Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2020 Exécuté par Florence (administrateur) sur PC-FLORENCE (Packard Bell EasyNote TE11HC) (23-04-2020 12:41:52) Exécuté depuis C:\Users\Florence\Desktop Profils chargés: Florence (Profils disponibles: Florence & admin) Platform: Windows 8.1 (Update) (X64) Langue: Français (France) Navigateur par défaut: FF Mode d'amorçage: Normal Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processus (Avec liste blanche) ================= (Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.) () [Fichier non signé] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe () [Fichier non signé] C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe () [Fichier non signé] C:\Program Files (x86)\Too Kool fo School\too_kool_fo_school_helper_service.exe (Broadcom Corp.) [Fichier non signé] C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\RadioController\RfBtnHelper.exe (Dritek System Inc. -> Dritek System INC.) C:\Windows\RfBtnSvc64.exe (Electronic Arts, Inc. -> ) C:\Program Files (x86)\Origin\QtWebEngineProcess.exe <2> (Electronic Arts, Inc. -> Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation -> Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.22013_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2> (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <7> (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mep.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Program Files (x86)\epson\MyEpson Portal\mepService.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIRFE.EXE (Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== Registre (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-03-09] (Dritek System Inc. -> Dritek System Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare Technology Co.,Ltd -> Wondershare) HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [646776 2020-03-12] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-4068495689-3038831413-1457509616-1001\...\Run: [Facebook Update] => C:\Users\Florence\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-22] (Facebook, Inc. -> Facebook Inc.) HKU\S-1-5-21-4068495689-3038831413-1457509616-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3131664 2019-11-17] (Electronic Arts, Inc. -> Electronic Arts) HKU\S-1-5-21-4068495689-3038831413-1457509616-1001\...\Run: [EPLTarget\P0000000000000002] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIRFE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) HKU\S-1-5-21-4068495689-3038831413-1457509616-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [45488 2020-04-10] (Glarysoft LTD -> Glarysoft Ltd) IFEO\volaro: [Debugger] tasklist.exe IFEO\vonteera: [Debugger] tasklist.exe Startup: C:\Users\Florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2016-11-05] ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Florence\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook) [Fichier non signé] BootExecute: autocheck autochk * CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Tâches planifiées (Avec liste blanche) ============ (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61} Task: {0EB87F18-3B78-416D-A5DE-51A5DFC5C66E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2211024 2014-03-19] (Microsoft Corporation -> Microsoft) Task: {11B02BDF-8E76-4868-A944-260F8CFC2BB5} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [918960 2020-04-10] (Glarysoft LTD -> Glarysoft Ltd) Task: {1367A904-3C9E-46D1-B865-FB3BFA11B46A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4068495689-3038831413-1457509616-1001UA => C:\Users\Florence\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-22] (Facebook, Inc. -> Facebook Inc.) Task: {15507518-B04A-4798-BECE-68D28BAA76F1} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {1BA0C4D9-48DC-4EF5-B5D8-032F26B5A206} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4068495689-3038831413-1457509616-1001Core => C:\Users\Florence\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-05-22] (Facebook, Inc. -> Facebook Inc.) Task: {2705C5F6-7786-4DEB-9757-ACF9F4189454} - System32\Tasks\Vun84FmkDy84p2G => C:\Users\Florence\AppData\Roaming\TMTbhQg\7IXttkI.exe Task: {277EA56C-17FE-406C-9B7B-115FBA469077} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-15] (Adobe Inc. -> Adobe) Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1} Task: {299C2C89-A5FA-4F86-9DB4-3DC098297E5F} - System32\Tasks\WIN-fdfEfEfAfC => C:\Users\Florence\AppData\Roaming\~gxmnkca.exe <==== ATTENTION Task: {30A16701-7450-4C75-8AB8-D52754A87F7A} - \a5ca9ad3-c9f0-478d-81c5-5aff73e4314e-1 -> Pas de fichier <==== ATTENTION Task: {412BF764-DAD5-4F29-9226-23A2E92D984B} - System32\Tasks\GlaryInitialize 4 => C:\Program Files (x86)\Glary Utilities 4\Initialize.exe Task: {43810178-763C-46D6-8B66-59E4FD9A2276} - System32\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5_user => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5.exe <==== ATTENTION Task: {47496ED2-4B01-41A2-95DA-9D9483D006B5} - System32\Tasks\EPSON XP-243 245 247 Series Update {75187737-B78A-4336-993F-B9E01E83EE44} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) Task: {641E6B27-E478-475D-8C1A-938C6E9CFE2E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [126152 2020-04-03] (Mozilla Corporation -> Mozilla Foundation) Task: {6A8B706A-A123-42EE-86DA-095697D2A49B} - System32\Tasks\L3k6Nzhlg6MegWm => C:\Users\Florence\AppData\Roaming\aF56Xq0\qak7TzM.exe [4096 2015-02-21] ( ) [Fichier non signé] Task: {6BD11749-EED9-46EF-A808-6C4196B7CC66} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_Plugin.exe [1458232 2020-04-15] (Adobe Inc. -> Adobe) Task: {71949CA0-B572-4AE1-866E-3DE9DADDFEEB} - \free ven-firefoxinstaller -> Pas de fichier <==== ATTENTION Task: {7432140C-4EB6-4079-BBCA-3A901B1A2C12} - \e88cab1d-5ce2-45cb-a6bc-61d4b48ece55-5_user -> Pas de fichier <==== ATTENTION Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316} Task: {7DC25E48-5D4A-439D-8219-B038F057E04E} - System32\Tasks\{7C407C9A-D4B3-7DDE-4A0B-3B3752B81907} => C:\Users\Florence\AppData\Roaming\Roheceru\KOROFO~1.EXE [0 2013-04-18] () Task: {7DEE63C7-82A6-4985-87A4-1F02574EFC51} - System32\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-7 => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-7.exe <==== ATTENTION Task: {8EFA7702-F918-417A-8D33-D69624FA78F7} - System32\Tasks\WIN-GGfIfEGCfEGbGffIfCfEGC => C:\Users\Florence\AppData\Roaming\~zaiogjf.exe <==== ATTENTION Task: {8F147092-25C0-4CDE-974E-2BECEE58B3DD} - System32\Tasks\XkJE39IjD3unnIr => C:\Users\Florence\AppData\Roaming\i5LPLye\EwTyRuu.exe Task: {91F8FFD2-DF7B-4331-A49D-4E14548BE6AE} - \a5ca9ad3-c9f0-478d-81c5-5aff73e4314e-4 -> Pas de fichier <==== ATTENTION Task: {94D4350A-5244-46DC-9BE6-0A50F13361B9} - System32\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-4 => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-4.exe <==== ATTENTION Task: {96F5AB8E-CEC2-46DA-BFC8-5F8AFAAF4285} - System32\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-6 => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-6.exe <==== ATTENTION Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969} Task: {9D92CC8F-B0DA-44B8-9D41-9529B9D1177B} - System32\Tasks\{40BCE9A2-4088-47D5-86F6-7DD4E76CE99A} => C:\WINDOWS\system32\pcalua.exe -a D:\Autorun.exe -d D:\ Task: {A0777676-0EBB-40BB-9526-035736594600} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2118352 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {B599B292-00D0-4277-B30B-E19A758F4350} - \e688a564-76e7-44a9-b6da-ef8f55ca380c-5_user -> Pas de fichier <==== ATTENTION Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E} Task: {D2837AFD-180A-4C6A-B243-2DC0BD639C53} - System32\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-10_user => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-10.exe <==== ATTENTION Task: {DB1A4D79-FD6C-4A74-BE42-049FFAFBD3F4} - System32\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5 => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5.exe <==== ATTENTION Task: {DBA6CAE0-FDD8-48DE-BD25-4859C498E368} - System32\Tasks\Disk Speedup => C:\Program Files (x86)\Glary Utilities 4\DiskDefrag.exe Task: {E43AFF82-D5FB-45C1-88A1-14A77882825A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {E5F509DD-83C0-48E3-BFFF-6B44CC59EDCA} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1487568 2014-03-19] (Microsoft Corporation -> Microsoft Corporation) Task: {F8E24690-2367-4BFD-9DEF-C2790AAF5A07} - System32\Tasks\too_kool_fo_school_helper_service => C:\Program Files (x86)\Too Kool fo School\too_kool_fo_school_helper_service.exe [191696 2015-05-28] () [Fichier non signé] <==== ATTENTION (Si un élément est inclus dans le fichier fixlist.txt, le fichier tâche (.job) sera déplacé. Le fichier exécuté par la tâche ne sera pas déplacé.) Task: C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-6.job => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-6.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-7.job => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-7.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-10_user.job => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-10.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-4.job => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-4.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5.job => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5_user.job => C:\Program Files (x86)\winservice86\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\Disk Speedup.job => C:\Program Files (x86)\Glary Utilities 4\DiskDefrag.exe Task: C:\WINDOWS\Tasks\EPSON XP-243 245 247 Series Update {75187737-B78A-4336-993F-B9E01E83EE44}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSRFE.EXE:/EXE:{75187737-B78A-4336-993F-B9E01E83EE44} /F:UpdateWORKGROUP\PC-FLORENCE$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4068495689-3038831413-1457509616-1001Core.job => C:\Users\Florence\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4068495689-3038831413-1457509616-1001UA.job => C:\Users\Florence\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\too_kool_fo_school_helper_service.job => C:\Program Files (x86)\Too Kool fo School\too_kool_fo_school_helper_service.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\{7C407C9A-D4B3-7DDE-4A0B-3B3752B81907}.job => C:\Users\Florence\AppData\Roaming\Roheceru\KOROFO~1.EXE ==================== Internet (Avec liste blanche) ==================== (Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.) ProxyEnable: [.DEFAULT] => Proxy est activé. ProxyServer: [.DEFAULT] => http=127.0.0.1:57180;https=127.0.0.1:57180 Tcpip\Parameters: [DhcpNameServer] 192.168.5.1 Tcpip\..\Interfaces\{78F19859-F85E-419C-9CCE-90921F69AA86}: [DhcpNameServer] 192.168.1.1 192.168.1.1 Tcpip\..\Interfaces\{969E9AA0-6B5C-40B0-9819-6412BC623F0A}: [DhcpNameServer] 192.168.5.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0EtB0AyBtDtAtB0CzzyB0F0B0D0DyEtN0D0Tzu0StAtDtByDtN1L2XzuyEtFyCtCtFtDtFtBtDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDtD0D0EyD0FyB0DtGyCtBtC0FtGtA0AyCtBtGyD0D0CtDtG0Dzy0E0ByByEzztC0FtCzy0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1TzzzztAzyzzyEtCtGyEtCyDyEtGyE1QyDyEtG1SyBtCyEtGyDtA1OyCyB1P1S1QtBtByDzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCyEyBzztN1Q2Z1B1P1RzutCyDzzyCyBzytDtCzyyB%26cr%3D1236458252%26a%3D%26os_ver%3D6.3%26os%3DWindows%2B8.1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-4068495689-3038831413-1457509616-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131421588385276945&GUID=3F38E1EF-E165-4C61-9E8C-DF76C5E8206E SearchScopes: HKLM -> DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=2&v=a14978-477&apn_uid=1099326942924675&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms} SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1142&systemid=406&v=a12627-302&apn_uid=1099326942924675&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=2&v=a14978-477&apn_uid=1099326942924675&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms} SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1142&systemid=406&v=a12627-302&apn_uid=1099326942924675&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKU\S-1-5-21-4068495689-3038831413-1457509616-1001 -> DefaultScope {78DD0DA0-F651-4F65-BE39-CD30B9913B1E} URL = hxxp://www.fr-gogo.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4068495689-3038831413-1457509616-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://fr.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dfr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1Qzuzy0EtB0AyBtDtAtB0CzzyB0F0B0D0DyEtN0D0Tzu0StAtDtByDtN1L2XzuyEtFyCtCtFtDtFtBtDtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2StDtD0D0EyD0FyB0DtGyCtBtC0FtGtA0AyCtBtGyD0D0CtDtG0Dzy0E0ByByEzztC0FtCzy0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S1TzzzztAzyzzyEtCtGyEtCyDyEtGyE1QyDyEtG1SyBtCyEtGyDtA1OyCyB1P1S1QtBtByDzy2QtN0A0LzuyEtN1B2Z1V1T1S1NzutByCyEyBzztN1Q2Z1B1P1RzutCyDzzyCyBzytDtCzyyB%26cr%3D1236458252%26a%3D%26os_ver%3D6.3%26os%3DWindows%2B8.1&p={searchTerms} SearchScopes: HKU\S-1-5-21-4068495689-3038831413-1457509616-1001 -> {78DD0DA0-F651-4F65-BE39-CD30B9913B1E} URL = hxxp://www.fr-gogo.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-4068495689-3038831413-1457509616-1001 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-4068495689-3038831413-1457509616-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2002} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=20&systemid=2&v=a14978-477&apn_uid=1099326942924675&apn_dtid=IME002&o=APN10641&apn_ptnrs=AG2&q={searchTerms} SearchScopes: HKU\S-1-5-21-4068495689-3038831413-1457509616-1001 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=1142&systemid=406&v=a12627-302&apn_uid=1099326942924675&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms} SearchScopes: HKU\S-1-5-21-4068495689-3038831413-1457509616-1001 -> {C96BFC5E-D1D7-4DCA-949E-30AACAC37BA2} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Pas de fichier FireFox: ======== FF DefaultProfile: wf4s7pth.default FF DefaultProfile: jg1353oq.default-1422025731374 FF ProfilePath: C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\l8qh00xv.default [non trouvé(e)] <==== ATTENTION FF ProfilePath: C:\Users\Florence\AppData\Roaming\Oxylane\ONconnect\Profiles\wf4s7pth.default [2019-05-02] FF ProfilePath: C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\pawrh8tl.default-release [2020-04-23] FF Notifications: Mozilla\Firefox\Profiles\pawrh8tl.default-release -> hxxps://www.commentcamarche.net FF Extension: (Widget context) - C:\Users\Florence\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA} [2015-02-25] [] [non signé] FF ProfilePath: C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 [2020-04-22] FF Homepage: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> hxxp://www.fr-gogo.com/ FF NewTab: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAMUdF8IBw5GDFBHdwoVVQ4TEBhBdgwITF1BFgEXcVtZUA0VGRNBNARaUUtXUUEeGGlxR1dMc1BPIU1dBWkDTlJRIVQ= FF Notifications: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> hxxps://twitter.com; hxxps://echantillonsclub.os.tc; hxxps://ledemondujeu.by.finebird.com; hxxps://tv-programme.com; hxxps://www.youtube.com; hxxps://france.joob24.com; hxxps://www.cache-cache.fr; hxxps://www.flvto.biz; hxxps://inaccused.com; hxxps://fr.jobdiagnosis.com; hxxps://www.echantillonsclub.com; hxxps://fr.testclub.com; hxxps://www.bonial.fr; hxxps://www.toner.fr; hxxps://www.camaieu.fr; hxxps://maaf-by.accengage.net; hxxps://mail.yahoo.com; hxxps://www.centre-europeen-formation.fr; hxxps://telecharger-youtube-mp3.com; hxxps://ytmp3.cc; hxxps://updateplayer.to; hxxps://www.devoirs.fr; hxxps://mv6m.ughmother.info FF HomepageOverride: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> Disabled: web@00022358-d56d-4f5e-a89c-d4534d7c5565 FF HomepageOverride: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> Disabled: _hpMembers_@free.easyfileconvert.com FF NewTabOverride: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> Disabled: web@00022358-d56d-4f5e-a89c-d4534d7c5565 FF NewTabOverride: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> Disabled: _hpMembers_@free.easyfileconvert.com FF NewTabOverride: Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374 -> Enabled: {43d20840-2895-4866-9d79-4f6f2ea537f7} FF Extension: (Bilan-IMC - Offres shopping) - C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374\Extensions\application2@bilan-imc.fr.xpi [2018-02-15] [UpdateUrl:hxxps://data1.bilan-imc.fr/partners/files/update_firefox_exts.json] FF Extension: (Organisateur de page) - C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374\Extensions\ioadjf9340joif024rf@ioadjf9340joif024rf.com.xpi [2019-09-24] [UpdateUrl:hxxps://ioadjf9340joif024rf.com/update.json] FF Extension: (winservice86) - C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374\Extensions\taylorralston@hotmail.com [2020-04-15] [] [non signé] FF Extension: (MonConvertisseur) - C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374\Extensions\web@00022358-d56d-4f5e-a89c-d4534d7c5565.xpi [2019-09-03] [UpdateUrl:hxxps://d3qg9vtfkj5yig.cloudfront.net/WebExtensions/Updates/update.json] FF Extension: (Video DownloadHelper) - C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2020-04-02] FF SearchPlugin: C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\jg1353oq.default-1422025731374\searchplugins\bing-.xml [2017-05-28] FF HKLM-x32\...\Firefox\Extensions: [siteranker@siteranker.com] - C:\Program Files (x86)\SiteRanker\firefox => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\l8qh00xv.default\extensions\shortcutff@gmail.com => non trouvé(e) FF HKLM-x32\...\Firefox\Extensions: [detgdp@gmail.com] - C:\Users\Florence\AppData\Roaming\Mozilla\Firefox\Profiles\l8qh00xv.default\extensions\detgdp@gmail.com => non trouvé(e) FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> ) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_363.dll [2020-04-15] (Adobe Inc. -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\dtplugin\npDeployJava1.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files (x86)\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-04-16] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [Pas de fichier] FF Plugin HKU\S-1-5-21-4068495689-3038831413-1457509616-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Florence\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Software Sarl -> Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Users\Florence\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2015-01-22] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\E306B8D397F06CE8175BA004AE944E48E306.js [2015-08-28] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-branding.js [2009-07-15] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js [2009-07-15] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\firefox.js [2009-07-15] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\reporter.js [2009-07-15] FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\E306B8D397F06CE8175BA004AE944E48E306 [2015-08-28] <==== ATTENTION Chrome: ======= CHR Profile: C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default [2020-04-15] CHR HomePage: Default -> hxxp://www.fr-gogo.com/ CHR StartupUrls: Default -> "hxxp://www.fr-gogo.com/" CHR DefaultSearchURL: Default -> hxxp://www.fr-gogo.com/search?q={searchTerms} CHR DefaultSearchKeyword: Default -> recherche CHR Extension: (Slides) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-03-06] CHR Extension: (Docs) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-03-06] CHR Extension: (Google Drive) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-03-06] CHR Extension: (YouTube) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-03-06] CHR Extension: (Sheets) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-03-06] CHR Extension: (Google Docs hors connexion) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-13] CHR Extension: (Paiements via le Chrome Web Store) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-04-13] CHR Extension: (Gmail) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-04-13] CHR Extension: (Chrome Media Router) - C:\Users\Florence\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-13] CHR HKLM\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod] CHR HKLM\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh] CHR HKU\S-1-5-21-4068495689-3038831413-1457509616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod] CHR HKU\S-1-5-21-4068495689-3038831413-1457509616-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh] CHR HKLM-x32\...\Chrome\Extension: [bnlfgalbnliphjafcnhjnnnfijekbnod] CHR HKLM-x32\...\Chrome\Extension: [coikafgfajmocjfjomdmagifpeehhohh] ==================== Services (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173248 2014-11-26] (Microsoft Corporation -> Microsoft Corp.) R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [773632 2008-04-03] () [Fichier non signé] R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [Fichier non signé] R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [141824 2008-04-03] () [Fichier non signé] R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [145224 2016-01-13] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation -> Intel Corporation) R2 MyEpson Portal Service; C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe [714712 2017-06-28] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2425136 2019-11-17] (Electronic Arts, Inc. -> Electronic Arts) S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3303736 2019-11-17] (Electronic Arts, Inc. -> Electronic Arts) R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-03-09] (Dritek System Inc. -> Dritek System INC.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [107760 2019-06-21] (Wondershare Technology Co.,Ltd -> Wondershare) S3 DeviceFastLaneService; "C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe" [X] S3 ePowerSvc; "C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe" [X] S3 GoogleChromeElevationService; "C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.92\elevation_service.exe" [X] ===================== Pilotes (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) S3 bcmfn2; C:\WINDOWS\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [36360 2008-03-06] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 BT; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [16904 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R0 BtHidBus; C:\WINDOWS\System32\Drivers\BtHidBus.sys [25480 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) R1 GUBootStartup; C:\WINDOWS\System32\drivers\GUBootStartup.sys [28936 2020-04-15] (Glarysoft LTD -> Glarysoft Ltd) R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2020-04-22] (Martin Malik - REALiX -> REALiX(tm)) R3 IvtBtBUs; C:\WINDOWS\System32\Drivers\IvtBtBus.sys [31752 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) S3 netr28ux; C:\WINDOWS\system32\DRIVERS\netr28ux.sys [2408208 2013-06-18] (Mediatek Inc. -> Ralink Technology Corp.) S3 nmwcd; C:\WINDOWS\system32\drivers\ccdcmbx64.sys [19968 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 nmwcdc; C:\WINDOWS\system32\drivers\ccdcmbox64.sys [27136 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-03-09] (Dritek System Inc. -> Dritek System Inc.) S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Microsoft Windows Hardware Compatibility Publisher -> Research In Motion Limited) S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.) S3 upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) S3 UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltjx64.sys [9216 2011-08-17] (Microsoft Windows Hardware Compatibility Publisher -> Nokia) R3 VComm; C:\WINDOWS\system32\DRIVERS\VComm.sys [17032 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) R3 VcommMgr; C:\WINDOWS\System32\Drivers\VcommMgr.sys [38664 2008-01-21] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 WUDFWpdComp; C:\WINDOWS\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Windows -> Microsoft Corporation) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [36360 2008-03-06] (IVT SOFTWARE TECHNOLOGY Inc. -> IVT Corporation.) S1 iSafeKrnlMon; \??\C:\Program Files (x86)\Elex-tech\YAC\iSafeKrnlMon.sys [X] <==== ATTENTION S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X] ==================== NetSvcs (Avec liste blanche) =================== (Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.) ==================== Un mois (créés) =================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-04-23 12:41 - 2020-04-23 12:43 - 000038786 _____ C:\Users\Florence\Desktop\FRST.txt 2020-04-23 12:41 - 2020-04-23 09:47 - 002282496 _____ (Farbar) C:\Users\Florence\Desktop\FRST64.exe 2020-04-23 12:18 - 2020-04-23 12:18 - 000001356 _____ C:\Users\Florence\Downloads\newccm.txt 2020-04-23 11:40 - 2020-04-23 11:42 - 000051079 _____ C:\Users\Florence\Downloads\Addition.txt 2020-04-23 10:17 - 2020-04-23 10:17 - 001622528 _____ C:\Users\Florence\Downloads\ResetBrowser.exe 2020-04-23 10:10 - 2020-04-07 05:26 - 003329536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2020-04-23 10:10 - 2020-04-07 04:53 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2020-04-23 09:50 - 2020-04-23 11:42 - 000060127 _____ C:\Users\Florence\Downloads\FRST.txt 2020-04-23 09:48 - 2020-04-23 12:43 - 000000000 ____D C:\FRST 2020-04-23 09:47 - 2020-04-23 09:47 - 002282496 _____ (Farbar) C:\Users\Florence\Downloads\FRST64.exe 2020-04-22 15:42 - 2020-04-22 15:42 - 000000000 ____D C:\Users\Florence\Documents\TotalAV 2020-04-22 15:31 - 2020-04-22 15:31 - 000000000 ____D C:\ProgramData\TotalAV 2020-04-22 15:31 - 2020-04-22 15:31 - 000000000 ____D C:\ProgramData\SecuritySuite 2020-04-22 12:22 - 2020-04-22 12:27 - 000000000 ____D C:\AdwCleaner 2020-04-22 12:21 - 2020-04-22 12:21 - 008196784 _____ (Malwarebytes) C:\Users\Florence\Downloads\adwcleaner_8.0.4.exe 2020-04-22 12:19 - 2020-04-22 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 6.4 2020-04-22 12:17 - 2020-04-22 12:18 - 000000000 ____D C:\Program Files\LibreOffice 2020-04-22 12:05 - 2020-04-22 12:09 - 312619008 _____ C:\Users\Florence\Downloads\LibreOffice_(64bit)_v6.4.3.msi 2020-04-22 11:14 - 2020-04-22 11:14 - 000458960 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\k57nd60a.sys 2020-04-22 11:13 - 2020-04-22 11:13 - 000186424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys 2020-04-22 11:13 - 2020-04-22 11:13 - 000059088 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bScsiMSa.sys 2020-04-22 11:09 - 2020-04-22 11:21 - 000000000 ____D C:\ProgramData\ProductData 2020-04-22 11:08 - 2020-04-22 11:09 - 000000000 ____D C:\Users\Florence\AppData\LocalLow\IObit 2020-04-22 11:07 - 2020-04-22 11:07 - 000027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS 2020-04-22 11:07 - 2020-04-22 11:07 - 000000000 ____D C:\Program Files (x86)\IObit 2020-04-22 11:06 - 2020-04-22 12:28 - 000000000 ____D C:\Users\Florence\AppData\Roaming\IObit 2020-04-22 11:06 - 2020-04-22 11:09 - 000000000 ____D C:\ProgramData\IObit 2020-04-22 11:05 - 2020-04-22 11:05 - 025046272 _____ (IObit ) C:\Users\Florence\Downloads\driver_booster_setup.exe 2020-04-22 10:59 - 2020-04-22 10:59 - 000000960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-04-22 10:59 - 2020-04-22 10:59 - 000000948 _____ C:\Users\Public\Desktop\Firefox.lnk 2020-04-22 10:59 - 2020-04-22 10:59 - 000000948 _____ C:\ProgramData\Desktop\Firefox.lnk 2020-04-22 10:59 - 2020-04-22 10:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla 2020-04-22 10:58 - 2020-04-22 10:59 - 000000000 ____D C:\Program Files\Mozilla Firefox 2020-04-22 10:55 - 2020-04-22 10:55 - 000319848 _____ (Mozilla) C:\Users\Florence\Downloads\Firefox Installer.exe 2020-04-21 12:20 - 2020-04-21 12:20 - 000483843 _____ C:\Users\Florence\Downloads\archive.zip 2020-04-16 11:27 - 2020-02-13 08:03 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe 2020-04-16 11:27 - 2020-02-13 07:06 - 000129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe 2020-04-16 10:33 - 2020-04-16 10:34 - 068698760 _____ (Oracle Corporation) C:\Users\Florence\Downloads\Java_Runtime_Environment_(32bit)_v8_Update_251.exe 2020-04-15 17:52 - 2020-03-31 08:23 - 001368080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2020-04-15 17:52 - 2020-03-31 07:57 - 007362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2020-04-15 17:52 - 2020-03-31 07:42 - 001737520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2020-04-15 17:52 - 2020-03-31 06:49 - 001500888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2020-04-15 17:52 - 2020-03-31 06:47 - 025754624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2020-04-15 17:52 - 2020-03-31 06:31 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll 2020-04-15 17:52 - 2020-03-31 06:22 - 000580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2020-04-15 17:52 - 2020-03-31 06:11 - 000785920 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2020-04-15 17:52 - 2020-03-31 06:10 - 005499904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2020-04-15 17:52 - 2020-03-31 06:08 - 020290048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2020-04-15 17:52 - 2020-03-31 05:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll 2020-04-15 17:52 - 2020-03-31 05:52 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2020-04-15 17:52 - 2020-03-31 05:43 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2020-04-15 17:52 - 2020-03-31 05:42 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2020-04-15 17:52 - 2020-03-31 05:35 - 015468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2020-04-15 17:52 - 2020-03-31 05:34 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2020-04-15 17:52 - 2020-03-31 05:23 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2020-04-15 17:52 - 2020-03-31 05:22 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2020-04-15 17:52 - 2020-03-31 05:20 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2020-04-15 17:52 - 2020-03-31 05:20 - 004112384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2020-04-15 17:52 - 2020-03-31 05:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2020-04-15 17:52 - 2020-03-31 05:17 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2020-04-15 17:52 - 2020-03-31 05:14 - 013854720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2020-04-15 17:52 - 2020-03-31 05:10 - 001493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2020-04-15 17:52 - 2020-03-31 05:09 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2020-04-15 17:52 - 2020-03-31 04:59 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2020-04-15 17:52 - 2020-03-31 04:58 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2020-04-15 17:52 - 2020-03-31 04:56 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2020-04-15 17:52 - 2020-03-31 04:54 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2020-04-15 17:52 - 2020-03-27 16:25 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll 2020-04-15 17:52 - 2020-03-27 14:41 - 001680896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2020-04-15 17:52 - 2020-03-24 02:29 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll 2020-04-15 17:52 - 2020-03-19 07:26 - 000374008 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2020-04-15 17:52 - 2020-03-19 06:11 - 000316152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2020-04-15 17:52 - 2020-03-19 05:53 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2020-04-15 17:52 - 2020-03-19 05:17 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2020-04-15 17:52 - 2020-03-12 02:40 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll 2020-04-15 17:52 - 2020-03-10 10:09 - 001764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2020-04-15 17:52 - 2020-03-10 09:57 - 001135904 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2020-04-15 17:52 - 2020-03-10 09:22 - 001489728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll 2020-04-15 17:52 - 2020-03-10 08:27 - 000860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2020-04-15 17:52 - 2020-03-10 08:08 - 003727360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe 2020-04-15 17:52 - 2020-03-10 07:57 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll 2020-04-15 17:52 - 2020-03-10 07:42 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2020-04-15 17:52 - 2020-03-08 07:20 - 000217400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll 2020-04-15 17:52 - 2020-03-08 06:31 - 000136816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2020-04-15 17:52 - 2020-03-08 06:03 - 000955640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2020-04-15 17:52 - 2020-03-08 05:44 - 000166248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll 2020-04-15 17:52 - 2020-03-08 05:22 - 000788096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2020-04-15 17:52 - 2020-03-08 04:45 - 004168704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2020-04-15 17:52 - 2020-03-08 04:03 - 001479680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2020-04-15 17:52 - 2020-03-08 03:39 - 001335808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2020-04-15 17:52 - 2020-03-08 03:39 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll 2020-04-15 17:52 - 2020-03-08 03:37 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll 2020-04-15 17:52 - 2020-03-08 03:33 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll 2020-04-15 17:52 - 2020-03-08 03:29 - 003718144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2020-04-15 17:52 - 2020-03-08 03:24 - 000606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2020-04-15 17:52 - 2020-03-08 03:23 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll 2020-04-15 17:52 - 2020-03-08 03:21 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll 2020-04-15 17:52 - 2020-03-08 03:19 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll 2020-04-15 17:52 - 2020-03-08 01:25 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll 2020-04-15 17:52 - 2020-03-08 01:25 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll 2020-04-15 17:52 - 2020-02-13 10:01 - 000989648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2020-04-15 17:52 - 2020-02-08 22:03 - 000162416 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2020-04-15 17:52 - 2020-02-05 16:20 - 001717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2020-04-15 17:52 - 2020-02-05 16:20 - 000802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2020-04-15 17:52 - 2020-02-05 16:20 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2020-04-15 17:52 - 2020-02-05 16:20 - 000634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2020-04-15 17:52 - 2020-02-05 16:20 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll 2020-04-15 17:52 - 2020-02-05 16:20 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2020-04-15 17:52 - 2020-02-05 16:20 - 000315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2020-04-15 17:52 - 2020-02-05 16:20 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2020-04-15 16:25 - 2020-04-15 16:25 - 000028936 _____ (Glarysoft Ltd) C:\WINDOWS\system32\Drivers\GUBootStartup.sys 2020-04-15 16:25 - 2020-04-15 16:25 - 000002984 _____ C:\WINDOWS\system32\Tasks\GU5SkipUAC 2020-04-15 16:25 - 2020-04-15 16:25 - 000001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2020-04-15 16:25 - 2020-04-15 16:25 - 000001068 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk 2020-04-15 16:25 - 2020-04-15 16:25 - 000001068 _____ C:\ProgramData\Desktop\Glary Utilities 5.lnk 2020-04-15 16:25 - 2020-04-15 16:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2020-04-15 16:23 - 2020-04-22 12:10 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5 2020-04-15 14:44 - 2020-04-15 20:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-04-13 17:50 - 2020-04-13 17:50 - 002907824 _____ ( ) C:\Users\Florence\Downloads\Download_mp3_3823270659.exe 2020-04-13 17:18 - 2020-04-13 17:27 - 653388814 _____ C:\Users\Florence\Downloads\Famille Addams.mp4 2020-04-13 17:07 - 2020-04-13 17:07 - 000002341 _____ C:\Users\Florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2020-04-13 17:07 - 2020-04-13 17:07 - 000002333 _____ C:\Users\Florence\Desktop\Chromium.lnk 2020-04-13 17:05 - 2020-04-23 12:05 - 000000312 _____ C:\WINDOWS\Tasks\{7C407C9A-D4B3-7DDE-4A0B-3B3752B81907}.job 2020-04-13 17:05 - 2020-04-13 17:07 - 000000000 ____D C:\Users\Florence\AppData\Local\chromium 2020-04-13 17:05 - 2020-04-13 17:05 - 000002650 _____ C:\WINDOWS\system32\Tasks\{7C407C9A-D4B3-7DDE-4A0B-3B3752B81907} 2020-04-13 17:05 - 2020-04-13 17:05 - 000000000 ____D C:\Users\Florence\AppData\Roaming\Roheceru 2020-04-13 17:04 - 2020-04-13 17:09 - 000000000 ____D C:\Users\Florence\AppData\Local\{E37ED522-C7D6-B99A-AA4E-9C728E2660EA} 2020-04-13 17:04 - 2020-04-13 17:04 - 000001354 _____ C:\Users\Florence\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HowToRemove.lnk 2020-04-13 17:03 - 2020-04-13 17:03 - 001055936 _____ (Adobe) C:\Users\Florence\Downloads\Download_mp3 2020-04-08 11:53 - 2020-04-08 11:53 - 000137668 _____ C:\Users\Florence\Downloads\attestation-sortie-coronavirus-873.pdf 2020-04-08 00:21 - 2020-04-08 00:21 - 000205552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_2.dll 2020-04-08 00:21 - 2020-04-08 00:21 - 000030960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140_1.dll 2020-04-04 11:34 - 2020-04-04 11:34 - 000069980 _____ C:\Users\Florence\Downloads\Bulletin salaire_ANDRES_03_2020.pdf 2020-04-04 11:32 - 2020-04-04 11:32 - 000240480 _____ C:\Users\Florence\Documents\Récapitulatif salaires_2019.oxps ==================== Un mois (modifiés) ================== (Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.) 2020-04-23 12:32 - 2016-11-19 13:21 - 000000000 ____D C:\Users\Florence\AppData\LocalLow\Mozilla 2020-04-23 12:09 - 2020-01-24 15:09 - 000000943 _____ C:\WINDOWS\Tasks\EPSON XP-243 245 247 Series Update {75187737-B78A-4336-993F-B9E01E83EE44}.job 2020-04-23 12:07 - 2015-03-23 18:07 - 000003150 _____ C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-6.job 2020-04-23 12:07 - 2015-03-23 18:07 - 000002124 _____ C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-10_user.job 2020-04-23 11:15 - 2017-11-09 13:55 - 000000000 ____D C:\Users\Florence\AppData\Roaming\Origin 2020-04-23 11:15 - 2017-11-09 13:55 - 000000000 ____D C:\ProgramData\Origin 2020-04-23 11:11 - 2015-05-28 23:12 - 000000584 _____ C:\WINDOWS\Tasks\too_kool_fo_school_helper_service.job 2020-04-23 11:11 - 2015-03-23 18:08 - 000002458 _____ C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5_user.job 2020-04-23 11:11 - 2015-03-23 18:08 - 000002458 _____ C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-5.job 2020-04-23 11:11 - 2015-03-23 18:07 - 000004170 _____ C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-4.job 2020-04-23 11:11 - 2015-03-23 18:07 - 000003486 _____ C:\WINDOWS\Tasks\b84aeba7-6e01-4cc5-aced-9ee94227dffe-1-7.job 2020-04-23 11:11 - 2014-04-26 12:22 - 000000370 _____ C:\WINDOWS\Tasks\Disk Speedup.job 2020-04-23 11:11 - 2013-11-18 06:12 - 000000000 __RDO C:\Users\Florence\SkyDrive 2020-04-23 11:11 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT 2020-04-23 11:11 - 2008-04-03 17:41 - 000000824 _____ C:\WINDOWS\SysWOW64\bscs.ini 2020-04-23 10:38 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI 2020-04-23 10:32 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf 2020-04-23 10:20 - 2014-05-22 13:15 - 000000964 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4068495689-3038831413-1457509616-1001UA.job 2020-04-23 10:16 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp 2020-04-23 08:02 - 2013-12-01 12:20 - 000003960 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8AAA5AD1-C03A-445F-9FD6-DA0DA18682C3} 2020-04-22 15:51 - 2013-11-16 22:16 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4068495689-3038831413-1457509616-1001 2020-04-22 13:52 - 2013-08-22 16:44 - 000526024 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2020-04-22 13:23 - 2012-11-26 06:12 - 000000000 ____D C:\Program Files\Packard Bell 2020-04-22 13:20 - 2014-05-22 13:15 - 000000942 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4068495689-3038831413-1457509616-1001Core.job 2020-04-22 13:07 - 2015-02-26 17:12 - 000000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7 2020-04-22 12:27 - 2015-01-12 16:39 - 000000000 ____D C:\WINDOWS\system32\log 2020-04-22 12:27 - 2013-11-18 05:46 - 000000000 ____D C:\Users\Florence 2020-04-22 11:30 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache 2020-04-22 11:17 - 2013-09-30 06:16 - 001024054 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2020-04-22 11:17 - 2013-09-30 05:56 - 000156662 _____ C:\WINDOWS\system32\perfc00C.dat 2020-04-22 11:17 - 2013-09-30 05:56 - 000017994 _____ C:\WINDOWS\system32\perfh00C.dat 2020-04-22 10:59 - 2015-02-25 20:49 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-04-22 10:56 - 2014-04-26 11:41 - 000000000 ____D C:\Users\Florence\AppData\Roaming\vlc 2020-04-19 10:52 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF 2020-04-16 11:10 - 2018-03-06 19:43 - 000000000 ____D C:\Program Files (x86)\Google 2020-04-16 10:40 - 2017-04-15 09:44 - 000000000 ___RD C:\Program Files (x86)\Skype 2020-04-16 10:40 - 2015-08-05 10:44 - 000000000 ____D C:\ProgramData\Skype 2020-04-16 10:38 - 2014-08-19 13:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2020-04-16 10:38 - 2014-04-26 10:40 - 000000000 ____D C:\Program Files (x86)\Java 2020-04-16 10:37 - 2014-08-19 13:33 - 000114344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2020-04-15 21:22 - 2018-03-26 10:58 - 000000000 ____D C:\Users\Florence\AppData\Roaming\TeamViewer 2020-04-15 21:22 - 2016-02-22 15:05 - 000000000 ____D C:\WINDOWS\Minidump 2020-04-15 21:22 - 2015-02-23 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 2020-04-15 21:22 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\ModemLogs 2020-04-15 21:11 - 2014-04-26 12:39 - 000000000 ____D C:\ProgramData\GlarySoft 2020-04-15 20:21 - 2014-07-12 08:51 - 000000000 ___SD C:\WINDOWS\system32\CompatTel 2020-04-15 17:41 - 2016-03-14 19:57 - 000000000 ____D C:\Users\Florence\AppData\Local\ElevatedDiagnostics 2020-04-15 17:15 - 2017-11-09 13:02 - 000000899 _____ C:\Users\Public\Desktop\VLC media player.lnk 2020-04-15 17:15 - 2017-11-09 13:02 - 000000899 _____ C:\ProgramData\Desktop\VLC media player.lnk 2020-04-15 17:12 - 2018-03-13 23:14 - 000004646 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier 2020-04-15 17:12 - 2013-12-01 11:32 - 000004460 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player Updater 2020-04-15 17:12 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed 2020-04-15 17:12 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed 2020-04-15 16:49 - 2014-01-15 22:09 - 000000000 ____D C:\Users\Florence\AppData\Local\Google 2020-04-15 16:37 - 2017-11-10 19:23 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4 2020-04-15 16:36 - 2017-11-10 19:24 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.4 2020-04-15 16:32 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness 2020-04-15 16:25 - 2014-04-26 10:14 - 000000000 ____D C:\Users\Florence\AppData\Roaming\GlarySoft 2020-04-02 01:49 - 2013-11-18 07:02 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2020-03-28 13:14 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\setup ==================== Fichiers à la racine de certains dossiers ======== 2015-03-25 21:58 - 2015-03-25 21:58 - 000000000 _____ () C:\Users\Florence\AppData\Local\.w852.db 2014-05-12 19:01 - 2014-05-12 19:01 - 000003584 _____ () C:\Users\Florence\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-11-23 16:11 - 2015-02-26 16:12 - 000000040 _____ () C:\Users\Florence\AppData\Local\recently-fix.db 2017-11-10 17:52 - 2017-11-10 18:15 - 000007604 _____ () C:\Users\Florence\AppData\Local\Resmon.ResmonCfg 2019-06-08 09:57 - 2019-06-08 09:57 - 000000000 _____ () C:\Users\Florence\AppData\Local\{52336FA5-CCB7-4A3D-9E5D-2E8C89FB5CBE} ==================== SigCheck ============================ (Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.) LastRegBack: 2020-04-13 18:42 ==================== Fin de FRST.txt ========================