE&cr=1182661570&ir=","hxxp://www.mysites123.com/?type=hp&ts=1455300973&z=2809729a9c382bbed302c93g8z4w9w2cee6e8tfmcc&from=amt&uid=samsungxssdx850xevox250gb_s21pnxcg935063e","hxxp://www.yoursearching.com/?type=hp&ts=1455301086&z=8dfb27d471213ba5692e9ccg8zcw4w6c8eeg8e4bdo&from=brd&uid=SamsungXSSDX850XEVOX250GB_S21PNXCG935063E","hxxp://fr.hao123.com/?tn=sdks_inner_hp_01_hao123_fr&guid=67df9346f5eafacc461b4efb43033c99"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default [2017-10-18]
CHR Extension: (Slides) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Adblock Plus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-29]
CHR Extension: (Save Tabs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjepfldodmdfmdidhhgamnklbdibndi [2017-10-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-30]
CHR Extension: (Sheets) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Protection Web Avira) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01]
CHR Profile: C:\Users\Florian\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-20] (Advanced Micro Devices) [Fichier non signé]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-10-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-10-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-10-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-10-13] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-10-02] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4616216 2016-01-20] (Binary Fortress Software)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677880 2017-04-25] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936 2008-06-26] () [Fichier non signé]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe -service [X]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-04-10] (Advanced Micro Devices)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194272 2017-09-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-08-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-18 17:55 - 2017-10-18 17:55 - 000046684 _____ C:\Users\Florian\Desktop\Addition.txt
2017-10-18 17:53 - 2017-10-18 17:58 - 000000000 ____D C:\Users\Florian\Downloads\FRST-OlderVersion
2017-10-18 16:55 - 2017-10-18 16:55 - 000024268 _____ C:\Users\Florian\Downloads\GJslWftJEJ8_FRST (1).download
2017-10-18 15:26 - 2017-10-18 15:26 - 000024268 _____ C:\Users\Florian\Downloads\GJslWftJEJ8_FRST.download
2017-10-18 13:17 - 2017-10-18 13:17 - 000000000 _____ C:\autoexec.bat
2017-10-18 12:37 - 2017-10-18 12:40 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Florian\Downloads\SpyHunter-Installer.exe
2017-10-18 12:28 - 2017-10-18 13:56 - 000000000 ____D C:\AdwCleaner
2017-10-18 12:26 - 2017-10-18 12:27 - 008250832 _____ (Malwarebytes) C:\Users\Florian\Downloads\adwcleaner_7.0.3.1.exe
2017-10-18 12:24 - 2017-10-18 17:58 - 000000000 ____D C:\FRST
2017-10-18 12:24 - 2017-10-18 17:55 - 000038458 _____ C:\Users\Florian\Downloads\FRST.txt
2017-10-18 12:24 - 2017-10-18 17:53 - 000046681 _____ C:\Users\Florian\Downloads\Addition.txt
2017-10-18 12:23 - 2017-10-18 17:53 - 002401792 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2017-10-18 11:03 - 2017-10-18 10:59 - 000051676 _____ C:\Users\Florian\Desktop\image1.jpeg
2017-10-18 10:59 - 2017-10-18 10:59 - 000051676 _____ C:\Users\Florian\Downloads\image1.jpeg
2017-10-17 12:09 - 2017-10-17 12:09 - 000584941 _____ C:\Users\Florian\Downloads\AppNee.com.Adobe.CS.CC.All.Products.Universal.Crack.Patcher.v2.0.7z
2017-10-16 18:04 - 2017-10-16 18:05 - 000820320 _____ (Adobe Systems Incorporated) C:\Users\Florian\Downloads\CreativeCloudSet-Up.exe
2017-10-16 18:00 - 2017-10-16 18:00 - 017784628 _____ C:\Users\Florian\Desktop\cvflorian.psd
2017-10-14 14:23 - 2017-10-14 14:24 - 000769748 _____ C:\Users\Florian\Downloads\Logo get with it (1).pdf
2017-10-14 14:23 - 2017-10-14 14:23 - 000884661 _____ C:\Users\Florian\Downloads\Logo get with it (2).pdf
2017-10-11 14:23 - 2017-10-11 14:23 - 000145176 _____ C:\Users\Florian\Downloads\PHOTP01-D3.pdf
2017-10-11 13:40 - 2017-10-11 13:40 - 004324713 _____ C:\Users\Florian\Downloads\Shoot Fitness exemples.rar
2017-10-11 13:29 - 2017-10-17 15:42 - 000000000 ____D C:\Users\Florian\Desktop\Shoot fitness exemples
2017-10-11 11:45 - 2017-10-11 11:45 - 000950320 _____ C:\Users\Florian\Downloads\montserrat.zip
2017-10-11 11:35 - 2017-10-11 11:35 - 000137568 _____ C:\Users\Florian\Downloads\911Fonts.com_CenturyGothicRegular__-_911fonts.com-fonts-mhpY.ttf
2017-10-11 11:06 - 2017-10-11 11:06 - 004041394 _____ C:\Users\Florian\Downloads\Black-and-white-cv-template.zip
2017-10-11 01:09 - 2017-10-11 01:09 - 002649516 _____ C:\Users\Florian\Desktop\billboard add.psd
2017-10-07 16:01 - 2017-10-07 16:01 - 000131911 _____ C:\Users\Florian\Downloads\zai_drukarnia_akademii_krakowskiej_1674.zip
2017-10-07 15:59 - 2017-10-07 15:59 - 000415017 _____ C:\Users\Florian\Downloads\times_new_yorker.zip
2017-10-07 15:54 - 2017-10-07 15:54 - 000572638 _____ C:\Users\Florian\Downloads\tangerine_2.zip
2017-09-26 11:29 - 2017-09-26 11:29 - 000699493 _____ C:\Users\Florian\Downloads\racingnumbers (1).zip
2017-09-26 11:28 - 2017-09-26 11:28 - 000699493 _____ C:\Users\Florian\Downloads\racingnumbers.zip
2017-09-21 01:45 - 2017-10-18 16:17 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2017-09-20 12:53 - 2017-09-20 12:53 - 000000000 ____D C:\Users\Florian\AppData\LocalLow\AMD
2017-09-19 17:48 - 2017-09-19 17:48 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Balabolka
2017-09-19 17:09 - 2017-09-19 17:09 - 000000000 ____D C:\Users\Florian\AppData\Local\Wondershare
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-18 17:51 - 2017-03-02 17:51 - 000000913 _____ C:\Windows\Tasks\EPSON XP-900 Series Update {8218E5AB-61DC-4613-9E72-5DBCB96E44E3}.job
2017-10-18 17:48 - 2017-01-13 18:48 - 000000913 _____ C:\Windows\Tasks\EPSON XP-900 Series Update {AAA24F86-419F-4AFB-9181-B56B8AD8BC95}.job
2017-10-18 17:30 - 2016-02-23 01:57 - 000000033 _____ C:\Users\Florian\AppData\Roaming\AdobeWLCMCache.dat
2017-10-18 17:05 - 2017-05-29 19:41 - 000000994 _____ C:\Windows\Tasks\Secured Yahoo Powered serit.job
2017-10-18 15:10 - 2016-06-28 22:41 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Skype
2017-10-18 14:10 - 2017-05-17 18:20 - 000000000 ____D C:\Users\Florian\AppData\Local\CrashDumps
2017-10-18 14:04 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-18 14:04 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-18 14:02 - 2011-04-12 11:16 - 000745742 _____ C:\Windows\system32\perfh00C.dat
2017-10-18 14:02 - 2011-04-12 11:16 - 000148794 _____ C:\Windows\system32\perfc00C.dat
2017-10-18 14:02 - 2009-07-14 07:13 - 001663870 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-18 14:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-18 13:58 - 2016-02-21 22:56 - 000000000 ___RD C:\Users\Florian\Creative Cloud Files
2017-10-18 13:58 - 2016-02-21 22:27 - 000000000 ____D C:\Users\Florian\AppData\Local\Adobe
2017-10-18 13:56 - 2016-02-21 19:17 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-10-18 13:56 - 2009-07-14 07:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-18 13:56 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-18 13:25 - 2016-02-21 18:51 - 000000000 ____D C:\Users\Florian
2017-10-18 12:35 - 2016-03-06 22:17 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Raptr
2017-10-18 12:34 - 2009-07-14 06:45 - 005096816 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-18 11:14 - 2017-05-17 13:14 - 000001456 _____ C:\Users\Florian\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2017-10-17 13:34 - 2016-02-21 22:55 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Adobe
2017-10-16 18:59 - 2016-02-22 00:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-10-16 18:31 - 2016-02-22 00:02 - 000000000 ____D C:\Program Files\Adobe
2017-10-16 18:29 - 2016-02-21 22:54 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-10-11 15:25 - 2016-11-08 18:07 - 000000000 ____D C:\Users\Florian\AppData\Roaming\vlc
2017-10-11 13:53 - 2017-05-17 13:08 - 000116792 _____ C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-11 10:42 - 2017-03-20 11:11 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-10-10 14:23 - 2016-02-23 01:45 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-10 14:23 - 2016-02-23 01:45 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-10 14:23 - 2016-02-23 01:45 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-10 14:23 - 2016-02-23 01:45 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-10 14:23 - 2016-02-23 01:45 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-03 17:49 - 2017-09-12 18:23 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger
2017-09-21 01:44 - 2016-02-21 19:52 - 000194272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-09-19 17:11 - 2017-08-29 13:03 - 000000000 ____D C:\Program Files (x86)\Balabolka
==================== Fichiers à la racine de certains dossiers =======
2016-02-23 01:57 - 2017-10-18 17:30 - 000000033 _____ () C:\Users\Florian\AppData\Roaming\AdobeWLCMCache.dat
2017-02-06 20:09 - 2017-02-06 20:09 - 000000078 _____ () C:\Users\Florian\AppData\Roaming\IC.dat
2017-05-17 13:14 - 2017-10-18 11:14 - 000001456 _____ () C:\Users\Florian\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-10 17:34
==================== Fin de FRST.txt ============================
Exécuté par Florian (administrateur) sur FLORIAN-PC (18-10-2017 17:58:06)
Exécuté depuis C:\Users\Florian\Downloads\FRST-OlderVersion
Profils chargés: Florian (Profils disponibles: Florian)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 8 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe
(Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRGE.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRGE.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
() C:\Program Files\TRENDnet\TEW-649UB\WlanCU.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\Illustrator.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Illustrator CC 2017\Support Files\Contents\Windows\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Photoshop.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Photoshop CC 2015\Required\CEP\CEPHtmlEngine\CEPHtmlEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [ISCT Tray] => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [5860656 2014-08-25] (Intel Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1172256 2014-11-10] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-03-23] (Intel Corporation)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1027024 2015-05-18] (MSI)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8547320 2016-01-20] (Binary Fortress Software)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIRGE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{61509E93-BAAE-4582-9D07-20B4774D481C}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{D455E9E6-A200-40C9-99C8-BC7C5FDC01F7}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL =
SearchScopes: HKU\S-1-5-21-2234173219-2657333421-1278088139-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2234173219-2657333421-1278088139-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fs_16_45¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Dzz0C0Bzz0A0CyC0Fzy0B0B0DtA0B0BtN0D0Tzu0StCyByBtBtN1L2XzutAtFtByEtFtAtDtFyDtDtN1L1Czu1ByDtN1L1G1B1V1N2Y1L1Qzu2SyD0E0FyC0B0B0CtBtGtBtAzz0DtGzz0F0BtCtGyBtBtBtAtGyCyBzytDyEyE0AyEtD0B0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0A0DyE0AyByDyEtG0A0B0EtDtGyE0C0CyEtG0A0B0AzztG0C0DtC0CtCtC0ByD0ByC0FtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyCyByD%26cr%3D1679478505%26a%3Dwbf_fs_16_45%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-26] (Intel Security)
Toolbar: HKU\.DEFAULT -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
Toolbar: HKU\S-1-5-21-2234173219-2657333421-1278088139-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-26] (Intel Security)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\NchIbO9R.default [2016-02-21]
FF Extension: (Avira Browser Safety) - C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\NchIbO9R.default\Extensions\abs@avira.com.xpi [2016-02-21]
FF ProfilePath: C:\Users\Florian\AppData\Roaming\Greyfirst\Celtx\Profiles\kba6iioi.default [2016-03-06]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [non trouvé(e)]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_159.dll [2017-10-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_159.dll [2017-10-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-11-10] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier]
Chrome:
=======
CHR HomePage: Default -> hxxp://google/
CHR StartupUrls: Default -> "hxxp://www.google.fr/","hxxps://fr.yahoo.com?fr=hp-avast&type=avastbcl","hxxp://www.palikan.com/?f=7&a=plk_adwrldint_16_06&cd=2XzuyEtN2Y1L1Qzu0Dzz0E0BzyyBtCyD0Dzz0A0F0DtA0B0BtN0D0Tzu0StCyDtDtAtN1L2XzutAtFtCzztFtCtFtCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyByEzzyE0B0D0DtAtGtC0FyB0DtGyCzyyCtBtGyCtC0CzztG0CyDyB0FtC0E0CyCtC0DzztB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0Czz0FtAtByDzyyDtGtAyDtC0BtGyE0FyByDtG0B0FtB0DtGtDtCzy0E0F0BzztD0ByD0FyE2QtN0A0LzuyE&cr=1182661570&ir=","hxxp://www.mysites123.com/?type=hp&ts=1455300973&z=2809729a9c382bbed302c93g8z4w9w2cee6e8tfmcc&from=amt&uid=samsungxssdx850xevox250gb_s21pnxcg935063e","hxxp://www.yoursearching.com/?type=hp&ts=1455301086&z=8dfb27d471213ba5692e9ccg8zcw4w6c8eeg8e4bdo&from=brd&uid=SamsungXSSDX850XEVOX250GB_S21PNXCG935063E","hxxp://fr.hao123.com/?tn=sdks_inner_hp_01_hao123_fr&guid=67df9346f5eafacc461b4efb43033c99"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default [2017-10-18]
CHR Extension: (Slides) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Adblock Plus) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-29]
CHR Extension: (Save Tabs) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjepfldodmdfmdidhhgamnklbdibndi [2017-10-18]
CHR Extension: (Adobe Acrobat) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-30]
CHR Extension: (Sheets) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Protection Web Avira) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-11]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Chrome Media Router) - C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-01]
CHR Profile: C:\Users\Florian\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2234173219-2657333421-1278088139-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iinglghmhcgdgjjlafobajghjamdchik] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2017-07-20] (Advanced Micro Devices) [Fichier non signé]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-10-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-10-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-10-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1525240 2017-10-13] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [404816 2017-10-02] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [4616216 2016-01-20] (Binary Fortress Software)
R2 EpsonCustomerResearchParticipation; C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [677880 2017-04-25] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2016-11-08] (Seiko Epson Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [209712 2014-08-25] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2014-11-10] (Intel Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
S2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (Seiko Epson Corporation)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-06-26] (McAfee, Inc.)
S2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-06-26] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-06-26] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files\TRENDnet\TEW-649UB\WlanWpsSvc.exe [167936 2008-06-26] () [Fichier non signé]
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe -service [X]
S2 InstallerService; "C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2017-04-10] (Advanced Micro Devices)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [194272 2017-09-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [151128 2017-08-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [22216 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [22728 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [25800 2014-05-27] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2014-05-27] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-11-10] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WacHidRouter; system32\DRIVERS\wachidrouter.sys [X]
S3 wacomrouterfilter; system32\DRIVERS\wacomrouterfilter.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-18 17:55 - 2017-10-18 17:55 - 000046684 _____ C:\Users\Florian\Desktop\Addition.txt
2017-10-18 17:53 - 2017-10-18 17:58 - 000000000 ____D C:\Users\Florian\Downloads\FRST-OlderVersion
2017-10-18 16:55 - 2017-10-18 16:55 - 000024268 _____ C:\Users\Florian\Downloads\GJslWftJEJ8_FRST (1).download
2017-10-18 15:26 - 2017-10-18 15:26 - 000024268 _____ C:\Users\Florian\Downloads\GJslWftJEJ8_FRST.download
2017-10-18 13:17 - 2017-10-18 13:17 - 000000000 _____ C:\autoexec.bat
2017-10-18 12:37 - 2017-10-18 12:40 - 005189808 _____ (Enigma Software Group USA, LLC.) C:\Users\Florian\Downloads\SpyHunter-Installer.exe
2017-10-18 12:28 - 2017-10-18 13:56 - 000000000 ____D C:\AdwCleaner
2017-10-18 12:26 - 2017-10-18 12:27 - 008250832 _____ (Malwarebytes) C:\Users\Florian\Downloads\adwcleaner_7.0.3.1.exe
2017-10-18 12:24 - 2017-10-18 17:58 - 000000000 ____D C:\FRST
2017-10-18 12:24 - 2017-10-18 17:55 - 000038458 _____ C:\Users\Florian\Downloads\FRST.txt
2017-10-18 12:24 - 2017-10-18 17:53 - 000046681 _____ C:\Users\Florian\Downloads\Addition.txt
2017-10-18 12:23 - 2017-10-18 17:53 - 002401792 _____ (Farbar) C:\Users\Florian\Downloads\FRST64.exe
2017-10-18 11:03 - 2017-10-18 10:59 - 000051676 _____ C:\Users\Florian\Desktop\image1.jpeg
2017-10-18 10:59 - 2017-10-18 10:59 - 000051676 _____ C:\Users\Florian\Downloads\image1.jpeg
2017-10-17 12:09 - 2017-10-17 12:09 - 000584941 _____ C:\Users\Florian\Downloads\AppNee.com.Adobe.CS.CC.All.Products.Universal.Crack.Patcher.v2.0.7z
2017-10-16 18:04 - 2017-10-16 18:05 - 000820320 _____ (Adobe Systems Incorporated) C:\Users\Florian\Downloads\CreativeCloudSet-Up.exe
2017-10-16 18:00 - 2017-10-16 18:00 - 017784628 _____ C:\Users\Florian\Desktop\cvflorian.psd
2017-10-14 14:23 - 2017-10-14 14:24 - 000769748 _____ C:\Users\Florian\Downloads\Logo get with it (1).pdf
2017-10-14 14:23 - 2017-10-14 14:23 - 000884661 _____ C:\Users\Florian\Downloads\Logo get with it (2).pdf
2017-10-11 14:23 - 2017-10-11 14:23 - 000145176 _____ C:\Users\Florian\Downloads\PHOTP01-D3.pdf
2017-10-11 13:40 - 2017-10-11 13:40 - 004324713 _____ C:\Users\Florian\Downloads\Shoot Fitness exemples.rar
2017-10-11 13:29 - 2017-10-17 15:42 - 000000000 ____D C:\Users\Florian\Desktop\Shoot fitness exemples
2017-10-11 11:45 - 2017-10-11 11:45 - 000950320 _____ C:\Users\Florian\Downloads\montserrat.zip
2017-10-11 11:35 - 2017-10-11 11:35 - 000137568 _____ C:\Users\Florian\Downloads\911Fonts.com_CenturyGothicRegular__-_911fonts.com-fonts-mhpY.ttf
2017-10-11 11:06 - 2017-10-11 11:06 - 004041394 _____ C:\Users\Florian\Downloads\Black-and-white-cv-template.zip
2017-10-11 01:09 - 2017-10-11 01:09 - 002649516 _____ C:\Users\Florian\Desktop\billboard add.psd
2017-10-07 16:01 - 2017-10-07 16:01 - 000131911 _____ C:\Users\Florian\Downloads\zai_drukarnia_akademii_krakowskiej_1674.zip
2017-10-07 15:59 - 2017-10-07 15:59 - 000415017 _____ C:\Users\Florian\Downloads\times_new_yorker.zip
2017-10-07 15:54 - 2017-10-07 15:54 - 000572638 _____ C:\Users\Florian\Downloads\tangerine_2.zip
2017-09-26 11:29 - 2017-09-26 11:29 - 000699493 _____ C:\Users\Florian\Downloads\racingnumbers (1).zip
2017-09-26 11:28 - 2017-09-26 11:28 - 000699493 _____ C:\Users\Florian\Downloads\racingnumbers.zip
2017-09-21 01:45 - 2017-10-18 16:17 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2017-09-20 12:53 - 2017-09-20 12:53 - 000000000 ____D C:\Users\Florian\AppData\LocalLow\AMD
2017-09-19 17:48 - 2017-09-19 17:48 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Balabolka
2017-09-19 17:09 - 2017-09-19 17:09 - 000000000 ____D C:\Users\Florian\AppData\Local\Wondershare
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-18 17:51 - 2017-03-02 17:51 - 000000913 _____ C:\Windows\Tasks\EPSON XP-900 Series Update {8218E5AB-61DC-4613-9E72-5DBCB96E44E3}.job
2017-10-18 17:48 - 2017-01-13 18:48 - 000000913 _____ C:\Windows\Tasks\EPSON XP-900 Series Update {AAA24F86-419F-4AFB-9181-B56B8AD8BC95}.job
2017-10-18 17:30 - 2016-02-23 01:57 - 000000033 _____ C:\Users\Florian\AppData\Roaming\AdobeWLCMCache.dat
2017-10-18 17:05 - 2017-05-29 19:41 - 000000994 _____ C:\Windows\Tasks\Secured Yahoo Powered serit.job
2017-10-18 15:10 - 2016-06-28 22:41 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Skype
2017-10-18 14:10 - 2017-05-17 18:20 - 000000000 ____D C:\Users\Florian\AppData\Local\CrashDumps
2017-10-18 14:04 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-18 14:04 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-18 14:02 - 2011-04-12 11:16 - 000745742 _____ C:\Windows\system32\perfh00C.dat
2017-10-18 14:02 - 2011-04-12 11:16 - 000148794 _____ C:\Windows\system32\perfc00C.dat
2017-10-18 14:02 - 2009-07-14 07:13 - 001663870 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-18 14:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-18 13:58 - 2016-02-21 22:56 - 000000000 ___RD C:\Users\Florian\Creative Cloud Files
2017-10-18 13:58 - 2016-02-21 22:27 - 000000000 ____D C:\Users\Florian\AppData\Local\Adobe
2017-10-18 13:56 - 2016-02-21 19:17 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2017-10-18 13:56 - 2009-07-14 07:08 - 000032482 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-10-18 13:56 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-18 13:25 - 2016-02-21 18:51 - 000000000 ____D C:\Users\Florian
2017-10-18 12:35 - 2016-03-06 22:17 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Raptr
2017-10-18 12:34 - 2009-07-14 06:45 - 005096816 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-18 11:14 - 2017-05-17 13:14 - 000001456 _____ C:\Users\Florian\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
2017-10-17 13:34 - 2016-02-21 22:55 - 000000000 ____D C:\Users\Florian\AppData\Roaming\Adobe
2017-10-16 18:59 - 2016-02-22 00:02 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-10-16 18:31 - 2016-02-22 00:02 - 000000000 ____D C:\Program Files\Adobe
2017-10-16 18:29 - 2016-02-21 22:54 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-10-11 15:25 - 2016-11-08 18:07 - 000000000 ____D C:\Users\Florian\AppData\Roaming\vlc
2017-10-11 13:53 - 2017-05-17 13:08 - 000116792 _____ C:\Users\Florian\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-11 10:42 - 2017-03-20 11:11 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-10-10 14:23 - 2016-02-23 01:45 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-10 14:23 - 2016-02-23 01:45 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-10 14:23 - 2016-02-23 01:45 - 000004484 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-10 14:23 - 2016-02-23 01:45 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-10 14:23 - 2016-02-23 01:45 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-03 17:49 - 2017-09-12 18:23 - 000003122 _____ C:\Windows\System32\Tasks\Avira SystrayStartTrigger
2017-09-21 01:44 - 2016-02-21 19:52 - 000194272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-09-19 17:11 - 2017-08-29 13:03 - 000000000 ____D C:\Program Files (x86)\Balabolka
==================== Fichiers à la racine de certains dossiers =======
2016-02-23 01:57 - 2017-10-18 17:30 - 000000033 _____ () C:\Users\Florian\AppData\Roaming\AdobeWLCMCache.dat
2017-02-06 20:09 - 2017-02-06 20:09 - 000000078 _____ () C:\Users\Florian\AppData\Roaming\IC.dat
2017-05-17 13:14 - 2017-10-18 11:14 - 000001456 _____ () C:\Users\Florian\AppData\Local\Adobe Enregistrer pour le Web 13.0 Prefs
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-10 17:34
==================== Fin de FRST.txt ============================