Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018 Exécuté par tode (administrateur) sur ALEXIS (04-04-2018 12:01:16) Exécuté depuis C:\Users\tode\Desktop Profils chargés: tode (Profils disponibles: tode) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Internet Explorer Version 11 (Navigateur par défaut: "C:\Program Files (x86)\Eggper\Application\chrome.exe" "%1") Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) (Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (AMD) C:\windows\System32\atiesrxx.exe (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\tbaseprovisioning.exe (AMD) C:\windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe (Dropbox, Inc.) C:\windows\System32\DbxSvc.exe (iFunSoft) C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe (Mediatek Inc.) C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe (Don HO don.h@free.fr) C:\Program Files (x86)\notepad2\notepad2.exe (Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe (SPEEDbit) C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe (Microsoft Corporation) C:\windows\System32\alg.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (IObit) C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Microsoft Corporation) C:\windows\System32\SkyDrive.exe (Graphic Tablet Company Shenzhen) C:\bureau\TabletDriver.exe (cFos Software GmbH) C:\Program Files\cFosSpeed\cfosspeed.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Spotify Ltd) C:\Users\tode\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Rainmeter) C:\Program Files\Rainmeter\Rainmeter.exe (VB-AUDIO Software) C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe (Microsoft Corporation) C:\windows\SysWOW64\wbem\WmiPrvSE.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSPanel.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\msm\McSmtFwk.exe (McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (IObit) C:\Program Files (x86)\IObit\Driver Booster\5.2.0\Pub\PubMonitor.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Eggper\Application\chrome.exe (Microsoft Corporation) C:\windows\System32\rundll32.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe ==================== Registre (Avec liste blanche) =========================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7640944 2014-09-30] (Realtek Semiconductor) HKLM\...\Run: [TabletDriver] => C:\bureau\TabletDriver.exe [1157344 2015-07-09] (Graphic Tablet Company Shenzhen) HKLM\...\Run: [Hasten] => C:\Program Files (x86)\nSpira\Hasten\Hasten.exe [189440 2015-09-20] (FTLDEV Marcin Waś) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-07] (AVAST Software) HKLM\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1563480 2017-03-30] (cFos Software GmbH) HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation) HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] () HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3639616 2018-03-28] (Dropbox, Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe [63272 2014-12-04] () HKLM-x32\...\Run: [cFosSpeed] => C:\Program Files\cFosSpeed\cFosSpeed.exe [1563480 2017-03-30] (cFos Software GmbH) HKLM-x32\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2017-02-14] (SoftEther VPN Project at University of Tsukuba, Japan.) HKLM-x32\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5345672 2017-12-21] (Nota Inc.) HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2482128 2018-03-25] () HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1 HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Run: [ISS Monitor] => C:\Users\tode\AppData\Roaming\373A55ED-73C7-4549-A55A-C0B1B301FD2A\ISS Monitor\issmon.exe [53248 2014-03-18] (Microsoft Corporation) HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5345672 2017-12-21] (Nota Inc.) HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Run: [Spotify Web Helper] => C:\Users\tode\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-03-27] (Spotify Ltd) HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd) HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1 HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Policies\Explorer: [NoThumbnailCache] 1 HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Policies\Explorer: [DisableSearchBoxSuggestions] 1 HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Policies\Explorer: [NoInternetOpenWith] 1 HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\MountPoints2: {07a3d970-afed-11e5-8269-ca393c34c4dc} - "C:\windows\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL F:\start.exe HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\MountPoints2: {8a1b6af7-e5cd-11e7-8505-806e6f6e6963} - "E:\SETUP.EXE" HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\MountPoints2: {ff49768b-a22d-11e5-8258-806e6f6e6963} - "E:\Setup.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2016-07-03] ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.) Startup: C:\Users\tode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\7Clicker 64.jar [2016-11-14] () Startup: C:\Users\tode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2017-11-15] ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter) Startup: C:\Users\tode\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Voicemeeter (VB-Audio).LNK [2017-12-02] ShortcutTarget: Voicemeeter (VB-Audio).LNK -> C:\Program Files (x86)\VB\Voicemeeter\voicemeeter.exe (VB-AUDIO Software) ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) Hosts: Il y a plus d'un élément dans hosts. Voir la section Hosts de Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{1963921A-5769-4B2F-9240-427ECFDC3AF7}: [NameServer] 82.163.143.157,82.163.142.159 Tcpip\..\Interfaces\{1963921A-5769-4B2F-9240-427ECFDC3AF7}: [DhcpNameServer] 82.163.143.157 Tcpip\..\Interfaces\{275407A4-BD3B-4328-84F5-4733F50A03A9}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{275407A4-BD3B-4328-84F5-4733F50A03A9}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{2D013D7B-592C-4219-A275-4ADB57D88FE8}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{2D013D7B-592C-4219-A275-4ADB57D88FE8}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{559266F0-E6AD-4934-B2D1-A47DA3F92F5C}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{69606DBD-7886-4283-9706-CDD48F9FE143}: [NameServer] 82.163.143.157 82.163.142.159,8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{69606DBD-7886-4283-9706-CDD48F9FE143}: [DhcpNameServer] 192.168.0.254 Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 104.197.191.4 Tcpip\..\Interfaces\{B60649B0-8C15-40A3-8A8F-C41521DC4740}: [NameServer] 77.234.40.79 Tcpip\..\Interfaces\{D0634E91-B8CA-44B5-8B57-26DFF207EEBF}: [DhcpNameServer] 192.168.0.254 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com HKU\S-1-5-21-3956248472-2550150166-470528241-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuZn5X7qpkDH3GIw1zt-DM99XiatMsoQLv1b1g9xbj3gS9SMOWIrWXg6i8tjWvzjX7hG6mCs1JfLtTg4Q9w37Nk1oog-NwyRB7CjV42BSFUcp7DZeLhDcbtmMAoXRNsJ1Z09KTx-HGb1cyX7nbVw6jpZ4o_BYQu&q={searchTerms} HKU\S-1-5-21-3956248472-2550150166-470528241-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH HKU\S-1-5-21-3956248472-2550150166-470528241-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nuesearch.com/?type=hp&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms} SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_34¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0EtAtByBtC0E0CtCtCtAtBtDtByCtN0D0Tzu0StCyCzyzytN1L2XzutAtFtByEtFyCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0FtC0AtAzztC0BtGyC0F0A0CtG0FtD0D0CtGyD0CtDtBtG0A0CyBtDtCzzyB0F0AtBtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0B0FtC0C0E0AtDtGyEtCtD0EtGyEzytBzytG0B0C0C0DtG0AtD0DyDyE0FtAtCtAyEyCyE2QtN0A0LzutB%26cr%3D1352658877%26a%3Dwncy_dmontlsfs_16_34%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_03_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzuzytBtB0CtDtByE0EyE0FtD0FtBtDtByCtN0D0Tzu0StCyEzztBtN1L2XzutAtFtCyBtFyEtFtCtN1L1Czu1M1Q1CtBtCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StBzztDtA0FzzyEyBtGyC0F0F0CtGyDtB0AyEtGtAtAyC0CtGyC0Czy0CtAyCtDyBtCtAtCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0B0FtC0C0E0AtDtGyEtCtD0EtGyEzytBzytG0B0C0C0DtG0AtD0DyDyE0FtAtCtAyEyCyE2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyEyEzz%26cr%3D2105272273%26a%3Dhdr_s_16_03_orgnl%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKLM -> {222280B0-FD02-42E4-BCD5-8ED40F55D02F} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_24_plk_ir_15_53¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEtAzytC0CtB0DtBtDtByCtN0D0Tzu0StCyCtByDtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1M1Q1CtByEtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StDtAyBtDyD0Azz0DtGtCtDtBtAtG0E0E0FtAtGyC0E0ByCtG0B0E0C0EyDtByC0CyByCtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0B0FtC0C0E0AtDtGyEtCtD0EtGyEzytBzytG0B0C0C0DtG0AtD0DyDyE0FtAtCtAyEyCyE2QtN0A0LzuyE%26cr%3D1384839021%26a%3Dhdr_s_16_24_plk_ir_15_53%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms} SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuZn5X7qpkDH3GIw1zt-DM99XiatMsoQLv1b1g9xbj3gS9SMOWIrWXg6i8tjWvzjX7hG6mCs1JfLtTg4Q9w37Nk1oog-NwyRB7CjV42BSFUcp7DZeLhDcbtmMAoXRNsJ1Z09KTx-HGb1cyX7nbVw6jpZ4o_BYQu&q={searchTerms} SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_24_plk_ir_15_53¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEtAzytC0CtB0DtBtDtByCtN0D0Tzu0StCyCtByDtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1M1Q1CtByEtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StDtAyBtDyD0Azz0DtGtCtDtBtAtG0E0E0FtAtGyC0E0ByCtG0B0E0C0EyDtByC0CyByCtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0B0FtC0C0E0AtDtGyEtCtD0EtGyEzytBzytG0B0C0C0DtG0AtD0DyDyE0FtAtCtAyEyCyE2QtN0A0LzuyE%26cr%3D1384839021%26a%3Dhdr_s_16_24_plk_ir_15_53%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKLM-x32 -> {222280B0-FD02-42E4-BCD5-8ED40F55D02F} URL = hxxp://www.amazon.fr/s/ref=azs_osd_ieafr?ie=UTF-8&tag=hp-fr1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_dmontlsfs_16_34¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyCtD0EtAtByBtC0E0CtCtCtAtBtDtByCtN0D0Tzu0StCyCzyzytN1L2XzutAtFtByEtFyCtFyCtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StA0FtC0AtAzztC0BtGyC0F0A0CtG0FtD0D0CtGyD0CtDtBtG0A0CyBtDtCzzyB0F0AtBtAyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0B0FtC0C0E0AtDtGyEtCtD0EtGyEzytBzytG0B0C0C0DtG0AtD0DyDyE0FtAtCtAyEyCyE2QtN0A0LzutB%26cr%3D1352658877%26a%3Dwncy_dmontlsfs_16_34%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1473857940&z=f579f6a51b58b57ba9c33e6g7z7macdbdw9mat5g3b&from=qks0914&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms} SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479289797&z=db2bcd1d0fbaf697b65f3bbg5zfmdt1o5tdqbtacbg&from=che0812&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms} SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COSP&ptag=D052016-ABA01A7CCEB2146F8A7F&form=CONBDF&conlogo=CT3330961&q={searchTerms} SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYSttY34mamef947lyuZn5X7qpkDH3GIw1zt-DM99XiatMsoQLv1b1g9xbj3gS9SMOWIrWXg6i8tjWvzjX7hG6mCs1JfLtTg4Q9w37Nk1oog-NwyRB7CjV42BSFUcp7DZeLhDcbtmMAoXRNsJ1Z09KTx-HGb1cyX7nbVw6jpZ4o_BYQu&q={searchTerms} SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.amisites.com/search/?type=ds&ts=1479289797&z=db2bcd1d0fbaf697b65f3bbg5zfmdt1o5tdqbtacbg&from=che0812&uid=WDCXWD10EZEX-60M2NA0_WD-WCC3F7VNUFAHNUFAH&q={searchTerms} SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {5A1560B7-507E-49D1-A53F-8471B7D8BBF2} URL = hxxp://www-searching.com/s.ashx?prd=opensearch&q={searchTerms}&s=G8Ozftpbl0cshmoBU,be1c5a92-aff4-4c88-a07f-f1a92dfdf97b, SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.fr/gp/bit/amazonserp/ref=bit_bds-p10_serp_ie_fr_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_cc2b5d71_1201_1401_20160430_FR_ie_ds_&tag=bds-p10-serp-fr-ie-21&query={searchTerms} SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {C6968660-FD5D-4C6F-BB0F-7B4910E5F148} URL = hxxps://fr.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_24_plk_ir_15_53¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1Qzuzz0C0D0C0DyEtAzytC0CtB0DtBtDtByCtN0D0Tzu0StCyCtByDtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1M1Q1CtByEtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2StDtAyBtDyD0Azz0DtGtCtDtBtAtG0E0E0FtAtGyC0E0ByCtG0B0E0C0EyDtByC0CyByCtD0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0B0FtC0C0E0AtDtGyEtCtD0EtGyEzytBzytG0B0C0C0DtG0AtD0DyDyE0FtAtCtAyEyCyE2QtN0A0LzuyE%26cr%3D1384839021%26a%3Dhdr_s_16_24_plk_ir_15_53%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGIjVkxlyIP4NYe17aVLWrUJ1X5m4UdMeSMllqEh7eyy5D_xsWHpXN_LiEs79d6u0f1TzA8givW6NElk-W-j2yv0bT2xG1_ePUOBiSC7_Pp2rT1UfYIzfE3qLmwGmowO8jsJqCIGA1yYzFPZA9hiTVPyJF-oYANVs5qJoyZb8pEPQ6oaLC9nYlgtRKBBz&q={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll => Pas de fichier BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-31] (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2018-02-24] (AVAST Software) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-31] (Oracle Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-31] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-02-24] (AVAST Software) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-31] (Oracle Corporation) BHO-x32: IObit Ads Removal -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\IObit\Advanced SystemCare\Surfing Protection\Adblock\Adblock.dll => Pas de fichier Toolbar: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> Pas de nom - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - Pas de fichier Toolbar: HKU\S-1-5-21-3956248472-2550150166-470528241-1001 -> Pas de nom - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Pas de fichier Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\mcsniepl64.dll [2016-11-21] (McAfee, Inc.) Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-11-21] (McAfee, Inc.) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: kej2hw71.default FF DefaultProfile: nf6scteo.default FF ProfilePath: C:\Users\tode\AppData\Roaming\Mozilla\Firefox\Profiles\kej2hw71.default [2018-04-03] FF user.js: detected! => C:\Users\tode\AppData\Roaming\Mozilla\Firefox\Profiles\kej2hw71.default\user.js [2017-10-15] FF NetworkProxy: Mozilla\Firefox\Profiles\kej2hw71.default -> type", 0 FF Extension: (Dashlane) - C:\Users\tode\AppData\Roaming\Mozilla\Firefox\Profiles\kej2hw71.default\Extensions\jetpack-extension@dashlane.com.xpi [2017-04-21] FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\tode\AppData\Roaming\Mozilla\Firefox\Profiles\kej2hw71.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-11-08] [Legacy] FF ProfilePath: C:\Users\tode\AppData\Roaming\Firefox\Firefox\Profiles\nf6scteo.default [2018-04-03] <==== ATTENTION FF Homepage: Firefox\Firefox\Profiles\nf6scteo.default -> hxxp://www.searchinme.com/ FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-07-21] [Legacy] [non signé] FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com_xpi [2016-07-05] [Legacy] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-01-05] [Legacy] [non signé] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_29_0_0_113.dll [2018-03-13] () FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-31] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-31] (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\npmcsnffpl64.dll [2016-11-21] () FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-03-27] (Adobe Systems) FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_113.dll [2018-03-13] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-06-19] () FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-31] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-31] (Oracle Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\npmcsnffpl.dll [2016-11-21] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-26] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-01-26] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-03-27] (Adobe Systems) FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-3956248472-2550150166-470528241-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\tode\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-23] (RocketLife, LLP) FF Plugin HKU\S-1-5-21-3956248472-2550150166-470528241-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tode\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-05-18] (Unity Technologies ApS) Chrome: ======= CHR Profile: C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default [2018-04-03] CHR Extension: (Slides) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-23] CHR Extension: (Magic Actions for YouTube™) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2018-03-07] CHR Extension: (Norton Identity Safe) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\admmjipmmciaobhojoghlmleefbicajg [2018-03-07] CHR Extension: (Docs) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-23] CHR Extension: (Google Drive) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-26] CHR Extension: (AdGuard AdBlocker) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2018-03-07] CHR Extension: (YouTube) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-26] CHR Extension: (Adblock Plus) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-03-07] CHR Extension: (Norton Security Toolbar) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2018-03-07] CHR Extension: (Adobe Acrobat) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-29] CHR Extension: (Yahoo Partner) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdbpcigaolookbahgdofnimidinicfid [2017-01-29] CHR Extension: (Sheets) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-23] CHR Extension: (Google Docs hors connexion) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-26] CHR Extension: (Norton Identity Safe) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-12-23] CHR Extension: (Yahoo Partner) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2017-01-19] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-23] CHR Extension: (Adblock Pro) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-12-23] CHR Extension: (Gmail) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-26] CHR Extension: (Chrome Media Router) - C:\Users\tode\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-07] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3956248472-2550150166-470528241-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-3956248472-2550150166-470528241-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fdbpcigaolookbahgdofnimidinicfid] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx HKU\S-1-5-21-3956248472-2550150166-470528241-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Eggper\Application\chrome.exe (Google Inc.) <==== ATTENTION ==================== Services (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated) R2 AMD External Events Utility; C:\windows\system32\atiesrxx.exe [240128 2016-01-24] (AMD) [Fichier non signé] S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-09-09] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.) R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\AsusWSWinService.exe [71168 2014-12-04] (ASUS Cloud Corporation) [Fichier non signé] S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-07] (AVAST Software) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-07] (AVAST Software) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-12-26] () S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-09-13] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-09-13] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [466456 2016-09-13] (BlueStack Systems, Inc.) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-24] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-24] (Dropbox, Inc.) R2 DbxSvc; C:\windows\system32\DbxSvc.exe [51024 2018-03-28] (Dropbox, Inc.) S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd) S3 dofilter; C:\Users\tode\AppData\Local\Host Service\nssm.exe [294912 2014-08-31] () [Fichier non signé] S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526376 2017-12-26] (EasyAntiCheat Ltd) R2 EventLog; C:\windows\System32\wevtsvc.dll [1696256 2015-01-15] (Microsoft Corporation) [Fichier non signé] S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1583488 2017-10-21] (Echobit LLC) S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [255040 2014-08-25] (WildTangent) S3 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-03-28] (Hi-Rez Studios) [Fichier non signé] S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) S3 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [Fichier non signé] S4 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [52656 2017-08-17] (AnchorFree Inc.) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé] R2 iFunSoftUpdaterSvc; C:\Program Files (x86)\iFunSoft\iFunSoft Updater\iFunSoftUpdater.exe [2956472 2017-12-25] (iFunSoft) S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [994848 2016-11-21] (McAfee, Inc.) S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.) S2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.) S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) S2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.) S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) S3 MediatekRegistryWriter; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry.exe [405136 2014-12-04] (Mediatek Inc.) R2 MediatekRegistryWriter64; C:\Program Files (x86)\MediatekWiFi\Common\RaRegistry64.exe [454288 2014-12-04] (Mediatek Inc.) S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.) R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.) S2 mfevtp; C:\windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.) R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.) S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.) R2 Ntp2NetSvc; C:\Program Files (x86)\notepad2\notepad2.exe [2340864 2017-02-16] (Don HO don.h@free.fr) [Fichier non signé] S2 Ntp2UpSvc; C:\Program Files (x86)\Common Files\ntp2UpSvc\notepad2.exe [2340864 2017-02-17] (Don HO don.h@free.fr) [Fichier non signé] R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [94720 2014-09-27] (Softex Inc.) [Fichier non signé] S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1453384 2018-03-25] (Overwolf LTD) R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.) R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2017-07-20] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-09-04] (Realtek Semiconductor) S3 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-11-13] (Razer Inc.) R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5248456 2017-02-14] (SoftEther VPN Project at University of Tsukuba, Japan.) R2 tbaseprovisioning; C:\windows\SysWOW64\tbaseprovisioning.exe [51712 2014-08-25] (Advanced Micro Devices, Inc.) [Fichier non signé] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH) S2 Themes; C:\windows\system32\themeservice.dll [59392 2015-01-15] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996824 2017-02-06] (McAfee, Inc.) R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16248 2017-02-06] (McAfee, Inc.) S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.Exe [86864 2017-02-06] (McAfee, Inc.) R2 VideoAcceleratorService; C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe [298152 2017-01-24] (SPEEDbit) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) S3 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.3.2\WsAppService.exe [416768 2016-06-24] (Wondershare) [Fichier non signé] R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [1813448 2018-02-01] (Wacom Technology, Corp.) S2 AdvancedSystemCareService11; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [X] S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [X] S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [X] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X] S2 SMService; C:\Program Files (x86)\IObit\Classic Start\SMService.exe [X] ===================== Pilotes (Avec liste blanche) ====================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 AFTrafMgr1.3; C:\Program Files (x86)\Hotspot Shield\bin\TrafMgr_1_3_64.sys [64912 2017-08-14] (AnchorFree Inc.) S3 amdkmcsp; C:\windows\System32\drivers\amdkmcsp.sys [85704 2014-08-25] (Advanced Micro Devices, Inc. ) S3 amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [13956096 2016-01-24] (Advanced Micro Devices, Inc.) [Fichier non signé] S3 amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [632320 2016-01-24] (Advanced Micro Devices, Inc.) [Fichier non signé] R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2014-08-25] (Advanced Micro Devices, Inc.) S0 amdpsp; C:\windows\System32\drivers\amdpsp.sys [230088 2014-08-25] (Advanced Micro Devices, Inc. ) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] () S3 aswArPot; C:\windows\System32\drivers\aswArPot.sys [196648 2018-03-07] (AVAST Software) S3 aswbidsdriver; C:\windows\System32\drivers\aswbidsdrivera.sys [227504 2018-03-07] (AVAST Software) S3 aswbidsh; C:\windows\System32\drivers\aswbidsha.sys [199440 2018-03-07] (AVAST Software) S3 aswblog; C:\windows\System32\drivers\aswbloga.sys [343752 2018-03-07] (AVAST Software) S3 aswbuniv; C:\windows\System32\drivers\aswbuniva.sys [57680 2018-03-07] (AVAST Software) R1 aswHdsKe; C:\windows\System32\drivers\aswHdsKe.sys [215320 2018-03-07] (AVAST Software) S3 aswHwid; C:\windows\System32\drivers\aswHwid.sys [46968 2018-03-07] (AVAST Software) S3 aswKbd; C:\windows\system32\drivers\aswKbd.sys [41832 2017-09-11] (AVAST Software) R2 aswMonFlt; C:\windows\System32\drivers\aswMonFlt.sys [146656 2018-03-07] (AVAST Software) S3 aswRdr; C:\windows\System32\drivers\aswRdr2.sys [110328 2018-03-07] (AVAST Software) R0 aswRvrt; C:\windows\System32\drivers\aswRvrt.sys [84368 2018-03-07] (AVAST Software) S3 aswSnx; C:\windows\System32\drivers\aswSnx.sys [1026696 2018-03-07] (AVAST Software) R1 aswSP; C:\windows\System32\drivers\aswSP.sys [460520 2018-03-07] (AVAST Software) S3 aswStm; C:\windows\System32\drivers\aswStm.sys [205976 2018-03-07] (AVAST Software) S3 aswTap; C:\windows\system32\DRIVERS\aswTap.sys [44640 2016-08-26] (The OpenVPN Project) S3 aswVmm; C:\windows\System32\drivers\aswVmm.sys [380528 2018-03-07] (AVAST Software) S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-09-13] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-09-06] (Bluestack System Inc. ) S3 cfwids; C:\windows\System32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.) R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink) S3 dg_ssudbus; C:\windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2016-08-27] (Disc Soft Ltd) R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2016-08-27] (Disc Soft Ltd) S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] () S3 Hamachi; C:\windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.) S3 HipShieldK; C:\windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.) R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-19] (REALiX(tm)) S1 iSafeKrnl; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnl.sys [0 2018-03-23] () <==== ATTENTION (zéro octet Fichier/Dossier) <==== ATTENTION R1 iSafeKrnlKit; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlKit.sys [110112 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION R1 iSafeKrnlMon; C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [52440 2016-05-23] (Elex do Brasil Participações Ltda) <==== ATTENTION R1 iSafeNetFilter; C:\windows\System32\DRIVERS\iSafeNetFilter.sys [52392 2016-05-19] (Elex do Brasil Participações Ltda) <==== ATTENTION S3 mfeaack; C:\windows\System32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.) S0 mfeelamk; C:\windows\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.) S3 mfefirek; C:\windows\System32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.) S3 mfencbdc; C:\windows\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.) S3 mfencrk; C:\windows\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.) R0 mfewfpk; C:\windows\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.) S3 mt7612US; C:\windows\system32\DRIVERS\mt7612US.sys [376200 2015-12-08] (MediaTek Inc.) R3 NdisVirtualBus; C:\windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) [Fichier non signé] R2 NPF; C:\windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 nvvad_WaveExtensible; C:\windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation) R3 RtlWlanu; C:\windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation ) S3 rzdaendpt; C:\windows\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\windows\system32\drivers\rzpmgrk.sys [43256 2017-07-19] (Razer, Inc.) R2 rzpnk; C:\windows\system32\drivers\rzpnk.sys [137208 2017-08-19] (Razer, Inc.) R3 RZSURROUNDVADService; C:\windows\system32\drivers\RzSurroundVAD.sys [40640 2016-02-15] (Windows (R) Win 7 DDK provider) S3 rzvkeyboard; C:\windows\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc) R1 SeLow; C:\windows\system32\DRIVERS\SeLow_x64.sys [51232 2017-02-14] (SoftEther Corporation) R0 SmartDefragDriver; C:\windows\System32\Drivers\SmartDefragDriver.sys [21360 2016-03-22] (IObit) S3 ssudmdm; C:\windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) S3 tap0901; C:\windows\system32\DRIVERS\tap0901.sys [27136 2016-04-21] (The OpenVPN Project) [Fichier non signé] R3 taphss6; C:\windows\system32\DRIVERS\taphss6.sys [42064 2016-06-15] (Anchorfree Inc.) R3 VBAudioVACMME; C:\windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2014-09-02] (Windows (R) Win 7 DDK provider) R3 VBAudioVMVAIOMME; C:\windows\system32\DRIVERS\vbaudio_vmvaio64_win7.sys [41192 2016-01-09] (Windows (R) Win 7 DDK provider) R3 vmulti; C:\windows\System32\drivers\vmulti.sys [10752 2014-09-17] (Windows (R) Win 7 DDK provider) S3 WacHidRouterPro; C:\windows\System32\drivers\wachidrouter.sys [126624 2016-10-06] (Wacom Technology) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) U3 aswbdisk; pas de ImagePath S3 cpuz138; \??\C:\Users\tode\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [X] <==== ATTENTION S3 cpuz143; \??\C:\windows\temp\cpuz143\cpuz143_x64.sys [X] U2 CWASRE; pas de ImagePath S3 dbx; system32\DRIVERS\dbx.sys [X] S3 iobit_monitor_server; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\Monitor_win7_x64.sys [X] S1 NetUtils2016; \??\C:\windows\system32\drivers\NetUtils2016.sys [X] <==== ATTENTION S4 nvlddmkm; \SystemRoot\system32\DRIVERS\nvlddmkm.sys [X] S1 p1481106710am; \??\C:\Users\tode\AppData\Local\Temp\bkB4E.tmp\p1481106710am.sys [X] <==== ATTENTION S1 p1481292973am; \??\C:\Users\tode\AppData\Local\Temp\bk9C9B.tmp\p1481292973am.sys [X] <==== ATTENTION S1 p1483097046am; \??\C:\Users\tode\AppData\Local\Temp\bk694B.tmp\p1483097046am.sys [X] <==== ATTENTION S1 p1484582936am; \??\C:\Users\tode\AppData\Local\Temp\bkC6C.tmp\p1484582936am.sys [X] <==== ATTENTION S1 p1485339738am; \??\C:\Users\tode\AppData\Local\Temp\bk4758.tmp\p1485339738am.sys [X] <==== ATTENTION S1 p1485339899am; \??\C:\Users\tode\AppData\Local\Temp\bkB75E.tmp\p1485339899am.sys [X] <==== ATTENTION S1 p1486205859am; \??\C:\Users\tode\AppData\Local\Temp\bk4F8B.tmp\p1486205859am.sys [X] <==== ATTENTION S1 p1486252125am; \??\C:\Users\tode\AppData\Local\Temp\bk437B.tmp\p1486252125am.sys [X] <==== ATTENTION S1 p1486396207am; \??\C:\Users\tode\AppData\Local\Temp\bkAF9F.tmp\p1486396207am.sys [X] <==== ATTENTION S1 p1486474885am; \??\C:\Users\tode\AppData\Local\Temp\bk5633.tmp\p1486474885am.sys [X] <==== ATTENTION S1 p1486474991am; \??\C:\Users\tode\AppData\Local\Temp\bkF453.tmp\p1486474991am.sys [X] <==== ATTENTION S1 p1486475044am; \??\C:\Users\tode\AppData\Local\Temp\bkC119.tmp\p1486475044am.sys [X] <==== ATTENTION S1 p1486482351am; \??\C:\Users\tode\AppData\Local\Temp\bk3F45.tmp\p1486482351am.sys [X] <==== ATTENTION S1 p1486936324am; \??\C:\Users\tode\AppData\Local\Temp\bk1654.tmp\p1486936324am.sys [X] <==== ATTENTION S1 p1487068961am; \??\C:\Users\tode\AppData\Local\Temp\bk4BDC.tmp\p1487068961am.sys [X] <==== ATTENTION S1 p1487070963am; \??\C:\Users\tode\AppData\Local\Temp\bkDE61.tmp\p1487070963am.sys [X] <==== ATTENTION S1 p1487076466am; \??\C:\Users\tode\AppData\Local\Temp\bk67D.tmp\p1487076466am.sys [X] <==== ATTENTION S1 p1487076572am; \??\C:\Users\tode\AppData\Local\Temp\bkA4FA.tmp\p1487076572am.sys [X] <==== ATTENTION S1 p1487087403am; \??\C:\Users\tode\AppData\Local\Temp\bkA420.tmp\p1487087403am.sys [X] <==== ATTENTION S1 p1487087509am; \??\C:\Users\tode\AppData\Local\Temp\bk45F8.tmp\p1487087509am.sys [X] <==== ATTENTION S1 p1487087662am; \??\C:\Users\tode\AppData\Local\Temp\bk9D17.tmp\p1487087662am.sys [X] <==== ATTENTION S1 p1487186264am; \??\C:\Users\tode\AppData\Local\Temp\bk7242.tmp\p1487186264am.sys [X] <==== ATTENTION S1 p1487861826am; \??\C:\Users\tode\AppData\Local\Temp\bk96.tmp\p1487861826am.sys [X] <==== ATTENTION S1 p1487862046am; \??\C:\Users\tode\AppData\Local\Temp\bk59F2.tmp\p1487862046am.sys [X] <==== ATTENTION S1 p1487862166am; \??\C:\Users\tode\AppData\Local\Temp\bk2D2B.tmp\p1487862166am.sys [X] <==== ATTENTION S1 p1488369027am; \??\C:\Users\tode\AppData\Local\Temp\bk23AF.tmp\p1488369027am.sys [X] <==== ATTENTION S1 p1488369225am; \??\C:\Users\tode\AppData\Local\Temp\bk3758.tmp\p1488369225am.sys [X] <==== ATTENTION S1 p1488570446am; \??\C:\Users\tode\AppData\Local\Temp\bkE377.tmp\p1488570446am.sys [X] <==== ATTENTION S1 p1488974040am; \??\C:\Users\tode\AppData\Local\Temp\bk1924.tmp\p1488974040am.sys [X] <==== ATTENTION S1 p1489147256am; \??\C:\Users\tode\AppData\Local\Temp\bk3753.tmp\p1489147256am.sys [X] <==== ATTENTION U2 snare; pas de ImagePath S3 X6va035; \??\C:\windows\SysWOW64\Drivers\X6va035 [X] S3 X6va062; \??\C:\windows\SysWOW64\Drivers\X6va062 [X] S3 xhunter1; \??\C:\windows\xhunter1.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois - Créés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-04-04 12:01 - 2018-04-04 12:01 - 000000000 ____D C:\FRST 2018-04-04 11:54 - 2018-04-04 11:54 - 000002880 _____ C:\windows\System32\Tasks\Driver Booster SkipUAC (tode) 2018-04-03 19:25 - 2018-04-03 19:42 - 000000000 ____D C:\windows\System32\Tasks\Norton Remove and Reinstall 2018-04-03 19:18 - 2018-04-03 19:18 - 000000000 ____D C:\windows\System32\Tasks\Remediation 2018-04-03 18:58 - 2018-04-03 19:00 - 014797392 _____ (Symantec Corporation) C:\Users\tode\Downloads\NRnR.exe 2018-04-03 18:49 - 2018-04-03 18:50 - 009616701 _____ (Symantec Corporation) C:\Users\tode\Downloads\Non confirmé 288478.crdownload 2018-04-03 18:49 - 2018-04-03 18:49 - 000608344 _____ C:\Users\tode\Downloads\MCPR.exe 2018-04-03 16:37 - 2018-04-03 16:37 - 000003086 _____ C:\windows\System32\Tasks\{86C834A8-CE2A-4280-A7AC-6EF4182CD730} 2018-04-03 16:12 - 2018-04-03 16:14 - 000011265 _____ C:\Users\tode\Desktop\Fixlog.txt 2018-04-03 16:12 - 2018-04-03 16:12 - 000048813 _____ C:\Users\tode\Desktop\fixlist.txt 2018-04-03 16:11 - 2018-04-03 16:11 - 000000000 _____ C:\Users\tode\Desktop\Nouveau document texte (2).txt 2018-04-03 16:03 - 2018-04-03 16:03 - 000000008 __RSH C:\Users\tode\ntuser.pol 2018-04-03 16:03 - 2018-04-03 16:03 - 000000008 __RSH C:\ProgramData\ntuser.pol 2018-04-02 20:54 - 2018-04-02 20:54 - 000000000 _____ C:\Users\tode\Desktop\Nouveau document texte.txt 2018-04-02 20:19 - 2018-04-04 12:02 - 000052926 _____ C:\Users\tode\Desktop\FRST.txt 2018-04-02 16:36 - 2018-04-03 16:59 - 000127625 _____ C:\Users\tode\Desktop\Addition.txt 2018-04-02 16:16 - 2018-04-02 16:17 - 002403328 _____ (Farbar) C:\Users\tode\Desktop\FRST64.exe 2018-04-02 12:41 - 2018-04-02 12:41 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update 2018-04-02 12:41 - 2018-04-02 12:41 - 000002784 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2018-04-02 12:41 - 2018-04-02 12:41 - 000000803 _____ C:\Users\Public\Desktop\CCleaner.lnk 2018-04-02 12:41 - 2018-04-02 12:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2018-04-02 12:41 - 2018-04-02 12:41 - 000000000 ____D C:\Program Files\CCleaner 2018-04-02 12:38 - 2018-04-02 12:39 - 015333512 _____ (Piriform Ltd) C:\Users\tode\Downloads\ccsetup541 (1).exe 2018-04-02 12:38 - 2018-04-02 12:38 - 015333512 _____ (Piriform Ltd) C:\Users\tode\Downloads\ccsetup541.exe 2018-04-02 11:34 - 2018-04-02 11:57 - 306673592 _____ (NVIDIA Corporation) C:\Users\tode\Downloads\342.01-desktop-win8-win7-winvista-64bit-international (1).exe 2018-04-01 18:25 - 2018-04-01 18:29 - 000000020 _____ C:\TOSTACK 2018-04-01 15:59 - 2018-04-01 15:59 - 000000000 ____D C:\Users\tode\AppData\LocalLow\uTorrent 2018-03-29 16:24 - 2018-03-29 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2018-03-28 16:31 - 2018-03-28 16:31 - 000051024 _____ (Dropbox, Inc.) C:\windows\system32\DbxSvc.exe 2018-03-28 16:31 - 2018-03-28 16:31 - 000045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-dev.sys 2018-03-28 16:31 - 2018-03-28 16:31 - 000045672 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-canary.sys 2018-03-28 16:31 - 2018-03-28 16:31 - 000045640 _____ (Dropbox, Inc.) C:\windows\system32\Drivers\dbx-stable.sys 2018-03-26 17:15 - 2018-03-26 17:15 - 000002007 _____ C:\Users\tode\Desktop\Enregistrement de produit ASUS.lnk 2018-03-26 17:15 - 2018-03-26 17:15 - 000000000 ____D C:\ProgramData\APRP 2018-03-26 17:11 - 2018-04-01 17:35 - 000002850 _____ C:\windows\System32\Tasks\IOTransfer SkipUAC (tode) 2018-03-24 23:20 - 2018-03-24 23:20 - 001129816 _____ (Google Inc.) C:\Users\tode\Downloads\ChromeSetup (10).exe 2018-03-17 15:20 - 2018-03-17 15:20 - 008651629 _____ C:\Users\tode\Downloads\Stony R. Perez 🎥 ( stony.sp) • Photos et vidéos Instagram [Instagram - 27976846_2007015016203660_8832643786602446848_n] (640x640) (via Skyload).mp4 2018-03-17 09:53 - 2018-03-17 09:53 - 000000000 ____D C:\Users\tode\AppData\Local\Tempzxpsign7dab2894a47b1faf 2018-03-16 19:49 - 2018-03-16 19:49 - 000000000 ____D C:\Users\tode\AppData\Local\Tempzxpsign46de8712462b972c 2018-03-16 19:38 - 2018-03-16 19:38 - 000000000 ____D C:\Users\tode\AppData\Local\Tempzxpsign53ddaab79cfb7340 2018-03-16 19:35 - 2018-03-16 19:35 - 000000000 ____D C:\Users\tode\AppData\Local\Tempzxpsign2de2980756c3cb3c 2018-03-14 13:52 - 2018-03-14 13:56 - 065860657 _____ C:\Users\tode\Desktop\Jok.mp4 2018-03-13 19:40 - 2018-04-01 17:35 - 000004628 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-03-10 18:50 - 2018-03-10 18:50 - 000000000 _____ C:\Users\tode\AppData\Local\{96EB6399-2E5D-45C5-B07E-86757B32953E} 2018-03-10 14:01 - 2018-03-10 14:01 - 000000000 _____ C:\Users\tode\AppData\Local\{C361CB8F-0EFE-4600-8D6D-833EB5E87C73} 2018-03-10 13:59 - 2018-03-10 13:59 - 000000000 _____ C:\Users\tode\AppData\Local\{AF80DB60-CC5F-442E-B7BC-F4164D07B9CF} 2018-03-10 11:27 - 2018-03-10 11:27 - 000000000 _____ C:\Users\tode\AppData\Local\{D5977429-9CE2-468C-92AA-811EF4EB1A32} 2018-03-10 11:23 - 2018-03-10 11:23 - 000003176 ____N C:\bootsqm.dat 2018-03-10 11:07 - 2018-03-10 11:07 - 000000000 _____ C:\Users\tode\AppData\Local\{B4BB32BF-B505-4B9B-9043-3178D9F6B4B3} 2018-03-10 10:52 - 2018-03-10 10:52 - 000000000 _____ C:\Users\tode\AppData\Local\{C4D78686-36E8-4FC4-9F08-A3E46EA67F85} 2018-03-10 10:51 - 2018-03-10 10:51 - 000000000 _____ C:\Users\tode\AppData\Local\{9D8CEA03-65C4-4EC0-A910-549BE018B464} 2018-03-10 10:48 - 2018-03-10 10:48 - 000000000 _____ C:\Users\tode\AppData\Local\{90C576F8-2067-4FD9-AC50-3FC1ED02D93F} 2018-03-09 18:50 - 2018-03-09 18:50 - 000000000 _____ C:\Users\tode\AppData\Local\{6CC72617-A97A-4192-A4D1-3ED17A0C0527} 2018-03-09 17:24 - 2018-03-09 17:24 - 000000000 _____ C:\Users\tode\AppData\Local\{362B80EF-2FD8-4D96-B6D5-6AB08AF3C3DD} 2018-03-08 21:59 - 2018-03-08 21:59 - 000000000 _____ C:\Users\tode\AppData\Local\{9CDA6520-550F-4CCA-B145-6665F93407A1} 2018-03-08 21:59 - 2018-03-08 21:59 - 000000000 _____ C:\Users\tode\AppData\Local\{6DB0D8FC-F16B-4533-89DA-BBA868B23C95} 2018-03-08 17:15 - 2018-03-08 17:15 - 000000000 _____ C:\Users\tode\AppData\Local\{A1167C81-50B3-44DA-92F2-A1D0189FB14D} 2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 _____ C:\Users\tode\AppData\Local\{38E90C01-0AD1-44D1-812A-6650A767341C} 2018-03-07 13:29 - 2018-03-07 13:29 - 000000000 _____ C:\Users\tode\AppData\Local\{20011431-5D2A-447C-AF5F-7E454FE1CBED} 2018-03-07 13:26 - 2018-03-08 21:51 - 000004168 _____ C:\windows\System32\Tasks\Avast Emergency Update 2018-03-07 13:26 - 2018-03-07 13:26 - 000205976 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 001026696 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000460520 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000380768 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2018-03-07 13:26 - 2018-03-07 13:25 - 000380528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000343752 _____ (AVAST Software) C:\windows\system32\Drivers\aswbloga.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000227504 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsdrivera.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000215320 _____ (AVAST Software) C:\windows\system32\Drivers\aswHdsKe.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000199440 _____ (AVAST Software) C:\windows\system32\Drivers\aswbidsha.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000196648 _____ (AVAST Software) C:\windows\system32\Drivers\aswArPot.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000146656 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000110328 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000084368 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000057680 _____ (AVAST Software) C:\windows\system32\Drivers\aswbuniva.sys 2018-03-07 13:26 - 2018-03-07 13:25 - 000046968 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys 2018-03-07 13:22 - 2018-04-01 17:35 - 000003218 _____ C:\windows\System32\Tasks\Norton WSC Integration 2018-03-06 18:50 - 2018-03-06 18:50 - 000000000 _____ C:\Users\tode\AppData\Local\{9FC8EAF4-FC7C-4DFB-B5E4-D26ED4F07523} 2018-03-06 12:59 - 2018-03-06 12:59 - 000000000 _____ C:\Users\tode\AppData\Local\{70E8DA33-122E-4231-A224-CE2C2153A6D5} 2018-03-05 21:42 - 2018-03-05 21:42 - 000000000 _____ C:\Users\tode\AppData\Local\{DC429CF9-8FD2-489C-9A12-9F3B638AC29B} 2018-03-05 19:36 - 2018-03-05 19:36 - 000000000 _____ C:\Users\tode\AppData\Local\{0F3786F6-C582-4BCB-866B-40FCD49E723B} 2018-03-05 18:50 - 2018-03-05 18:50 - 000000000 _____ C:\Users\tode\AppData\Local\{26BBFD08-FEA3-4DFE-B461-1336CD3BFA16} 2018-03-05 18:24 - 2018-03-05 18:24 - 000000000 _____ C:\Users\tode\AppData\Local\{C0E2A55E-3CC5-47C0-A763-75E4A512F667} ==================== Un mois - Modifiés - fichiers et dossiers ======== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2018-04-04 11:52 - 2017-12-23 05:30 - 000003924 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{A90A4EF9-0315-4E6E-9309-B73684925667} 2018-04-04 11:52 - 2016-08-29 05:37 - 000000000 ____D C:\Users\tode\AppData\Local\Adobe 2018-04-04 11:52 - 2015-12-23 12:16 - 000000000 ____D C:\Users\tode\AppData\Local\CrashDumps 2018-04-04 11:50 - 2016-09-24 10:29 - 000001196 _____ C:\windows\Tasks\DropboxUpdateTaskMachineUA.job 2018-04-04 11:49 - 2017-12-25 05:16 - 000000356 _____ C:\windows\Tasks\Connect.job 2018-04-04 11:49 - 2016-12-01 15:31 - 000000000 ____D C:\Users\tode\AppData\Roaming\WTablet 2018-04-04 11:49 - 2016-09-24 10:29 - 000001192 _____ C:\windows\Tasks\DropboxUpdateTaskMachineCore.job 2018-04-04 11:49 - 2016-01-02 20:50 - 000000000 __RDO C:\Users\tode\OneDrive 2018-04-04 11:49 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf 2018-04-04 11:48 - 2017-02-14 15:04 - 000000000 ____D C:\Program Files\SoftEther VPN Client 2018-04-04 11:48 - 2015-12-19 21:05 - 000000000 ____D C:\ProgramData\ProductData 2018-04-04 11:47 - 2016-10-11 18:39 - 000000434 _____ C:\windows\system32\Drivers\etc\hosts.ics 2018-04-04 11:46 - 2015-07-21 10:49 - 022779855 _____ C:\windows\SysWOW64\rootpa.e2e 2018-04-04 11:46 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT 2018-04-03 20:50 - 2016-01-10 00:00 - 000003289 _____ C:\Users\tode\AppData\Roaming\VoiceMeeterDefault.xml 2018-04-03 20:09 - 2016-11-06 11:23 - 000000400 _____ C:\windows\Tasks\update-sys.job 2018-04-03 20:09 - 2016-05-30 18:45 - 000000410 _____ C:\windows\Tasks\HP Photo Creations Communicator.job 2018-04-03 19:58 - 2015-12-14 09:08 - 000000000 ____D C:\Users\tode 2018-04-03 19:37 - 2015-07-21 19:30 - 000800448 _____ C:\windows\system32\perfh00C.dat 2018-04-03 19:37 - 2015-07-21 19:30 - 000174332 _____ C:\windows\system32\perfc00C.dat 2018-04-03 19:37 - 2014-03-18 17:32 - 001828306 _____ C:\windows\system32\PerfStringBackup.INI 2018-04-03 19:25 - 2017-12-23 04:51 - 000000000 ____D C:\ProgramData\Norton 2018-04-03 19:25 - 2017-12-23 04:51 - 000000000 ____D C:\Program Files\Common Files\Symantec Shared 2018-04-03 19:04 - 2015-12-14 09:14 - 000003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3956248472-2550150166-470528241-1001 2018-04-03 18:56 - 2015-07-21 11:58 - 000000000 ____D C:\ProgramData\McAfee 2018-04-03 18:21 - 2016-11-06 11:23 - 000000400 _____ C:\windows\Tasks\update-S-1-5-21-3956248472-2550150166-470528241-1001.job 2018-04-03 18:00 - 2018-02-21 00:43 - 000000000 ____D C:\windows\System32\Tasks\Norton Security 2018-04-03 18:00 - 2016-07-03 22:21 - 000000000 ____D C:\Users\UpdatusUser 2018-04-03 18:00 - 2015-12-15 22:41 - 000000000 ____D C:\windows\System32\Tasks\McAfee 2018-04-03 17:54 - 2018-02-20 12:07 - 000000000 ____D C:\windows\system32\Drivers\NGCx64 2018-04-03 17:54 - 2013-08-22 17:36 - 000000000 ____D C:\windows\registration 2018-04-03 17:44 - 2016-09-21 21:49 - 000000000 ____D C:\Program Files (x86)\Bluestacks 2018-04-03 16:45 - 2017-02-26 19:58 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-04-03 16:37 - 2015-12-22 13:45 - 000000000 ____D C:\Users\tode\AppData\Local\ElevatedDiagnostics 2018-04-03 16:33 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness 2018-04-03 16:13 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps 2018-04-03 16:10 - 2017-01-13 16:35 - 000000000 ____D C:\Users\tode\AppData\Roaming\Spotify 2018-04-02 21:03 - 2017-01-25 23:26 - 000000000 ____D C:\Users\tode\AppData\LocalLow\Temp 2018-04-02 20:55 - 2013-08-22 17:36 - 000000000 ___HD C:\windows\system32\GroupPolicy 2018-04-02 20:12 - 2018-02-26 12:29 - 000000238 _____ C:\windows\Tasks\StartMenu8_Start.job 2018-04-02 20:11 - 2017-12-26 02:59 - 000000000 ____D C:\Users\tode\Desktop\MAGIX Music Maker 2017 Premium 24.0.1.34 + Crack 2018-04-02 16:16 - 2016-07-03 00:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation 2018-04-02 12:47 - 2015-12-19 12:42 - 000000000 ____D C:\windows\Minidump 2018-04-02 12:47 - 2015-12-14 21:31 - 000000000 ____D C:\Program Files (x86)\Steam 2018-04-02 12:30 - 2017-02-15 12:54 - 000000000 _____ C:\Users\tode\Downloads\iOrbit.exe 2018-04-02 12:26 - 2016-07-03 00:00 - 000000000 ____D C:\ProgramData\NVIDIA Corporation 2018-04-02 12:26 - 2015-12-16 22:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2018-04-02 12:26 - 2013-08-22 17:36 - 000000000 ____D C:\windows\Help 2018-04-01 18:30 - 2016-08-26 03:28 - 000000000 ____D C:\Users\tode\AppData\Roaming\uTorrent 2018-04-01 18:29 - 2017-01-21 11:52 - 000000000 ____D C:\Users\tode\AppData\Roaming\Dashlane 2018-04-01 18:16 - 2017-01-21 11:52 - 000000290 _____ C:\windows\Tasks\Uninstaller_SkipUac_tode.job 2018-04-01 17:35 - 2018-02-26 16:11 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2018-04-01 17:35 - 2018-02-26 12:29 - 000002276 _____ C:\windows\System32\Tasks\StartMenu8_Start 2018-04-01 17:35 - 2018-02-03 13:15 - 000003452 _____ C:\windows\System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-alexis70913@gmail.com 2018-04-01 17:35 - 2018-01-28 11:00 - 000003248 _____ C:\windows\System32\Tasks\Driver Booster Scheduler 2018-04-01 17:35 - 2018-01-26 19:04 - 000003008 _____ C:\windows\System32\Tasks\ASC11_PerformanceMonitor 2018-04-01 17:35 - 2018-01-26 19:03 - 000002812 _____ C:\windows\System32\Tasks\ASC11_SkipUac_tode 2018-04-01 17:35 - 2017-12-25 05:16 - 000002714 _____ C:\windows\System32\Tasks\Connect 2018-04-01 17:35 - 2017-09-14 17:30 - 000003914 _____ C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1472176995 2018-04-01 17:35 - 2017-07-08 17:23 - 000004640 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2018-04-01 17:35 - 2017-06-27 16:04 - 000003094 _____ C:\windows\System32\Tasks\{47A0B403-825B-494F-99D5-74FB16802EC2} 2018-04-01 17:35 - 2017-05-13 19:46 - 000003160 _____ C:\windows\System32\Tasks\SmartDefrag_AutoAnalyze 2018-04-01 17:35 - 2017-05-13 19:46 - 000003008 _____ C:\windows\System32\Tasks\SmartDefrag_Startup 2018-04-01 17:35 - 2017-05-13 19:46 - 000003006 _____ C:\windows\System32\Tasks\SmartDefrag_Update 2018-04-01 17:35 - 2017-03-31 14:45 - 000003502 _____ C:\windows\System32\Tasks\Windows-PG 2018-04-01 17:35 - 2017-01-21 11:52 - 000002388 _____ C:\windows\System32\Tasks\Uninstaller_SkipUac_tode 2018-04-01 17:35 - 2017-01-20 16:57 - 000003594 _____ C:\windows\System32\Tasks\Milimili 2018-04-01 17:35 - 2017-01-02 22:24 - 000003068 _____ C:\windows\System32\Tasks\McAfeeLogon 2018-04-01 17:35 - 2016-12-27 20:22 - 000003302 _____ C:\windows\System32\Tasks\{7C26AC11-1108-46FF-9E88-B5D9E7241C30} 2018-04-01 17:35 - 2016-11-28 18:27 - 000003310 _____ C:\windows\System32\Tasks\CorelUpdateHelperTaskCore 2018-04-01 17:35 - 2016-11-06 11:23 - 000003270 _____ C:\windows\System32\Tasks\update-sys 2018-04-01 17:35 - 2016-11-06 11:23 - 000003246 _____ C:\windows\System32\Tasks\update-S-1-5-21-3956248472-2550150166-470528241-1001 2018-04-01 17:35 - 2016-10-21 19:07 - 000003400 _____ C:\windows\System32\Tasks\GyazoUpdateTaskMachineDaily 2018-04-01 17:35 - 2016-10-21 19:07 - 000003274 _____ C:\windows\System32\Tasks\GyazoUpdateTaskMachine 2018-04-01 17:35 - 2016-09-24 10:29 - 000004168 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineUA 2018-04-01 17:35 - 2016-09-24 10:29 - 000003932 _____ C:\windows\System32\Tasks\DropboxUpdateTaskMachineCore 2018-04-01 17:35 - 2016-09-17 10:29 - 000002896 _____ C:\windows\System32\Tasks\iFunVideoConverter_SkipUac_tode 2018-04-01 17:35 - 2016-08-26 01:58 - 000003500 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2018-04-01 17:35 - 2016-08-26 01:58 - 000003372 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2018-04-01 17:35 - 2016-08-26 00:42 - 000003496 _____ C:\windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-alexis70913@gmail.com 2018-04-01 17:35 - 2016-08-24 23:49 - 000008904 _____ C:\windows\System32\Tasks\Ghreringuwek Center 2018-04-01 17:35 - 2016-08-24 18:46 - 000008926 _____ C:\windows\System32\Tasks\Plivetyghujey Mapper 2018-04-01 17:35 - 2016-06-15 18:57 - 000003188 _____ C:\windows\System32\Tasks\{5E83FAD8-7A6F-4CEB-8D37-512EFF0D3C57} 2018-04-01 17:35 - 2016-05-30 18:45 - 000003386 _____ C:\windows\System32\Tasks\HP Photo Creations Communicator 2018-04-01 17:35 - 2016-05-30 18:34 - 000003580 _____ C:\windows\System32\Tasks\HPCustParticipation HP DeskJet 2130 series 2018-04-01 17:35 - 2016-04-17 17:41 - 000004460 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2018-04-01 17:35 - 2015-12-31 15:39 - 000003730 _____ C:\windows\System32\Tasks\Overwolf Updater Task 2018-04-01 17:35 - 2015-12-28 19:23 - 000003722 _____ C:\windows\System32\Tasks\gameo_update 2018-03-31 18:33 - 2017-01-13 16:39 - 000000000 ____D C:\Users\tode\AppData\Local\Spotify 2018-03-31 12:00 - 2015-12-28 19:22 - 000000000 ____D C:\Users\tode\AppData\Local\Gameo 2018-03-31 09:42 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\ELAM 2018-03-30 15:39 - 2015-12-31 15:34 - 000000000 ____D C:\Program Files (x86)\Overwolf 2018-03-29 16:25 - 2016-09-24 10:28 - 000000000 ____D C:\Users\tode\AppData\Local\Dropbox 2018-03-29 16:25 - 2015-07-21 11:55 - 000000000 ____D C:\Program Files (x86)\Dropbox 2018-03-20 19:19 - 2017-04-25 12:52 - 000000000 ____D C:\windows\psgo 2018-03-16 18:35 - 2016-11-28 18:27 - 000000000 ____D C:\Program Files (x86)\Corel 2018-03-13 20:40 - 2013-08-22 17:36 - 000000000 ____D C:\windows\SysWOW64\Macromed 2018-03-13 20:40 - 2013-08-22 17:36 - 000000000 ____D C:\windows\system32\Macromed 2018-03-11 10:54 - 2013-08-22 17:36 - 000000000 ____D C:\windows\LiveKernelReports 2018-03-10 14:37 - 2016-07-06 20:29 - 000000000 ____D C:\Users\tode\AppData\Roaming\discord 2018-03-07 13:51 - 2015-12-14 22:15 - 000000000 ____D C:\Program Files\Common Files\AV ==================== Fichiers à la racine de certains dossiers ======= 2017-02-24 18:00 - 2017-03-22 22:42 - 000015450 _____ () C:\Program Files (x86)\metadata 2017-02-24 18:00 - 2017-03-22 17:39 - 000000040 _____ () C:\Program Files (x86)\settings.dat 2016-12-27 14:46 - 2016-12-27 14:46 - 000014396 _____ () C:\Users\tode\AppData\Roaming\373A55ED-73C7-4549-A55A-C0B1B301FD2A.7z 2016-12-27 14:45 - 2016-12-27 14:45 - 000016587 _____ () C:\Users\tode\AppData\Roaming\373A55ED-73C7-4549-A55A-C0B1B301FD2A.zip 2017-03-23 23:18 - 2016-11-14 15:47 - 000370236 _____ () C:\Users\tode\AppData\Roaming\7Clicker 64.jar 2017-03-23 18:06 - 2017-04-12 18:23 - 000000132 _____ () C:\Users\tode\AppData\Roaming\Adobe PNG Format CC Prefs 2017-12-31 01:10 - 2017-12-31 01:10 - 000000033 _____ () C:\Users\tode\AppData\Roaming\AdobeWLCMCache.dat 2016-11-26 20:18 - 2016-11-26 20:18 - 000001211 _____ () C:\Users\tode\AppData\Roaming\AdobeWLCMR2Cache.dat 2016-08-24 18:48 - 2016-08-24 18:50 - 007118336 _____ () C:\Users\tode\AppData\Roaming\agent.dat 2016-08-24 18:32 - 2016-08-24 18:48 - 000054272 _____ () C:\Users\tode\AppData\Roaming\ApplicationHosting.dat 2016-08-24 18:48 - 2016-08-24 18:50 - 000070704 _____ () C:\Users\tode\AppData\Roaming\Config.xml 2016-08-24 18:32 - 2016-08-24 18:32 - 000072702 _____ () C:\Users\tode\AppData\Roaming\GrooveRonstrong.tst 2016-08-24 18:48 - 2016-08-24 18:48 - 000072702 _____ () C:\Users\tode\AppData\Roaming\HotOveity.tst 2016-04-30 18:17 - 2017-04-07 17:12 - 000000101 _____ () C:\Users\tode\AppData\Roaming\infos.properties 2016-08-24 18:30 - 2016-08-24 18:49 - 000011568 _____ () C:\Users\tode\AppData\Roaming\InstallationConfiguration.xml 2016-08-24 18:30 - 2016-08-24 18:47 - 000138240 _____ () C:\Users\tode\AppData\Roaming\Installer.dat 2016-08-24 18:32 - 2016-08-24 18:48 - 000126464 _____ () C:\Users\tode\AppData\Roaming\lobby.dat 2016-08-24 18:48 - 2016-08-24 18:50 - 000018432 _____ () C:\Users\tode\AppData\Roaming\Main.dat 2016-08-24 18:32 - 2016-08-24 18:50 - 000005568 _____ () C:\Users\tode\AppData\Roaming\md.xml 2016-08-24 18:48 - 2016-08-24 18:50 - 000126464 _____ () C:\Users\tode\AppData\Roaming\noah.dat 2016-08-24 18:48 - 2016-08-24 18:48 - 001900304 _____ () C:\Users\tode\AppData\Roaming\Ozerjoysing.tst 2016-02-29 15:40 - 2014-06-18 03:58 - 000000084 _____ () C:\Users\tode\AppData\Roaming\pack.mcmeta 2016-02-29 15:40 - 2014-06-18 03:57 - 003055465 _____ () C:\Users\tode\AppData\Roaming\pack.png 2016-08-20 03:24 - 2016-11-23 20:55 - 000001403 _____ () C:\Users\tode\AppData\Roaming\SpeedRunnersLog.txt 2016-08-24 18:48 - 2016-08-24 18:48 - 000072702 _____ () C:\Users\tode\AppData\Roaming\Supereco.tst 2016-04-27 17:06 - 2016-04-27 17:06 - 000000036 _____ () C:\Users\tode\AppData\Roaming\SuYZkvrV.tmp 2016-07-09 21:50 - 2016-07-09 21:50 - 000008704 ___SH () C:\Users\tode\AppData\Roaming\Thumbs.db 2016-08-24 18:48 - 2016-08-24 18:48 - 001900304 _____ () C:\Users\tode\AppData\Roaming\Treefan.tst 2016-08-24 18:51 - 2016-08-24 18:55 - 000001150 _____ () C:\Users\tode\AppData\Roaming\uninstall_temp.ico 2017-01-09 19:14 - 2017-01-09 19:14 - 000000054 _____ () C:\Users\tode\AppData\Roaming\updater.cfg 2016-05-07 16:01 - 2016-05-07 16:01 - 000000625 _____ () C:\Users\tode\AppData\Roaming\VH1Tool.cfg 2016-05-07 16:01 - 2016-05-07 16:01 - 000005380 _____ () C:\Users\tode\AppData\Roaming\VH1Tool.txt 2016-08-24 18:50 - 2016-08-24 18:50 - 001900304 _____ () C:\Users\tode\AppData\Roaming\Via-Sing.tst 2016-01-10 00:00 - 2018-04-03 20:50 - 000003289 _____ () C:\Users\tode\AppData\Roaming\VoiceMeeterDefault.xml 2015-12-28 21:01 - 2017-02-04 01:33 - 000000481 _____ () C:\Users\tode\AppData\Roaming\WB.CFG 2018-01-07 02:48 - 2018-01-07 02:48 - 000000071 _____ () C:\Users\tode\AppData\Local\emaildefaults 2018-02-07 12:47 - 2018-02-07 12:47 - 000000109 _____ () C:\Users\tode\AppData\Local\kritadisplayrc 2018-01-07 02:46 - 2018-02-07 12:47 - 000018642 _____ () C:\Users\tode\AppData\Local\kritarc 2017-06-28 21:14 - 2017-06-28 21:14 - 000004273 _____ () C:\Users\tode\AppData\Local\recently-used.xbel 2016-11-06 11:23 - 2016-11-06 11:23 - 000000003 _____ () C:\Users\tode\AppData\Local\updater.log 2016-11-06 11:23 - 2017-05-06 14:25 - 000000425 _____ () C:\Users\tode\AppData\Local\UserProducts.xml 2018-01-29 18:03 - 2018-01-29 18:03 - 000000000 _____ () C:\Users\tode\AppData\Local\{06354B95-C70F-4FEE-A8C2-2EA96E0F16F2} 2018-02-21 00:53 - 2018-02-21 00:53 - 000000000 _____ () C:\Users\tode\AppData\Local\{078A3C3E-EB6C-4B6E-A1C8-397FFC3395B8} 2018-02-04 19:36 - 2018-02-04 19:36 - 000000000 _____ () C:\Users\tode\AppData\Local\{07A0F441-753A-4C26-B863-683E0A22BEB4} 2018-02-20 18:50 - 2018-02-20 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{082E5888-AEDE-462F-9258-CE0544669635} 2018-03-01 11:40 - 2018-03-01 11:40 - 000000000 _____ () C:\Users\tode\AppData\Local\{09C9E9AE-CBD8-4AC3-8930-85A13FDC3C1B} 2018-02-21 12:42 - 2018-02-21 12:42 - 000000000 _____ () C:\Users\tode\AppData\Local\{09F12EAF-CE5D-4E8C-A236-772792144ED8} 2018-02-07 18:50 - 2018-02-07 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{0C86CB9C-0D7D-471E-B7A1-FAE0CEB9B267} 2018-03-05 19:36 - 2018-03-05 19:36 - 000000000 _____ () C:\Users\tode\AppData\Local\{0F3786F6-C582-4BCB-866B-40FCD49E723B} 2018-02-08 11:09 - 2018-02-08 11:09 - 000000000 _____ () C:\Users\tode\AppData\Local\{1C6D6051-0D5F-4E89-9CC4-6DA1131911D3} 2018-03-07 13:29 - 2018-03-07 13:29 - 000000000 _____ () C:\Users\tode\AppData\Local\{20011431-5D2A-447C-AF5F-7E454FE1CBED} 2018-02-21 00:54 - 2018-02-21 00:54 - 000000000 _____ () C:\Users\tode\AppData\Local\{246EB13A-CF21-43DD-8F3E-74FFDDE4519A} 2018-02-08 18:50 - 2018-02-08 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{25475CE5-73E8-4B86-BA69-0EA2B4BF4B68} 2018-03-05 18:50 - 2018-03-05 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{26BBFD08-FEA3-4DFE-B461-1336CD3BFA16} 2018-02-06 16:44 - 2018-02-06 16:44 - 000000000 _____ () C:\Users\tode\AppData\Local\{337184B4-7F11-4779-95AA-10318832ECD2} 2018-03-09 17:24 - 2018-03-09 17:24 - 000000000 _____ () C:\Users\tode\AppData\Local\{362B80EF-2FD8-4D96-B6D5-6AB08AF3C3DD} 2018-02-20 11:49 - 2018-02-20 11:49 - 000000000 _____ () C:\Users\tode\AppData\Local\{37814BF7-D3EF-41A1-892F-00B6986A752C} 2018-02-21 17:54 - 2018-02-21 17:54 - 000000000 _____ () C:\Users\tode\AppData\Local\{38582A39-240C-422C-8ED0-B0BBF7108A6E} 2018-03-07 18:50 - 2018-03-07 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{38E90C01-0AD1-44D1-812A-6650A767341C} 2018-02-07 11:15 - 2018-02-07 11:15 - 000000000 _____ () C:\Users\tode\AppData\Local\{3C375013-8233-4D49-B233-19167DF588B1} 2018-02-21 12:41 - 2018-02-21 12:41 - 000000000 _____ () C:\Users\tode\AppData\Local\{3D5CC60B-06A7-4223-A37D-01BAFF9691EF} 2018-02-21 12:31 - 2018-02-21 12:31 - 000000000 _____ () C:\Users\tode\AppData\Local\{45CCC490-8509-4B7F-B40E-07C28ACE1B0D} 2018-02-21 11:45 - 2018-02-21 11:45 - 000000000 _____ () C:\Users\tode\AppData\Local\{478D34F2-E0F7-4A8D-A514-9970C80332B3} 2018-02-21 18:50 - 2018-02-21 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{48FEA508-94C4-4B2A-B5B3-506C1BB47018} 2018-02-21 12:31 - 2018-02-21 12:31 - 000000000 _____ () C:\Users\tode\AppData\Local\{48FF17A3-EA4E-44BC-AA63-610377271496} 2018-02-05 18:15 - 2018-02-05 18:15 - 000000000 _____ () C:\Users\tode\AppData\Local\{4FDC1BB5-4E46-4C8C-8403-1A60AA0C1202} 2017-08-18 10:34 - 2017-08-18 10:34 - 000000000 _____ () C:\Users\tode\AppData\Local\{581BA686-FC9E-42E9-8C63-B61095BE249E} 2018-01-31 18:50 - 2018-01-31 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{58DEB38D-8BEC-4160-A82B-BD84DBFC269D} 2018-02-23 18:50 - 2018-02-23 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{5C3912A3-F069-413F-8093-3B162565193A} 2018-01-27 18:50 - 2018-01-27 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{5C8F116D-A282-40D6-A3A3-F4D7354407B2} 2018-02-06 18:50 - 2018-02-06 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{5E044315-F184-4880-A0A5-135EA87EB0E2} 2018-01-31 12:39 - 2018-01-31 12:39 - 000000000 _____ () C:\Users\tode\AppData\Local\{5F09315C-14B9-4B6E-B0F3-8269E3A7568D} 2018-03-09 18:50 - 2018-03-09 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{6CC72617-A97A-4192-A4D1-3ED17A0C0527} 2018-03-08 21:59 - 2018-03-08 21:59 - 000000000 _____ () C:\Users\tode\AppData\Local\{6DB0D8FC-F16B-4533-89DA-BBA868B23C95} 2018-02-21 12:30 - 2018-02-21 12:30 - 000000000 _____ () C:\Users\tode\AppData\Local\{700E8D9B-A3DD-4B2F-BCB1-388666E7AE2A} 2018-03-06 12:59 - 2018-03-06 12:59 - 000000000 _____ () C:\Users\tode\AppData\Local\{70E8DA33-122E-4231-A224-CE2C2153A6D5} 2018-02-01 18:07 - 2018-02-01 18:07 - 000000000 _____ () C:\Users\tode\AppData\Local\{74F734BC-0BFD-4A8B-8F7F-F1274B538479} 2017-08-18 10:34 - 2017-08-18 10:34 - 000000000 _____ () C:\Users\tode\AppData\Local\{7631F2E4-1000-4DBA-8B92-B228D49CC674} 2018-02-01 18:50 - 2018-02-01 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{7B82878D-A6CB-4DD4-A89E-B2F08090CCD8} 2018-02-01 18:08 - 2018-02-01 18:08 - 000000000 _____ () C:\Users\tode\AppData\Local\{89C91758-CCF3-4B2C-9D40-D06F04AE8C72} 2018-02-22 12:40 - 2018-02-22 12:40 - 000000000 _____ () C:\Users\tode\AppData\Local\{8C016E69-1A61-4A55-AD4F-F71B1531B0F8} 2018-02-04 18:50 - 2018-02-04 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{8C5D9EBC-A110-422D-9F59-EB0040CB6DB7} 2018-02-02 17:15 - 2018-02-02 17:15 - 000000000 _____ () C:\Users\tode\AppData\Local\{8D93EC05-4A77-4A6E-BD9B-4AACD21AF473} 2018-02-23 11:59 - 2018-02-23 11:59 - 000000000 _____ () C:\Users\tode\AppData\Local\{8EF15C2D-5E27-4E07-BDB3-83592A698990} 2018-03-10 10:48 - 2018-03-10 10:48 - 000000000 _____ () C:\Users\tode\AppData\Local\{90C576F8-2067-4FD9-AC50-3FC1ED02D93F} 2018-02-19 12:33 - 2018-02-19 12:33 - 000000000 _____ () C:\Users\tode\AppData\Local\{957E2937-0570-4008-AD1A-5F2C2FA7319A} 2018-03-10 18:50 - 2018-03-10 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{96EB6399-2E5D-45C5-B07E-86757B32953E} 2018-01-27 11:18 - 2018-01-27 11:18 - 000000000 _____ () C:\Users\tode\AppData\Local\{9955A6D5-45BC-4DDD-AA9A-F0B7977A6383} 2018-03-08 21:59 - 2018-03-08 21:59 - 000000000 _____ () C:\Users\tode\AppData\Local\{9CDA6520-550F-4CCA-B145-6665F93407A1} 2018-03-10 10:51 - 2018-03-10 10:51 - 000000000 _____ () C:\Users\tode\AppData\Local\{9D8CEA03-65C4-4EC0-A910-549BE018B464} 2018-03-06 18:50 - 2018-03-06 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{9FC8EAF4-FC7C-4DFB-B5E4-D26ED4F07523} 2018-02-21 14:49 - 2018-02-21 14:49 - 000000000 _____ () C:\Users\tode\AppData\Local\{A04C2CF6-A737-4D9B-9890-348183BEAF9B} 2018-03-08 17:15 - 2018-03-08 17:15 - 000000000 _____ () C:\Users\tode\AppData\Local\{A1167C81-50B3-44DA-92F2-A1D0189FB14D} 2018-01-29 18:03 - 2018-01-29 18:03 - 000000000 _____ () C:\Users\tode\AppData\Local\{AD597631-E153-4B45-83A3-EB424A2672DD} 2018-02-22 18:50 - 2018-02-22 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{AD605F4D-B08E-4CB2-ABF7-263A6ADABC03} 2018-03-10 13:59 - 2018-03-10 13:59 - 000000000 _____ () C:\Users\tode\AppData\Local\{AF80DB60-CC5F-442E-B7BC-F4164D07B9CF} 2018-03-10 11:07 - 2018-03-10 11:07 - 000000000 _____ () C:\Users\tode\AppData\Local\{B4BB32BF-B505-4B9B-9043-3178D9F6B4B3} 2018-02-05 19:36 - 2018-02-05 19:36 - 000000000 _____ () C:\Users\tode\AppData\Local\{B979B4AE-81D0-4521-94A9-63FF38A8F143} 2018-01-31 12:40 - 2018-01-31 12:40 - 000000000 _____ () C:\Users\tode\AppData\Local\{BAD465AF-5EA2-4BC9-92C8-AAB059597A91} 2018-02-18 19:36 - 2018-02-18 19:36 - 000000000 _____ () C:\Users\tode\AppData\Local\{BBCE4F7A-3455-4371-BBE7-2107B818A7CA} 2018-03-01 11:42 - 2018-03-01 11:42 - 000000000 _____ () C:\Users\tode\AppData\Local\{BD91958B-5657-4A1A-B575-19F8BEC512F7} 2018-02-22 12:41 - 2018-02-22 12:41 - 000000000 _____ () C:\Users\tode\AppData\Local\{C08F0C6C-F00E-41C8-8F0B-7446417A1DA6} 2018-03-05 18:24 - 2018-03-05 18:24 - 000000000 _____ () C:\Users\tode\AppData\Local\{C0E2A55E-3CC5-47C0-A763-75E4A512F667} 2016-11-22 18:34 - 2016-11-22 18:34 - 000000000 _____ () C:\Users\tode\AppData\Local\{C10FDDBA-872D-4216-901F-CDB7513CEF4A} 2018-03-10 14:01 - 2018-03-10 14:01 - 000000000 _____ () C:\Users\tode\AppData\Local\{C361CB8F-0EFE-4600-8D6D-833EB5E87C73} 2018-03-10 10:52 - 2018-03-10 10:52 - 000000000 _____ () C:\Users\tode\AppData\Local\{C4D78686-36E8-4FC4-9F08-A3E46EA67F85} 2018-02-21 17:53 - 2018-02-21 17:53 - 000000000 _____ () C:\Users\tode\AppData\Local\{C805C1CC-5DAD-4B4F-8B31-59742CCB8C00} 2018-02-07 11:15 - 2018-02-07 11:15 - 000000000 _____ () C:\Users\tode\AppData\Local\{CCC63D2E-C188-4216-BFF5-235129017B1B} 2018-03-10 11:27 - 2018-03-10 11:27 - 000000000 _____ () C:\Users\tode\AppData\Local\{D5977429-9CE2-468C-92AA-811EF4EB1A32} 2018-03-05 21:42 - 2018-03-05 21:42 - 000000000 _____ () C:\Users\tode\AppData\Local\{DC429CF9-8FD2-489C-9A12-9F3B638AC29B} 2018-02-28 18:50 - 2018-02-28 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{DEC7930F-8FA6-4874-B9EA-60B2188A83F1} 2018-02-05 18:50 - 2018-02-05 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{F04EDBD4-A021-4040-AAA5-7784C9DA7FEE} 2018-02-18 18:50 - 2018-02-18 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{F0FAAC2A-FCBB-47BC-AD09-4EDB0F15177A} 2018-02-01 18:08 - 2018-02-01 18:08 - 000000000 _____ () C:\Users\tode\AppData\Local\{F10A5CE0-D814-4C61-8DC6-41D3654FA8DD} 2018-02-19 18:50 - 2018-02-19 18:50 - 000000000 _____ () C:\Users\tode\AppData\Local\{F4285B21-3A8F-4D7C-A6C5-139B868D27E5} 2018-02-23 11:59 - 2018-02-23 11:59 - 000000000 _____ () C:\Users\tode\AppData\Local\{F72A2F79-9A95-4CBE-9334-578570E22024} 2018-02-01 18:08 - 2018-02-01 18:08 - 000000000 _____ () C:\Users\tode\AppData\Local\{F9459667-CCAA-4054-9F4D-A636D63974C8} 2016-11-23 11:46 - 2016-11-23 11:46 - 000000000 _____ () C:\Users\tode\AppData\Local\{F969BD5E-006F-4FB6-86FE-31676CFB931A} Certains fichiers dans TEMP: ==================== 2018-04-01 18:40 - 2014-07-02 19:44 - 001214048 _____ (NVIDIA Corporation) C:\Users\tode\AppData\Local\Temp\nvSCPAPI.dll 2018-04-01 18:40 - 2014-07-02 19:44 - 001398936 _____ (NVIDIA Corporation) C:\Users\tode\AppData\Local\Temp\nvSCPAPI64.dll 2018-04-02 12:00 - 2014-07-02 19:44 - 000826712 _____ (NVIDIA Corporation) C:\Users\tode\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap ====================== (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) C:\windows\system32\winlogon.exe => Le fichier est signé numériquement C:\windows\system32\wininit.exe => Le fichier est signé numériquement C:\windows\explorer.exe => Le fichier est signé numériquement C:\windows\SysWOW64\explorer.exe => Le fichier est signé numériquement C:\windows\system32\svchost.exe => Le fichier est signé numériquement C:\windows\SysWOW64\svchost.exe => Le fichier est signé numériquement C:\windows\system32\services.exe => Le fichier est signé numériquement C:\windows\system32\User32.dll => Le fichier est signé numériquement C:\windows\SysWOW64\User32.dll => Le fichier est signé numériquement C:\windows\system32\userinit.exe => Le fichier est signé numériquement C:\windows\SysWOW64\userinit.exe => Le fichier est signé numériquement C:\windows\system32\rpcss.dll => Le fichier est signé numériquement C:\windows\system32\dnsapi.dll => Le fichier est signé numériquement C:\windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement C:\windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement LastRegBack: 2016-02-26 22:11 ==================== Fin de FRST.txt ============================