Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Exécuté par moris_000 (administrateur) sur SADDAM (06-06-2018 20:57:54)
Exécuté depuis C:\Users\moris_000\Desktop
Profils chargés: moris_000 (Profils disponibles: moris_000)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE
(Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Application) C:\Program Files (x86)\KLM\KLM.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-17] (AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\KLM\KLM.exe [1571128 2015-09-04] (Application)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [151224 2017-11-23] (Panda Security, S.L.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3200800 2018-06-01] (Valve Corporation)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964576 2017-11-03] (SUPERAntiSpyware)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4005944 2017-03-28] (Tonec Inc.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Spotify] => C:\Users\moris_000\AppData\Roaming\Spotify\Spotify.exe [23177616 2018-06-05] (Spotify Ltd)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Discord] => C:\Users\moris_000\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Spotify Web Helper] => C:\Users\moris_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-06-05] (Spotify Ltd)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\MountPoints2: {60e4aa84-1beb-11e7-8279-6c71d9874e96} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Stardock\DeskScapes8\Deskscapes.scr
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{5DE57D0A-E02E-47C0-9EBB-1DF597C905DA}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{62758444-B3D8-4FBD-86CC-A30FC25BE347}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{A42F5A15-AEDA-4BD0-9ACE-445B2F1A60A9}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1921062124-2300237418-187480937-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1921062124-2300237418-187480937-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-05-17] (AVAST Software)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-17] (AVAST Software)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2017-03-24] [Legacy] [non signé]
FF HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\moris_000\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\moris_000\AppData\Roaming\IDM\idmmzcc5 [2017-08-10] [Legacy] [non signé]
FF HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://10.20.255.254:12080/cgi-bin/zscp?Section=CPAuth&Action=Show&ZSCPRedirect=support.google.com:::hxxp://support.google.com/chrome/bin/answer.py%3fanswer=95589"
CHR Profile: C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default [2018-06-06]
CHR Extension: (Slides) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-17]
CHR Extension: (YouTube) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-17]
CHR Extension: (Adblock Plus) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-18]
CHR Extension: (Adobe Acrobat) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-22]
CHR Extension: (Avast SafePrice) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-06]
CHR Extension: (Sheets) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Heroes & Generals) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2016-12-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-17]
CHR Extension: (AdBlock) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-30]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2018-01-12]
CHR Extension: (Save to Facebook) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-02-23]
CHR Extension: (Easy ToDo) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\keecndolgpjgiiebjongnckoendfjnol [2017-01-17]
CHR Extension: (Album & Photo Manager Pour Facebook) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgiedegfmekolcplboelnmfoiefpcpfg [2018-01-27]
CHR Extension: (IDM Integration Module) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-05-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Facebook Stylist) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhikcfgfncdkibkdglohjoceajhokkm [2017-11-14]
CHR Extension: (Gmail) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-03-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-03-28]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-08-28] (SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-17] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-02-08] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-06-24] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-02-06] (Futuremark)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [Fichier non signé]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2018-03-18] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2018-03-18] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2017-10-18] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aftap0901; C:\Windows\system32\DRIVERS\aftap0901.sys [49632 2017-11-21] (The OpenVPN Project)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [70368 2016-02-10] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-05-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-13] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-13] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-13] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-13] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [234560 2018-05-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-05-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159120 2018-05-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111360 2018-05-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-05-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-05-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-05-17] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-05-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381552 2018-05-17] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4307192 2016-02-14] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102400 2016-02-26] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 KillerEth; C:\Windows\system32\DRIVERS\e2xw8x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [107848 2017-10-05] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2017-10-05] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [121232 2017-10-05] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126352 2017-10-05] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [117624 2017-10-05] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [91392 2017-10-05] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2017-10-05] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [337008 2017-10-19] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [249976 2017-10-19] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2017-10-05] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [281912 2017-10-05] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [125840 2017-10-05] (Panda Security, S.L.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [14604 2003-11-07] (Padus, Inc.) [Fichier non signé]
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [190552 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [154168 2017-11-06] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [207728 2017-11-06] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146976 2017-11-06] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [159312 2017-11-06] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [129448 2017-11-06] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-06-06 20:57 - 2018-06-06 20:58 - 000028734 _____ C:\Users\moris_000\Desktop\FRST.txt
2018-06-06 20:57 - 2018-06-06 20:57 - 000000000 ____D C:\FRST
2018-06-06 20:56 - 2018-06-06 20:56 - 002413056 _____ (Farbar) C:\Users\moris_000\Desktop\FRST64.exe
2018-06-06 13:26 - 2018-06-06 13:26 - 000226527 _____ C:\Users\moris_000\Desktop\ZHPDiag.txt
2018-06-06 13:20 - 2018-06-06 13:20 - 000000868 _____ C:\Users\moris_000\Desktop\ZHPDiag.lnk
2018-06-06 12:48 - 2018-06-06 12:48 - 000007600 _____ C:\Users\moris_000\AppData\Local\Resmon.ResmonCfg
2018-06-06 12:19 - 2018-06-06 12:19 - 000000000 ____D C:\Users\moris_000\AppData\Local\Futuremark
2018-06-06 12:14 - 2018-06-06 12:41 - 000000000 ____D C:\Users\moris_000\Documents\3DMark
2018-06-06 12:14 - 2018-06-06 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2018-06-06 12:14 - 2018-06-06 12:14 - 000000000 ____D C:\Users\moris_000\.oracle_jre_usage
2018-06-06 12:14 - 2018-06-06 12:14 - 000000000 ____D C:\ProgramData\Futuremark
2018-06-06 12:14 - 2018-06-06 12:14 - 000000000 ____D C:\Program Files\Futuremark
2018-06-06 12:13 - 2018-06-06 12:13 - 000000000 ____D C:\Program Files (x86)\Futuremark
2018-06-06 12:01 - 2017-05-22 12:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2018-06-06 11:57 - 2018-06-06 12:00 - 000011485 _____ C:\Users\moris_000\Desktop\ZHPCleaner.txt
2018-06-06 11:39 - 2018-06-06 13:26 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\ZHP
2018-06-06 11:39 - 2018-06-06 11:49 - 000000878 _____ C:\Users\moris_000\Desktop\ZHPCleaner.lnk
2018-06-06 11:38 - 2018-06-06 13:20 - 000000000 ____D C:\Users\moris_000\AppData\Local\ZHP
2018-06-06 11:38 - 2018-06-06 12:11 - 000000000 ____D C:\Users\moris_000\Desktop\3dmark
2018-06-06 11:37 - 2018-06-06 11:40 - 000000000 ____D C:\AdwCleaner
2018-06-06 01:48 - 2018-06-06 12:55 - 000004238 _____ C:\Windows\System32\Tasks\AMD Updater
2018-06-06 01:47 - 2018-06-06 02:03 - 000000000 ____D C:\Users\moris_000\AppData\Local\AMD
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\Program Files (x86)\AMD
2018-06-06 01:46 - 2018-06-06 01:46 - 000000000 _____ C:\Windows\ativpsrm.bin
2018-06-06 01:46 - 2016-02-10 02:47 - 000070368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2018-06-06 01:40 - 2018-06-06 01:45 - 000000000 ____D C:\Windows\LastGood
2018-06-06 01:40 - 2018-06-06 01:40 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-06-06 01:35 - 2018-06-06 01:46 - 000000000 ____D C:\Program Files\AMD
2018-06-06 01:00 - 2018-06-06 01:01 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-06-06 00:44 - 2018-06-06 00:52 - 327960384 _____ (AMD Inc.) C:\Users\moris_000\Downloads\Radeon-Crimson-15.12-NI-EG-64Bit-With-DOTNet45-Win10-Win8.1-Win7-videocardz.com
2018-06-06 00:40 - 2018-06-06 00:41 - 000000000 ____D C:\Users\moris_000\Desktop\DDU v17.0.8.6
2018-06-06 00:40 - 2018-05-04 08:36 - 001202688 _____ (Igor Pavlov) C:\Users\moris_000\Desktop\DDU v17.0.8.6.exe
2018-06-06 00:40 - 2015-09-05 02:03 - 000000000 ____D C:\Users\moris_000\Desktop\Guru3D.com
2018-06-05 16:22 - 2018-06-05 16:22 - 000001869 _____ C:\Users\moris_000\Desktop\Spotify.lnk
2018-06-01 16:48 - 2018-06-01 16:48 - 000036854 _____ C:\Users\moris_000\Desktop\Adobe Premiere Pro_2018-06-01_164838_SADDAM.crash
2018-05-22 19:55 - 2018-05-22 19:58 - 067170164 _____ C:\Users\moris_000\Downloads\oxy_iptv-release.apk
2018-05-18 13:33 - 2018-06-01 16:48 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\Adobe
2018-05-18 13:33 - 2018-05-18 13:33 - 000000000 ____D C:\Users\moris_000\AppData\Local\Adobe
2018-05-18 13:33 - 2018-05-18 13:33 - 000000000 ____D C:\ProgramData\Adobe
2018-05-17 18:57 - 2018-05-17 18:57 - 000000015 _____ C:\Users\moris_000\AppData\Local\X-Plane_drm_11.prf
2018-05-17 18:53 - 2018-05-17 18:53 - 000000036 _____ C:\Users\moris_000\AppData\Local\x-plane_install_11.txt
2018-05-17 18:33 - 2018-05-17 18:53 - 000000000 ____D C:\Program Files (x86)\X-Plane 11
2018-05-17 13:57 - 2018-05-17 13:57 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-09 11:39 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 11:39 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 11:38 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 11:38 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 11:38 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 11:38 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 11:38 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 11:38 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 11:38 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 11:38 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 11:38 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 11:38 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 11:38 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 11:38 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 11:38 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 11:38 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 11:38 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 11:38 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 11:38 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 11:38 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 11:38 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 11:38 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 11:38 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 11:38 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 11:38 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 11:38 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 11:38 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 11:38 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 11:38 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 11:38 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 11:38 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 11:38 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 11:38 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 11:38 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 11:38 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 11:38 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 11:38 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 11:38 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 11:38 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 11:38 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 11:38 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 11:38 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 11:38 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 11:38 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 11:38 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 11:38 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 11:38 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 11:38 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 11:38 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 11:38 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 11:38 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 11:38 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 11:38 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 11:38 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 11:38 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 11:38 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 11:38 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 11:38 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 11:38 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 11:38 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 11:38 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 11:38 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 11:38 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 11:38 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 11:38 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 11:38 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 11:38 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 11:38 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 11:38 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 11:38 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 11:38 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 11:38 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 11:38 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 11:38 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 11:38 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 11:38 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 11:38 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 11:38 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 11:38 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 11:38 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 11:38 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 11:38 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 11:38 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-06-06 20:57 - 2016-12-17 06:33 - 000000000 ____D C:\Program Files (x86)\Steam
2018-06-06 20:57 - 2016-12-17 06:32 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\DMCache
2018-06-06 20:54 - 2016-12-17 06:15 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1921062124-2300237418-187480937-1001
2018-06-06 20:51 - 2016-12-17 06:15 - 000000000 __RDO C:\Users\moris_000\OneDrive
2018-06-06 20:50 - 2016-12-17 07:19 - 000000000 ____D C:\Users\moris_000\AppData\Local\ClassicShell
2018-06-06 20:49 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-06 13:43 - 2016-12-17 07:46 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-06-06 13:43 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-06 13:20 - 2017-01-31 03:01 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\IDM
2018-06-06 13:10 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-06-06 12:55 - 2018-01-31 19:52 - 000003462 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-morisquo@hotmail.fr
2018-06-06 12:55 - 2018-01-04 16:15 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-06-06 12:55 - 2017-05-22 23:25 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-06-06 12:55 - 2016-12-17 06:39 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-06-06 12:55 - 2016-12-17 06:29 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-06 12:55 - 2016-12-17 06:29 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-06 12:55 - 2016-12-17 06:23 - 000003944 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CB69124A-D8F7-4A13-8C58-FB99020927BD}
2018-06-06 12:43 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-06 12:20 - 2016-12-17 06:22 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-06 12:14 - 2016-12-17 06:09 - 000000000 ____D C:\Users\moris_000
2018-06-06 11:51 - 2017-01-04 15:18 - 000000000 ____D C:\Windows\Minidump
2018-06-06 11:51 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-06-06 11:35 - 2016-12-17 06:32 - 000000000 ____D C:\Users\moris_000\Downloads\Compressed
2018-06-06 01:37 - 2016-12-17 06:22 - 000000000 ____D C:\AMD
2018-06-05 16:36 - 2017-11-02 01:26 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\Spotify
2018-06-05 16:23 - 2017-11-02 01:28 - 000000000 ____D C:\Users\moris_000\AppData\Local\Spotify
2018-06-05 16:22 - 2017-11-02 01:28 - 000001855 _____ C:\Users\moris_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2018-05-31 19:11 - 2017-12-28 01:24 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\discord
2018-05-28 19:15 - 2018-03-18 13:17 - 000000000 ____D C:\Users\moris_000\AppData\LocalLow\Heroes and Generals
2018-05-22 20:13 - 2014-11-21 00:46 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-22 20:13 - 2014-11-21 00:03 - 000806842 _____ C:\Windows\system32\perfh00C.dat
2018-05-22 20:13 - 2014-11-21 00:03 - 000156662 _____ C:\Windows\system32\perfc00C.dat
2018-05-17 18:33 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-17 14:02 - 2018-01-04 16:15 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-05-17 13:57 - 2018-01-04 16:14 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-17 09:57 - 2016-12-17 06:30 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-11 11:44 - 2013-08-22 16:44 - 005044168 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-10 23:46 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-10 19:54 - 2017-01-07 04:05 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\vlc
2018-05-09 13:12 - 2017-01-03 21:08 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 12:44 - 2017-10-10 20:50 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 12:44 - 2017-01-03 21:08 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers =======
2017-05-02 19:11 - 2018-02-05 23:54 - 000000132 _____ () C:\Users\moris_000\AppData\Roaming\Préfs Format PNG Adobe CS6
2017-01-07 02:34 - 2018-01-03 01:26 - 000000540 _____ () C:\Users\moris_000\AppData\Roaming\WB.CFG
2017-12-21 01:26 - 2017-12-21 01:26 - 000000052 _____ () C:\Users\moris_000\AppData\Local\a3tmf8yrkd
2017-12-11 23:22 - 2017-12-12 23:26 - 000000052 _____ () C:\Users\moris_000\AppData\Local\MFyxwvutsr
2018-06-06 12:48 - 2018-06-06 12:48 - 000007600 _____ () C:\Users\moris_000\AppData\Local\Resmon.ResmonCfg
2018-05-17 18:57 - 2018-05-17 18:57 - 000000015 _____ () C:\Users\moris_000\AppData\Local\X-Plane_drm_11.prf
2018-05-17 18:53 - 2018-05-17 18:53 - 000000036 _____ () C:\Users\moris_000\AppData\Local\x-plane_install_11.txt
2018-01-04 17:55 - 2018-01-04 17:55 - 000000000 _____ () C:\Users\moris_000\AppData\Local\{030A0A78-175B-42F8-8631-63174D697E3D}
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-06-04 17:01
==================== Fin de FRST.txt ============================
Exécuté par moris_000 (administrateur) sur SADDAM (06-06-2018 20:57:54)
Exécuté depuis C:\Users\moris_000\Desktop
Profils chargés: moris_000 (Profils disponibles: moris_000)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.EXE
(Micro-Star International Co., Ltd.) C:\Windows\SysWOW64\MSIService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Application) C:\Program Files (x86)\KLM\KLM.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-17] (AVAST Software)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4926664 2016-02-26] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [KLM] => C:\Program Files (x86)\KLM\KLM.exe [1571128 2015-09-04] (Application)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [151224 2017-11-23] (Panda Security, S.L.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3200800 2018-06-01] (Valve Corporation)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964576 2017-11-03] (SUPERAntiSpyware)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4005944 2017-03-28] (Tonec Inc.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Spotify] => C:\Users\moris_000\AppData\Roaming\Spotify\Spotify.exe [23177616 2018-06-05] (Spotify Ltd)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Discord] => C:\Users\moris_000\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\Run: [Spotify Web Helper] => C:\Users\moris_000\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-06-05] (Spotify Ltd)
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\MountPoints2: {60e4aa84-1beb-11e7-8279-6c71d9874e96} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Program Files (x86)\Stardock\DeskScapes8\Deskscapes.scr
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{5DE57D0A-E02E-47C0-9EBB-1DF597C905DA}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Tcpip\..\Interfaces\{62758444-B3D8-4FBD-86CC-A30FC25BE347}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{A42F5A15-AEDA-4BD0-9ACE-445B2F1A60A9}: [DhcpNameServer] 89.2.0.1 89.2.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-1921062124-2300237418-187480937-1001\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1921062124-2300237418-187480937-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1921062124-2300237418-187480937-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=zxy_5f2428d97f38e63009¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITAbQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8vmldJ6k3vmpdJCoVwVJdISIVwVNdJaYUwVU4ISk3vFE9GqYVNUI3wGYGwVM3vmk4vFE9GqUNNos3wCIYwVA9Jmk3wVA4ICITvFI9ISILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoUwV5cGWUSNFRcEqULNopcGWUIvmFbF6IVwVJdJCoXwVNdIGYWwVQ9I6IVvmo9JqYTwVxdICk3vmldJ6ISwVRdJGYWvmk9IaYTvmpdImk3wVJdJCk4vFI9ISIYNVJdJGQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGNVFdICoVwVVdImoVNVA4JmISNVM3vCIWwVM9I6oUNVNdICoWwVxdJmoXvFQ9ISISvmldIqYTNVA9JGYWNVFdICoVwVRdJ6k3NoU9GqYYNVc3wCoUQGR7B6RoN9JcMGVbMqB9MaN8QGR7BHFaISopzU0aCaV6CaVdC6wrAo0qzSIoynwkyo1cM81dNHFbMn0aC6AoxrFaIWBfNbFbMn0aQGMVE7ofAT06xbFbJqtfNJ%3D%3D¶m2=MqNbMqF5MaVb&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-05-17] (AVAST Software)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2016-12-10] (Internet Download Manager, Tonec Inc.)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-08-05] (pdfforge GmbH)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-05-17] (AVAST Software)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll [2012-02-13] (Microsoft Corporation.)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-08-05] (pdfforge GmbH)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2017-03-24] [Legacy] [non signé]
FF HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\moris_000\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\moris_000\AppData\Roaming\IDM\idmmzcc5 [2017-08-10] [Legacy] [non signé]
FF HKU\S-1-5-21-1921062124-2300237418-187480937-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-08-05] (pdfforge GmbH)
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.fr/
CHR StartupUrls: Default -> "hxxp://10.20.255.254:12080/cgi-bin/zscp?Section=CPAuth&Action=Show&ZSCPRedirect=support.google.com:::hxxp://support.google.com/chrome/bin/answer.py%3fanswer=95589"
CHR Profile: C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default [2018-06-06]
CHR Extension: (Slides) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Docs) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-17]
CHR Extension: (YouTube) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-17]
CHR Extension: (Adblock Plus) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-18]
CHR Extension: (Adobe Acrobat) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-05-22]
CHR Extension: (Avast SafePrice) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-06]
CHR Extension: (Sheets) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Heroes & Generals) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2016-12-17]
CHR Extension: (Google Docs hors connexion) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-17]
CHR Extension: (AdBlock) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-30]
CHR Extension: (Facebook - Delete All Messages) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgiidlnejdlfoacoeleopkljhbckmlko [2018-01-12]
CHR Extension: (Save to Facebook) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-02-23]
CHR Extension: (Easy ToDo) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\keecndolgpjgiiebjongnckoendfjnol [2017-01-17]
CHR Extension: (Album & Photo Manager Pour Facebook) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgiedegfmekolcplboelnmfoiefpcpfg [2018-01-27]
CHR Extension: (IDM Integration Module) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-05-12]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Facebook Stylist) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhikcfgfncdkibkdglohjoceajhokkm [2017-11-14]
CHR Extension: (Gmail) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\moris_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-09]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-03-28]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-03-28]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-08-28] (SUPERAntiSpyware.com)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-17] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-17] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1494024 2017-02-08] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-06-24] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-02-06] (Futuremark)
R2 Micro Star SCM; C:\Windows\SysWOW64\MSIService.exe [160768 2009-07-09] (Micro-Star International Co., Ltd.) [Fichier non signé]
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-11-08] (Panda Security, S.L.)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] ()
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2438880 2016-08-05] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-08-05] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [972056 2016-05-18] (© pdfforge GmbH.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2018-03-18] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2018-03-18] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2017-10-18] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R3 aftap0901; C:\Windows\system32\DRIVERS\aftap0901.sys [49632 2017-11-21] (The OpenVPN Project)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [70368 2016-02-10] (Advanced Micro Devices, Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [196640 2018-05-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-13] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199440 2018-03-13] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343752 2018-03-13] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57680 2018-03-13] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [234560 2018-05-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46968 2018-05-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [159120 2018-05-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111360 2018-05-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85968 2018-05-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1027720 2018-05-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460520 2018-05-17] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [205976 2018-05-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381552 2018-05-17] (AVAST Software)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4307192 2016-02-14] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102400 2016-02-26] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 KillerEth; C:\Windows\system32\DRIVERS\e2xw8x64.sys [162456 2016-02-12] (Qualcomm Atheros, Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [107848 2017-10-05] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2017-10-05] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [121232 2017-10-05] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [126352 2017-10-05] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [99512 2017-09-26] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [117624 2017-10-05] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [91392 2017-10-05] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2017-10-05] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [337008 2017-10-19] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [249976 2017-10-19] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2017-10-05] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [281912 2017-10-05] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [125840 2017-10-05] (Panda Security, S.L.)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [14604 2003-11-07] (Padus, Inc.) [Fichier non signé]
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [190552 2017-11-08] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [154168 2017-11-06] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [207728 2017-11-06] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146976 2017-11-06] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [159312 2017-11-06] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [129448 2017-11-06] (Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security, S.L.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-06-06 20:57 - 2018-06-06 20:58 - 000028734 _____ C:\Users\moris_000\Desktop\FRST.txt
2018-06-06 20:57 - 2018-06-06 20:57 - 000000000 ____D C:\FRST
2018-06-06 20:56 - 2018-06-06 20:56 - 002413056 _____ (Farbar) C:\Users\moris_000\Desktop\FRST64.exe
2018-06-06 13:26 - 2018-06-06 13:26 - 000226527 _____ C:\Users\moris_000\Desktop\ZHPDiag.txt
2018-06-06 13:20 - 2018-06-06 13:20 - 000000868 _____ C:\Users\moris_000\Desktop\ZHPDiag.lnk
2018-06-06 12:48 - 2018-06-06 12:48 - 000007600 _____ C:\Users\moris_000\AppData\Local\Resmon.ResmonCfg
2018-06-06 12:19 - 2018-06-06 12:19 - 000000000 ____D C:\Users\moris_000\AppData\Local\Futuremark
2018-06-06 12:14 - 2018-06-06 12:41 - 000000000 ____D C:\Users\moris_000\Documents\3DMark
2018-06-06 12:14 - 2018-06-06 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2018-06-06 12:14 - 2018-06-06 12:14 - 000000000 ____D C:\Users\moris_000\.oracle_jre_usage
2018-06-06 12:14 - 2018-06-06 12:14 - 000000000 ____D C:\ProgramData\Futuremark
2018-06-06 12:14 - 2018-06-06 12:14 - 000000000 ____D C:\Program Files\Futuremark
2018-06-06 12:13 - 2018-06-06 12:13 - 000000000 ____D C:\Program Files (x86)\Futuremark
2018-06-06 12:01 - 2017-05-22 12:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2018-06-06 11:57 - 2018-06-06 12:00 - 000011485 _____ C:\Users\moris_000\Desktop\ZHPCleaner.txt
2018-06-06 11:39 - 2018-06-06 13:26 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\ZHP
2018-06-06 11:39 - 2018-06-06 11:49 - 000000878 _____ C:\Users\moris_000\Desktop\ZHPCleaner.lnk
2018-06-06 11:38 - 2018-06-06 13:20 - 000000000 ____D C:\Users\moris_000\AppData\Local\ZHP
2018-06-06 11:38 - 2018-06-06 12:11 - 000000000 ____D C:\Users\moris_000\Desktop\3dmark
2018-06-06 11:37 - 2018-06-06 11:40 - 000000000 ____D C:\AdwCleaner
2018-06-06 01:48 - 2018-06-06 12:55 - 000004238 _____ C:\Windows\System32\Tasks\AMD Updater
2018-06-06 01:47 - 2018-06-06 02:03 - 000000000 ____D C:\Users\moris_000\AppData\Local\AMD
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\Program Files (x86)\ATI Technologies
2018-06-06 01:47 - 2018-06-06 01:47 - 000000000 ____D C:\Program Files (x86)\AMD
2018-06-06 01:46 - 2018-06-06 01:46 - 000000000 _____ C:\Windows\ativpsrm.bin
2018-06-06 01:46 - 2016-02-10 02:47 - 000070368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2018-06-06 01:40 - 2018-06-06 01:45 - 000000000 ____D C:\Windows\LastGood
2018-06-06 01:40 - 2018-06-06 01:40 - 000000000 ____D C:\Program Files\Common Files\ATI Technologies
2018-06-06 01:35 - 2018-06-06 01:46 - 000000000 ____D C:\Program Files\AMD
2018-06-06 01:00 - 2018-06-06 01:01 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-06-06 00:44 - 2018-06-06 00:52 - 327960384 _____ (AMD Inc.) C:\Users\moris_000\Downloads\Radeon-Crimson-15.12-NI-EG-64Bit-With-DOTNet45-Win10-Win8.1-Win7-videocardz.com
2018-06-06 00:40 - 2018-06-06 00:41 - 000000000 ____D C:\Users\moris_000\Desktop\DDU v17.0.8.6
2018-06-06 00:40 - 2018-05-04 08:36 - 001202688 _____ (Igor Pavlov) C:\Users\moris_000\Desktop\DDU v17.0.8.6.exe
2018-06-06 00:40 - 2015-09-05 02:03 - 000000000 ____D C:\Users\moris_000\Desktop\Guru3D.com
2018-06-05 16:22 - 2018-06-05 16:22 - 000001869 _____ C:\Users\moris_000\Desktop\Spotify.lnk
2018-06-01 16:48 - 2018-06-01 16:48 - 000036854 _____ C:\Users\moris_000\Desktop\Adobe Premiere Pro_2018-06-01_164838_SADDAM.crash
2018-05-22 19:55 - 2018-05-22 19:58 - 067170164 _____ C:\Users\moris_000\Downloads\oxy_iptv-release.apk
2018-05-18 13:33 - 2018-06-01 16:48 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\Adobe
2018-05-18 13:33 - 2018-05-18 13:33 - 000000000 ____D C:\Users\moris_000\AppData\Local\Adobe
2018-05-18 13:33 - 2018-05-18 13:33 - 000000000 ____D C:\ProgramData\Adobe
2018-05-17 18:57 - 2018-05-17 18:57 - 000000015 _____ C:\Users\moris_000\AppData\Local\X-Plane_drm_11.prf
2018-05-17 18:53 - 2018-05-17 18:53 - 000000036 _____ C:\Users\moris_000\AppData\Local\x-plane_install_11.txt
2018-05-17 18:33 - 2018-05-17 18:53 - 000000000 ____D C:\Program Files (x86)\X-Plane 11
2018-05-17 13:57 - 2018-05-17 13:57 - 000376536 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2018-05-09 11:39 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 11:39 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 11:38 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 11:38 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 11:38 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 11:38 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 11:38 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 11:38 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 11:38 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 11:38 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 11:38 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 11:38 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 11:38 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 11:38 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 11:38 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 11:38 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 11:38 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 11:38 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 11:38 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 11:38 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 11:38 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 11:38 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 11:38 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 11:38 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 11:38 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 11:38 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 11:38 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 11:38 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 11:38 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 11:38 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 11:38 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 11:38 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 11:38 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 11:38 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 11:38 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 11:38 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 11:38 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 11:38 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 11:38 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 11:38 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 11:38 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 11:38 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 11:38 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 11:38 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 11:38 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 11:38 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 11:38 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 11:38 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 11:38 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 11:38 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 11:38 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 11:38 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 11:38 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 11:38 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 11:38 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 11:38 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 11:38 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 11:38 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 11:38 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 11:38 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 11:38 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 11:38 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 11:38 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 11:38 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 11:38 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 11:38 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 11:38 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 11:38 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 11:38 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 11:38 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 11:38 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 11:38 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 11:38 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 11:38 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 11:38 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 11:38 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 11:38 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 11:38 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 11:38 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 11:38 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 11:38 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 11:38 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 11:38 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 11:38 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-06-06 20:57 - 2016-12-17 06:33 - 000000000 ____D C:\Program Files (x86)\Steam
2018-06-06 20:57 - 2016-12-17 06:32 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\DMCache
2018-06-06 20:54 - 2016-12-17 06:15 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1921062124-2300237418-187480937-1001
2018-06-06 20:51 - 2016-12-17 06:15 - 000000000 __RDO C:\Users\moris_000\OneDrive
2018-06-06 20:50 - 2016-12-17 07:19 - 000000000 ____D C:\Users\moris_000\AppData\Local\ClassicShell
2018-06-06 20:49 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-06 13:43 - 2016-12-17 07:46 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-06-06 13:43 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-06 13:20 - 2017-01-31 03:01 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\IDM
2018-06-06 13:10 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2018-06-06 12:55 - 2018-01-31 19:52 - 000003462 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-morisquo@hotmail.fr
2018-06-06 12:55 - 2018-01-04 16:15 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-06-06 12:55 - 2017-05-22 23:25 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-06-06 12:55 - 2016-12-17 06:39 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-06-06 12:55 - 2016-12-17 06:29 - 000003502 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-06-06 12:55 - 2016-12-17 06:29 - 000003374 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-06-06 12:55 - 2016-12-17 06:23 - 000003944 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{CB69124A-D8F7-4A13-8C58-FB99020927BD}
2018-06-06 12:43 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-06 12:20 - 2016-12-17 06:22 - 000000000 ____D C:\ProgramData\Package Cache
2018-06-06 12:14 - 2016-12-17 06:09 - 000000000 ____D C:\Users\moris_000
2018-06-06 11:51 - 2017-01-04 15:18 - 000000000 ____D C:\Windows\Minidump
2018-06-06 11:51 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-06-06 11:35 - 2016-12-17 06:32 - 000000000 ____D C:\Users\moris_000\Downloads\Compressed
2018-06-06 01:37 - 2016-12-17 06:22 - 000000000 ____D C:\AMD
2018-06-05 16:36 - 2017-11-02 01:26 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\Spotify
2018-06-05 16:23 - 2017-11-02 01:28 - 000000000 ____D C:\Users\moris_000\AppData\Local\Spotify
2018-06-05 16:22 - 2017-11-02 01:28 - 000001855 _____ C:\Users\moris_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2018-05-31 19:11 - 2017-12-28 01:24 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\discord
2018-05-28 19:15 - 2018-03-18 13:17 - 000000000 ____D C:\Users\moris_000\AppData\LocalLow\Heroes and Generals
2018-05-22 20:13 - 2014-11-21 00:46 - 001817064 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-22 20:13 - 2014-11-21 00:03 - 000806842 _____ C:\Windows\system32\perfh00C.dat
2018-05-22 20:13 - 2014-11-21 00:03 - 000156662 _____ C:\Windows\system32\perfc00C.dat
2018-05-17 18:33 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-17 14:02 - 2018-01-04 16:15 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2018-05-17 13:57 - 2018-01-04 16:14 - 001027720 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000460520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000381552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000234560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000205976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000196640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000159120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000111360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000085968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2018-05-17 13:57 - 2018-01-04 16:14 - 000046968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2018-05-17 09:57 - 2016-12-17 06:30 - 000002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-11 11:44 - 2013-08-22 16:44 - 005044168 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-10 23:46 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-10 19:54 - 2017-01-07 04:05 - 000000000 ____D C:\Users\moris_000\AppData\Roaming\vlc
2018-05-09 13:12 - 2017-01-03 21:08 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 12:44 - 2017-10-10 20:50 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 12:44 - 2017-01-03 21:08 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Fichiers à la racine de certains dossiers =======
2017-05-02 19:11 - 2018-02-05 23:54 - 000000132 _____ () C:\Users\moris_000\AppData\Roaming\Préfs Format PNG Adobe CS6
2017-01-07 02:34 - 2018-01-03 01:26 - 000000540 _____ () C:\Users\moris_000\AppData\Roaming\WB.CFG
2017-12-21 01:26 - 2017-12-21 01:26 - 000000052 _____ () C:\Users\moris_000\AppData\Local\a3tmf8yrkd
2017-12-11 23:22 - 2017-12-12 23:26 - 000000052 _____ () C:\Users\moris_000\AppData\Local\MFyxwvutsr
2018-06-06 12:48 - 2018-06-06 12:48 - 000007600 _____ () C:\Users\moris_000\AppData\Local\Resmon.ResmonCfg
2018-05-17 18:57 - 2018-05-17 18:57 - 000000015 _____ () C:\Users\moris_000\AppData\Local\X-Plane_drm_11.prf
2018-05-17 18:53 - 2018-05-17 18:53 - 000000036 _____ () C:\Users\moris_000\AppData\Local\x-plane_install_11.txt
2018-01-04 17:55 - 2018-01-04 17:55 - 000000000 _____ () C:\Users\moris_000\AppData\Local\{030A0A78-175B-42F8-8631-63174D697E3D}
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-06-04 17:01
==================== Fin de FRST.txt ============================