Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-08-2017
Exécuté par D@Rk V@DoR (administrateur) sur OULSIL-HP (17-08-2017 20:31:30)
Exécuté depuis C:\Users\D@Rk V@DoR\Desktop
Profils chargés: D@Rk V@DoR & (Profils disponibles: D@Rk V@DoR & Visiteurs & Administrateur)
Platform: Windows 10 Education Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(PacketVideo) C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe
() C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(PacketVideo) C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\PromoUtil.exe
() C:\Program Files (x86)\360\Total Security\Utils\cef\cefutil.exe
() C:\Program Files (x86)\360\Total Security\Utils\cef\cefutil.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-29] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-01-30] (EasyBits Software AS)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Start_OrangeWifi_{9d78a505-6248-4d1b-81b6-df69655beccf}] => C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe [1944064 2014-03-26] ()
HKLM-x32\...\Run: [Start_Update_{9d78a505-6248-4d1b-81b6-df69655beccf}] => C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\UpdteApp.exe [1013760 2014-03-26] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [Facebook Update] => C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-24] (Facebook Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] ()
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\RunOnce: [Uninstall C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\MountPoints2: {a1afc37a-22e2-11e2-b6c6-08edb9ec7b40} - "H:\setup.exe"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [Facebook Update] => C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-24] (Facebook Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] ()
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\RunOnce: [Uninstall C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\MountPoints2: {a1afc37a-22e2-11e2-b6c6-08edb9ec7b40} - "H:\setup.exe"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [Facebook Update] => C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-24] (Facebook Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] ()
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\RunOnce: [Uninstall C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\MountPoints2: {a1afc37a-22e2-11e2-b6c6-08edb9ec7b40} - "H:\setup.exe"
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194657205\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848842\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll -> Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Agent Serveur Média.lnk [2015-07-05]
ShortcutTarget: Agent Serveur Média.lnk -> C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe (PacketVideo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-07-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2013-12-24]
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk [2014-04-18]
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2015-02-13]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{84fde5b7-d0f6-4c54-9210-176ac7cbfefe}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c0866286-42a5-44eb-8253-f32057226c18}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
SearchScopes: HKLM -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll => Pas de fichier
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-02-03] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll => Pas de fichier
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-02-03] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll [2007-02-16] (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\D@Rk V@DoR\AppData\Roaming\Mozilla\Firefox\Profiles\ywx9ci7g.default-1495658834282 [2017-08-17]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF Extension: (TrueSuite Website Logon) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2017-05-25] [non signé]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2012-08-10] ( HP)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-10-13] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000: facebook.com/fbDesktopPlugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127: facebook.com/fbDesktopPlugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689: facebook.com/fbDesktopPlugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-04-24] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-04-24] (RealPlayer Cloud)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.searchnu.com/406
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406","hxxp://start.iminent.com/?appId=79946ADA-0CC1-4481-A403-504ADDF284D7","hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=4415844BF576BCF7&affID=123706&tsp=5019","hxxp://websearch.calcitapp.info/","hxxp://www.search.ask.com/?o=APN10646A&gct=hp&d=102-0&v=a13350-377&t=4","hxxp://www.google.fr/"
CHR Profile: C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default [2017-08-17]
CHR Extension: (Google Slides) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-02]
CHR Extension: (Google Docs) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-02]
CHR Extension: (Google Drive) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-02]
CHR Extension: (Rapport) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-06-02]
CHR Extension: (YouTube) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-02]
CHR Extension: (Facebook) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-06-02]
CHR Extension: (Adobe Acrobat) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-02]
CHR Extension: (Website Logon) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2017-06-02]
CHR Extension: (Google Sheets) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-02]
CHR Extension: (Kaspersky Protection) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-06-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-02]
CHR Extension: (360 Internet Protection) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-07-01]
CHR Extension: (Skype) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-06-02]
CHR Extension: (Vérificateur de messages Google) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-06-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-02]
CHR Extension: (Outlook.com) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-06-02]
CHR Extension: (Gmail) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-02]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppIDSvc; C:\WINDOWS\System32\appidsvc.dll [124416 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 Appinfo; C:\WINDOWS\System32\appinfo.dll [125952 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 AppReadiness; C:\WINDOWS\system32\AppReadiness.dll [560128 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 AppXSvc; C:\WINDOWS\system32\appxdeploymentserver.dll [2279424 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 AudioEndpointBuilder; C:\WINDOWS\System32\AudioEndpointBuilder.dll [337920 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 Audiosrv; C:\WINDOWS\System32\Audiosrv.dll [942080 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2286848 2015-10-17] (Broadcom Corporation.)
S3 BDESVC; C:\WINDOWS\System32\bdesvc.dll [361472 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S2 BITS; C:\WINDOWS\System32\qmgr.dll [1054208 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 BrokerInfrastructure; C:\WINDOWS\System32\bisrv.dll [770560 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 bthserv; C:\WINDOWS\system32\bthserv.dll [157184 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S2 CDPSvc; C:\WINDOWS\System32\CDPSvc.dll [411648 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S2 CDPUserSvc; C:\WINDOWS\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S3 CertPropSvc; C:\WINDOWS\System32\certprop.dll [193536 2017-07-07] (Microsoft Corporation) [Fichier non signé]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [890368 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 DeviceAssociationService; C:\WINDOWS\system32\das.dll [447488 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [1984000 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 DmEnrollmentSvc; C:\WINDOWS\system32\Windows.Internal.Management.dll [407552 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll [298496 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [264704 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S2 DoSvc; C:\WINDOWS\system32\dosvc.dll [1231872 2017-03-28] (Microsoft Corporation) [Fichier non signé]
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [285696 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 EventLog; C:\WINDOWS\System32\wevtsvc.dll [1709056 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R3 FontCache; C:\WINDOWS\system32\FntCache.dll [1845248 2017-06-03] (Microsoft Corporation) [Fichier non signé]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
S3 FrameServer; C:\WINDOWS\system32\FrameServer.dll [805888 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S2 gpsvc; C:\WINDOWS\System32\gpsvc.dll [1227264 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 HomeGroupListener; C:\WINDOWS\system32\ListSvc.dll [274432 2016-11-02] (Microsoft Corporation) [Fichier non signé]
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-10-19] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2013-06-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [283648 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R3 LicenseManager; C:\WINDOWS\system32\LicenseManagerSvc.dll [26112 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 LSM; C:\WINDOWS\System32\lsm.dll [691712 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S3 MapsBroker; C:\WINDOWS\System32\moshost.dll [82944 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.587\McCHSvc.exe [404376 2017-06-30] (McAfee, Inc.)
S3 NetSetupSvc; C:\WINDOWS\System32\NetSetupSvc.dll [266752 2017-06-03] (Microsoft Corporation) [Fichier non signé]
R3 NgcCtnrSvc; C:\WINDOWS\System32\NgcCtnrSvc.dll [331264 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 NgcSvc; C:\WINDOWS\system32\ngcsvc.dll [983040 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 NlaSvc; C:\WINDOWS\System32\nlasvc.dll [368640 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [734432 2017-08-07] (Orange SA)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Fichier non signé]
S3 PhoneSvc; C:\WINDOWS\System32\PhoneService.dll [781824 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 PimIndexMaintenanceSvc; C:\WINDOWS\System32\PimIndexMaintenance.dll [203264 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3318784 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 ProfSvc; C:\WINDOWS\system32\profsvc.dll [358400 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
R2 RasMan; C:\WINDOWS\System32\rasmans.dll [657920 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [496128 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [431104 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 RetailDemo; C:\WINDOWS\system32\RDXService.dll [650752 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 RmSvc; C:\WINDOWS\System32\RMapi.dll [140800 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [890368 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [201728 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 SCPolicySvc; C:\WINDOWS\System32\certprop.dll [193536 2017-07-07] (Microsoft Corporation) [Fichier non signé]
R2 SENS; C:\WINDOWS\System32\sens.dll [70656 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-15] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1312768 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 SensorService; C:\WINDOWS\system32\SensorService.dll [417792 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 Serveur Média; C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo)
S3 SessionEnv; C:\WINDOWS\system32\sessenv.dll [387072 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [541696 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [792576 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-06-23] (IDT, Inc.) [Fichier non signé]
R3 StateRepository; C:\WINDOWS\system32\windows.staterepository.dll [4136448 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 stisvc; C:\WINDOWS\System32\wiaservc.dll [646656 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 StorSvc; C:\WINDOWS\system32\storsvc.dll [396800 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-29] (Synaptics Incorporated)
R2 tiledatamodelsvc; C:\WINDOWS\system32\tileobjserver.dll [574976 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 TrustedInstaller; C:\WINDOWS\servicing\TrustedInstaller.exe [122880 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S4 tzautoupdate; C:\WINDOWS\system32\tzautoupdate.dll [95232 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 UnistoreSvc; C:\WINDOWS\System32\unistore.dll [1184256 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [968704 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 UserDataSvc; C:\WINDOWS\System32\userdataservice.dll [1512448 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 UserManager; C:\WINDOWS\System32\usermgr.dll [1021440 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 UsoSvc; C:\WINDOWS\system32\usocore.dll [548864 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 vds; C:\WINDOWS\System32\vds.exe [649216 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicrdv; C:\WINDOWS\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicvss; C:\WINDOWS\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R3 VSS; C:\WINDOWS\system32\vssvc.exe [1443328 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 W32Time; C:\WINDOWS\system32\w32time.dll [520192 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 wbengine; C:\WINDOWS\system32\wbengine.exe [1547264 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 WbioSrvc; C:\WINDOWS\System32\wbiosrvc.dll [837632 2016-12-14] (Microsoft Corporation) [Fichier non signé]
R2 Wcmsvc; C:\WINDOWS\System32\wcmsvc.dll [715776 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\system32\winhttp.dll [818176 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [2716672 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S3 wisvc; C:\WINDOWS\system32\flightsettings.dll [635904 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 WlanSvc; C:\WINDOWS\System32\wlansvc.dll [2370048 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 wlidsvc; C:\WINDOWS\system32\wlidsvc.dll [2104320 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1837056 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 WPDBusEnum; C:\WINDOWS\system32\wpdbusenum.dll [87552 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 wscsvc; C:\WINDOWS\System32\wscsvc.dll [184832 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [903680 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [773120 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [2318848 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 WwanSvc; C:\WINDOWS\System32\wwansvc.dll [1282048 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 XblAuthManager; C:\WINDOWS\System32\XblAuthManager.dll [1016320 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 XblGameSave; C:\WINDOWS\System32\XblGameSave.dll [1159680 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 XboxNetApiSvc; C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536 2017-03-04] (Microsoft Corporation) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [183800 2017-07-10] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2017-07-10] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-08-11] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-08-11] (360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2017-07-10] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [432120 2017-07-10] (360.cn)
R1 ahcache; C:\WINDOWS\System32\DRIVERS\ahcache.sys [227328 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [199160 2017-07-10] (360.cn)
R1 BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [56320 2017-03-28] (Microsoft Corporation) [Fichier non signé]
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [41472 2017-06-03] (Microsoft Corporation) [Fichier non signé]
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208176 2015-10-17] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [6831688 2013-06-09] (Broadcom Corporation)
S3 bcmbusctr; C:\WINDOWS\System32\drivers\BcmBusCtr_64.sys [62976 2010-01-30] (Beceem communications pvt ltd.)
R3 bowser; C:\WINDOWS\System32\DRIVERS\bowser.sys [101888 2016-11-02] (Microsoft Corporation) [Fichier non signé]
S3 BthA2DP; C:\WINDOWS\system32\drivers\BthA2DP.sys [168448 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 BthEnum; C:\WINDOWS\System32\drivers\BthEnum.sys [114176 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 BthLEEnum; C:\WINDOWS\System32\drivers\BthLEEnum.sys [249856 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 BthPan; C:\WINDOWS\System32\drivers\bthpan.sys [128512 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [967680 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 BTHUSB; C:\WINDOWS\System32\drivers\BTHUSB.sys [84992 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 BTWDPAN; C:\WINDOWS\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 buttonconverter; C:\WINDOWS\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation) [Fichier non signé]
S3 CapImg; C:\WINDOWS\System32\drivers\capimg.sys [118272 2016-09-10] (Microsoft Corporation) [Fichier non signé]
R1 CSC; C:\WINDOWS\System32\drivers\csc.sys [552960 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R1 Dfsc; C:\WINDOWS\System32\Drivers\dfsc.sys [144896 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-17] (Samsung Electronics Co., Ltd.)
S3 HidBth; C:\WINDOWS\System32\drivers\hidbth.sys [108032 2016-07-16] (Microsoft Corporation) [Fichier non signé]
S3 hidi2c; C:\WINDOWS\System32\drivers\hidi2c.sys [51200 2016-07-16] (Microsoft Corporation) [Fichier non signé]
S3 HidUsb; C:\WINDOWS\System32\drivers\hidusb.sys [38400 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [Fichier non signé]
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2013-06-09] (Intel Corporation)
S3 kbdhid; C:\WINDOWS\System32\drivers\kbdhid.sys [39424 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-17] (Malwarebytes)
S3 Modem; C:\WINDOWS\System32\drivers\modem.sys [42496 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R1 MpKsldbcbc0cb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6AA234D9-4FA1-4B32-AD40-29DCB6C625F5}\MpKsldbcbc0cb.sys [44928 2017-07-23] (Microsoft Corporation)
S3 MRxDAV; C:\WINDOWS\system32\drivers\mrxdav.sys [143872 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 mrxsmb10; C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys [282624 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 MsBridge; C:\WINDOWS\System32\drivers\bridge.sys [115200 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 MSKSSRV; C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys [27136 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R3 NativeWifiP; C:\WINDOWS\System32\DRIVERS\nwifi.sys [535552 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S1 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507079.sys [961880 2015-12-12] (IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [514336 2016-02-01] (IBM Corp.)
S0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [152320 2016-02-01] (IBM Corp.)
S3 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [407168 2016-02-01] (IBM Corp.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [507424 2016-02-01] (IBM Corp.)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [81408 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 scmdisk0101; C:\WINDOWS\System32\drivers\scmdisk0101.sys [124928 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver.sys [21264 2012-03-02] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-29] (Synaptics Incorporated)
R2 srv; C:\WINDOWS\System32\DRIVERS\srv.sys [409600 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [713216 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [248320 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-17] (Samsung Electronics Co., Ltd.)
R2 tcpipreg; C:\WINDOWS\System32\drivers\tcpipreg.sys [52224 2017-07-07] (Microsoft Corporation) [Fichier non signé]
R3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation)
R3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [226816 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R3 vwifimp; C:\WINDOWS\System32\drivers\vwifimp.sys [40448 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\WINDOWS\System32\DRIVERS\wdiwifi.sys [719872 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 xboxgip; C:\WINDOWS\System32\drivers\xboxgip.sys [258560 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 xinputhid; C:\WINDOWS\System32\drivers\xinputhid.sys [43520 2016-10-15] (Microsoft Corporation) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-17 20:31 - 2017-08-17 20:33 - 000069515 _____ C:\Users\D@Rk V@DoR\Desktop\FRST.txt
2017-08-17 20:30 - 2017-08-17 20:31 - 000000000 ____D C:\FRST
2017-08-17 20:21 - 2017-08-17 20:22 - 002395648 _____ (Farbar) C:\Users\D@Rk V@DoR\Desktop\FRST64.exe
2017-08-17 19:52 - 2017-08-17 19:59 - 072497768 _____ C:\Users\D@Rk V@DoR\Desktop\360TS_Setup.exe
2017-08-17 19:46 - 2017-08-17 19:52 - 001477032 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\D@Rk V@DoR\Desktop\360TS_Setup_Mini.exe
2017-08-11 14:37 - 2017-08-11 14:37 - 000355656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-05 08:41 - 2017-08-05 08:41 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1070654630-3046732460-455524295-1000
2017-07-23 13:51 - 2017-08-17 20:13 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\LocalLow\360WD
2017-07-23 13:51 - 2017-08-05 08:52 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Roaming\360safe
2017-07-23 13:51 - 2017-07-23 13:51 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Roaming\360TotalSecurity
2017-07-23 13:51 - 2017-07-23 13:51 - 000000000 ____D C:\ProgramData\360TotalSecurity
2017-07-23 13:51 - 2017-07-23 13:51 - 000000000 ____D C:\ProgramData\360safe
2017-07-23 13:51 - 2017-07-10 10:44 - 000432120 _____ (360.cn) C:\WINDOWS\system32\Drivers\360FsFlt.sys
2017-07-23 13:50 - 2017-08-17 20:01 - 000001232 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2017-07-23 13:50 - 2017-08-17 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2017-07-23 13:50 - 2017-08-11 11:41 - 000339456 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2017-07-23 13:50 - 2017-08-05 08:18 - 000000000 _RSHD C:\360SANDBOX
2017-07-23 13:50 - 2017-07-23 13:50 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2017-07-23 13:50 - 2017-07-10 10:44 - 000339456 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys.343
2017-07-23 13:50 - 2017-07-10 10:44 - 000199160 _____ (360.cn) C:\WINDOWS\system32\Drivers\BAPIDRV64.sys
2017-07-23 13:50 - 2017-07-10 10:44 - 000183800 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2017-07-23 13:50 - 2017-07-10 10:44 - 000095232 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2017-07-23 13:50 - 2017-07-10 10:44 - 000057848 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Camera64.sys
2017-07-23 13:42 - 2017-07-23 13:42 - 000002019 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-07-23 13:42 - 2017-07-23 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-07-23 13:41 - 2017-07-23 13:41 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2017-07-23 13:30 - 2017-07-31 17:14 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-23 13:30 - 2017-07-31 17:14 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-17 20:29 - 2012-10-27 04:51 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\LocalLow\AuthenTec
2017-08-17 20:25 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-17 20:24 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-17 20:22 - 2017-05-25 20:49 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\LocalLow\Mozilla
2017-08-17 20:11 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-17 20:00 - 2017-06-06 19:46 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-08-17 19:59 - 2015-07-05 07:57 - 000000000 ____D C:\ProgramData\Serveur Média
2017-08-17 19:49 - 2015-06-28 18:33 - 000002583 _____ C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange Adventurer.lnk
2017-08-17 19:49 - 2015-06-28 18:33 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Local\Adventurer
2017-08-17 19:46 - 2016-07-17 00:48 - 002604060 _____ C:\WINDOWS\system32\perfh00C.dat
2017-08-17 19:46 - 2016-07-17 00:48 - 000701484 _____ C:\WINDOWS\system32\perfc00C.dat
2017-08-17 19:46 - 2015-10-03 18:23 - 005381566 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-17 19:44 - 2012-11-22 11:40 - 000001426 _____ C:\WINDOWS\wininit.ini
2017-08-17 19:43 - 2015-02-26 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
2017-08-17 19:40 - 2014-06-09 08:26 - 000000000 __SHD C:\Users\D@Rk V@DoR\IntelGraphicsProfiles
2017-08-17 19:39 - 2017-07-01 12:27 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-17 19:39 - 2016-10-15 20:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-17 19:39 - 2016-10-15 19:37 - 000000000 ____D C:\Users\D@Rk V@DoR
2017-08-17 19:39 - 2016-10-15 19:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-17 19:39 - 2015-07-05 07:57 - 000000000 ____D C:\Program Files (x86)\Serveur Media
2017-08-11 15:41 - 2013-07-13 13:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-11 15:22 - 2012-10-27 07:37 - 140394280 ____C C:\WINDOWS\system32\MRT.exe
2017-08-11 11:41 - 2015-10-30 23:58 - 000095232 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2017-08-05 09:00 - 2017-07-02 17:18 - 000000000 ___HD C:\$WINDOWS.~BT
2017-08-05 09:00 - 2016-10-15 20:28 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-05 08:43 - 2013-04-17 00:59 - 000000000 __RDO C:\Users\D@Rk V@DoR\SkyDrive
2017-08-05 08:41 - 2015-10-03 19:52 - 000002432 _____ C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-05 08:30 - 2009-07-14 04:34 - 000000478 _____ C:\WINDOWS\win.ini
2017-07-23 14:26 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-07-23 13:47 - 2015-10-04 21:57 - 000000000 ____D C:\Program Files (x86)\360
2017-07-23 13:42 - 2015-11-08 21:44 - 000000000 ____D C:\Program Files\McAfee Security Scan
2017-07-23 13:39 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-23 13:38 - 2012-11-01 12:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-07-23 13:27 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-07-23 13:26 - 2016-07-16 08:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
==================== Fichiers à la racine de certains dossiers =======
2013-12-15 01:07 - 2013-12-15 01:07 - 000003478 _____ () C:\Users\D@Rk V@DoR\AppData\Roaming\temp8916.txt
2013-07-08 01:28 - 2015-03-31 23:08 - 000005632 _____ () C:\Users\D@Rk V@DoR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-02 08:33 - 2012-11-02 08:33 - 000000017 _____ () C:\Users\D@Rk V@DoR\AppData\Local\resmon.resmoncfg
2015-07-05 07:47 - 2015-07-05 07:47 - 009276713 _____ () C:\Users\D@Rk V@DoR\AppData\Local\SelfExtractible.zip
2012-11-28 03:20 - 2012-11-28 03:24 - 000008544 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20121128.022020.txt
2013-01-17 00:07 - 2013-01-17 00:08 - 000008854 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20130116.230747.txt
2013-01-17 04:07 - 2013-01-17 04:08 - 000008839 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20130117.030713.txt
2013-01-26 01:52 - 2013-01-26 01:55 - 000008854 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20130126.005212.txt
2015-04-26 22:57 - 2015-04-26 23:01 - 000017511 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20150426.225755.txt
2015-11-15 20:10 - 2015-11-15 20:10 - 000000011 _____ () C:\ProgramData\.tv5
2015-09-20 20:09 - 2015-09-20 20:09 - 000000057 _____ () C:\ProgramData\Ament.ini
2013-11-30 20:00 - 2013-11-30 20:00 - 000002763 _____ () C:\ProgramData\connector.swf
2013-12-24 15:34 - 2013-12-24 15:34 - 000000086 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Certains fichiers dans TEMP:
====================
2017-08-11 14:44 - 2017-04-28 02:53 - 000616048 _____ (Microsoft Corporation) C:\Users\D@Rk V@DoR\AppData\Local\Temp\kernel32.dll
2017-05-25 21:02 - 2017-04-28 02:53 - 000616048 _____ (Microsoft Corporation) C:\Users\Visiteurs\AppData\Local\Temp\kernel32.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe
[2017-07-12 23:26] - [2017-06-21 08:39] - 000673792 _____ (Microsoft Corporation) CB440E1C4EC9C369EC9DD07B48A83F36
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll
[2017-05-22 15:38] - [2017-04-28 01:41] - 000890368 _____ (Microsoft Corporation) 4A7015195E49A3BA7DB967B277B21E9D
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-11 15:55
==================== Fin de FRST.txt ============================
Exécuté par D@Rk V@DoR (administrateur) sur OULSIL-HP (17-08-2017 20:31:30)
Exécuté depuis C:\Users\D@Rk V@DoR\Desktop
Profils chargés: D@Rk V@DoR & (Profils disponibles: D@Rk V@DoR & Visiteurs & Administrateur)
Platform: Windows 10 Education Version 1607 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Edge)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(PacketVideo) C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe
() C:\Program Files (x86)\Serveur Media\twonkymediaserver.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(AuthenTec, Inc.) C:\Program Files\Common Files\AuthenTec\TrueService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(PacketVideo) C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
() C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TomTom) C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\HP SimplePass\DownloadAD.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\QHSafeMain.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\PromoUtil.exe
() C:\Program Files (x86)\360\Total Security\Utils\cef\cefutil.exe
() C:\Program Files (x86)\360\Total Security\Utils\cef\cefutil.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
==================== Registre (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954352 2016-04-29] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-01-30] (EasyBits Software AS)
HKLM-x32\...\Run: [HPOSD] => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Start_OrangeWifi_{9d78a505-6248-4d1b-81b6-df69655beccf}] => C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\OrangeWifi.exe [1944064 2014-03-26] ()
HKLM-x32\...\Run: [Start_Update_{9d78a505-6248-4d1b-81b6-df69655beccf}] => C:\Program Files (x86)\Orange\wifi d'Orange\{9d78a505-6248-4d1b-81b6-df69655beccf}\UpdteApp.exe [1013760 2014-03-26] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\iSkysoft\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [Facebook Update] => C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-24] (Facebook Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] ()
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\RunOnce: [Uninstall C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\...\MountPoints2: {a1afc37a-22e2-11e2-b6c6-08edb9ec7b40} - "H:\setup.exe"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [Facebook Update] => C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-24] (Facebook Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] ()
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\RunOnce: [Uninstall C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\...\MountPoints2: {a1afc37a-22e2-11e2-b6c6-08edb9ec7b40} - "H:\setup.exe"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [Facebook Update] => C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-12-24] (Facebook Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-05-09] (Apple Inc.)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [Orange Installer] => C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [476760 2015-01-19] ()
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23375200 2016-07-29] (Google)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\RunOnce: [Uninstall C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\D@Rk V@DoR\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\...\MountPoints2: {a1afc37a-22e2-11e2-b6c6-08edb9ec7b40} - "H:\setup.exe"
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194657205\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848842\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll -> Pas de fichier
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Agent Serveur Média.lnk [2015-07-05]
ShortcutTarget: Agent Serveur Média.lnk -> C:\Program Files (x86)\Serveur Media\twonkymediaserverconfig.exe (PacketVideo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-07-23]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.587\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk [2013-12-24]
ShortcutTarget: Facebook Messenger.lnk -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
Startup: C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk [2014-04-18]
ShortcutTarget: Microsoft SharePoint Workspace.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2015-02-13]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy: Restriction <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\..\Interfaces\{84fde5b7-d0f6-4c54-9210-176ac7cbfefe}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{c0866286-42a5-44eb-8253-f32057226c18}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://home.microsoft.com/access/allinone.asp
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://r.orange.fr/r/Oodc_IE_oi_v2?ref=O_OI_defaultPage_IE_odc
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/3
HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/3
SearchScopes: HKLM -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {06A57E7A-791F-4E1A-8770-92E7A4870DA5} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://fr.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/709-111075-12437-3/4?mpre=hxxp://www.ebay.fr/sch/i.html?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194654688 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194847522 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL =
SearchScopes: HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll => Pas de fichier
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-02-03] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => Pas de fichier
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll => Pas de fichier
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-02-03] (RealDownloader)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll [2007-02-16] (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => Pas de fichier
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> Pas de nom - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Pas de fichier
Toolbar: HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689 -> Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll Pas de fichier
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Handler: WSISVCUchrome - {78A543EB-3A61-4ED3 - Pas de fichier
FireFox:
========
FF ProfilePath: C:\Users\D@Rk V@DoR\AppData\Roaming\Mozilla\Firefox\Profiles\ywx9ci7g.default-1495658834282 [2017-08-17]
FF Extension: (Skype Click to Call) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF Extension: (TrueSuite Website Logon) - C:\Program Files (x86)\Mozilla Firefox\distribution\bundles\websitelogon@truesuite.com [2017-05-25] [non signé]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [ISVCU@iSkysoft.com] - C:\ProgramData\iSkysoft\Video Converter Ultimate\ISVCU@iSkysoft.com_xpi => non trouvé(e)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => non trouvé(e)
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @authentec.com/ffwloplugin -> C:\Program Files (x86)\HP SimplePass\npffwloplugin.dll [2012-08-10] ( HP)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-24] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2014-10-13] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-24] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000: facebook.com/fbDesktopPlugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127: facebook.com/fbDesktopPlugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689: facebook.com/fbDesktopPlugin -> C:\Users\D@Rk V@DoR\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [Pas de fichier]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2012-01-12] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-04-24] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-17] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-04-24] (RealPlayer Cloud)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.searchnu.com/406
CHR StartupUrls: Default -> "hxxp://www.searchnu.com/406","hxxp://start.iminent.com/?appId=79946ADA-0CC1-4481-A403-504ADDF284D7","hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=4415844BF576BCF7&affID=123706&tsp=5019","hxxp://websearch.calcitapp.info/","hxxp://www.search.ask.com/?o=APN10646A&gct=hp&d=102-0&v=a13350-377&t=4","hxxp://www.google.fr/"
CHR Profile: C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default [2017-08-17]
CHR Extension: (Google Slides) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-06-02]
CHR Extension: (Google Docs) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-06-02]
CHR Extension: (Google Drive) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-02]
CHR Extension: (Rapport) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-06-02]
CHR Extension: (YouTube) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-02]
CHR Extension: (Facebook) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2017-06-02]
CHR Extension: (Adobe Acrobat) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-02]
CHR Extension: (Website Logon) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fegekclkdhbnfdcmomlpegkkndgnmfmo [2017-06-02]
CHR Extension: (Google Sheets) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-06-02]
CHR Extension: (Kaspersky Protection) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-06-06]
CHR Extension: (Google Docs hors connexion) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-06-02]
CHR Extension: (360 Internet Protection) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-07-01]
CHR Extension: (Skype) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-06-02]
CHR Extension: (Vérificateur de messages Google) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2017-06-02]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-06-02]
CHR Extension: (Outlook.com) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2017-06-02]
CHR Extension: (Gmail) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-02]
CHR Extension: (Chrome Media Router) - C:\Users\D@Rk V@DoR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-02]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194650127\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194826689\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194656029\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1070654630-3046732460-455524295-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-08172017194848080\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fegekclkdhbnfdcmomlpegkkndgnmfmo] - C:\Program Files (x86)\HP SimplePass\tschrome.crx [2012-07-12]
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 AppIDSvc; C:\WINDOWS\System32\appidsvc.dll [124416 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 Appinfo; C:\WINDOWS\System32\appinfo.dll [125952 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 AppReadiness; C:\WINDOWS\system32\AppReadiness.dll [560128 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 AppXSvc; C:\WINDOWS\system32\appxdeploymentserver.dll [2279424 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 AudioEndpointBuilder; C:\WINDOWS\System32\AudioEndpointBuilder.dll [337920 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 Audiosrv; C:\WINDOWS\System32\Audiosrv.dll [942080 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2286848 2015-10-17] (Broadcom Corporation.)
S3 BDESVC; C:\WINDOWS\System32\bdesvc.dll [361472 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S2 BITS; C:\WINDOWS\System32\qmgr.dll [1054208 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 BrokerInfrastructure; C:\WINDOWS\System32\bisrv.dll [770560 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 bthserv; C:\WINDOWS\system32\bthserv.dll [157184 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S2 CDPSvc; C:\WINDOWS\System32\CDPSvc.dll [411648 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S2 CDPUserSvc; C:\WINDOWS\System32\CDPUserSvc.dll [339456 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S3 CertPropSvc; C:\WINDOWS\System32\certprop.dll [193536 2017-07-07] (Microsoft Corporation) [Fichier non signé]
R2 DcomLaunch; C:\WINDOWS\system32\rpcss.dll [890368 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 DeviceAssociationService; C:\WINDOWS\system32\das.dll [447488 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 DiagTrack; C:\WINDOWS\system32\diagtrack.dll [1984000 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 DmEnrollmentSvc; C:\WINDOWS\system32\Windows.Internal.Management.dll [407552 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 DmEnrollmentSvc; C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll [298496 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 Dnscache; C:\WINDOWS\System32\dnsrslvr.dll [264704 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S2 DoSvc; C:\WINDOWS\system32\dosvc.dll [1231872 2017-03-28] (Microsoft Corporation) [Fichier non signé]
S3 EntAppSvc; C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll [285696 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 EventLog; C:\WINDOWS\System32\wevtsvc.dll [1709056 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R3 FontCache; C:\WINDOWS\system32\FntCache.dll [1845248 2017-06-03] (Microsoft Corporation) [Fichier non signé]
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [1641320 2012-08-10] (HP)
S3 FrameServer; C:\WINDOWS\system32\FrameServer.dll [805888 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S2 gpsvc; C:\WINDOWS\System32\gpsvc.dll [1227264 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 HomeGroupListener; C:\WINDOWS\system32\ListSvc.dll [274432 2016-11-02] (Microsoft Corporation) [Fichier non signé]
S3 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26168 2015-12-20] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [330136 2015-10-19] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2013-06-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 LanmanWorkstation; C:\WINDOWS\System32\wkssvc.dll [283648 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R3 LicenseManager; C:\WINDOWS\system32\LicenseManagerSvc.dll [26112 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 LSM; C:\WINDOWS\System32\lsm.dll [691712 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S3 MapsBroker; C:\WINDOWS\System32\moshost.dll [82944 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.587\McCHSvc.exe [404376 2017-06-30] (McAfee, Inc.)
S3 NetSetupSvc; C:\WINDOWS\System32\NetSetupSvc.dll [266752 2017-06-03] (Microsoft Corporation) [Fichier non signé]
R3 NgcCtnrSvc; C:\WINDOWS\System32\NgcCtnrSvc.dll [331264 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 NgcSvc; C:\WINDOWS\system32\ngcsvc.dll [983040 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 NlaSvc; C:\WINDOWS\System32\nlasvc.dll [368640 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S2 Orange update Core Service; C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe [734432 2017-08-07] (Orange SA)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Fichier non signé]
S3 PhoneSvc; C:\WINDOWS\System32\PhoneService.dll [781824 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 PimIndexMaintenanceSvc; C:\WINDOWS\System32\PimIndexMaintenance.dll [203264 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 PrintNotify; C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll [3318784 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 ProfSvc; C:\WINDOWS\system32\profsvc.dll [358400 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-11] (QIHU 360 SOFTWARE CO. LIMITED)
R2 RasMan; C:\WINDOWS\System32\rasmans.dll [657920 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S4 RemoteAccess; C:\WINDOWS\System32\mprdim.dll [496128 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S4 RemoteAccess; C:\WINDOWS\SysWOW64\mprdim.dll [431104 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 RetailDemo; C:\WINDOWS\system32\RDXService.dll [650752 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 RmSvc; C:\WINDOWS\System32\RMapi.dll [140800 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 RpcSs; C:\WINDOWS\system32\rpcss.dll [890368 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [201728 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 SCPolicySvc; C:\WINDOWS\System32\certprop.dll [193536 2017-07-07] (Microsoft Corporation) [Fichier non signé]
R2 SENS; C:\WINDOWS\System32\sens.dll [70656 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-10-15] (Microsoft Corporation)
S3 SensorDataService; C:\WINDOWS\System32\SensorDataService.exe [1312768 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 SensorService; C:\WINDOWS\system32\SensorService.dll [417792 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 Serveur Média; C:\Program Files (x86)\Serveur Media\twonkymediaserverwatchdog.exe [501336 2010-12-14] (PacketVideo)
S3 SessionEnv; C:\WINDOWS\system32\sessenv.dll [387072 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 SharedAccess; C:\WINDOWS\System32\ipnathlp.dll [541696 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 SNMPTRAP; C:\WINDOWS\System32\snmptrap.exe [15872 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 Spooler; C:\WINDOWS\System32\spoolsv.exe [792576 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-06-23] (IDT, Inc.) [Fichier non signé]
R3 StateRepository; C:\WINDOWS\system32\windows.staterepository.dll [4136448 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 stisvc; C:\WINDOWS\System32\wiaservc.dll [646656 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 StorSvc; C:\WINDOWS\system32\storsvc.dll [396800 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [253960 2016-04-29] (Synaptics Incorporated)
R2 tiledatamodelsvc; C:\WINDOWS\system32\tileobjserver.dll [574976 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [401256 2012-07-16] (AuthenTec, Inc.)
S3 TrustedInstaller; C:\WINDOWS\servicing\TrustedInstaller.exe [122880 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S4 tzautoupdate; C:\WINDOWS\system32\tzautoupdate.dll [95232 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 UnistoreSvc; C:\WINDOWS\System32\unistore.dll [1184256 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 UnistoreSvc; C:\WINDOWS\SysWOW64\unistore.dll [968704 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 UserDataSvc; C:\WINDOWS\System32\userdataservice.dll [1512448 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R2 UserManager; C:\WINDOWS\System32\usermgr.dll [1021440 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 UsoSvc; C:\WINDOWS\system32\usocore.dll [548864 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 vds; C:\WINDOWS\System32\vds.exe [649216 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 vmicguestinterface; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicheartbeat; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmickvpexchange; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicrdv; C:\WINDOWS\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 vmicshutdown; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmictimesync; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicvmsession; C:\WINDOWS\System32\icsvc.dll [305152 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 vmicvss; C:\WINDOWS\System32\icsvcext.dll [349696 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R3 VSS; C:\WINDOWS\system32\vssvc.exe [1443328 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 W32Time; C:\WINDOWS\system32\w32time.dll [520192 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 wbengine; C:\WINDOWS\system32\wbengine.exe [1547264 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 WbioSrvc; C:\WINDOWS\System32\wbiosrvc.dll [837632 2016-12-14] (Microsoft Corporation) [Fichier non signé]
R2 Wcmsvc; C:\WINDOWS\System32\wcmsvc.dll [715776 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
R3 WinHttpAutoProxySvc; C:\WINDOWS\system32\winhttp.dll [818176 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 WinRM; C:\WINDOWS\system32\WsmSvc.dll [2716672 2016-11-11] (Microsoft Corporation) [Fichier non signé]
S3 wisvc; C:\WINDOWS\system32\flightsettings.dll [635904 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R2 WlanSvc; C:\WINDOWS\System32\wlansvc.dll [2370048 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 wlidsvc; C:\WINDOWS\system32\wlidsvc.dll [2104320 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1184256 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1837056 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 WPDBusEnum; C:\WINDOWS\system32\wpdbusenum.dll [87552 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 wscsvc; C:\WINDOWS\System32\wscsvc.dll [184832 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R2 WSearch; C:\WINDOWS\system32\SearchIndexer.exe [903680 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R2 WSearch; C:\WINDOWS\SysWOW64\SearchIndexer.exe [773120 2017-06-21] (Microsoft Corporation) [Fichier non signé]
R3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [2318848 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 WwanSvc; C:\WINDOWS\System32\wwansvc.dll [1282048 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 XblAuthManager; C:\WINDOWS\System32\XblAuthManager.dll [1016320 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 XblGameSave; C:\WINDOWS\System32\XblGameSave.dll [1159680 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 XboxNetApiSvc; C:\WINDOWS\system32\XboxNetApiSvc.dll [1025536 2017-03-04] (Microsoft Corporation) [Fichier non signé]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [183800 2017-07-10] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2017-07-10] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-08-11] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-08-11] (360.cn)
R1 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57848 2017-07-10] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [432120 2017-07-10] (360.cn)
R1 ahcache; C:\WINDOWS\System32\DRIVERS\ahcache.sys [227328 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [199160 2017-07-10] (360.cn)
R1 BasicDisplay; C:\WINDOWS\System32\drivers\BasicDisplay.sys [56320 2017-03-28] (Microsoft Corporation) [Fichier non signé]
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [41472 2017-06-03] (Microsoft Corporation) [Fichier non signé]
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208176 2015-10-17] (Broadcom Corporation.)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [6831688 2013-06-09] (Broadcom Corporation)
S3 bcmbusctr; C:\WINDOWS\System32\drivers\BcmBusCtr_64.sys [62976 2010-01-30] (Beceem communications pvt ltd.)
R3 bowser; C:\WINDOWS\System32\DRIVERS\bowser.sys [101888 2016-11-02] (Microsoft Corporation) [Fichier non signé]
S3 BthA2DP; C:\WINDOWS\system32\drivers\BthA2DP.sys [168448 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 BthEnum; C:\WINDOWS\System32\drivers\BthEnum.sys [114176 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 BthLEEnum; C:\WINDOWS\System32\drivers\BthLEEnum.sys [249856 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 BthPan; C:\WINDOWS\System32\drivers\bthpan.sys [128512 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 BTHPORT; C:\WINDOWS\System32\drivers\BTHport.sys [967680 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 BTHUSB; C:\WINDOWS\System32\drivers\BTHUSB.sys [84992 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 BTWDPAN; C:\WINDOWS\System32\DRIVERS\btwdpan.sys [89640 2012-02-02] (Broadcom Corporation.)
S3 buttonconverter; C:\WINDOWS\System32\drivers\buttonconverter.sys [38912 2016-07-16] (Microsoft Corporation) [Fichier non signé]
S3 CapImg; C:\WINDOWS\System32\drivers\capimg.sys [118272 2016-09-10] (Microsoft Corporation) [Fichier non signé]
R1 CSC; C:\WINDOWS\System32\drivers\csc.sys [552960 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R1 Dfsc; C:\WINDOWS\System32\Drivers\dfsc.sys [144896 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-17] (Samsung Electronics Co., Ltd.)
S3 HidBth; C:\WINDOWS\System32\drivers\hidbth.sys [108032 2016-07-16] (Microsoft Corporation) [Fichier non signé]
S3 hidi2c; C:\WINDOWS\System32\drivers\hidi2c.sys [51200 2016-07-16] (Microsoft Corporation) [Fichier non signé]
S3 HidUsb; C:\WINDOWS\System32\drivers\hidusb.sys [38400 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) [Fichier non signé]
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2013-06-09] (Intel Corporation)
S3 kbdhid; C:\WINDOWS\System32\drivers\kbdhid.sys [39424 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-08-17] (Malwarebytes)
S3 Modem; C:\WINDOWS\System32\drivers\modem.sys [42496 2016-11-11] (Microsoft Corporation) [Fichier non signé]
R1 MpKsldbcbc0cb; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6AA234D9-4FA1-4B32-AD40-29DCB6C625F5}\MpKsldbcbc0cb.sys [44928 2017-07-23] (Microsoft Corporation)
S3 MRxDAV; C:\WINDOWS\system32\drivers\mrxdav.sys [143872 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R2 mrxsmb10; C:\WINDOWS\System32\DRIVERS\mrxsmb10.sys [282624 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 MsBridge; C:\WINDOWS\System32\drivers\bridge.sys [115200 2017-07-07] (Microsoft Corporation) [Fichier non signé]
S3 MSKSSRV; C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys [27136 2017-03-04] (Microsoft Corporation) [Fichier non signé]
R3 NativeWifiP; C:\WINDOWS\System32\DRIVERS\nwifi.sys [535552 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S1 RapportCerberus_1507079; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507079.sys [961880 2015-12-12] (IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [514336 2016-02-01] (IBM Corp.)
S0 RapportHades64; C:\WINDOWS\System32\Drivers\RapportHades64.sys [152320 2016-02-01] (IBM Corp.)
S3 RapportKE64; C:\WINDOWS\System32\Drivers\RapportKE64.sys [407168 2016-02-01] (IBM Corp.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [507424 2016-02-01] (IBM Corp.)
R3 RasPppoe; C:\WINDOWS\System32\DRIVERS\raspppoe.sys [81408 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 scmdisk0101; C:\WINDOWS\System32\drivers\scmdisk0101.sys [124928 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver.sys [21264 2012-03-02] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-29] (Synaptics Incorporated)
R2 srv; C:\WINDOWS\System32\DRIVERS\srv.sys [409600 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 srv2; C:\WINDOWS\System32\DRIVERS\srv2.sys [713216 2017-04-28] (Microsoft Corporation) [Fichier non signé]
R3 srvnet; C:\WINDOWS\System32\DRIVERS\srvnet.sys [248320 2016-10-15] (Microsoft Corporation) [Fichier non signé]
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-17] (Samsung Electronics Co., Ltd.)
R2 tcpipreg; C:\WINDOWS\System32\drivers\tcpipreg.sys [52224 2017-07-07] (Microsoft Corporation) [Fichier non signé]
R3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2016-07-16] (Microsoft Corporation)
R3 usbvideo; C:\WINDOWS\System32\Drivers\usbvideo.sys [226816 2016-10-15] (Microsoft Corporation) [Fichier non signé]
R3 vwifimp; C:\WINDOWS\System32\drivers\vwifimp.sys [40448 2017-04-28] (Microsoft Corporation) [Fichier non signé]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdiwifi; C:\WINDOWS\System32\DRIVERS\wdiwifi.sys [719872 2017-06-21] (Microsoft Corporation) [Fichier non signé]
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S3 xboxgip; C:\WINDOWS\System32\drivers\xboxgip.sys [258560 2017-03-04] (Microsoft Corporation) [Fichier non signé]
S3 XHCIPort; C:\WINDOWS\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)
S3 xinputhid; C:\WINDOWS\System32\drivers\xinputhid.sys [43520 2016-10-15] (Microsoft Corporation) [Fichier non signé]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-17 20:31 - 2017-08-17 20:33 - 000069515 _____ C:\Users\D@Rk V@DoR\Desktop\FRST.txt
2017-08-17 20:30 - 2017-08-17 20:31 - 000000000 ____D C:\FRST
2017-08-17 20:21 - 2017-08-17 20:22 - 002395648 _____ (Farbar) C:\Users\D@Rk V@DoR\Desktop\FRST64.exe
2017-08-17 19:52 - 2017-08-17 19:59 - 072497768 _____ C:\Users\D@Rk V@DoR\Desktop\360TS_Setup.exe
2017-08-17 19:46 - 2017-08-17 19:52 - 001477032 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\D@Rk V@DoR\Desktop\360TS_Setup_Mini.exe
2017-08-11 14:37 - 2017-08-11 14:37 - 000355656 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-08-05 08:41 - 2017-08-05 08:41 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1070654630-3046732460-455524295-1000
2017-07-23 13:51 - 2017-08-17 20:13 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\LocalLow\360WD
2017-07-23 13:51 - 2017-08-05 08:52 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Roaming\360safe
2017-07-23 13:51 - 2017-07-23 13:51 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Roaming\360TotalSecurity
2017-07-23 13:51 - 2017-07-23 13:51 - 000000000 ____D C:\ProgramData\360TotalSecurity
2017-07-23 13:51 - 2017-07-23 13:51 - 000000000 ____D C:\ProgramData\360safe
2017-07-23 13:51 - 2017-07-10 10:44 - 000432120 _____ (360.cn) C:\WINDOWS\system32\Drivers\360FsFlt.sys
2017-07-23 13:50 - 2017-08-17 20:01 - 000001232 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2017-07-23 13:50 - 2017-08-17 20:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2017-07-23 13:50 - 2017-08-11 11:41 - 000339456 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys
2017-07-23 13:50 - 2017-08-05 08:18 - 000000000 _RSHD C:\360SANDBOX
2017-07-23 13:50 - 2017-07-23 13:50 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Centre 360 Security
2017-07-23 13:50 - 2017-07-10 10:44 - 000339456 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Box64.sys.343
2017-07-23 13:50 - 2017-07-10 10:44 - 000199160 _____ (360.cn) C:\WINDOWS\system32\Drivers\BAPIDRV64.sys
2017-07-23 13:50 - 2017-07-10 10:44 - 000183800 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2017-07-23 13:50 - 2017-07-10 10:44 - 000095232 _____ (360.cn) C:\WINDOWS\system32\Drivers\360AvFlt.sys
2017-07-23 13:50 - 2017-07-10 10:44 - 000057848 _____ (360.cn) C:\WINDOWS\system32\Drivers\360Camera64.sys
2017-07-23 13:42 - 2017-07-23 13:42 - 000002019 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-07-23 13:42 - 2017-07-23 13:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-07-23 13:41 - 2017-07-23 13:41 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2017-07-23 13:30 - 2017-07-31 17:14 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-07-23 13:30 - 2017-07-31 17:14 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-08-17 20:29 - 2012-10-27 04:51 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\LocalLow\AuthenTec
2017-08-17 20:25 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-08-17 20:24 - 2016-07-16 13:47 - 000000000 ___HD C:\Program Files\WindowsApps
2017-08-17 20:22 - 2017-05-25 20:49 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\LocalLow\Mozilla
2017-08-17 20:11 - 2016-07-16 13:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-08-17 20:00 - 2017-06-06 19:46 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2017-08-17 19:59 - 2015-07-05 07:57 - 000000000 ____D C:\ProgramData\Serveur Média
2017-08-17 19:49 - 2015-06-28 18:33 - 000002583 _____ C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange Adventurer.lnk
2017-08-17 19:49 - 2015-06-28 18:33 - 000000000 ____D C:\Users\D@Rk V@DoR\AppData\Local\Adventurer
2017-08-17 19:46 - 2016-07-17 00:48 - 002604060 _____ C:\WINDOWS\system32\perfh00C.dat
2017-08-17 19:46 - 2016-07-17 00:48 - 000701484 _____ C:\WINDOWS\system32\perfc00C.dat
2017-08-17 19:46 - 2015-10-03 18:23 - 005381566 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-08-17 19:44 - 2012-11-22 11:40 - 000001426 _____ C:\WINDOWS\wininit.ini
2017-08-17 19:43 - 2015-02-26 01:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orange
2017-08-17 19:40 - 2014-06-09 08:26 - 000000000 __SHD C:\Users\D@Rk V@DoR\IntelGraphicsProfiles
2017-08-17 19:39 - 2017-07-01 12:27 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-08-17 19:39 - 2016-10-15 20:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-08-17 19:39 - 2016-10-15 19:37 - 000000000 ____D C:\Users\D@Rk V@DoR
2017-08-17 19:39 - 2016-10-15 19:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-08-17 19:39 - 2015-07-05 07:57 - 000000000 ____D C:\Program Files (x86)\Serveur Media
2017-08-11 15:41 - 2013-07-13 13:52 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-08-11 15:22 - 2012-10-27 07:37 - 140394280 ____C C:\WINDOWS\system32\MRT.exe
2017-08-11 11:41 - 2015-10-30 23:58 - 000095232 _____ (360.cn) C:\WINDOWS\SysWOW64\Drivers\360AvFlt.sys
2017-08-05 09:00 - 2017-07-02 17:18 - 000000000 ___HD C:\$WINDOWS.~BT
2017-08-05 09:00 - 2016-10-15 20:28 - 000000000 ___DC C:\WINDOWS\Panther
2017-08-05 08:43 - 2013-04-17 00:59 - 000000000 __RDO C:\Users\D@Rk V@DoR\SkyDrive
2017-08-05 08:41 - 2015-10-03 19:52 - 000002432 _____ C:\Users\D@Rk V@DoR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-08-05 08:30 - 2009-07-14 04:34 - 000000478 _____ C:\WINDOWS\win.ini
2017-07-23 14:26 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\rescache
2017-07-23 13:47 - 2015-10-04 21:57 - 000000000 ____D C:\Program Files (x86)\360
2017-07-23 13:42 - 2015-11-08 21:44 - 000000000 ____D C:\Program Files\McAfee Security Scan
2017-07-23 13:39 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-23 13:38 - 2012-11-01 12:22 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-07-23 13:27 - 2016-07-16 13:45 - 000000000 ____D C:\WINDOWS\INF
2017-07-23 13:26 - 2016-07-16 08:04 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-23 13:23 - 2016-07-16 13:47 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
==================== Fichiers à la racine de certains dossiers =======
2013-12-15 01:07 - 2013-12-15 01:07 - 000003478 _____ () C:\Users\D@Rk V@DoR\AppData\Roaming\temp8916.txt
2013-07-08 01:28 - 2015-03-31 23:08 - 000005632 _____ () C:\Users\D@Rk V@DoR\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-02 08:33 - 2012-11-02 08:33 - 000000017 _____ () C:\Users\D@Rk V@DoR\AppData\Local\resmon.resmoncfg
2015-07-05 07:47 - 2015-07-05 07:47 - 009276713 _____ () C:\Users\D@Rk V@DoR\AppData\Local\SelfExtractible.zip
2012-11-28 03:20 - 2012-11-28 03:24 - 000008544 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20121128.022020.txt
2013-01-17 00:07 - 2013-01-17 00:08 - 000008854 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20130116.230747.txt
2013-01-17 04:07 - 2013-01-17 04:08 - 000008839 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20130117.030713.txt
2013-01-26 01:52 - 2013-01-26 01:55 - 000008854 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20130126.005212.txt
2015-04-26 22:57 - 2015-04-26 23:01 - 000017511 _____ () C:\Users\D@Rk V@DoR\AppData\Local\WiDiSetupLog.20150426.225755.txt
2015-11-15 20:10 - 2015-11-15 20:10 - 000000011 _____ () C:\ProgramData\.tv5
2015-09-20 20:09 - 2015-09-20 20:09 - 000000057 _____ () C:\ProgramData\Ament.ini
2013-11-30 20:00 - 2013-11-30 20:00 - 000002763 _____ () C:\ProgramData\connector.swf
2013-12-24 15:34 - 2013-12-24 15:34 - 000000086 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Certains fichiers dans TEMP:
====================
2017-08-11 14:44 - 2017-04-28 02:53 - 000616048 _____ (Microsoft Corporation) C:\Users\D@Rk V@DoR\AppData\Local\Temp\kernel32.dll
2017-05-25 21:02 - 2017-04-28 02:53 - 000616048 _____ (Microsoft Corporation) C:\Users\Visiteurs\AppData\Local\Temp\kernel32.dll
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\WINDOWS\system32\winlogon.exe
[2017-07-12 23:26] - [2017-06-21 08:39] - 000673792 _____ (Microsoft Corporation) CB440E1C4EC9C369EC9DD07B48A83F36
C:\WINDOWS\system32\wininit.exe => Le fichier est signé numériquement
C:\WINDOWS\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\services.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\WINDOWS\system32\rpcss.dll
[2017-05-22 15:38] - [2017-04-28 01:41] - 000890368 _____ (Microsoft Corporation) 4A7015195E49A3BA7DB967B277B21E9D
C:\WINDOWS\system32\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\WINDOWS\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-08-11 15:55
==================== Fin de FRST.txt ============================