Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 15-04-2020
Exécuté par nathalie (administrateur) sur L002789 (Dell Inc. Latitude E7250) (17-04-2020 12:48:11)
Exécuté depuis C:\Users\nathalie\Downloads
Profils chargés: nathalie & Administrateur (Profils disponibles: nathalie & Administrateur)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DameWare Development, LLC. -> DameWare Development LLC) C:\Windows\SysWOW64\DWRCS.exe
(DameWare Development, LLC. -> DameWare Development) C:\Windows\SysWOW64\DWRCST.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-01-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [337440 2013-12-04] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DameWare MRC Agent] => C:\Windows\SysWOW64\DWRCST.exe [85528 2010-08-06] (DameWare Development, LLC. -> DameWare Development)
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\77.0.69.135\Installer\chrmstp.exe [2019-10-11] (Brave Software, Inc.) [Fichier non signé]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\Users\i521410\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2018-01-27]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-02-19]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {09ED0FCA-C7BD-4F53-AE0B-0F2ADF9F9BC9} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3995428973-1514711920-1369959045-30332 => C:\Users\nathalie\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {0C2D9E5E-2437-4F0B-A44A-83FB11053EDA} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2017-10-09] () [Fichier non signé]
Task: {0FB45C59-57A6-49B8-A6D0-9F34575AF146} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1C0C6A23-7D65-454F-9D51-E433A5BF560D} - System32\Tasks\OCS GLPI 2 => \dom.net.local\netlogon\OcsLogon.exe
Task: {3FECCE0E-60DA-4A47-B401-E414A26D64BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {42E1F2B3-D3D6-4F3A-9204-741930BBFE4A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {475B8144-11BD-48B8-B3C9-5526A43AF26D} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {4B6CBE1F-738E-412C-9D4B-3C58D66CFD44} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
Task: {4BBACA2A-433F-4798-A9F5-65BC51490168} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C2583E2-A7E9-44DF-BF8B-0F3FF1D2F5A4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {55409008-9A3F-4067-868A-2B85EFF5CE70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-09] (Google Inc -> Google Inc.)
Task: {668107E5-3FE0-4333-8766-2A0A16327981} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-09] (Google Inc -> Google Inc.)
Task: {7B8C923D-AFA7-43C2-BA57-237612B65E46} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8282690F-64B4-49CA-ACCD-402D8A19A257} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {BAC3D549-98F8-402A-BCA0-883ABECA81CE} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [7060040 2020-02-04] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {DE28266F-5318-4B72-B9FC-635FAA07B46C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F48A019D-D9C3-4119-87D0-C7485E9CED24} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9123CE3-489E-40A9-B88C-310637615B6D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FCE1D566-463A-4B56-9266-BE154E0C326F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-29] (Avast Software s.r.o. -> Avast Software)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\OCS GLPI 2.job => \\dom net local netlogon OcsLogon exe /SERVER http /prspocs001 dom net local ocsinventory /DEPLOY /DEBUG /NO_SERVICE /NO_SYSTRAY /NOW /NP /PACKAGER /GPOSyst me
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-387736860-2802028833-2701983196-1004] => 10.10.101.3:8080
ProxyServer: [S-1-5-21-387736860-2802028833-2701983196-500] => 10.10.101.3:8080
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5C88CC07-3CC1-485F-98AE-57B5F8F91191}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D347C5E6-7E26-4552-A486-07A1215EC679}: [NameServer] 194.2.0.20
Tcpip\..\Interfaces\{D347C5E6-7E26-4552-A486-07A1215EC679}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.recherche-fr.com/
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
HKU\S-1-5-21-387736860-2802028833-2701983196-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-387736860-2802028833-2701983196-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> DefaultScope {E7EA9C45-CFAE-4645-B6DD-EF9F50B9CA51} URL = hxxp://www.recherche-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D111118-N0400A3BE04076F5&form=CONBDF&conlogo=CT3335795&q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {091078C3-9CFD-4BF5-8543-810C3066D6BF} URL = hxxp://www.nav-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_cigdxjtnqwo_20_13_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0C0A0BzzyDtC0F0FtAtAtC0DtA0DtN0D0Tzu0StAtDtDzytN1L2XzuyEtFyCtCtFtDtFtCzytCtN1L1Czu1ByE1VyCtN1L1G1B1V1N2Y1L1Qzu2SyDyCtA0AyDyDyB0BtGyCyCtCyEtGtA0F0EyCtGyDzytDtBtG0DtDtC0CtCzyyEyDtDyEzytC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB1S1Q1T1T1QzyzztG1S1RzzzytGyEzy1P1StG1S1QzzzztG1OtByC1T1QzytCyC1QtByC1S2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzzyDtAzytCtCzzyB%26cr%3D1830120845%26a%3Dwsg_cigdxjtnqwo_20_13_ssg00%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {BB37379D-C433-4ECC-8053-4EA2D67CB4A6} URL = hxxp://www.accueil-nav.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {E7EA9C45-CFAE-4645-B6DD-EF9F50B9CA51} URL = hxxp://www.recherche-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {F9BDC29B-D0B5-4A44-8844-6D7B5EF8AFA2} URL = hxxp://www.recherche-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - Pas de fichier
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll [2012-12-12] (QlikTech International AB -> QlikTech AB)
FireFox:
========
FF DefaultProfile: hgcy6zyd.default
FF DefaultProfile: byyl8dnp.default
FF ProfilePath: C:\Users\nathalie\AppData\Roaming\Zotero\Zotero\Profiles\hgcy6zyd.default [2019-11-04]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Zotero\extensions\zoteroOpenOfficeIntegration@zotero.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Zotero\extensions\zoteroWinWordIntegration@zotero.org [non trouvé(e)]
FF ProfilePath: C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\byyl8dnp.default [2020-04-17]
FF Homepage: Mozilla\Firefox\Profiles\byyl8dnp.default -> hxxp://www.bing.com/?pc=COSP&ptag=D111118-N0300A3BE04076F5&form=CONMHP&conlogo=CT3335795
FF NewTab: Mozilla\Firefox\Profiles\byyl8dnp.default -> hxxp://www.bing.com/?pc=COSP&ptag=D111118-N0300A3BE04076F5&form=CONMHP&conlogo=CT3335795
FF Extension: (Avast Online Security) - C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\byyl8dnp.default\Extensions\wrc@avast.com.xpi [2018-06-30]
FF Extension: (Pas de nom) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [non trouvé(e)]
FF SearchPlugin: C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\byyl8dnp.default\searchplugins\bing-lavasoft-ff59.xml [2018-11-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-18] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2017-10-09] () [Fichier non signé]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-18] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2017-10-09] () [Fichier non signé]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default [2020-04-17]
CHR Notifications: Default -> hxxps://www.commentcamarche.net
CHR HomePage: Default -> hxxp://www.recherche-fr.com/
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Extension: (Google Traduction) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Docs) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-23]
CHR Extension: (Google Drive) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-23]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (EditThisCookie) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2019-07-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR HKLM\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-387736860-2802028833-2701983196-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKU\S-1-5-21-387736860-2802028833-2701983196-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-387736860-2802028833-2701983196-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM-x32\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [204288 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-01-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DWMRCS; C:\windows\SysWOW64\DWRCS.exe [242200 2010-08-06] (DameWare Development, LLC. -> DameWare Development LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2015-01-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [127520 2013-12-04] (McAfee, Inc. -> McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Fichier non signé]
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [7677008 2017-10-16] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2017-10-09] () [Fichier non signé]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10570752 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [325632 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [492144 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [55448 2015-01-09] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R3 BCMNFCSCR; C:\Windows\System32\DRIVERS\bcmnfcscr7.sys [41728 2015-01-09] (Broadcom Corporation -> Broadcom Corporation.)
R3 bcmnfcusb; C:\Windows\System32\DRIVERS\bcmnfcusb7.sys [44288 2015-01-09] (Broadcom Corporation -> Broadcom Corporation.)
R3 dptf_acpi; C:\Windows\System32\DRIVERS\dptf_acpi.sys [41824 2015-01-09] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\DRIVERS\dptf_cpu.sys [35136 2015-01-09] (Intel(R) Software -> Intel Corporation)
R1 dwvkbd; C:\Windows\System32\DRIVERS\dwvkbd64.sys [30720 2007-02-15] (Microsoft Windows Hardware Compatibility Publisher -> DameWare)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2015-01-09] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [192624 2015-01-09] (Intel(R) Software -> Intel Corporation)
S3 HPEWSFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [20504 2009-02-25] (Hewlett-Packard Company -> Hewlett Packard)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [22040 2009-02-25] (Hewlett-Packard Company -> Hewlett Packard)
S3 HPZid412; C:\Windows\system32\drivers\HPZid412.sys [187392 2009-02-25] (Microsoft Windows Hardware Compatibility Publisher -> HP)
S3 HPZius12; C:\Windows\system32\drivers\HPZius12.sys [50688 2009-02-25] (Microsoft Windows Hardware Compatibility Publisher -> HP)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2015-01-09] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2642264 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2015-01-14] (Intel CASE -> )
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [39704 2015-01-09] (Atheros Communications Inc. -> Atheros)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-01-09] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2018-05-04] (Apple Inc.) [Fichier non signé]
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3423720 2015-01-09] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2015-01-09] (O2Micro -> BayHubTech/O2Micro )
S3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Technologies -> Fortinet Inc.)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD. -> CASIO COMPUTER CO.,LTD.)
S3 SNXPCAMD; C:\Windows\System32\DRIVERS\snxpcamd.sys [52832 2013-09-13] (SUNIX CO., LTD. -> SUNIX Co., Ltd.)
S3 SNXPPAMD; C:\Windows\system32\drivers\snxppamd.sys [99424 2013-09-13] (SUNIX CO., LTD. -> SUNIX Co., Ltd.)
S3 SNXPSAMD; C:\Windows\system32\drivers\snxpsamd.sys [97888 2013-09-13] (SUNIX CO., LTD. -> SUNIX Co., Ltd.)
S3 ST7007; C:\Windows\system32\drivers\ST7007.sys [69896 2014-07-03] (STMicroelectronics -> STMicroelectronics)
R3 swg3kmbb05; C:\Windows\System32\DRIVERS\swg3kmbb05.sys [492304 2015-01-09] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swg3knmea05; C:\Windows\System32\DRIVERS\swg3knmea05.sys [275216 2015-01-09] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swg3kser05; C:\Windows\System32\DRIVERS\swg3kser05.sys [275216 2015-01-09] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swibus05; C:\Windows\System32\DRIVERS\swibus05.sys [88848 2015-01-09] (Sierra Wireless -> Sierra Wireless Inc.)
R3 swibusflt05; C:\Windows\System32\DRIVERS\swibusflt05.sys [88848 2015-01-09] (Sierra Wireless -> Sierra Wireless Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 TKCtrl; C:\windows\system32\TKCtrl2k64.sys [147240 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsAvM; C:\windows\system32\TKFsAv64.sys [191544 2017-02-02] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsFtM; C:\windows\system32\TKFsFt64.sys [28312 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKPcFt; C:\windows\system32\TKPcFtCb64.sys [39280 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgAc; C:\windows\system32\TKRgAc2k64.sys [102448 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgFt; C:\windows\system32\TKRgFtXp64.sys [51464 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKSP; C:\windows\system32\TKSPxp64.sys [80824 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [Fichier non signé]
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [17632 2015-01-09] (Broadcom Corp -> )
U1 aswbdisk; pas de ImagePath
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-04-17 12:48 - 2020-04-17 12:48 - 000040929 _____ C:\Users\nathalie\Downloads\FRST.txt
2020-04-17 12:47 - 2020-04-17 12:48 - 000000000 ____D C:\FRST
2020-04-17 12:47 - 2020-04-17 12:47 - 002281472 _____ (Farbar) C:\Users\nathalie\Downloads\FRST64.exe
2020-04-17 12:22 - 2020-04-17 12:36 - 000440012 _____ C:\Windows\ntbtlog.txt
2020-04-17 11:58 - 2020-04-17 11:58 - 000157584 _____ C:\Users\nathalie\AppData\Local\GDIPFONTCACHEV1.DAT
2020-04-17 11:52 - 2020-04-17 11:52 - 007432520 _____ (VS Revo Group ) C:\Users\nathalie\Downloads\revosetup.exe
2020-04-17 10:14 - 2020-04-17 10:14 - 000492144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-17 10:14 - 2020-04-17 10:14 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-17 10:14 - 2020-04-17 10:14 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-17 10:14 - 2020-04-17 10:14 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-17 10:14 - 2020-04-17 10:14 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2020-04-17 10:10 - 2020-04-17 10:11 - 000637936 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-28 12:27 - 2020-03-28 12:27 - 000000000 ____D C:\Program Files (x86)\Chromium
2020-03-28 12:26 - 2020-04-17 12:33 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2020-03-28 12:26 - 2020-03-31 21:01 - 000000000 ____D C:\Users\nathalie\AppData\Local\WallpaperHd
2020-03-28 12:26 - 2020-03-28 12:49 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2020-03-28 10:08 - 2020-03-28 10:08 - 000000000 ___HD C:\$AV_ASW
2020-03-24 16:46 - 2020-03-24 16:47 - 000000162 ____H C:\Users\nathalie\Downloads\~$B15EED-7B2D-4864-9B96-D59B66E12A13.jpeg
2020-03-24 15:41 - 2020-03-24 15:41 - 000086915 _____ C:\Users\nathalie\Documents\CV Constantin Guillaume.pdf
2020-03-19 16:40 - 2020-03-19 16:40 - 000196879 _____ C:\Users\nathalie\Documents\.RData
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-04-17 12:46 - 2014-06-06 21:10 - 026183560 _____ C:\Windows\system32\perfh00C.dat
2020-04-17 12:46 - 2014-06-06 21:10 - 008816920 _____ C:\Windows\system32\perfc00C.dat
2020-04-17 12:46 - 2009-07-14 07:13 - 000006512 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-17 12:38 - 2018-04-23 16:20 - 000000000 ____D C:\Users\nathalie\AppData\Local\AVAST Software
2020-04-17 12:38 - 2017-02-12 19:36 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-17 12:37 - 2018-04-25 18:10 - 000000470 __RSH C:\Users\nathalie\ntuser.pol
2020-04-17 12:37 - 2018-04-23 16:20 - 000000000 ____D C:\Users\nathalie
2020-04-17 12:37 - 2015-02-18 16:37 - 000011796 __RSH C:\ProgramData\ntuser.pol
2020-04-17 12:37 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-17 12:33 - 2019-11-14 19:25 - 000000000 ____D C:\Users\nathalie\AppData\Roaming\RStudio
2020-04-17 12:30 - 2009-07-14 06:45 - 000030080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-17 12:30 - 2009-07-14 06:45 - 000030080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-17 12:24 - 2010-01-01 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAS
2020-04-17 12:24 - 2010-01-01 11:45 - 000000000 ____D C:\Program Files\SASHome
2020-04-17 10:16 - 2018-09-28 15:46 - 000000000 ____D C:\Program Files\CCleaner
2020-04-17 10:14 - 2019-01-05 22:03 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-17 10:14 - 2018-10-23 08:37 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-17 10:14 - 2017-11-21 23:06 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000459408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-17 10:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-17 10:13 - 2019-01-14 17:08 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-17 10:13 - 2019-01-05 22:03 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-17 10:13 - 2019-01-05 22:03 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-17 10:08 - 2019-11-04 17:23 - 000000000 ____D C:\Users\nathalie\AppData\Local\CrashDumps
2020-04-17 10:08 - 2018-09-29 14:55 - 000000000 ____D C:\Users\nathalie\AppData\Roaming\Wise Disk Cleaner
2020-04-17 10:04 - 2019-04-05 13:34 - 000000000 ____D C:\Users\nathalie\AppData\Roaming\WiseUpdate
2020-04-16 22:04 - 2020-02-02 12:09 - 000000000 ____D C:\Users\nathalie\Desktop\Fond d'écran
2020-04-16 21:14 - 2019-10-08 19:37 - 000003446 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-04-16 21:14 - 2019-05-17 13:16 - 000003336 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2020-04-16 21:14 - 2019-05-17 13:16 - 000003208 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2020-04-16 21:14 - 2018-09-28 15:46 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-16 21:14 - 2018-09-28 15:46 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-16 21:14 - 2017-04-16 17:39 - 000004496 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-16 21:14 - 2017-02-12 19:40 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-16 21:14 - 2016-03-04 17:38 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-16 21:14 - 2016-03-04 17:38 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-16 21:14 - 2016-02-25 15:50 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-12 20:41 - 2019-10-08 19:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-04-12 20:41 - 2019-10-08 19:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-04-11 18:52 - 2020-03-10 22:30 - 000000000 ____D C:\Users\nathalie\Desktop\Inscriptions Master
2020-04-07 22:01 - 2016-03-04 17:39 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 22:01 - 2016-03-04 17:39 - 000002149 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-07 22:01 - 2016-03-04 17:39 - 000002149 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-04 16:03 - 2020-01-22 15:50 - 000014975 _____ C:\Users\nathalie\Documents\.Rhistory
2020-04-04 16:03 - 2019-11-14 17:55 - 000000000 ____D C:\Users\nathalie\AppData\Local\RStudio-Desktop
2020-04-02 11:19 - 2020-03-17 19:10 - 000000000 ____D C:\Users\nathalie\Desktop\Cours S6
2020-03-28 14:53 - 2020-01-15 13:12 - 000024325 _____ C:\Users\nathalie\Desktop\Loto.xlsx
2020-03-28 12:57 - 2020-02-07 17:58 - 000000000 ____D C:\Program Files (x86)\StatSoft
2020-03-28 12:56 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Registration
2020-03-27 18:06 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-24 16:43 - 2011-04-12 09:51 - 000000000 ___RD C:\Users\Public\Recorded TV
2020-03-21 17:22 - 2020-01-22 15:52 - 000000000 ____D C:\Users\nathalie\Documents\FichiersR
2020-03-20 13:38 - 2020-02-20 10:00 - 000146692 _____ C:\Users\nathalie\Documents\ames.RData
2020-03-19 16:40 - 2018-09-28 15:34 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2018-04-23 16:21 - 2018-04-23 16:21 - 000000093 _____ () C:\Users\nathalie\AppData\Roaming\ARCompanion.log
2018-12-01 11:08 - 2018-12-01 11:08 - 000000410 _____ () C:\Users\nathalie\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\User32.dll
[2018-04-24 10:45] - [2018-09-28 15:06] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2018-04-24 10:45] - [2018-09-28 15:06] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
LastRegBack: 2020-04-09 17:12
==================== Fin de FRST.txt ========================
Exécuté par nathalie (administrateur) sur L002789 (Dell Inc. Latitude E7250) (17-04-2020 12:48:11)
Exécuté depuis C:\Users\nathalie\Downloads
Profils chargés: nathalie & Administrateur (Profils disponibles: nathalie & Administrateur)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe <2>
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(DameWare Development, LLC. -> DameWare Development LLC) C:\Windows\SysWOW64\DWRCS.exe
(DameWare Development, LLC. -> DameWare Development) C:\Windows\SysWOW64\DWRCST.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <20>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Intel Corporation - pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <3>
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registre (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [727896 2015-01-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7637208 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_MAXX6] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [108216 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [337440 2013-12-04] (McAfee, Inc. -> McAfee, Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [DameWare MRC Agent] => C:\Windows\SysWOW64\DWRCST.exe [85528 2010-08-06] (DameWare Development, LLC. -> DameWare Development)
HKLM\...\Policies\Explorer: [NoPublishingWizard] 1
HKLM\...\Policies\Explorer: [NoWebServices] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18594760 2018-09-19] (Piriform Ltd -> Piriform Ltd)
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-18\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.163\Installer\chrmstp.exe [2020-04-07] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files (x86)\BraveSoftware\Brave-Browser\Application\77.0.69.135\Installer\chrmstp.exe [2019-10-11] (Brave Software, Inc.) [Fichier non signé]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\Users\i521410\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2018-01-27]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Envoyer à OneNote.lnk [2020-02-19]
ShortcutTarget: Envoyer à OneNote.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Tâches planifiées (Avec liste blanche) ============
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
Task: {09ED0FCA-C7BD-4F53-AE0B-0F2ADF9F9BC9} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3995428973-1514711920-1369959045-30332 => C:\Users\nathalie\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {0C2D9E5E-2437-4F0B-A44A-83FB11053EDA} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2017-10-09] () [Fichier non signé]
Task: {0FB45C59-57A6-49B8-A6D0-9F34575AF146} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {1C0C6A23-7D65-454F-9D51-E433A5BF560D} - System32\Tasks\OCS GLPI 2 => \dom.net.local\netlogon\OcsLogon.exe
Task: {3FECCE0E-60DA-4A47-B401-E414A26D64BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [13769584 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {42E1F2B3-D3D6-4F3A-9204-741930BBFE4A} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {475B8144-11BD-48B8-B3C9-5526A43AF26D} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {4B6CBE1F-738E-412C-9D4B-3C58D66CFD44} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3325032 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
Task: {4BBACA2A-433F-4798-A9F5-65BC51490168} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C2583E2-A7E9-44DF-BF8B-0F3FF1D2F5A4} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2018-02-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {55409008-9A3F-4067-868A-2B85EFF5CE70} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-09] (Google Inc -> Google Inc.)
Task: {668107E5-3FE0-4333-8766-2A0A16327981} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-03-09] (Google Inc -> Google Inc.)
Task: {7B8C923D-AFA7-43C2-BA57-237612B65E46} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {8282690F-64B4-49CA-ACCD-402D8A19A257} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {BAC3D549-98F8-402A-BCA0-883ABECA81CE} - System32\Tasks\WiseCleaner\WDCSkipUAC => C:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [7060040 2020-02-04] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {DE28266F-5318-4B72-B9FC-635FAA07B46C} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {F48A019D-D9C3-4119-87D0-C7485E9CED24} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {F9123CE3-489E-40A9-B88C-310637615B6D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {FCE1D566-463A-4B56-9266-BE154E0C326F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1660520 2020-02-29] (Avast Software s.r.o. -> Avast Software)
(Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.)
Task: C:\Windows\Tasks\OCS GLPI 2.job => \\dom net local netlogon OcsLogon exe /SERVER http /prspocs001 dom net local ocsinventory /DEPLOY /DEBUG /NO_SERVICE /NO_SYSTRAY /NOW /NP /PACKAGER /GPOSyst me
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
ProxyServer: [S-1-5-21-387736860-2802028833-2701983196-1004] => 10.10.101.3:8080
ProxyServer: [S-1-5-21-387736860-2802028833-2701983196-500] => 10.10.101.3:8080
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5C88CC07-3CC1-485F-98AE-57B5F8F91191}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D347C5E6-7E26-4552-A486-07A1215EC679}: [NameServer] 194.2.0.20
Tcpip\..\Interfaces\{D347C5E6-7E26-4552-A486-07A1215EC679}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.recherche-fr.com/
HKU\S-1-5-21-387736860-2802028833-2701983196-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
HKU\S-1-5-21-387736860-2802028833-2701983196-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.fr/
HKU\S-1-5-21-387736860-2802028833-2701983196-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://planet.invivo-group.com/fr/Pages/default.aspx
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> DefaultScope {E7EA9C45-CFAE-4645-B6DD-EF9F50B9CA51} URL = hxxp://www.recherche-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D111118-N0400A3BE04076F5&form=CONBDF&conlogo=CT3335795&q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {091078C3-9CFD-4BF5-8543-810C3066D6BF} URL = hxxp://www.nav-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wsg_cigdxjtnqwo_20_13_ssg00¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzu0Fzz0C0A0BzzyDtC0F0FtAtAtC0DtA0DtN0D0Tzu0StAtDtDzytN1L2XzuyEtFyCtCtFtDtFtCzytCtN1L1Czu1ByE1VyCtN1L1G1B1V1N2Y1L1Qzu2SyDyCtA0AyDyDyB0BtGyCyCtCyEtGtA0F0EyCtGyDzytDtBtG0DtDtC0CtCzyyEyDtDyEzytC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB1S1Q1T1T1QzyzztG1S1RzzzytGyEzy1P1StG1S1QzzzztG1OtByC1T1QzytCyC1QtByC1S2QtN0A0LzutBtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDzzyDtAzytCtCzzyB%26cr%3D1830120845%26a%3Dwsg_cigdxjtnqwo_20_13_ssg00%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {BB37379D-C433-4ECC-8053-4EA2D67CB4A6} URL = hxxp://www.accueil-nav.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {E7EA9C45-CFAE-4645-B6DD-EF9F50B9CA51} URL = hxxp://www.recherche-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-1004 -> {F9BDC29B-D0B5-4A44-8844-6D7B5EF8AFA2} URL = hxxp://www.recherche-fr.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-387736860-2802028833-2701983196-500 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - Pas de fichier
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: qvp - {4BA78E3D-CA25-4BFF-B8F0-8A3359E4B520} - C:\Program Files (x86)\QlikView\QvProtocol\qvp.dll [2012-12-12] (QlikTech International AB -> QlikTech AB)
FireFox:
========
FF DefaultProfile: hgcy6zyd.default
FF DefaultProfile: byyl8dnp.default
FF ProfilePath: C:\Users\nathalie\AppData\Roaming\Zotero\Zotero\Profiles\hgcy6zyd.default [2019-11-04]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Zotero\extensions\zoteroOpenOfficeIntegration@zotero.org [non trouvé(e)]
FF Extension: (Pas de nom) - C:\Program Files (x86)\Zotero\extensions\zoteroWinWordIntegration@zotero.org [non trouvé(e)]
FF ProfilePath: C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\byyl8dnp.default [2020-04-17]
FF Homepage: Mozilla\Firefox\Profiles\byyl8dnp.default -> hxxp://www.bing.com/?pc=COSP&ptag=D111118-N0300A3BE04076F5&form=CONMHP&conlogo=CT3335795
FF NewTab: Mozilla\Firefox\Profiles\byyl8dnp.default -> hxxp://www.bing.com/?pc=COSP&ptag=D111118-N0300A3BE04076F5&form=CONMHP&conlogo=CT3335795
FF Extension: (Avast Online Security) - C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\byyl8dnp.default\Extensions\wrc@avast.com.xpi [2018-06-30]
FF Extension: (Pas de nom) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [non trouvé(e)]
FF SearchPlugin: C:\Users\nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\byyl8dnp.default\searchplugins\bing-lavasoft-ff59.xml [2018-11-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_28_0_0_161.dll [2018-02-18] (Adobe Systems Incorporated -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2017-10-09] () [Fichier non signé]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_161.dll [2018-02-18] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files (x86)\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-02-03] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll [2017-10-09] () [Fichier non signé]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=3 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: @tools.brave.com/BraveSoftware Update;version=9 -> C:\Program Files (x86)\BraveSoftware\Update\1.3.99.0\npBraveUpdate3.dll [2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
Chrome:
=======
CHR Profile: C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default [2020-04-17]
CHR Notifications: Default -> hxxps://www.commentcamarche.net
CHR HomePage: Default -> hxxp://www.recherche-fr.com/
CHR StartupUrls: Default -> "hxxps://www.google.fr/"
CHR Extension: (Google Traduction) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2020-03-18]
CHR Extension: (Docs) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-04-23]
CHR Extension: (Google Drive) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-04-23]
CHR Extension: (Adblock Plus - bloqueur de publicités gratuit) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-04-06]
CHR Extension: (EditThisCookie) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2019-07-14]
CHR Extension: (Google Docs hors connexion) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (AdBlock — le meilleur bloqueur de pubs) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-15]
CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-04]
CHR Extension: (Gmail) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\nathalie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03]
CHR HKLM\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
CHR HKU\S-1-5-21-387736860-2802028833-2701983196-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKU\S-1-5-21-387736860-2802028833-2701983196-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKU\S-1-5-21-387736860-2802028833-2701983196-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM-x32\...\Chrome\Extension: [codhflfnidhlkphogdmhfhjmkehlfjjk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM-x32\...\Chrome\Extension: [gpggceimbegdiddifklmeponnmkppfho]
CHR HKLM-x32\...\Chrome\Extension: [ijahobfejgeblmkpcmgpelfibgnnjpil]
CHR HKLM-x32\...\Chrome\Extension: [nahhmpbckpgdidfnmfkfgiflpjijilce]
CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej]
==================== Services (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [204288 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [87384 2015-01-09] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5504928 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [345384 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [159368 2019-05-17] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
R2 DWMRCS; C:\windows\SysWOW64\DWRCS.exe [242200 2010-08-06] (DameWare Development, LLC. -> DameWare Development LLC)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2015-01-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [127520 2013-12-04] (McAfee, Inc. -> McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [Fichier non signé]
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [7677008 2017-10-16] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.)
R2 O2FLASH; C:\Windows\system32\DRIVERS\o2flash.exe [65536 2015-01-09] (Microsoft Windows Hardware Compatibility Publisher -> BayHubTech/O2Micro International)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [Fichier non signé]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2017-10-09] () [Fichier non signé]
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 McAfee WebAdvisor; "C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe" [X]
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe" [X]
===================== Pilotes (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [10570752 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [325632 2013-09-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2014-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37856 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [206120 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [234776 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [178968 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [60696 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42984 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [175920 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [492144 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2020-04-17] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [109480 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [85056 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [851808 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [459408 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [235696 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [317280 2020-04-17] (Avast Software s.r.o. -> AVAST Software)
S3 AthDfu; C:\Windows\System32\Drivers\AthDfu.sys [55448 2015-01-09] (Atheros Communications Inc. -> Windows (R) Win 7 DDK provider)
R3 BCMNFCSCR; C:\Windows\System32\DRIVERS\bcmnfcscr7.sys [41728 2015-01-09] (Broadcom Corporation -> Broadcom Corporation.)
R3 bcmnfcusb; C:\Windows\System32\DRIVERS\bcmnfcusb7.sys [44288 2015-01-09] (Broadcom Corporation -> Broadcom Corporation.)
R3 dptf_acpi; C:\Windows\System32\DRIVERS\dptf_acpi.sys [41824 2015-01-09] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\DRIVERS\dptf_cpu.sys [35136 2015-01-09] (Intel(R) Software -> Intel Corporation)
R1 dwvkbd; C:\Windows\System32\DRIVERS\dwvkbd64.sys [30720 2007-02-15] (Microsoft Windows Hardware Compatibility Publisher -> DameWare)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [489752 2015-01-09] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\Windows\System32\DRIVERS\esif_lf.sys [192624 2015-01-09] (Intel(R) Software -> Intel Corporation)
S3 HPEWSFXBULK; C:\Windows\system32\drivers\hpfx64bulk.sys [20504 2009-02-25] (Hewlett-Packard Company -> Hewlett Packard)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [22040 2009-02-25] (Hewlett-Packard Company -> Hewlett Packard)
S3 HPZid412; C:\Windows\system32\drivers\HPZid412.sys [187392 2009-02-25] (Microsoft Windows Hardware Compatibility Publisher -> HP)
S3 HPZius12; C:\Windows\system32\drivers\HPZius12.sys [50688 2009-02-25] (Microsoft Windows Hardware Compatibility Publisher -> HP)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2015-01-09] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2642264 2015-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [44744 2015-01-14] (Intel CASE -> )
S3 lehidmini; C:\Windows\system32\drivers\leath_hid.sys [39704 2015-01-09] (Atheros Communications Inc. -> Atheros)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-01-09] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2018-05-04] (Apple Inc.) [Fichier non signé]
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3423720 2015-01-09] (Intel Corporation-Mobile Wireless Group -> Intel Corporation)
R3 O2FJ2RDR; C:\Windows\System32\DRIVERS\O2FJ2w7x64.sys [210592 2015-01-09] (O2Micro -> BayHubTech/O2Micro )
S3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [42528 2009-07-21] (Fortinet Technologies -> Fortinet Inc.)
S3 PVUSB; C:\Windows\System32\DRIVERS\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD. -> CASIO COMPUTER CO.,LTD.)
S3 SNXPCAMD; C:\Windows\System32\DRIVERS\snxpcamd.sys [52832 2013-09-13] (SUNIX CO., LTD. -> SUNIX Co., Ltd.)
S3 SNXPPAMD; C:\Windows\system32\drivers\snxppamd.sys [99424 2013-09-13] (SUNIX CO., LTD. -> SUNIX Co., Ltd.)
S3 SNXPSAMD; C:\Windows\system32\drivers\snxpsamd.sys [97888 2013-09-13] (SUNIX CO., LTD. -> SUNIX Co., Ltd.)
S3 ST7007; C:\Windows\system32\drivers\ST7007.sys [69896 2014-07-03] (STMicroelectronics -> STMicroelectronics)
R3 swg3kmbb05; C:\Windows\System32\DRIVERS\swg3kmbb05.sys [492304 2015-01-09] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swg3knmea05; C:\Windows\System32\DRIVERS\swg3knmea05.sys [275216 2015-01-09] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swg3kser05; C:\Windows\System32\DRIVERS\swg3kser05.sys [275216 2015-01-09] (Sierra Wireless -> Sierra Wireless Incorporated)
R3 swibus05; C:\Windows\System32\DRIVERS\swibus05.sys [88848 2015-01-09] (Sierra Wireless -> Sierra Wireless Inc.)
R3 swibusflt05; C:\Windows\System32\DRIVERS\swibusflt05.sys [88848 2015-01-09] (Sierra Wireless -> Sierra Wireless Inc.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 TKCtrl; C:\windows\system32\TKCtrl2k64.sys [147240 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsAvM; C:\windows\system32\TKFsAv64.sys [191544 2017-02-02] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKFsFtM; C:\windows\system32\TKFsFt64.sys [28312 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKPcFt; C:\windows\system32\TKPcFtCb64.sys [39280 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgAc; C:\windows\system32\TKRgAc2k64.sys [102448 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKRgFt; C:\windows\system32\TKRgFtXp64.sys [51464 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 TKSP; C:\windows\system32\TKSPxp64.sys [80824 2016-02-05] (INCA Internet Co.,Ltd. -> INCA Internet Co., Ltd.) <==== ATTENTION
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-03-28] (Apple, Inc.) [Fichier non signé]
S3 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [237376 2019-09-03] (Oracle Corporation -> Oracle Corporation)
R3 wbfcvusbdrv; C:\Windows\System32\Drivers\wbfcvusbdrv.sys [17632 2015-01-09] (Broadcom Corp -> )
U1 aswbdisk; pas de ImagePath
S3 dcdbas; system32\DRIVERS\dcdbas64.sys [X]
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois (créés) ===================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-04-17 12:48 - 2020-04-17 12:48 - 000040929 _____ C:\Users\nathalie\Downloads\FRST.txt
2020-04-17 12:47 - 2020-04-17 12:48 - 000000000 ____D C:\FRST
2020-04-17 12:47 - 2020-04-17 12:47 - 002281472 _____ (Farbar) C:\Users\nathalie\Downloads\FRST64.exe
2020-04-17 12:22 - 2020-04-17 12:36 - 000440012 _____ C:\Windows\ntbtlog.txt
2020-04-17 11:58 - 2020-04-17 11:58 - 000157584 _____ C:\Users\nathalie\AppData\Local\GDIPFONTCACHEV1.DAT
2020-04-17 11:52 - 2020-04-17 11:52 - 007432520 _____ (VS Revo Group ) C:\Users\nathalie\Downloads\revosetup.exe
2020-04-17 10:14 - 2020-04-17 10:14 - 000492144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2020-04-17 10:14 - 2020-04-17 10:14 - 000337048 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-04-17 10:14 - 2020-04-17 10:14 - 000235696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-04-17 10:14 - 2020-04-17 10:14 - 000175920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-04-17 10:14 - 2020-04-17 10:14 - 000038152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2020-04-17 10:10 - 2020-04-17 10:11 - 000637936 _____ C:\Windows\system32\FNTCACHE.DAT
2020-03-28 12:27 - 2020-03-28 12:27 - 000000000 ____D C:\Program Files (x86)\Chromium
2020-03-28 12:26 - 2020-04-17 12:33 - 000000000 ____D C:\Program Files (x86)\Digital Communications
2020-03-28 12:26 - 2020-03-31 21:01 - 000000000 ____D C:\Users\nathalie\AppData\Local\WallpaperHd
2020-03-28 12:26 - 2020-03-28 12:49 - 000000000 ____D C:\Program Files (x86)\Cheat Engine 6.7
2020-03-28 10:08 - 2020-03-28 10:08 - 000000000 ___HD C:\$AV_ASW
2020-03-24 16:46 - 2020-03-24 16:47 - 000000162 ____H C:\Users\nathalie\Downloads\~$B15EED-7B2D-4864-9B96-D59B66E12A13.jpeg
2020-03-24 15:41 - 2020-03-24 15:41 - 000086915 _____ C:\Users\nathalie\Documents\CV Constantin Guillaume.pdf
2020-03-19 16:40 - 2020-03-19 16:40 - 000196879 _____ C:\Users\nathalie\Documents\.RData
==================== Un mois (modifiés) ==================
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2020-04-17 12:46 - 2014-06-06 21:10 - 026183560 _____ C:\Windows\system32\perfh00C.dat
2020-04-17 12:46 - 2014-06-06 21:10 - 008816920 _____ C:\Windows\system32\perfc00C.dat
2020-04-17 12:46 - 2009-07-14 07:13 - 000006512 _____ C:\Windows\system32\PerfStringBackup.INI
2020-04-17 12:38 - 2018-04-23 16:20 - 000000000 ____D C:\Users\nathalie\AppData\Local\AVAST Software
2020-04-17 12:38 - 2017-02-12 19:36 - 000000000 ____D C:\ProgramData\AVAST Software
2020-04-17 12:37 - 2018-04-25 18:10 - 000000470 __RSH C:\Users\nathalie\ntuser.pol
2020-04-17 12:37 - 2018-04-23 16:20 - 000000000 ____D C:\Users\nathalie
2020-04-17 12:37 - 2015-02-18 16:37 - 000011796 __RSH C:\ProgramData\ntuser.pol
2020-04-17 12:37 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-04-17 12:33 - 2019-11-14 19:25 - 000000000 ____D C:\Users\nathalie\AppData\Roaming\RStudio
2020-04-17 12:30 - 2009-07-14 06:45 - 000030080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-04-17 12:30 - 2009-07-14 06:45 - 000030080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-04-17 12:24 - 2010-01-01 11:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SAS
2020-04-17 12:24 - 2010-01-01 11:45 - 000000000 ____D C:\Program Files\SASHome
2020-04-17 10:16 - 2018-09-28 15:46 - 000000000 ____D C:\Program Files\CCleaner
2020-04-17 10:14 - 2019-01-05 22:03 - 000037856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-04-17 10:14 - 2018-10-23 08:37 - 000042984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-04-17 10:14 - 2017-11-21 23:06 - 000206120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000851808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000459408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000317280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000109480 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000085056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-04-17 10:14 - 2017-02-12 19:39 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-04-17 10:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2020-04-17 10:13 - 2019-01-14 17:08 - 000234776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-04-17 10:13 - 2019-01-05 22:03 - 000178968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-04-17 10:13 - 2019-01-05 22:03 - 000060696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-04-17 10:08 - 2019-11-04 17:23 - 000000000 ____D C:\Users\nathalie\AppData\Local\CrashDumps
2020-04-17 10:08 - 2018-09-29 14:55 - 000000000 ____D C:\Users\nathalie\AppData\Roaming\Wise Disk Cleaner
2020-04-17 10:04 - 2019-04-05 13:34 - 000000000 ____D C:\Users\nathalie\AppData\Roaming\WiseUpdate
2020-04-16 22:04 - 2020-02-02 12:09 - 000000000 ____D C:\Users\nathalie\Desktop\Fond d'écran
2020-04-16 21:14 - 2019-10-08 19:37 - 000003446 _____ C:\Windows\system32\Tasks\AdobeGCInvoker-1.0
2020-04-16 21:14 - 2019-05-17 13:16 - 000003336 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineUA
2020-04-16 21:14 - 2019-05-17 13:16 - 000003208 _____ C:\Windows\system32\Tasks\BraveSoftwareUpdateTaskMachineCore
2020-04-16 21:14 - 2018-09-28 15:46 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-04-16 21:14 - 2018-09-28 15:46 - 000002794 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-04-16 21:14 - 2017-04-16 17:39 - 000004496 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-04-16 21:14 - 2017-02-12 19:40 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2020-04-16 21:14 - 2016-03-04 17:38 - 000003504 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-04-16 21:14 - 2016-03-04 17:38 - 000003376 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2020-04-16 21:14 - 2016-02-25 15:50 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2020-04-12 20:41 - 2019-10-08 19:37 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2020-04-12 20:41 - 2019-10-08 19:37 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2020-04-11 18:52 - 2020-03-10 22:30 - 000000000 ____D C:\Users\nathalie\Desktop\Inscriptions Master
2020-04-07 22:01 - 2016-03-04 17:39 - 000002190 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-04-07 22:01 - 2016-03-04 17:39 - 000002149 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-04-07 22:01 - 2016-03-04 17:39 - 000002149 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-04-04 16:03 - 2020-01-22 15:50 - 000014975 _____ C:\Users\nathalie\Documents\.Rhistory
2020-04-04 16:03 - 2019-11-14 17:55 - 000000000 ____D C:\Users\nathalie\AppData\Local\RStudio-Desktop
2020-04-02 11:19 - 2020-03-17 19:10 - 000000000 ____D C:\Users\nathalie\Desktop\Cours S6
2020-03-28 14:53 - 2020-01-15 13:12 - 000024325 _____ C:\Users\nathalie\Desktop\Loto.xlsx
2020-03-28 12:57 - 2020-02-07 17:58 - 000000000 ____D C:\Program Files (x86)\StatSoft
2020-03-28 12:56 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\Registration
2020-03-27 18:06 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2020-03-24 16:43 - 2011-04-12 09:51 - 000000000 ___RD C:\Users\Public\Recorded TV
2020-03-21 17:22 - 2020-01-22 15:52 - 000000000 ____D C:\Users\nathalie\Documents\FichiersR
2020-03-20 13:38 - 2020-02-20 10:00 - 000146692 _____ C:\Users\nathalie\Documents\ames.RData
2020-03-19 16:40 - 2018-09-28 15:34 - 000002471 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Fichiers à la racine de certains dossiers ========
2018-04-23 16:21 - 2018-04-23 16:21 - 000000093 _____ () C:\Users\nathalie\AppData\Roaming\ARCompanion.log
2018-12-01 11:08 - 2018-12-01 11:08 - 000000410 _____ () C:\Users\nathalie\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\User32.dll
[2018-04-24 10:45] - [2018-09-28 15:06] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
C:\Windows\SysWOW64\User32.dll
[2018-04-24 10:45] - [2018-09-28 15:06] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
LastRegBack: 2020-04-09 17:12
==================== Fin de FRST.txt ========================