Publicité
Publicité
Format du document : text/plain
Prévisualisation
Résultats d'analyse de Farbar Recovery Scan Tool (FRST) (x64) Version: 16-10-2017
Exécuté par jmschneider (administrateur) sur L-15N002 (17-10-2017 16:49:57)
Exécuté depuis C:\Users\jmschneider\Desktop
Profils chargés: jmschneider (Profils disponibles: Administrateur & sgayme & acahagne & jmschneider & mluong & vdomalain & MLOUVEL & FRAPITA & Administrateur)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Projector\EasyMP Multi PC Projection\EMP_MPENSV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(IBM Corp) C:\Lotus\notes\SUService.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmssclient.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Lenovo) C:\Users\jmschneider\AppData\Local\Apps\2.0\PO0A8R61.7GP\JN9TPHMA.LWZ\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(IBM Corp) C:\Lotus\notes\nlnotes.exe
(IBM) C:\Lotus\notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\notes2.exe
(IBM Corp) C:\Lotus\notes\ntaskldr.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-05] (Synaptics Incorporated)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296664 2017-05-12] (Lenovo Group Limited)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [3382056 2016-10-05] (Trend Micro Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Google Update] => C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Barre d'outils Cordial] => C:\PROGRAM FILES (X86)\CORDIAL\BARRE_OUTILS_CORDIAL.EXE [512068 2015-12-09] (Synapse Développement)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [ApowerMirror] => C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe /autoStart
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Policies\Explorer: [NoInplaceSharing] 0
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\MountPoints2: {421d91c8-5d39-11e3-8c10-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-04-17]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2017-10-17]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2016-10-30] ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 172.23.200.10 192.168.1.21
Tcpip\..\Interfaces\{31E9A69B-301B-44C5-85FE-361B4C90C253}: [DhcpNameServer] 172.23.200.10 192.168.1.21
Tcpip\..\Interfaces\{5E668251-543E-40CE-9A8C-66A79E16F723}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69CC05F3-05EF-4554-81B5-46520F391F77}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9311735F-D36F-4AFA-B7BE-BB86ABA492BD}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{B81CABE5-9D60-4A89-925C-A62219066C8E}: [DhcpNameServer] 172.23.200.10 192.168.1.21
Internet Explorer:
==================
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://recherche/RetD/index.php?option=com_dailymessage&Itemid=27&includepage=Recherche_action
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2036766668-3896712167-1855363723-11252 -> DefaultScope {557B08E5-CDF6-47E3-87A7-D96DB2D78EE6} URL =
SearchScopes: HKU\S-1-5-21-2036766668-3896712167-1855363723-11252 -> {557B08E5-CDF6-47E3-87A7-D96DB2D78EE6} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll => Pas de fichier
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Pas de fichier
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-10] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-03-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-10] (Oracle Corporation)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {DEA985BB-7945-11D4-97AF-0006297090B0} hxxp://192.168.1.54:83/jde/axctls/jdeexpimp.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} hxxps://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\jmschneider\AppData\Roaming\Mozilla\Firefox\Profiles\ncdhkgm9.default [2016-03-19]
FF Homepage: Mozilla\Firefox\Profiles\ncdhkgm9.default -> hxxp://r.orange.fr/r/Oodc_FF_oi_v2?ref=O_OI_defaultPage_FF_odc
FF Extension: (Exif Viewer) - C:\Users\jmschneider\AppData\Roaming\Mozilla\Firefox\Profiles\ncdhkgm9.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2016-03-19]
FF HKLM-x32\...\Firefox\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF Extension: (Correction Cordial) - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox [2016-02-01]
FF HKLM-x32\...\Thunderbird\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2015-11-20] [non signé]
FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Firefox\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Thunderbird\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-16] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Windows\system32\npDeployJava1.dll [2016-01-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @citrixonline.com/appdetectorplugin -> C:\Users\jmschneider\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-02-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @radvision.com/ConfClient -> C:\Users\jmschneider\AppData\Local\Radvision\Installer\1.5.0.5\npclientinstmgr.dll [2015-09-21] (Avaya, Inc.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @tools.google.com/Google Update;version=3 -> C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @tools.google.com/Google Update;version=9 -> C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: SkypePlugin -> C:\Users\jmschneider\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: SkypePlugin64 -> C:\Users\jmschneider\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\jmschneider\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-03-06] (Cisco WebEx LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default [2017-10-17]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Skype Calling) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-07-08]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2017-09-30]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-07-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Visualping) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2017-08-21]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-09-11]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-25]
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\default_apps\search.crx [2015-12-04]
CHR crx: C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\default_apps\search.crx [2013-11-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-26] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 dsNcService; C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe [690128 2017-03-03] (Pulse Secure, LLC)
S3 DWMRCS; C:\Windows\SysWOW64\DWRCS.exe [241688 2010-04-07] (DameWare Development LLC)
R2 EMP_MPENSV; C:\Program Files\EPSON Projector\EasyMP Multi PC Projection\EMP_MPENSV.exe [238120 2015-12-03] (SEIKO EPSON CORPORATION)
R2 EMP_NSWLSV; C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe [147968 2015-11-04] (SEIKO EPSON CORPORATION) [Fichier non signé]
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107792 2013-07-03] (Condusiv Technologies)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [160048 2012-11-21] (Lenovo)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S3 IBM Notes Diagnostics; C:\Lotus\notes\nsd.exe [5164136 2013-10-15] (IBM)
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130664 2015-03-12] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
S3 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [169176 2017-05-12] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited)
R2 LNSUSvc; C:\Lotus\notes\SUService.exe [1654376 2013-10-15] (IBM Corp)
S3 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S3 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Multi-user Cleanup Service; C:\Lotus\notes\ntmulti.exe [38504 2013-10-15] (IBM Corp)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [7535568 2016-10-05] (Trend Micro Inc.)
R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [182232 2017-02-22] (Pulse Secure, LLC)
S3 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
S3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23928 2017-08-16] ()
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [594432 2016-10-03] (Trend Micro Inc.)
R3 tmccsf; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [1501952 2016-10-05] (Trend Micro Inc.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [5614096 2016-10-05] (Trend Micro Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [88400 2015-12-06] (Synaptics Incorporated)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-05] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-10-28] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2014-11-26] (Motorola Solutions, Inc.)
R1 dwvkbd; C:\Windows\System32\DRIVERS\dwvkbd64.sys [30720 2007-02-15] (DameWare)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation)
R3 empvhid; C:\Windows\System32\DRIVERS\EMP_VHID.sys [29688 2015-12-03] (Windows (R) Win 7 DDK provider)
R3 EMP_MIRRMPP; C:\Windows\System32\DRIVERS\EMP_MirrMPP.sys [5632 2015-12-03] (Windows (R) Codename Longhorn DDK provider)
R3 EMP_MIRRNP; C:\Windows\System32\DRIVERS\EMP_MirrNP.sys [5632 2015-11-04] (Windows (R) Codename Longhorn DDK provider)
R3 EPPVAD2_simple; C:\Windows\System32\drivers\EMP_NSAU.sys [23040 2015-11-04] (SEIKO EPSON CORPORATION)
R3 EPPVADMP_simple; C:\Windows\System32\drivers\EMP_MPAU.sys [23040 2015-12-03] (SEIKO EPSON CORPORATION)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25872 2013-07-03] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112912 2013-07-03] (Condusiv Technologies)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [71472 2012-11-21] (Windows (R) Win 7 DDK provider)
S3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [24592 2008-10-29] (FarStone Inc.)
R0 fvxscsi; C:\Windows\System32\DRIVERS\fvxscsi.sys [93896 2013-08-22] (FarStone Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [246512 2015-01-22] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-04-15] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-30] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3426576 2016-05-03] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2013-08-05] ()
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2017-10-16] ()
S3 rt70x64; C:\Windows\System32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-10-22] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2015-10-22] (Acronis International GmbH)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [129752 2016-09-29] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [435424 2016-09-29] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [72504 2016-04-21] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [143072 2016-07-15] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [91872 2016-09-29] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [393944 2017-03-21] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [66776 2017-03-21] (Trend Micro Inc.)
R1 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [111840 2016-10-03] (Trend Micro Inc.)
S3 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [131808 2016-07-15] (Trend Micro Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-12-05] (Microsoft Corporation) [Fichier non signé]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-12-05] (Microsoft Corporation) [Fichier non signé]
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-10-22] (Acronis International GmbH)
S3 vl810filter; C:\Windows\System32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Labs, Inc.)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2621144 2017-03-21] (Trend Micro Inc.)
S3 VSPerfDrv150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\VSPerfCollectionTools\VSPerfDrv150.sys [79528 2016-03-02] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-03-20] ()
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-17 16:49 - 2017-10-17 16:50 - 000036948 _____ C:\Users\jmschneider\Desktop\FRST.txt
2017-10-17 16:48 - 2017-10-17 16:49 - 000000000 ____D C:\FRST
2017-10-17 16:47 - 2017-10-17 16:47 - 002401792 _____ (Farbar) C:\Users\jmschneider\Desktop\FRST64.exe
2017-10-17 16:36 - 2017-10-17 16:36 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\smkits
2017-10-17 15:38 - 2017-10-17 15:40 - 000000000 ____D C:\AdwCleaner
2017-10-17 15:36 - 2017-10-17 15:37 - 008250832 _____ (Malwarebytes) C:\Users\jmschneider\Desktop\adwcleaner_7.0.3.1.exe
2017-10-17 15:08 - 2017-10-17 15:10 - 000010754 _____ C:\Users\jmschneider\Desktop\ZHPCleaner.txt
2017-10-17 14:46 - 2017-10-17 14:46 - 000000910 _____ C:\Users\jmschneider\Desktop\ZHPCleaner.lnk
2017-10-17 14:46 - 2017-10-17 14:45 - 002946944 _____ C:\Users\jmschneider\Desktop\zhpcleaner_2017.10.10.179.exe
2017-10-17 14:45 - 2017-10-17 14:45 - 002946944 _____ C:\Users\jmschneider\Downloads\zhpcleaner_2017.10.10.179.exe
2017-10-17 14:09 - 2017-10-17 15:55 - 000271846 _____ C:\Users\jmschneider\Desktop\ZHPDiag.txt
2017-10-17 13:59 - 2017-10-17 14:46 - 000000000 ____D C:\Users\jmschneider\AppData\Local\ZHP
2017-10-17 13:59 - 2017-10-17 13:59 - 000000799 _____ C:\Users\jmschneider\Desktop\ZHPDiag.lnk
2017-10-17 13:58 - 2017-10-17 13:58 - 002900480 _____ C:\Users\jmschneider\Desktop\zhpdiag_v2017.10.9.179.exe
2017-10-15 16:08 - 2017-10-15 16:08 - 000110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2017-10-15 15:52 - 2017-10-15 15:52 - 001018864 _____ C:\Users\jmschneider\Downloads\mirror_go_setup_full1906.exe
2017-10-15 15:52 - 2017-10-15 15:52 - 000001174 _____ C:\Users\Public\Desktop\Wondershare MirrorGo.lnk
2017-10-15 15:52 - 2017-10-15 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-10-15 09:13 - 2017-10-15 09:13 - 000000000 ____D C:\Users\jmschneider\Documents\Apowersoft
2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Apowersoft
2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Program Files\Bonjour
2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-10-15 09:11 - 2017-10-15 09:11 - 070580136 _____ (APOWERSOFT LIMITED ) C:\Users\jmschneider\Downloads\apowermirror.exe
2017-10-14 12:06 - 2017-10-14 12:06 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Notepad++
2017-10-14 12:06 - 2017-10-14 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-10-13 20:37 - 2017-10-13 20:37 - 015756368 _____ (TeamViewer GmbH) C:\Users\jmschneider\Downloads\TeamViewer_Setup.exe
2017-10-13 18:50 - 2017-10-13 18:50 - 000543664 _____ () C:\Users\jmschneider\Downloads\setup (2).exe
2017-10-13 13:19 - 2017-10-13 13:19 - 000000605 _____ C:\Users\jmschneider\Desktop\Centre de support Waldata.lnk
2017-10-11 17:06 - 2017-10-16 11:44 - 000001940 _____ C:\Users\jmschneider\Desktop\PCV.lnk
2017-10-11 08:55 - 2017-10-11 08:55 - 000227710 _____ C:\Users\jmschneider\Downloads\11792456_20171011_065336_734.pdf
2017-10-05 19:08 - 2017-10-05 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-04 19:01 - 2017-10-04 19:01 - 212495067 _____ C:\Users\jmschneider\Downloads\DataBase.fcx
2017-10-04 16:16 - 2017-10-04 16:16 - 001428243 _____ C:\Users\jmschneider\Downloads\file__916299776.pdf
2017-10-04 16:11 - 2017-10-04 16:11 - 213710261 _____ C:\Users\jmschneider\Downloads\DataBase.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-10-02 20:18 - 2017-10-02 20:18 - 000298305 _____ C:\Users\jmschneider\Documents\Scan0001.pdf
2017-10-01 12:01 - 2017-10-01 12:01 - 001391469 _____ C:\Users\jmschneider\Downloads\file__1202379258.pdf
2017-09-30 16:42 - 2017-09-30 16:42 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Google
2017-09-30 16:39 - 2017-09-30 16:39 - 001130328 _____ (Google Inc.) C:\Users\jmschneider\Downloads\ChromeSetup (2).exe
2017-09-30 16:37 - 2017-09-30 16:37 - 000002443 _____ C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-09-30 16:36 - 2017-09-30 16:36 - 001130328 _____ (Google Inc.) C:\Users\jmschneider\Downloads\ChromeSetup (1).exe
2017-09-30 16:36 - 2017-09-30 16:36 - 000003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2036766668-3896712167-1855363723-11252UA
2017-09-30 16:36 - 2017-09-30 16:36 - 000003420 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2036766668-3896712167-1855363723-11252Core
2017-09-29 19:54 - 2017-09-29 19:55 - 004864846 _____ C:\Users\jmschneider\Downloads\file__1458664100.pdf
2017-09-27 18:36 - 2017-09-27 18:42 - 000000000 ____D C:\Program Files\MacroCreator
2017-09-27 18:34 - 2017-09-27 18:34 - 003382733 _____ (Rodolfo U. Batista ) C:\Users\jmschneider\Downloads\MacroCreator-setup.exe
2017-09-27 18:24 - 2017-09-27 18:24 - 003041687 _____ C:\Users\jmschneider\Downloads\AutoHotkey_2.0-a081-cad307c.zip
2017-09-27 10:53 - 2017-09-27 18:29 - 000000000 ____D C:\Users\jmschneider\Desktop\AutoKey
2017-09-27 07:40 - 2017-09-27 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2017-09-26 20:55 - 2017-09-26 20:55 - 004433060 _____ C:\Users\jmschneider\Downloads\AutoHotkey_1.1.26.01.zip
2017-09-26 20:37 - 2017-09-26 20:38 - 038142423 _____ C:\Users\jmschneider\Downloads\actionaz-3.8.0-win64.7z
2017-09-26 19:58 - 2017-09-26 19:58 - 000664931 _____ C:\Users\jmschneider\Downloads\WinParrot_FR.zip
2017-09-26 09:28 - 2017-10-08 10:47 - 000000000 ___RD C:\Users\jmschneider\Dropbox
2017-09-26 09:24 - 2017-10-05 19:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-26 09:24 - 2017-09-27 19:11 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Dropbox
2017-09-26 09:24 - 2017-09-26 09:24 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Dropbox
2017-09-26 09:24 - 2017-09-26 09:24 - 000000000 ____D C:\ProgramData\Dropbox
2017-09-26 09:23 - 2017-09-26 09:24 - 000690080 _____ (Dropbox, Inc.) C:\Users\jmschneider\Downloads\DropboxInstaller.exe
2017-09-24 13:22 - 2017-09-24 13:22 - 000922825 _____ C:\Users\jmschneider\Downloads\file__1676267122.pdf
2017-09-22 18:08 - 2017-09-22 18:08 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waldata
2017-09-22 18:07 - 2017-09-28 18:51 - 000000000 ____D C:\WALDATA
2017-09-22 16:58 - 2017-09-22 17:07 - 136542955 _____ (Waldata) C:\Users\jmschneider\Downloads\internet_walmastertrader.exe
2017-09-22 14:18 - 2017-09-22 14:18 - 000000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-18 18:34 - 2017-09-18 18:39 - 000687616 _____ C:\Users\jmschneider\Downloads\Solvent_switch (3).XLs
2017-09-18 18:34 - 2017-09-18 18:34 - 000353792 _____ C:\Users\jmschneider\Downloads\Solvent_Switch_Immiscible.XLs
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-17 16:50 - 2015-03-27 11:45 - 000000472 _____ C:\Windows\system32\config\netlogon.ftl
2017-10-17 16:26 - 2015-09-10 13:40 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Deployment
2017-10-17 16:18 - 2017-02-23 12:50 - 000000570 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2036766668-3896712167-1855363723-11252.job
2017-10-17 16:12 - 2013-12-05 09:39 - 002076692 _____ C:\Windows\system32\perfh00C.dat
2017-10-17 16:12 - 2013-12-05 09:39 - 000598076 _____ C:\Windows\system32\perfc00C.dat
2017-10-17 16:12 - 2009-07-14 07:13 - 000006436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-17 15:51 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-17 15:51 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-17 15:47 - 2016-03-13 19:29 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\ZHP
2017-10-17 15:46 - 2016-04-07 09:38 - 000000558 ____H C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job
2017-10-17 15:46 - 2015-07-21 09:41 - 000000558 _____ C:\Windows\Tasks\MATLAB R2015a Startup Accelerator.job
2017-10-17 15:46 - 2015-03-30 12:29 - 000014186 _____ C:\Windows\cfgall.ini
2017-10-17 15:44 - 2017-04-10 08:43 - 000000224 _____ C:\Windows\Tasks\Lenovo Active Protection System.job
2017-10-17 15:44 - 2016-06-21 09:35 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Skype
2017-10-17 15:42 - 2015-09-17 13:11 - 000000000 ____D C:\ProgramData\Synaptics
2017-10-17 15:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-17 15:16 - 2015-07-23 09:11 - 000000000 ____D C:\Users\jmschneider\Documents\TEMP
2017-10-17 15:11 - 2015-07-20 12:48 - 000000000 ____D C:\Users\jmschneider
2017-10-17 12:33 - 2015-07-20 12:48 - 000001994 __RSH C:\Users\jmschneider\ntuser.pol
2017-10-17 09:26 - 2013-12-18 14:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-16 14:49 - 2017-04-21 09:48 - 000004650 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-16 14:49 - 2017-04-21 09:48 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-16 14:49 - 2013-12-18 14:23 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-16 14:49 - 2013-12-18 14:23 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-16 14:49 - 2013-12-18 14:23 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-16 14:49 - 2013-12-18 14:23 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-16 08:50 - 2017-06-05 07:50 - 000031152 _____ C:\Windows\system32\Drivers\pmxdrv.sys
2017-10-15 16:08 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Wondershare
2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Users\jmschneider\.android
2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Program Files (x86)\Wondershare
2017-10-15 15:52 - 2017-05-10 18:22 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2017-10-14 12:06 - 2015-07-20 13:58 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Notepad++
2017-10-14 12:06 - 2013-12-18 16:40 - 000000000 ____D C:\Program Files (x86)\Notepad++
2017-10-13 18:02 - 2015-07-23 08:57 - 000002332 ____H C:\Users\jmschneider\Documents\Default.rdp
2017-10-13 14:33 - 2017-07-08 08:43 - 000000000 ____D C:\Users\jmschneider\AppData\Local\GoToMeeting
2017-10-13 14:33 - 2017-02-23 12:50 - 000003600 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2036766668-3896712167-1855363723-11252
2017-10-12 08:16 - 2015-03-27 11:47 - 000010659 __RSH C:\ProgramData\ntuser.pol
2017-10-10 22:06 - 2015-07-25 19:56 - 000000000 ____D C:\ProgramData\CompeGPS
2017-10-08 17:31 - 2015-08-05 21:59 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\vlc
2017-10-04 23:53 - 2016-04-23 08:50 - 000000000 ____D C:\WINDDK
2017-09-30 16:49 - 2015-07-21 08:22 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Google
2017-09-27 08:50 - 2015-09-12 14:18 - 000007625 _____ C:\Users\jmschneider\AppData\Local\Resmon.ResmonCfg
2017-09-27 07:40 - 2017-05-02 22:05 - 000000000 ____D C:\Program Files\AutoHotkey
2017-09-27 07:40 - 2015-03-30 13:32 - 000000000 ____D C:\Windows\SHELLNEW
2017-09-26 18:06 - 2017-03-19 23:43 - 000000000 ____D C:\Users\jmschneider\.Synkron
2017-09-26 14:27 - 2016-04-25 10:57 - 000000000 ____D C:\Users\jmschneider\Documents\Visual Studio 2015
2017-09-26 09:36 - 2015-11-08 00:28 - 000000600 _____ C:\Users\jmschneider\AppData\Local\PUTTY.RND
2017-09-25 08:17 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-25 08:17 - 2009-07-14 06:45 - 000418688 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-22 18:08 - 2015-07-20 12:49 - 000112304 _____ C:\Users\jmschneider\AppData\Local\GDIPFONTCACHEV1.DAT
2017-09-18 18:23 - 2017-07-11 17:54 - 000686592 _____ C:\Users\jmschneider\Downloads\Solvent_switch (2).XLs
==================== Fichiers à la racine de certains dossiers =======
2017-03-27 11:34 - 2017-03-31 22:59 - 000000517 ____H () C:\Users\jmschneider\AppData\Roaming\basICColor.input5.lic
2017-03-27 11:35 - 2017-03-27 11:35 - 000000160 _____ () C:\Users\jmschneider\AppData\Roaming\basICColorLicenseFiles
2015-09-12 14:07 - 2015-09-12 14:07 - 000000019 _____ () C:\Users\jmschneider\AppData\Roaming\dll.bin
2015-11-08 00:28 - 2017-09-26 09:36 - 000000600 _____ () C:\Users\jmschneider\AppData\Local\PUTTY.RND
2016-12-28 11:18 - 2016-12-28 11:18 - 000002319 _____ () C:\Users\jmschneider\AppData\Local\recently-used.xbel
2015-09-12 14:18 - 2017-09-27 08:50 - 000007625 _____ () C:\Users\jmschneider\AppData\Local\Resmon.ResmonCfg
2016-12-12 14:48 - 2017-01-03 21:36 - 000080896 _____ () C:\Users\jmschneider\AppData\Local\WebpageIcons.db
2015-11-20 13:43 - 2015-11-20 13:45 - 000034450 _____ () C:\Users\jmschneider\AppData\Local\WiDiSetupLog.20151120.124347.wdl
2016-04-22 22:25 - 2016-04-22 22:25 - 000000041 ___SH () C:\ProgramData\.zreglib
2016-06-04 15:30 - 2016-06-04 15:30 - 000000057 _____ () C:\ProgramData\Ament.ini
2013-12-05 01:34 - 2013-12-05 01:34 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Fichiers à déplacer ou supprimer:
====================
C:\Users\jmschneider\Partages.vbs
Certains fichiers dans TEMP:
====================
2016-10-13 16:16 - 2013-07-25 11:15 - 000026688 _____ (Foxit Corporation) C:\Users\jmschneider\AppData\Local\Temp\Checkupdate.exe
2017-04-14 08:52 - 2017-04-14 08:52 - 001927736 _____ () C:\Users\jmschneider\AppData\Local\Temp\dsHostCheckerSetup.exe
2017-03-03 13:50 - 2017-03-03 13:50 - 000252248 _____ (Pulse Secure, LLC) C:\Users\jmschneider\AppData\Local\Temp\dsInstallerClientLegacy.dll
2016-10-13 16:16 - 2013-08-02 19:17 - 008465984 _____ (Foxit Corporation) C:\Users\jmschneider\AppData\Local\Temp\Foxit Reader Updater.exe
2016-10-13 16:16 - 2013-06-09 22:59 - 000216064 _____ () C:\Users\jmschneider\AppData\Local\Temp\gcapi_dll.dll
2016-10-13 16:16 - 2013-06-10 00:38 - 000073408 _____ () C:\Users\jmschneider\AppData\Local\Temp\gtapi_signed.dll
2016-07-18 01:00 - 2016-07-18 01:00 - 000005632 _____ () C:\Users\jmschneider\AppData\Local\Temp\hwlzudir.dll
2017-05-09 12:21 - 2014-09-28 03:57 - 000910848 _____ () C:\Users\jmschneider\AppData\Local\Temp\InternalAHK.exe
2016-07-22 16:27 - 2016-07-22 16:27 - 000741440 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-20 17:27 - 2017-01-20 17:27 - 000739904 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-07-30 20:05 - 2017-07-30 20:05 - 000740416 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u144-windows-au.exe
2016-03-24 13:51 - 2016-03-24 13:51 - 000736320 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-04-29 12:44 - 2016-04-29 12:45 - 000556646 _____ () C:\Users\jmschneider\AppData\Local\Temp\npp.6.9.1.Installer.exe
2017-10-14 12:06 - 2017-10-14 12:06 - 002885168 _____ () C:\Users\jmschneider\AppData\Local\Temp\npp.7.5.1.Installer.exe
2016-04-23 14:46 - 2016-04-23 14:46 - 000073544 _____ (Microsoft) C:\Users\jmschneider\AppData\Local\Temp\setup.exe
2016-11-09 10:17 - 2013-02-18 17:45 - 000073568 _____ (Testo AG) C:\Users\jmschneider\AppData\Local\Temp\TestoSetup.exe
2017-04-26 21:17 - 2017-04-26 21:17 - 013767776 _____ (Microsoft Corporation) C:\Users\jmschneider\AppData\Local\Temp\tmpD118.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-10 10:10
==================== Fin de FRST.txt ============================
Exécuté par jmschneider (administrateur) sur L-15N002 (17-10-2017 16:49:57)
Exécuté depuis C:\Users\jmschneider\Desktop
Profils chargés: jmschneider (Profils disponibles: Administrateur & sgayme & acahagne & jmschneider & mluong & vdomalain & MLOUVEL & FRAPITA & Administrateur)
Platform: Windows 7 Professional Service Pack 1 (X64) Langue: Français (France)
Internet Explorer Version 11 (Navigateur par défaut: Chrome)
Mode d'amorçage: Normal
Tutoriel pour Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processus (Avec liste blanche) =================
(Si un élément est inclus dans le fichier fixlist.txt, le processus sera arrêté. Le fichier ne sera pas déplacé.)
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Pulse Secure, LLC) C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Projector\EasyMP Multi PC Projection\EMP_MPENSV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(%CFullName%) C:\Program Files\Lenovo\Fingerprint Manager Pro\opvapp.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(IBM Corp) C:\Lotus\notes\SUService.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPHKSVC.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\micmute.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tphkload.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmssclient.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\shtctky.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\tpnumlkd.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcDeskBandHlpr.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Password Manager\password_manager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\PccNTMon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\pwm_ie_helper_desktop.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\Password Manager\password_manager.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Lenovo\System Update\SUService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Lenovo) C:\Users\jmschneider\AppData\Local\Apps\2.0\PO0A8R61.7GP\JN9TPHMA.LWZ\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(IBM Corp) C:\Lotus\notes\nlnotes.exe
(IBM) C:\Lotus\notes\framework\rcp\eclipse\plugins\com.ibm.rcp.base_9.0.1.20131002-1404\win32\x86\notes2.exe
(IBM Corp) C:\Lotus\notes\ntaskldr.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registre (Avec liste blanche) ===========================
(Si un élément est inclus dans le fichier fixlist.txt, l'élément de Registre sera restauré à la valeur par défaut ou supprimé. Le fichier ne sera pas déplacé.)
HKLM\...\Run: [PasswordManager] => C:\Program Files\Lenovo\Password Manager\password_manager.exe [1792800 2014-10-21] (Lenovo Group Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2823848 2015-02-05] (Synaptics Incorporated)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [296664 2017-05-12] (Lenovo Group Limited)
HKLM-x32\...\Run: [PWMTRV] => rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor
HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [3382056 2016-10-05] (Trend Micro Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3481912 2017-10-03] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [HP ENVY 5540 series (NET)] => C:\Program Files\HP\HP ENVY 5540 series\Bin\ScanToPCActivationApp.exe [3651080 2015-03-09] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Google Update] => C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [Barre d'outils Cordial] => C:\PROGRAM FILES (X86)\CORDIAL\BARRE_OUTILS_CORDIAL.EXE [512068 2015-12-09] (Synapse Développement)
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Run: [ApowerMirror] => C:\Program Files (x86)\Apowersoft\ApowerMirror\ApowerMirror.exe /autoStart
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Policies\Explorer: [NoInplaceSharing] 0
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\MountPoints2: {421d91c8-5d39-11e3-8c10-806e6f6e6963} - Q:\LenovoQDrive.exe
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-04-17]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 - Capture d’écran et lancement.lnk [2017-10-17]
ShortcutTarget: OneNote 2010 - Capture d’écran et lancement.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SystemExplorerDisabled [2016-10-30] ()
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, s'il s'agit d'un élément du Registre, il sera supprimé ou restauré à la valeur par défaut.)
Tcpip\Parameters: [DhcpNameServer] 172.23.200.10 192.168.1.21
Tcpip\..\Interfaces\{31E9A69B-301B-44C5-85FE-361B4C90C253}: [DhcpNameServer] 172.23.200.10 192.168.1.21
Tcpip\..\Interfaces\{5E668251-543E-40CE-9A8C-66A79E16F723}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{69CC05F3-05EF-4554-81B5-46520F391F77}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{9311735F-D36F-4AFA-B7BE-BB86ABA492BD}: [DhcpNameServer] 192.168.44.1
Tcpip\..\Interfaces\{B81CABE5-9D60-4A89-925C-A62219066C8E}: [DhcpNameServer] 172.23.200.10 192.168.1.21
Internet Explorer:
==================
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://recherche/RetD/index.php?option=com_dailymessage&Itemid=27&includepage=Recherche_action
HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/fr-fr/?ocid=iehp
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2036766668-3896712167-1855363723-11252 -> DefaultScope {557B08E5-CDF6-47E3-87A7-D96DB2D78EE6} URL =
SearchScopes: HKU\S-1-5-21-2036766668-3896712167-1855363723-11252 -> {557B08E5-CDF6-47E3-87A7-D96DB2D78EE6} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll => Pas de fichier
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => Pas de fichier
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-10] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2017-03-20] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-10] (Oracle Corporation)
DPF: HKLM {583C990C-2D38-410c-9A4A-0932D66A754F} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient64.cab
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {8E375A63-C616-46F1-AC77-59DF78F3A826} hxxps://pulsesecure.net/dana-cached/sc/PulseSetupClient.cab
DPF: HKLM-x32 {DEA985BB-7945-11D4-97AF-0006297090B0} hxxp://192.168.1.54:83/jde/axctls/jdeexpimp.cab
DPF: HKLM-x32 {E5F5D008-DD2C-4D32-977D-1A0ADF03058B} hxxps://juniper.net/dana-cached/setup/JuniperSetupSP1.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\jmschneider\AppData\Roaming\Mozilla\Firefox\Profiles\ncdhkgm9.default [2016-03-19]
FF Homepage: Mozilla\Firefox\Profiles\ncdhkgm9.default -> hxxp://r.orange.fr/r/Oodc_FF_oi_v2?ref=O_OI_defaultPage_FF_odc
FF Extension: (Exif Viewer) - C:\Users\jmschneider\AppData\Roaming\Mozilla\Firefox\Profiles\ncdhkgm9.default\Extensions\exif_viewer@mozilla.doslash.org.xpi [2016-03-19]
FF HKLM-x32\...\Firefox\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF Extension: (Correction Cordial) - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox [2016-02-01]
FF HKLM-x32\...\Thunderbird\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Firefox\Extensions: [{F74D5734-46F5-4B16-96F0-1E7FBF41B750}] - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12
FF Extension: (ThinkVantage Password Manager) - C:\Program Files (x86)\Lenovo\Password Manager\PWM Firefox Extension\2.0b12 [2015-11-20] [non signé]
FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Firefox\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF HKU\S-1-5-21-2036766668-3896712167-1855363723-11252\...\Thunderbird\Extensions: [{96D26B34-35E1-4ed2-AB54-138830AC8268}] - C:\Program Files (x86)\Cordial\Macros\Mozilla\correctionFirefox
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_170.dll [2017-10-16] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.79.2 -> C:\Windows\system32\npDeployJava1.dll [2016-01-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.79.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [Pas de fichier]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_170.dll [2017-10-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-26] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @citrixonline.com/appdetectorplugin -> C:\Users\jmschneider\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2017-02-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @radvision.com/ConfClient -> C:\Users\jmschneider\AppData\Local\Radvision\Installer\1.5.0.5\npclientinstmgr.dll [2015-09-21] (Avaya, Inc.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @tools.google.com/Google Update;version=3 -> C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: @tools.google.com/Google Update;version=9 -> C:\Users\jmschneider\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [Pas de fichier]
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: SkypePlugin -> C:\Users\jmschneider\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-2036766668-3896712167-1855363723-11252: SkypePlugin64 -> C:\Users\jmschneider\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll [2017-04-18] (Skype Technologies S.A.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-09-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Users\jmschneider\AppData\Roaming\mozilla\plugins\npatgpc.dll [2017-03-06] (Cisco WebEx LLC)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default [2017-10-17]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Skype Calling) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2017-07-08]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgloanjhdcenjgiafkpbehddcnonlic [2017-09-30]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-07-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Visualping) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pemhgklkefakciniebenbfclihhmmfcd [2017-08-21]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2017-09-11]
CHR Extension: (Pas de nom) - C:\Users\jmschneider\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-25]
CHR HKLM-x32\...\Chrome\Extension: [lpdfbkehegfmedglgemnhbnpmfmioggj] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.80\default_apps\search.crx [2015-12-04]
CHR crx: C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\default_apps\search.crx [2013-11-14]
==================== Services (Avec liste blanche) ====================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-26] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-09-26] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51016 2017-10-03] (Dropbox, Inc.)
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [326160 2016-04-14] (Lenovo.)
R2 dsNcService; C:\Program Files (x86)\Pulse Secure\Common Files\dsNcService.exe [690128 2017-03-03] (Pulse Secure, LLC)
S3 DWMRCS; C:\Windows\SysWOW64\DWRCS.exe [241688 2010-04-07] (DameWare Development LLC)
R2 EMP_MPENSV; C:\Program Files\EPSON Projector\EasyMP Multi PC Projection\EMP_MPENSV.exe [238120 2015-12-03] (SEIKO EPSON CORPORATION)
R2 EMP_NSWLSV; C:\Program Files (x86)\EPSON Projector\EasyMP Network Projection V2\EMP_NSWLSV.exe [147968 2015-11-04] (SEIKO EPSON CORPORATION) [Fichier non signé]
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107792 2013-07-03] (Condusiv Technologies)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [160048 2012-11-21] (Lenovo)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
S3 IBM Notes Diagnostics; C:\Lotus\notes\nsd.exe [5164136 2013-10-15] (IBM)
S2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [130664 2015-03-12] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Fichier non signé]
S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-03-10] (Intel Corporation)
S3 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Fichier non signé]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21312 2017-03-30] (Microsoft Corporation)
S3 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-07-26] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [169176 2017-05-12] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [114632 2015-07-13] (Lenovo Group Limited)
R2 LNSUSvc; C:\Lotus\notes\SUService.exe [1654376 2013-10-15] (IBM Corp)
S3 lnvDiscoveryWinSvc; C:\Program Files\Lenovo\Lenovo Peer Connect\LenovoDiscoverySvc.exe [21552 2014-02-21] (Lenovo)
S2 LPlatSvc; C:\Windows\system32\LPlatSvc.exe [710144 2016-09-06] (Lenovo.)
S3 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S3 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 Multi-user Cleanup Service; C:\Lotus\notes\ntmulti.exe [38504 2013-10-15] (IBM Corp)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-06-23] ()
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [7535568 2016-10-05] (Trend Micro Inc.)
R2 PulseSecureService; C:\Program Files (x86)\Common Files\Pulse Secure\JUNS\PulseSecureService.exe [182232 2017-02-22] (Pulse Secure, LLC)
S3 QuickControlMasterSvc; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlMasterSvc.exe [61232 2014-12-05] (Lenovo Group Limited)
S3 QuickControlService; C:\Program Files (x86)\Lenovo\QuickControl\QuickControlService.exe [317224 2014-12-05] (Lenovo Group Limited)
R3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [23928 2017-08-16] ()
S3 SystemExplorerHelpService; C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe [820960 2014-12-20] (Mister Group)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [185344 2017-02-13] (Microsoft Corporation) [Fichier non signé]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [594432 2016-10-03] (Trend Micro Inc.)
R3 tmccsf; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [1501952 2016-10-05] (Trend Micro Inc.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [5614096 2016-10-05] (Trend Micro Inc.)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [88400 2015-12-06] (Synaptics Incorporated)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56552 2016-03-22] (Microsoft Corporation)
S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-12-05] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.2.222\WsAppService.exe [474768 2017-03-01] (Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\MirrorGo\DriverInstall.exe [111328 2017-05-05] (Wondershare)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-06-23] (Intel® Corporation)
S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [X]
===================== Pilotes (Avec liste blanche) ======================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [87864 2014-11-05] (Motorola Solutions, Inc.)
S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-10-28] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1448248 2014-11-26] (Motorola Solutions, Inc.)
R1 dwvkbd; C:\Windows\System32\DRIVERS\dwvkbd64.sys [30720 2007-02-15] (DameWare)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [378136 2015-03-24] (Intel Corporation)
R3 empvhid; C:\Windows\System32\DRIVERS\EMP_VHID.sys [29688 2015-12-03] (Windows (R) Win 7 DDK provider)
R3 EMP_MIRRMPP; C:\Windows\System32\DRIVERS\EMP_MirrMPP.sys [5632 2015-12-03] (Windows (R) Codename Longhorn DDK provider)
R3 EMP_MIRRNP; C:\Windows\System32\DRIVERS\EMP_MirrNP.sys [5632 2015-11-04] (Windows (R) Codename Longhorn DDK provider)
R3 EPPVAD2_simple; C:\Windows\System32\drivers\EMP_NSAU.sys [23040 2015-11-04] (SEIKO EPSON CORPORATION)
R3 EPPVADMP_simple; C:\Windows\System32\drivers\EMP_MPAU.sys [23040 2015-12-03] (SEIKO EPSON CORPORATION)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [25872 2013-07-03] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112912 2013-07-03] (Condusiv Technologies)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [71472 2012-11-21] (Windows (R) Win 7 DDK provider)
S3 fcdabus; C:\Windows\System32\DRIVERS\fcdabus.sys [24592 2008-10-29] (FarStone Inc.)
R0 fvxscsi; C:\Windows\System32\DRIVERS\fvxscsi.sys [93896 2013-08-22] (FarStone Inc.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [246512 2015-01-22] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-04-15] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-30] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-07-26] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw02.sys [3426576 2016-05-03] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R1 OMNISMI; C:\Windows\SysWOW64\drivers\omnismi.sys [14776 2013-08-05] ()
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2017-10-16] ()
S3 rt70x64; C:\Windows\System32\DRIVERS\netr7064.sys [388448 2010-04-27] (Ralink Technology Corp.)
R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [423128 2013-07-24] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-02-05] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [682272 2014-09-04] (Sunplus)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-10-22] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2015-10-22] (Acronis International GmbH)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [129752 2016-09-29] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [435424 2016-09-29] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [72504 2016-04-21] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [143072 2016-07-15] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [91872 2016-09-29] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [393944 2017-03-21] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [561952 2016-06-24] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [66776 2017-03-21] (Trend Micro Inc.)
R1 tmumh; C:\Windows\System32\DRIVERS\TMUMH.sys [111840 2016-10-03] (Trend Micro Inc.)
S3 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [131808 2016-07-15] (Trend Micro Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-08] (ThinkVantage Communications Utility)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows (R) Win 7 DDK provider)
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-12-05] (Microsoft Corporation) [Fichier non signé]
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2013-12-05] (Microsoft Corporation) [Fichier non signé]
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2015-10-22] (Acronis International GmbH)
S3 vl810filter; C:\Windows\System32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Labs, Inc.)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2621144 2017-03-21] (Trend Micro Inc.)
S3 VSPerfDrv150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\VSPerfCollectionTools\VSPerfDrv150.sys [79528 2016-03-02] (Microsoft Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-03-20] ()
==================== NetSvcs (Avec liste blanche) ===================
(Si un élément est inclus dans le fichier fixlist.txt, il sera supprimé du Registre. Le fichier ne sera pas déplacé, sauf s'il est inscrit séparément.)
==================== Un mois - Créés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-17 16:49 - 2017-10-17 16:50 - 000036948 _____ C:\Users\jmschneider\Desktop\FRST.txt
2017-10-17 16:48 - 2017-10-17 16:49 - 000000000 ____D C:\FRST
2017-10-17 16:47 - 2017-10-17 16:47 - 002401792 _____ (Farbar) C:\Users\jmschneider\Desktop\FRST64.exe
2017-10-17 16:36 - 2017-10-17 16:36 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\smkits
2017-10-17 15:38 - 2017-10-17 15:40 - 000000000 ____D C:\AdwCleaner
2017-10-17 15:36 - 2017-10-17 15:37 - 008250832 _____ (Malwarebytes) C:\Users\jmschneider\Desktop\adwcleaner_7.0.3.1.exe
2017-10-17 15:08 - 2017-10-17 15:10 - 000010754 _____ C:\Users\jmschneider\Desktop\ZHPCleaner.txt
2017-10-17 14:46 - 2017-10-17 14:46 - 000000910 _____ C:\Users\jmschneider\Desktop\ZHPCleaner.lnk
2017-10-17 14:46 - 2017-10-17 14:45 - 002946944 _____ C:\Users\jmschneider\Desktop\zhpcleaner_2017.10.10.179.exe
2017-10-17 14:45 - 2017-10-17 14:45 - 002946944 _____ C:\Users\jmschneider\Downloads\zhpcleaner_2017.10.10.179.exe
2017-10-17 14:09 - 2017-10-17 15:55 - 000271846 _____ C:\Users\jmschneider\Desktop\ZHPDiag.txt
2017-10-17 13:59 - 2017-10-17 14:46 - 000000000 ____D C:\Users\jmschneider\AppData\Local\ZHP
2017-10-17 13:59 - 2017-10-17 13:59 - 000000799 _____ C:\Users\jmschneider\Desktop\ZHPDiag.lnk
2017-10-17 13:58 - 2017-10-17 13:58 - 002900480 _____ C:\Users\jmschneider\Desktop\zhpdiag_v2017.10.9.179.exe
2017-10-15 16:08 - 2017-10-15 16:08 - 000110336 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2017-10-15 15:52 - 2017-10-15 15:52 - 001018864 _____ C:\Users\jmschneider\Downloads\mirror_go_setup_full1906.exe
2017-10-15 15:52 - 2017-10-15 15:52 - 000001174 _____ C:\Users\Public\Desktop\Wondershare MirrorGo.lnk
2017-10-15 15:52 - 2017-10-15 15:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2017-10-15 09:13 - 2017-10-15 09:13 - 000000000 ____D C:\Users\jmschneider\Documents\Apowersoft
2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Apowersoft
2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Program Files\Bonjour
2017-10-15 09:12 - 2017-10-15 09:12 - 000000000 ____D C:\Program Files (x86)\Bonjour
2017-10-15 09:11 - 2017-10-15 09:11 - 070580136 _____ (APOWERSOFT LIMITED ) C:\Users\jmschneider\Downloads\apowermirror.exe
2017-10-14 12:06 - 2017-10-14 12:06 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Notepad++
2017-10-14 12:06 - 2017-10-14 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2017-10-13 20:37 - 2017-10-13 20:37 - 015756368 _____ (TeamViewer GmbH) C:\Users\jmschneider\Downloads\TeamViewer_Setup.exe
2017-10-13 18:50 - 2017-10-13 18:50 - 000543664 _____ () C:\Users\jmschneider\Downloads\setup (2).exe
2017-10-13 13:19 - 2017-10-13 13:19 - 000000605 _____ C:\Users\jmschneider\Desktop\Centre de support Waldata.lnk
2017-10-11 17:06 - 2017-10-16 11:44 - 000001940 _____ C:\Users\jmschneider\Desktop\PCV.lnk
2017-10-11 08:55 - 2017-10-11 08:55 - 000227710 _____ C:\Users\jmschneider\Downloads\11792456_20171011_065336_734.pdf
2017-10-05 19:08 - 2017-10-05 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-10-04 19:01 - 2017-10-04 19:01 - 212495067 _____ C:\Users\jmschneider\Downloads\DataBase.fcx
2017-10-04 16:16 - 2017-10-04 16:16 - 001428243 _____ C:\Users\jmschneider\Downloads\file__916299776.pdf
2017-10-04 16:11 - 2017-10-04 16:11 - 213710261 _____ C:\Users\jmschneider\Downloads\DataBase.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000051016 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-10-03 12:21 - 2017-10-03 12:21 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-10-03 12:21 - 2017-10-03 12:21 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-10-02 20:18 - 2017-10-02 20:18 - 000298305 _____ C:\Users\jmschneider\Documents\Scan0001.pdf
2017-10-01 12:01 - 2017-10-01 12:01 - 001391469 _____ C:\Users\jmschneider\Downloads\file__1202379258.pdf
2017-09-30 16:42 - 2017-09-30 16:42 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Google
2017-09-30 16:39 - 2017-09-30 16:39 - 001130328 _____ (Google Inc.) C:\Users\jmschneider\Downloads\ChromeSetup (2).exe
2017-09-30 16:37 - 2017-09-30 16:37 - 000002443 _____ C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary.lnk
2017-09-30 16:36 - 2017-09-30 16:36 - 001130328 _____ (Google Inc.) C:\Users\jmschneider\Downloads\ChromeSetup (1).exe
2017-09-30 16:36 - 2017-09-30 16:36 - 000003692 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2036766668-3896712167-1855363723-11252UA
2017-09-30 16:36 - 2017-09-30 16:36 - 000003420 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2036766668-3896712167-1855363723-11252Core
2017-09-29 19:54 - 2017-09-29 19:55 - 004864846 _____ C:\Users\jmschneider\Downloads\file__1458664100.pdf
2017-09-27 18:36 - 2017-09-27 18:42 - 000000000 ____D C:\Program Files\MacroCreator
2017-09-27 18:34 - 2017-09-27 18:34 - 003382733 _____ (Rodolfo U. Batista ) C:\Users\jmschneider\Downloads\MacroCreator-setup.exe
2017-09-27 18:24 - 2017-09-27 18:24 - 003041687 _____ C:\Users\jmschneider\Downloads\AutoHotkey_2.0-a081-cad307c.zip
2017-09-27 10:53 - 2017-09-27 18:29 - 000000000 ____D C:\Users\jmschneider\Desktop\AutoKey
2017-09-27 07:40 - 2017-09-27 07:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2017-09-26 20:55 - 2017-09-26 20:55 - 004433060 _____ C:\Users\jmschneider\Downloads\AutoHotkey_1.1.26.01.zip
2017-09-26 20:37 - 2017-09-26 20:38 - 038142423 _____ C:\Users\jmschneider\Downloads\actionaz-3.8.0-win64.7z
2017-09-26 19:58 - 2017-09-26 19:58 - 000664931 _____ C:\Users\jmschneider\Downloads\WinParrot_FR.zip
2017-09-26 09:28 - 2017-10-08 10:47 - 000000000 ___RD C:\Users\jmschneider\Dropbox
2017-09-26 09:24 - 2017-10-05 19:08 - 000000000 ____D C:\Program Files (x86)\Dropbox
2017-09-26 09:24 - 2017-09-27 19:11 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Dropbox
2017-09-26 09:24 - 2017-09-26 09:24 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Dropbox
2017-09-26 09:24 - 2017-09-26 09:24 - 000000000 ____D C:\ProgramData\Dropbox
2017-09-26 09:23 - 2017-09-26 09:24 - 000690080 _____ (Dropbox, Inc.) C:\Users\jmschneider\Downloads\DropboxInstaller.exe
2017-09-24 13:22 - 2017-09-24 13:22 - 000922825 _____ C:\Users\jmschneider\Downloads\file__1676267122.pdf
2017-09-22 18:08 - 2017-09-22 18:08 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Waldata
2017-09-22 18:07 - 2017-09-28 18:51 - 000000000 ____D C:\WALDATA
2017-09-22 16:58 - 2017-09-22 17:07 - 136542955 _____ (Waldata) C:\Users\jmschneider\Downloads\internet_walmastertrader.exe
2017-09-22 14:18 - 2017-09-22 14:18 - 000000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-09-18 18:34 - 2017-09-18 18:39 - 000687616 _____ C:\Users\jmschneider\Downloads\Solvent_switch (3).XLs
2017-09-18 18:34 - 2017-09-18 18:34 - 000353792 _____ C:\Users\jmschneider\Downloads\Solvent_Switch_Immiscible.XLs
==================== Un mois - Modifiés - fichiers et dossiers ========
(Si un élément est inclus dans le fichier fixlist.txt, le fichier/dossier sera déplacé.)
2017-10-17 16:50 - 2015-03-27 11:45 - 000000472 _____ C:\Windows\system32\config\netlogon.ftl
2017-10-17 16:26 - 2015-09-10 13:40 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Deployment
2017-10-17 16:18 - 2017-02-23 12:50 - 000000570 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2036766668-3896712167-1855363723-11252.job
2017-10-17 16:12 - 2013-12-05 09:39 - 002076692 _____ C:\Windows\system32\perfh00C.dat
2017-10-17 16:12 - 2013-12-05 09:39 - 000598076 _____ C:\Windows\system32\perfc00C.dat
2017-10-17 16:12 - 2009-07-14 07:13 - 000006436 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-17 15:51 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-10-17 15:51 - 2009-07-14 06:45 - 000034208 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-10-17 15:47 - 2016-03-13 19:29 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\ZHP
2017-10-17 15:46 - 2016-04-07 09:38 - 000000558 ____H C:\Windows\Tasks\MATLAB R2016a Startup Accelerator.job
2017-10-17 15:46 - 2015-07-21 09:41 - 000000558 _____ C:\Windows\Tasks\MATLAB R2015a Startup Accelerator.job
2017-10-17 15:46 - 2015-03-30 12:29 - 000014186 _____ C:\Windows\cfgall.ini
2017-10-17 15:44 - 2017-04-10 08:43 - 000000224 _____ C:\Windows\Tasks\Lenovo Active Protection System.job
2017-10-17 15:44 - 2016-06-21 09:35 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Skype
2017-10-17 15:42 - 2015-09-17 13:11 - 000000000 ____D C:\ProgramData\Synaptics
2017-10-17 15:42 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-17 15:16 - 2015-07-23 09:11 - 000000000 ____D C:\Users\jmschneider\Documents\TEMP
2017-10-17 15:11 - 2015-07-20 12:48 - 000000000 ____D C:\Users\jmschneider
2017-10-17 12:33 - 2015-07-20 12:48 - 000001994 __RSH C:\Users\jmschneider\ntuser.pol
2017-10-17 09:26 - 2013-12-18 14:27 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-10-16 14:49 - 2017-04-21 09:48 - 000004650 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-10-16 14:49 - 2017-04-21 09:48 - 000004496 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-10-16 14:49 - 2013-12-18 14:23 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-10-16 14:49 - 2013-12-18 14:23 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-10-16 14:49 - 2013-12-18 14:23 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-10-16 14:49 - 2013-12-18 14:23 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-16 08:50 - 2017-06-05 07:50 - 000031152 _____ C:\Windows\system32\Drivers\pmxdrv.sys
2017-10-15 16:08 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Wondershare
2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Users\jmschneider\.android
2017-10-15 15:52 - 2017-05-10 18:24 - 000000000 ____D C:\Program Files (x86)\Wondershare
2017-10-15 15:52 - 2017-05-10 18:22 - 000000000 ____D C:\Users\Public\Documents\Wondershare
2017-10-14 12:06 - 2015-07-20 13:58 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\Notepad++
2017-10-14 12:06 - 2013-12-18 16:40 - 000000000 ____D C:\Program Files (x86)\Notepad++
2017-10-13 18:02 - 2015-07-23 08:57 - 000002332 ____H C:\Users\jmschneider\Documents\Default.rdp
2017-10-13 14:33 - 2017-07-08 08:43 - 000000000 ____D C:\Users\jmschneider\AppData\Local\GoToMeeting
2017-10-13 14:33 - 2017-02-23 12:50 - 000003600 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2036766668-3896712167-1855363723-11252
2017-10-12 08:16 - 2015-03-27 11:47 - 000010659 __RSH C:\ProgramData\ntuser.pol
2017-10-10 22:06 - 2015-07-25 19:56 - 000000000 ____D C:\ProgramData\CompeGPS
2017-10-08 17:31 - 2015-08-05 21:59 - 000000000 ____D C:\Users\jmschneider\AppData\Roaming\vlc
2017-10-04 23:53 - 2016-04-23 08:50 - 000000000 ____D C:\WINDDK
2017-09-30 16:49 - 2015-07-21 08:22 - 000000000 ____D C:\Users\jmschneider\AppData\Local\Google
2017-09-27 08:50 - 2015-09-12 14:18 - 000007625 _____ C:\Users\jmschneider\AppData\Local\Resmon.ResmonCfg
2017-09-27 07:40 - 2017-05-02 22:05 - 000000000 ____D C:\Program Files\AutoHotkey
2017-09-27 07:40 - 2015-03-30 13:32 - 000000000 ____D C:\Windows\SHELLNEW
2017-09-26 18:06 - 2017-03-19 23:43 - 000000000 ____D C:\Users\jmschneider\.Synkron
2017-09-26 14:27 - 2016-04-25 10:57 - 000000000 ____D C:\Users\jmschneider\Documents\Visual Studio 2015
2017-09-26 09:36 - 2015-11-08 00:28 - 000000600 _____ C:\Users\jmschneider\AppData\Local\PUTTY.RND
2017-09-25 08:17 - 2009-07-14 07:08 - 000032496 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-25 08:17 - 2009-07-14 06:45 - 000418688 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-22 18:08 - 2015-07-20 12:49 - 000112304 _____ C:\Users\jmschneider\AppData\Local\GDIPFONTCACHEV1.DAT
2017-09-18 18:23 - 2017-07-11 17:54 - 000686592 _____ C:\Users\jmschneider\Downloads\Solvent_switch (2).XLs
==================== Fichiers à la racine de certains dossiers =======
2017-03-27 11:34 - 2017-03-31 22:59 - 000000517 ____H () C:\Users\jmschneider\AppData\Roaming\basICColor.input5.lic
2017-03-27 11:35 - 2017-03-27 11:35 - 000000160 _____ () C:\Users\jmschneider\AppData\Roaming\basICColorLicenseFiles
2015-09-12 14:07 - 2015-09-12 14:07 - 000000019 _____ () C:\Users\jmschneider\AppData\Roaming\dll.bin
2015-11-08 00:28 - 2017-09-26 09:36 - 000000600 _____ () C:\Users\jmschneider\AppData\Local\PUTTY.RND
2016-12-28 11:18 - 2016-12-28 11:18 - 000002319 _____ () C:\Users\jmschneider\AppData\Local\recently-used.xbel
2015-09-12 14:18 - 2017-09-27 08:50 - 000007625 _____ () C:\Users\jmschneider\AppData\Local\Resmon.ResmonCfg
2016-12-12 14:48 - 2017-01-03 21:36 - 000080896 _____ () C:\Users\jmschneider\AppData\Local\WebpageIcons.db
2015-11-20 13:43 - 2015-11-20 13:45 - 000034450 _____ () C:\Users\jmschneider\AppData\Local\WiDiSetupLog.20151120.124347.wdl
2016-04-22 22:25 - 2016-04-22 22:25 - 000000041 ___SH () C:\ProgramData\.zreglib
2016-06-04 15:30 - 2016-06-04 15:30 - 000000057 _____ () C:\ProgramData\Ament.ini
2013-12-05 01:34 - 2013-12-05 01:34 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
Fichiers à déplacer ou supprimer:
====================
C:\Users\jmschneider\Partages.vbs
Certains fichiers dans TEMP:
====================
2016-10-13 16:16 - 2013-07-25 11:15 - 000026688 _____ (Foxit Corporation) C:\Users\jmschneider\AppData\Local\Temp\Checkupdate.exe
2017-04-14 08:52 - 2017-04-14 08:52 - 001927736 _____ () C:\Users\jmschneider\AppData\Local\Temp\dsHostCheckerSetup.exe
2017-03-03 13:50 - 2017-03-03 13:50 - 000252248 _____ (Pulse Secure, LLC) C:\Users\jmschneider\AppData\Local\Temp\dsInstallerClientLegacy.dll
2016-10-13 16:16 - 2013-08-02 19:17 - 008465984 _____ (Foxit Corporation) C:\Users\jmschneider\AppData\Local\Temp\Foxit Reader Updater.exe
2016-10-13 16:16 - 2013-06-09 22:59 - 000216064 _____ () C:\Users\jmschneider\AppData\Local\Temp\gcapi_dll.dll
2016-10-13 16:16 - 2013-06-10 00:38 - 000073408 _____ () C:\Users\jmschneider\AppData\Local\Temp\gtapi_signed.dll
2016-07-18 01:00 - 2016-07-18 01:00 - 000005632 _____ () C:\Users\jmschneider\AppData\Local\Temp\hwlzudir.dll
2017-05-09 12:21 - 2014-09-28 03:57 - 000910848 _____ () C:\Users\jmschneider\AppData\Local\Temp\InternalAHK.exe
2016-07-22 16:27 - 2016-07-22 16:27 - 000741440 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u101-windows-au.exe
2017-01-20 17:27 - 2017-01-20 17:27 - 000739904 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-07-30 20:05 - 2017-07-30 20:05 - 000740416 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u144-windows-au.exe
2016-03-24 13:51 - 2016-03-24 13:51 - 000736320 _____ (Oracle Corporation) C:\Users\jmschneider\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-04-29 12:44 - 2016-04-29 12:45 - 000556646 _____ () C:\Users\jmschneider\AppData\Local\Temp\npp.6.9.1.Installer.exe
2017-10-14 12:06 - 2017-10-14 12:06 - 002885168 _____ () C:\Users\jmschneider\AppData\Local\Temp\npp.7.5.1.Installer.exe
2016-04-23 14:46 - 2016-04-23 14:46 - 000073544 _____ (Microsoft) C:\Users\jmschneider\AppData\Local\Temp\setup.exe
2016-11-09 10:17 - 2013-02-18 17:45 - 000073568 _____ (Testo AG) C:\Users\jmschneider\AppData\Local\Temp\TestoSetup.exe
2017-04-26 21:17 - 2017-04-26 21:17 - 013767776 _____ (Microsoft Corporation) C:\Users\jmschneider\AppData\Local\Temp\tmpD118.exe
==================== Bamital & volsnap ======================
(Il n'y a pas de correction automatique pour les fichiers qui ne satisfont pas à la vérification.)
C:\Windows\system32\winlogon.exe => Le fichier est signé numériquement
C:\Windows\system32\wininit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\wininit.exe => Le fichier est signé numériquement
C:\Windows\explorer.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\explorer.exe => Le fichier est signé numériquement
C:\Windows\system32\svchost.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\svchost.exe => Le fichier est signé numériquement
C:\Windows\system32\services.exe => Le fichier est signé numériquement
C:\Windows\system32\User32.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\User32.dll => Le fichier est signé numériquement
C:\Windows\system32\userinit.exe => Le fichier est signé numériquement
C:\Windows\SysWOW64\userinit.exe => Le fichier est signé numériquement
C:\Windows\system32\rpcss.dll => Le fichier est signé numériquement
C:\Windows\system32\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\SysWOW64\dnsapi.dll => Le fichier est signé numériquement
C:\Windows\system32\Drivers\volsnap.sys => Le fichier est signé numériquement
LastRegBack: 2017-10-10 10:10
==================== Fin de FRST.txt ============================