Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2017 Exécuté par Pierrick (administrateur) sur PIERRICK-TOSH (15-01-2017 12:38:56) Exécuté depuis C:\Users\Pierrick\Documents\Mes téléchargements Profils chargés: Pierrick (Profils disponibles: Pierrick & Ami) Platform: Windows 7 Home Premium Service Pack 1 (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: "C:\Programmes installation Pierrick\firefox.exe" -osint -url "%1") Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe (Devguru Co., Ltd.) C:\Windows\SysWOW64\dgdersvc.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.5.0\WsAppService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe (Dropbox, Inc.) C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe ==================== Registre (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [256744 2016-07-24] (Trend Micro Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKU\S-1-5-21-2245227906-657357204-2234132841-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9288408 2016-12-06] (Piriform Ltd) HKU\S-1-5-21-2245227906-657357204-2234132841-1001\...\MountPoints2: {6e089603-4a22-11df-aa04-705ab67116e0} - H:\LaunchU3.exe -a HKU\S-1-5-21-2245227906-657357204-2234132841-1001\...\MountPoints2: {75ead1b4-0ab0-11e0-9478-705ab67116e0} - I:\Startme.exe HKU\S-1-5-21-2245227906-657357204-2234132841-1001\...\MountPoints2: {eb58ab8a-3b4b-11e4-8a4f-705ab67116e0} - H:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2245227906-657357204-2234132841-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-18\...\Run: [TOSHIBA Online Product Information] => C:\Program Files (x86)\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-09] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [ FSOverlayIcon] -> {C0829D19-E5A0-44F5-B56E-D15030C53BB9} => C:\Program Files\Trend Micro\Titanium\plugin\TmOverlayIcon.dll [2016-07-24] (Trend Micro Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google) ShellIconOverlayIdentifiers: [ LiferayNativityErrorOverlay] -> {0DD5B4B0-25AF-4E09-A46B-9F274F3D7003} => C:\Program Files\Liferay Inc\Liferay Sync\nativity\LiferayNativityErrorOverlay_x64.dll [2016-08-10] () ShellIconOverlayIdentifiers: [ LiferayNativityOKOverlay] -> {0DD5B4B0-25AF-4E09-A46B-9F274F3D7001} => C:\Program Files\Liferay Inc\Liferay Sync\nativity\LiferayNativityOKOverlay_x64.dll [2016-08-10] () ShellIconOverlayIdentifiers: [ LiferayNativitySyncingOverlay] -> {0DD5B4B0-25AF-4E09-A46B-9F274F3D7002} => C:\Program Files\Liferay Inc\Liferay Sync\nativity\LiferayNativitySyncingOverlay_x64.dll [2016-08-10] () ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt64.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\DropboxExt.8.0.dll [2017-01-06] (Dropbox, Inc.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-04] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-12-04] ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Pierrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-01-12] ShortcutTarget: Dropbox.lnk -> C:\Users\Pierrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) GroupPolicy: Restriction - Chrome <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyServer: [S-1-5-21-2245227906-657357204-2234132841-1001] => 10.69.91.4:3128 Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{4C6A288F-2C26-4B06-BB37-8298FBFD2B8A}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{6EA05D5E-6989-4736-98C5-BDB8B4F913E9}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{A6688CED-DDFF-40B5-B6F4-EC10FC1F4261}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-2245227906-657357204-2234132841-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\S-1-5-21-2245227906-657357204-2234132841-1001 -> {B0460DDA-A858-40D7-85A5-0E5555B034F9} URL = hxxp://rover.ebay.com/rover/1/709-44555-9400-8/4?satitle={searchTerms} BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) BHO: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.) BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader) BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-12-30] (Wondershare) BHO-x32: Pas de nom -> {53707962-6F74-2D53-2644-206D7942484F} -> Pas de fichier BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-22] (Oracle Corporation) BHO-x32: Programme d'aide de l'Assistant de connexion Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Plug-in de filtre réseau Trend Micro -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.) BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) BHO-x32: Protection IE Trend Micro -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.) BHO-x32: IeMonitorBho Class -> {bf00e119-21a3-4fd1-b178-3b8537e75c92} -> C:\Programmes installation Pierrick\MegaIEMn.dll [2009-12-01] (Megaupload Limited) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-22] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-23] (Google Inc.) Toolbar: HKU\S-1-5-21-2245227906-657357204-2234132841-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-23] (Google Inc.) DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll [2016-06-29] (Trend Micro Inc.) Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll [2016-06-29] (Trend Micro Inc.) Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg.dll [2016-04-26] (Trend Micro Inc.) Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1307\2.7.1067\TmopIEPlg32.dll [2016-04-26] (Trend Micro Inc.) Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2016-07-24] (Trend Micro Inc.) Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Pas de fichier StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Pierrick\AppData\Roaming\Mozilla\Firefox\Profiles\10szi26h.default-1441461851907 [2017-01-15] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\10szi26h.default-1441461851907 -> Qwant.com FF Homepage: Mozilla\Firefox\Profiles\10szi26h.default-1441461851907 -> hxxp://www.saint-dicton.com/ hxxp://dites.bonjourmadame.fr/ hxxp://www.deezer.com/fr/ hxxps://accounts.google.com/ServiceLogin?continue=https%3A%2F%2Fwww.google.com%2Fcalendar%2Frender%3Ftab%3Dmc%26pli%3D1&service=cl&sacu=1&scc=1#identifier hxxps://accounts.google.com/ServiceLogin?passive=1209600&continue=https%3A%2F%2Fmail.google.com%2Fmail&hl=fr#password hxxps://ident.univ-amu.fr/cas/login?service=hxxp://ent.univ-amu.fr/Login hxxps://www.facebook.com/ hxxps://www.atrium-paca.fr/?service=https%3A%2F%2Fwww.atrium-paca.fr%2Fc%2Fportal%2Flogin%3Fredirect%3D%252Fgroup%252Flp-lyc-metier-vauvenargues-131001%26p_l_id%3D5260155 FF Extension: (Pin It button) - C:\Users\Pierrick\AppData\Roaming\Mozilla\Firefox\Profiles\10szi26h.default-1441461851907\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2016-10-01] FF Extension: (Website to PDF) - C:\Users\Pierrick\AppData\Roaming\Mozilla\Firefox\Profiles\10szi26h.default-1441461851907\Extensions\website_pdf@lipoapps.xpi [2017-01-09] FF Extension: (Adblock Plus) - C:\Users\Pierrick\AppData\Roaming\Mozilla\Firefox\Profiles\10szi26h.default-1441461851907\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24] FF Extension: (Trend Micro Osprey Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2016-11-17] FF SearchPlugin: C:\Users\Pierrick\AppData\Roaming\Mozilla\Firefox\Profiles\10szi26h.default-1441461851907\searchplugins\qwantcom.xml [2015-09-12] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension FF Extension: (Trend Micro BEP Firefox Extension) - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension [2016-11-17] FF HKLM\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: (RealDownloader) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-07] [non signé] FF HKLM-x32\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\firefoxextension FF HKLM-x32\...\Firefox\Extensions: [{c2056674-a37f-4b29-9300-2004759d74fe}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-02-18] (DivX, LLC) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-22] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Pas de fichier] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2010-10-27] (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-09-07] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-09-07] (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader) FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-18] (RocketLife, LLP) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: @virtools.com/3DviaPlayer -> C:\Program Files (x86)\Virtools\3D Life Player\npvirtools.dll [2012-04-05] (Dassault Systèmes) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2245227906-657357204-2234132841-1001: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\Pierrick\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll [2014-01-22] (SquareClock SAS) FF Plugin HKU\S-1-5-21-2245227906-657357204-2234132841-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Pierrick\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-2245227906-657357204-2234132841-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Pierrick\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin HKU\S-1-5-21-2245227906-657357204-2234132841-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2010-10-27] (Pando Networks) StartMenuInternet: FIREFOX.EXE - C:\Programmes installation Pierrick\firefox.exe Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP93DCBC41-912B-4BEE-B09E-7FA4AEAFD5E1&SSPV= CHR StartupUrls: Default -> "hxxps://www.qwant.com/" CHR Profile: C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default [2017-01-14] CHR Extension: (Google Docs) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04] CHR Extension: (Google Drive) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-03] CHR Extension: (YouTube) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29] CHR Extension: (Adblock Plus) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-12] CHR Extension: (Recherche Google) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20] CHR Extension: (Google Docs hors connexion) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-09] CHR Extension: (Polyédrique Sniper) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgbbaloijjnkpigapgmocdpoblnlec [2016-11-12] CHR Extension: (RealDownloader) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-20] CHR Extension: (Verdun Game) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\khdppkcpilejlgahecofelpoidcnjbdg [2015-01-07] CHR Extension: (Google Maps) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-29] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-01] CHR Extension: (Gmail) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR Extension: (Chrome Media Router) - C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19] CHR Profile: C:\Users\Pierrick\AppData\Local\Google\Chrome\User Data\System Profile [2017-01-14] CHR HKU\S-1-5-21-2245227906-657357204-2234132841-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Pierrick\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-01-18] CHR HKU\S-1-5-21-2245227906-657357204-2234132841-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [bfmificdgldioajejddndbgmiifjodeb] - C:\Users\Pierrick\AppData\Local\Temp\tbch.crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ChromeExt\ab.crx ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG) R2 dgdersvc; C:\Windows\SysWOW64\dgdersvc.exe [95568 2010-09-06] (Devguru Co., Ltd.) R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1038864 2017-01-09] (Garmin Ltd. or its subsidiaries) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Fichier non signé] R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-09-30] (Intel Corporation) [Fichier non signé] S2 MSSQL$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation) R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [1145856 2016-07-24] (Trend Micro Inc.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-25] () R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2387952 2016-11-22] (IBM Corp.) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () S4 SQLAgent$EBP; C:\Program Files\Microsoft SQL Server\MSSQL10_50.EBP\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116104 2009-10-15] (Toshiba Europe GmbH) R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-09-30] (Intel Corporation) [Fichier non signé] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.5.0\WsAppService.exe [382464 2015-12-02] (Wondershare) [Fichier non signé] R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X] S2 PanGPS; "G:\PanGPS.exe" [X] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd) R3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [18120 2010-09-06] (Devguru Co., Ltd) S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-07-13] (Samsung Electronics Co., Ltd.) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.) R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies) R3 PanGpd; C:\Windows\System32\DRIVERS\pangpd.sys [36352 2016-08-19] (Palo Alto Networks) R1 RapportCerberus_1609053; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609053.sys [1181672 2016-12-07] (IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [566248 2016-11-22] (IBM Corp.) R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [235688 2016-11-22] (IBM Corp.) R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [489704 2016-11-22] (IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [548008 2016-11-22] (IBM Corp.) S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-22] (Realtek Semiconductor Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-02] (Duplex Secure Ltd.) R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-07-12] (Samsung Electronics) R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [142552 2016-08-07] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [435416 2016-08-07] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [72504 2016-01-05] (Trend Micro Inc.) R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [143648 2016-06-21] (Trend Micro Inc.) R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [117984 2016-08-07] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.) R1 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [111840 2016-09-30] (Trend Micro Inc.) R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [132888 2016-05-16] (Trend Micro Inc.) U3 ab6n7hj9; C:\Windows\System32\Drivers\ab6n7hj9.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zéro octet Fichier/Dossier) ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-15 12:38 - 2017-01-15 12:38 - 00000000 ____D C:\FRST 2017-01-12 08:14 - 2017-01-12 08:14 - 00000000 ____D C:\Users\Pierrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-01-12 07:58 - 2017-01-12 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin 2017-01-11 10:14 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-01-11 10:14 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-01-11 10:14 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-01-11 10:14 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-01-11 10:14 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-01-11 10:14 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-01-11 10:14 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-01-11 10:14 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-01-11 10:14 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-01-11 10:14 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-01-11 10:14 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-01-11 10:14 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-01-11 10:14 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-01-06 16:38 - 2017-01-15 11:25 - 00003378 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2245227906-657357204-2234132841-1001 2017-01-06 16:38 - 2017-01-15 11:25 - 00003250 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2245227906-657357204-2234132841-1001 2016-12-18 11:01 - 2016-12-18 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud 2016-12-18 10:57 - 2016-12-18 10:57 - 00001760 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-12-18 10:57 - 2016-12-18 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-12-18 10:56 - 2016-12-18 10:57 - 00000000 ____D C:\Program Files\iTunes 2016-12-18 10:56 - 2016-12-18 10:56 - 00000000 ____D C:\Program Files\iPod ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2017-01-15 12:38 - 2010-11-21 11:34 - 00000000 ____D C:\Users\Pierrick\Documents\Mes téléchargements 2017-01-15 12:38 - 2009-07-14 05:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-01-15 12:38 - 2009-07-14 05:45 - 00019248 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-01-15 12:37 - 2016-11-19 14:59 - 00000000 ____D C:\Users\Pierrick\AppData\LocalLow\Mozilla 2017-01-15 12:31 - 2016-11-17 22:54 - 00000000 ____D C:\Programmes installation Pierrick 2017-01-15 12:28 - 2012-04-09 15:57 - 00001002 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2017-01-15 12:28 - 2010-05-11 18:40 - 00003968 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{021D5D6F-1E7B-4EAC-B369-E32E11C81A86} 2017-01-15 12:25 - 2015-06-18 17:35 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2245227906-657357204-2234132841-1001UA.job 2017-01-15 12:21 - 2012-12-24 17:30 - 00000344 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job 2017-01-15 11:23 - 2011-11-21 16:39 - 00000000 ___RD C:\Users\Pierrick\Dropbox 2017-01-15 11:19 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-01-14 19:48 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2017-01-14 12:34 - 2014-03-10 19:42 - 00000000 ____D C:\AdwCleaner 2017-01-14 11:14 - 2015-11-12 19:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-01-14 11:12 - 2013-04-18 08:10 - 00003436 _____ C:\Windows\System32\Tasks\Apple Diagnostics 2017-01-14 11:11 - 2015-07-07 09:59 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2017-01-12 08:42 - 2011-08-30 17:54 - 00000000 ____D C:\Users\Pierrick\Documents\Divers 2017-01-12 08:14 - 2011-11-21 16:36 - 00000000 ____D C:\Users\Pierrick\AppData\Roaming\Dropbox 2017-01-12 08:00 - 2015-10-14 22:28 - 00000000 ____D C:\ProgramData\Package Cache 2017-01-12 07:58 - 2015-10-14 22:28 - 00003556 _____ C:\Windows\System32\Tasks\GarminUpdaterTask 2017-01-12 07:58 - 2015-10-14 22:28 - 00000000 ____D C:\Program Files (x86)\Garmin 2017-01-11 22:31 - 2013-08-02 20:01 - 00000000 ____D C:\Windows\system32\MRT 2017-01-11 22:10 - 2010-04-23 20:22 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-01-11 17:34 - 2016-04-24 09:21 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-01-11 11:46 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2017-01-11 11:29 - 2012-04-09 15:57 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-01-11 11:29 - 2012-04-09 15:57 - 00003940 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-01-11 11:29 - 2011-12-11 09:34 - 00000000 ____D C:\Windows\system32\Macromed 2017-01-11 11:29 - 2011-06-05 09:07 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-01-11 11:29 - 2010-04-17 15:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-01-10 09:34 - 2009-07-14 16:24 - 00821740 _____ C:\Windows\system32\perfh00C.dat 2017-01-10 09:34 - 2009-07-14 16:24 - 00178544 _____ C:\Windows\system32\perfc00C.dat 2017-01-10 09:34 - 2009-07-14 06:13 - 01877746 _____ C:\Windows\system32\PerfStringBackup.INI 2017-01-09 15:40 - 2012-03-25 17:01 - 00000000 ____D C:\Users\Pierrick\AppData\Roaming\vlc 2017-01-05 07:24 - 2009-07-14 06:08 - 00032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-01-02 20:03 - 2016-05-20 19:42 - 00000000 ____D C:\Users\Pierrick\AppData\Roaming\Azureus 2016-12-21 19:11 - 2010-04-17 13:57 - 00000000 ___RD C:\Users\Pierrick\Pictures 2016-12-21 19:08 - 2010-04-23 19:57 - 00000000 ____D C:\Users\Pierrick\Documents\Vuze Downloads 2016-12-20 13:20 - 2014-03-25 14:07 - 00000000 ____D C:\Windows\pss 2016-12-20 12:22 - 2010-04-17 13:57 - 00000000 ___RD C:\Users\Pierrick\Documents 2016-12-20 10:29 - 2013-12-28 18:17 - 00000000 ____D C:\Users\Pierrick\AppData\Local\F1D13654-68CF-4B21-8D19-9BF2FF8995A4.aplzod 2016-12-19 06:25 - 2015-06-18 17:35 - 00001156 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2245227906-657357204-2234132841-1001Core.job 2016-12-19 00:52 - 2014-01-18 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2016-12-18 10:57 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Desktop 2016-12-18 10:56 - 2013-04-13 14:33 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-12-18 10:56 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files 2016-12-17 13:08 - 2016-09-17 12:47 - 00000000 ____D C:\Users\Pierrick\.liferay-sync-3 2016-12-17 12:51 - 2014-03-09 14:06 - 00000829 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-12-17 12:25 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\DriverStore 2016-12-17 12:24 - 2014-08-27 10:28 - 00000000 ____D C:\Users\Pierrick\AppData\Local\Adobe 2016-12-17 11:43 - 2010-04-17 14:35 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-12-17 11:43 - 2010-04-17 14:35 - 00003372 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-12-17 11:43 - 2009-07-14 04:20 - 00000000 ___RD C:\Program Files (x86) 2016-12-17 11:43 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Tasks 2016-12-17 11:37 - 2011-01-16 12:25 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245227906-657357204-2234132841-1001UA 2016-12-17 11:37 - 2011-01-16 12:25 - 00003410 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2245227906-657357204-2234132841-1001Core ==================== Fichiers à la racine de certains dossiers ======= 2013-08-10 20:20 - 2010-01-26 17:11 - 0444283 _____ () C:\Program Files\Common Files\WinPcapNmap.exe 2012-07-06 21:07 - 2012-08-31 19:00 - 0000006 _____ () C:\Program Files (x86)\Common Files\WPVersion.txt 2010-05-30 14:31 - 2010-05-30 14:31 - 0000268 ___RH () C:\Users\Pierrick\AppData\Roaming\Home 2010-05-30 14:35 - 2010-05-30 14:35 - 0000268 ___RH () C:\Users\Pierrick\AppData\Roaming\Horn Section 2010-08-05 18:24 - 2013-10-09 19:07 - 0012432 _____ () C:\Users\Pierrick\AppData\Roaming\SmarThruOptions.xml 2014-03-10 17:29 - 2014-03-10 18:26 - 0000068 _____ () C:\Users\Pierrick\AppData\Roaming\WB.CFG 2010-05-06 20:13 - 2013-01-05 17:19 - 0002696 _____ () C:\Users\Pierrick\AppData\Roaming\wklnhst.dat 2011-01-26 15:22 - 2015-01-05 20:02 - 0005632 _____ () C:\Users\Pierrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2010-04-24 13:41 - 2010-04-24 13:41 - 0000096 _____ () C:\Users\Pierrick\AppData\Local\fusioncache.dat 2014-07-15 17:53 - 2014-07-15 17:53 - 0000036 _____ () C:\Users\Pierrick\AppData\Local\housecall.guid.cache 2010-07-07 18:36 - 2010-07-07 18:36 - 0004096 ____H () C:\Users\Pierrick\AppData\Local\keyfile3.drm 2014-01-22 16:45 - 2014-01-22 16:45 - 0353118 _____ () C:\Users\Pierrick\AppData\Local\SquareClock.Production_HBMV1Icon.ico 2012-07-13 16:47 - 2012-07-13 16:47 - 0017408 _____ () C:\Users\Pierrick\AppData\Local\WebpageIcons.db 2012-12-24 16:25 - 2012-12-24 16:25 - 0000057 _____ () C:\ProgramData\Ament.ini 2010-04-18 16:52 - 2010-04-18 16:52 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2010-05-30 14:31 - 2010-05-30 14:31 - 0000268 ___RH () C:\ProgramData\Hybrid Basic 2010-05-30 14:35 - 2010-05-30 14:35 - 0000268 ___RH () C:\ProgramData\Hybrid Morph 2010-05-30 14:31 - 2010-05-30 14:31 - 0000012 ___RH () C:\ProgramData\Image Manipulation 2010-05-30 14:35 - 2010-05-30 14:35 - 0000012 ___RH () C:\ProgramData\InkjetPrinter 2010-05-30 14:31 - 2010-05-30 15:00 - 0000020 ____H () C:\ProgramData\PKP_DLdu.DAT 2010-05-30 14:35 - 2010-05-30 15:00 - 0000020 ____H () C:\ProgramData\PKP_DLdw.DAT ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement C:\Windows\system32\wininit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement C:\Windows\explorer.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\Windows\system32\svchost.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\Windows\system32\services.exe => Le fichier est signé numériquement C:\Windows\system32\User32.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\Windows\system32\userinit.exe => Le fichier est signé numériquement C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement